4.12. ABC Monitor Installation (optional)

In this section we describe the installation process of the ABC Monitor from the software repository of FRAFOS on a hardware platform with a pre-installed CentOS 7 (64bit) operating system.

The ABC Monitor is optional monitoring application, and if used, it has to be installed on a separate server. Running the server off the cloud is possible. If you would like to start the ABC Monitor off Amazon Cloud, skip this section and proceed to ABC Monitor Installation Off AWS (optional).

FRAFOS ABC Monitor is installed as a set of rpm packages for Centos 7 (release 7.4) from the FRAFOS public repository. In order to connect to the remote repository and for the installation process, the server has to have a working internet connectivity.

In case of problems please contact the FRAFOS support at support@frafos.com

4.12.2. Repository Access and Configuration

Before accessing Frafos software repository, customers must obtain valid certified SSL credentials from Frafos customer support. Please refer to ABC SBC installation section Installation Procedure for the procedure to get and setup the client certificate to access the software repository.

4.12.2.1. FRAFOS Repository Initialisation

Once the FRAFOS repository is configured, the administrator has to update the package database on the system:

% yum makecache

Important: If the package database is not successfully updated, then contact the FRAFOS support.

Frafos ABC Monitor can be installed on clean CentOS 7 only, with only the following rpm repositories enabled from CentOS-Base: base, updates, extras. Make sure that no other rpm repositories than these basic ones and the Frafos repository are enabled in yum config files located in /etc/yum.repos.d/ directory.

4.12.3. ABC Monitor Package Installation

Install the “abc-monitor-installer” package from repository using:

% yum install abc-monitor-installer

Call the command to install ABC Monitor:

% abc-monitor-install

The installation process installs all required packages from standard CentOS or FRAFOS repositories. The process may take several minutes.

For installation output details, administrator can check installation log files:

% less /var/log/yum.log
% less /var/log/frafos/monitor-install.log

Important: In case of any error or problem during installation, contact FRAFOS support.

For future ABC Monitor updates and upgrades, use only the following command:

% abc-monitor-upgrade

4.12.4. ABC Monitor Initial Configuration

For initial ABC Monitor configuration, run the following command:

% abc-monitor-config

This script will ask for several settings and configure the folowing:

  • Number of days to keep old events before deleting them: this sets the time period, for how long ABC Monitor will keep the monitoring data collected from ABC SBC nodes. The data is stored in /var/lib/elasticsearch directory. Default setting is 30 days. Amount of disk space used highly depends on the monitored nodes traffic.
  • Minimum free disk space percentage for events: if the free space on the partition where events are stored (that is partition holding /var/lib/elasticsearch dir) drops below the value set, oldest events will be automatically deleted until the free space percentage is again above limit. Default value is 20. Set to 0 to disable the automatic deletion based on free space. Note: it is highly recommended to use separate partition for the /var/lib/elasticsearch dir, otherwise old events may be deleted even if something else occupied the disk space. On SSD disks it is recommended to keep about 20% of free disk space for better performance and longer disk life.
  • Time in minutes to keep old traffic pcap files before deleting them: this sets retention period for traffic pcap files that are synced from ABC SBC nodes to ABC Monitor, if it is enabled in ABC SBC global config. The setting must be greater or equal than the retention setting on Sbc. (“Global Config ‣ Events ‣ Number of days to keep old traffic log files”), failure to dimension the period correctly may causes ABC SBC to keep uploading the files repeatedly. The data is stored in /data directory.
  • Time in minutes to keep old traffic recordings files before deleting them: similar setting like the previous one, but for recordings file, if enabled in ABC SBC global config. The setting should be also equal to corresponding setting on ABC SBC. The data is stored in /data directory.
  • Change the default “sbcadmin” user password: it is highly recommended to change the “sbcadmin” user password for ABC Monitor gui access.
  • Set ABC Monitor system firewall rules, to allow gui access and the monitoring data being pushed to ABC Monitor only from specified list of IP addresses, IP subnets or hostnames. You can specify more items separated by spaces. For IP subnets, use the CIDR notation like 192.168.0.0/24. It is highly recommended to limit access to the ABC Monitor only from particular addresses or network subnets, to minimize security risks.

Once the initial ABC Monitor configuration is done, it’s gui can be accessed using web browser at https://<ABC Monitor IP addr>/, using username “sbcadmin” and the password set in previous steps.

On the ABC SBC side, to enable pushing of monitoring data to the ABC Monitor, you have to configure the ABC Monitor IP address in “ABC Monitor address” setting of Global Config, under Events tab.

By default, the pcap and traffic recordings files are copied from ABC SBC nodes to ABC Monitor using basic rsync protocol, which works without any extra configuration. If needed, rsync over TLS can be used if enabled in Global config on ABC SBC side.

4.13. ABC Monitor Installation Off AWS (optional)

Starting the ABC Monitor off the AWS cloud is very fast, because ready-made virtual images already contain an installed ready-to-run system. An AWS-powered ABC Monitor can be used for trials, as a secondary Monitor when two are needed, or even as a primary system for both AWS and on-premises SBCs.

Before you start you will need the following:

  • Amazon Web Services (AWS) account. Note that the accounts come with several service plans charged at different levels, and credit card number and a telephone must be ready to verify identity and payment. Go to http://aws.amazon.com to sign up.
  • AWS Elastic Cluster SSH keypair. This is important to be able to administer the virtual machines remotely. If you haven’t created or uploaded one, do so under “EC2‣Keypairs”. If you want to start the services in multiple regions, make sure that you have a keypair for every region before you start.
  • SBCs with enabled monitoring license to provide the actual monitoring data.

To start a monitoring instance proceed as follows: - Start the instance.

  • Visit https://monitor.frafos.com to start a proper AMI.
  • Choose a properly dimensioned instance type with at least 8 GB of memory, such as M4.LARGE.
  • Apply a proper security policy. Make sure you limit monitoring traffic to that coming from your SBCs and permit only port numbers 1873 and 16379. Administrator machines shall be allowed to access remote shell (port 22) and the actual monitoring GUI (port 443).
_images/security-group-monitor.png

Figure 1: Screenshot: an Example Security Group for ABC Monitor Running on AWS

  • Configure the ABC SBC to use the ABC Monitor instance as primary or secondary monitor.
    • open ABC SBC Administrative interface, the section “Config ‣ Global Config ‣ Events”
    • set “ABC Monitor Address” or “Secondary ABC Monitor Address” to the IP address of the ABC Monitor instance. If on the same net, use the private IP address, use the public IP address otherwise.
    • optional: turn on the checkbox “replicate traffic logs to ABC monitor” or “replicate traffic logs to secondary ABC Monitor”.
    • optional: turn on the checkbox “replicate recordings to ABC monitor” or “replicate recordings to secondary ABC Monitor”.
    • turn on “Use TLS secure connection to ABC Monitor” and set “Verify level for TLS connection to ABC Monitor:” to zero
    • apply the changes
    • activate the changes
  • Access the ABC Monitor: visit https://IP, use “sbcadmin” as username, instance-id as password

4.14. Last Installation Steps

Note

IMPORTANT: AFTER THE INSTALLATION PROCESS IS COMPLETE AND BEFORE CONFIGURATION AND TESTING BEGINS WE URGE YOU TO WHITELIST THE IP ADDRESS FROM WHICH THE ABC SBC WILL BE ADMINISTERED.

Failure to whitelist the administrator’s IP address may – especially during the initial configuration and testing – easily block the administrative access to the machine. Various automated blacklisting techniques can block the whole IP address if they spot unexpected traffic from the IP address. See more details in Section Automatic IP Address Blocking.

To whitelist the IP address, visit the administrative GUI under “Config ‣ Firewall ‣ Exceptions to automatic Blacklists ‣ Add” as shown in the Figure bellow:

_images/sbc_whitelist_admin.png

Figure 2: Warning: Whitelist Administrator’s IP Address