Contributors dgracenetapp netapp-alavoie

You must install an Agent in order to acquire information from your data collectors. Before you install the Agent, you should ensure that your environment meets operating system, CPU, memory, and disk space requirements.

Component Linux Requirement

Operating system

A computer running a licensed version of one of the following:

* Red Hat Enterprise Linux 7.2 64-bit
* Red Hat Enterprise Linux 7.2 64-bit KVM
* Red Hat Enterprise Linux 7.5 64-bit
* Red Hat Enterprise Linux 7.5 64-bit KVM
* CentOS 7.2 64-bit
* CentOS 7.2 64-bit KVM
* CentOS 7.5 64-bit
* CentOS 7.5 64-bit KVM

This computer should be running no other application-level software. A dedicated server is recommended.


The 'sudo su –' command is required for installation, running scripts, and uninstall.


The Docker CE package must be installed on the VM hosting the agent.
The agent systems should always have the Docker CE package installed. Users should not install the Docker-client-xx or Docker-common-xx native RHEL Docker packages since these do not support the 'docker run' CLI format that Cloud Secure supports.


OpenJDK Java is required.


2 CPU cores



Available disk space

Disk space should be allocated in this manner:
50 GB available for the root partition
/opt/netapp 5 GB
/var/log/netapp 5 GB


100 Mbps 1 Gbps Ethernet connection, static IP address, IP connectivity to all devices, and a required port to the Cloud Secure instance (80 or 443).

When a firewall is enabled, you must have an exception defined to allow TCP traffic for the port using the Data ONTAP Data Collector.

For example on a RHEL7.x Agent system, use the following steps:

firewall-cmd --permanent --zone=public --add-port=35001/tcp

firewall-cmd --permanent --zone=public --add-port=35002/tcp

firewall-cmd --reload

(assuming the ports are 35001 and 35002)

Note: The agent requires ports from 35000 to 55000 to be open when using the default installation.

Use a command similar to the following to verify that the ports are open:

iptables-save | grep 35001 -A IN_public_allow -p tcp -m tcp --dport 35001 -m conntrack --ctstate NEW -j ACCEPT

The port number can be obtained from the docker ps command output:
docker ps
firewall-cmd reload

Agent outbound URLs (port 433)

* https://<tenant id>
You can get the tenant ID from the product URL. For example:
* You can use a boarder range to specify the tenant ID: https://*
# (used for getting the jwt token using certificates)
# (used to pull docker images from ecr)
# (used to download docker image digest)