Skip to content

Appliance

This section outlines how to install the Linux appliance from scratch.

Installation

Ubuntu Server 22.04 LTS is used as the basis for the InfraSonar appliance.

When using a virtual machine we suggest using these specifications:

  • Compatibility: Compatible with: ESXi 6.5 and later VM version 13
  • Guest OS Family: Linux
  • Guest OS Version: Ubuntu Linux (64-bit)
  • CPU: 2 CPU
  • Memory: 2 GB memory
  • Disk: 40 GB HDD
  • Name: infrasonar-appliance

Installation steps

Boot from the Ubuntu Server 22.04.1 ISO and then follow these steps:

  1. Select your language: English.
  2. Keyboard configuration:
    1. Layout: English (US).
    2. Variant: English (US).
  3. Choose the type of install: Ubuntu server (minimized)
  4. Network configuration: choose the appropriate network configuration for your environment
  5. Proxy address: enter a proxy address if your environment uses a proxy, otherwise leave empty.
  6. Mirror address: keep as it is, unless you know what you are doing.
  7. Guided storage configuration:
    1. Select: Use an entire disk.
    2. Deselect: Set up this disk as an LVM group.
  8. Storage configuration:
  9. Review the file system summary and select: Done.
  10. Confirm destructive action, by clicking: Continue.
  11. Profile setup:
    1. Your name: sysadmin.
    2. Your server's name: infrasonar-appliance.
    3. Pick a username: sysdmin.
    4. Choose a password: Infr@S0n@r
    5. Confirm your password: Infr@S0n@r
  12. SSH Setup:
    1. Select: Install OpenSSH Server.
    2. Import SSH identity: Usually no, but feel free to enter your own.
  13. Featured Server Snaps: do not select any server snaps.
  14. If the installation is ready, select: Reboot now.

Post installation steps

Login to the appliance using SSH to perform the post installation steps.

ssh sysadmin@<server-ip>

Upgrade

update and upgrade your Ubuntu installation so we are current before proceeding.

sudo apt update
sudo apt upgrade
sudo reboot

VMware tools

Optional

When running on a VMware hypervisor it is recommended to install open-vm-tools.

# Update the APT package index.
sudo apt update
# Install open VMware tools.
sudo apt install -y open-vm-tools

sudo configuration

We opt to allow command to be executed using sudo without asking for a password.

echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/$USER

Miscellaneous tools

sudo apt install -y vim nano cron dnsutils snmp iputils-ping curl python3 pip snmpd tmate

The above command installs a list of useful tools:

  • vim, VI text editor.
  • nano, text editor.
  • cron, task schedular.
  • dnsutils, handy tool for debugging dns issues.
  • snmp, snmpd daemon used to monitor the Linux operating system.
  • iputils-ping, tools for debugging network issues.
  • curl, command-line downloader
  • python3, python programming language, used by the appliance manager.
  • pip, python package installer, used by the appliance manager.
  • tmate, teamviewer like solution used to offer remote support on request.

SNMPD

As we use the default community string public and only require the snmpd daemon to listen on localhost, no further configuration is required.

# Read-only access to everyone to the systemonly view
rocommunity  public default
rocommunity6 public default -V systemonly

Docker installation

All InfraSonar components run as Docker containers and are orchestrated using docker-compose.

The official Docker engine installation instructions can be found here.

sudo curl -sSL https://get.docker.com | bash

InfraSonar appliance manager

You can install the appliance manager using the following command:

sudo pip install infrasonar-appliance

Unattended updates

As we want the InfraSonar appliance to be zero maintenance, we configure unattended updates and allow the appliance to reboot when necessary at 2:00 CET.

Ubuntu unattended upgrades installation

# Install the unattended-upgrades package.
sudo apt install -y unattended-upgrades
# Verify using the following systemctl command.
sudo systemctl status unattended-upgrades
# To set automatic updates, we are going to install the update-notifier-common package.
sudo apt install -y update-notifier-common

Ubuntu unattended upgrades configuration

Change the file /etc/apt/apt.conf.d/50unattended-upgrades, so it reflects these changes:

....
Unattended-Upgrade::Allowed-Origins {
        "${distro_id}:${distro_codename}";
        "${distro_id}:${distro_codename}-security";
        // Extended Security Maintenance; doesn't necessarily exist for
        // every release and this system may not have it installed, but if
        // available, the policy for updates is such that unattended-upgrades
        // should also install from here by default.
        "${distro_id}ESMApps:${distro_codename}-apps-security";
        "${distro_id}ESM:${distro_codename}-infra-security";
        "${distro_id}:${distro_codename}-updates";
//      "${distro_id}:${distro_codename}-proposed";
//      "${distro_id}:${distro_codename}-backports";
        "Docker:${distro_codename}";
};

....

// Automatically reboot *WITHOUT CONFIRMATION* if
// the file /var/run/reboot-required is found after the upgrade.
Unattended-Upgrade::Automatic-Reboot "true";

// Automatically reboot even if there are users currently logged in
// when Unattended-Upgrade::Automatic-Reboot is set to true.
Unattended-Upgrade::Automatic-Reboot-WithUsers "true";

// If automatic reboot is enabled and needed, reboot at the specific
// time instead of immediately.
// Default: "now".
Unattended-Upgrade::Automatic-Reboot-Time "02:00";
....

Enable daily unattended upgrades

echo unattended-upgrades unattended-upgrades/enable_auto_updates boolean true | sudo tee -a debconf-set-selections
sudo dpkg-reconfigure -f noninteractive unattended-upgrades

You can verify that automatic updates are turned on, with this command:

sudo debconf-get-selections | grep -i enable_auto_updates

Note

debconf-get-selections requires debconf-utils to be installed (sudo apt-get install debconf-utils). We opt not to install this on production appliances, as we want to keep them as clean as possible.

Logging

Unattended Upgrades Log.

The unattended-upgrades.log is a log file where you can view all actions done by the unattended upgrade system. You can view the file with, for example, the tail command:

tail -n 100 /var/log/unattended-upgrades/unattended-upgrades.log

InfraSonar

The easiest way to deploy InfraSonar is using our appliance manager

It is however also possible to install InfraSonar manually using docker, see our advanced section.