Configuring the Cloud Volumes ONTAP Data Collector

Contributors netapp-alavoie Download PDF of this page

Cloud Secure uses data collectors to collect file and user access data from devices.

Cloud Volumes ONTAP Storage Configuration

See the OnCommand Cloud Manager Documentation to configure a single-node / HA AWS instance to host the Cloud Secure Agent:
https://docs.netapp.com/us-en/occm/index.html

After the configuration is complete, follow the steps to setup your SVM:
https://docs.netapp.com/us-en/cloudinsights/task_add_collector_svm.html

Agent Machine Configuration

Use the following steps to configure the machine to be used as a Cloud Secure Agent:

Steps
  1. Log in to the AWS console and navigate to EC2-Instances page and select Launch instance.

  2. Select a RHEL or CentOS AMI with the appropriate version as mentioned in this page:
    https://docs.netapp.com/us-en/cloudinsights/concept_cs_agent_requirements.html

  3. Select the VPC and Subnet that the Cloud ONTAP instance resides in.

  4. Select t2.xlarge (4 vcpus and 16 GB RAM) as allocated resources.

    1. Create the EC2 instance.

  5. Install the required Linux packages using the YUM package manager:

    1. Install wget and unzip native Linux packages.

    2. Install selinux (dependency package for the docker-ce):

      wget http://mirror.centos.org/centos/7/extras/x86_64/Packages/container-selinux-2.68-1.el7.noarch.rpm
      yum install -y container-selinux-2.68-1.el7.noarch.rpm
  6. Install the docker-ce (not the native docker) package. You must use a version higher than 17.03:
    https://download.docker.com/linux/centos/7/x86_64/stable/Packages/

  7. SSH to the Redhat EC2 VM:

    ssh -i "your_new_pem.pem" <ec2_hostname_or_IP>
    sudo su -
  8. Perform a docker login after installing the required AWS CLI package:

    curl "https://s3.amazonaws.com/aws-cli/awscli-bundle.zip" -o "awscli-bundle.zip"
    unzip awscli-bundle.zip
    sudo ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws
    /usr/local/bin/aws --version
    aws configure --profile collector_readonly
    aws ecr get-login --no-include-email --region us-east-1 --profile collector_readonly
    docker login -u AWS -p <token_generated_above>  <ECR_hostname>
  9. Use the following command to verify the steps completed successfully and the cs-ontap-dsc image can be successfully pulled:

    docker pull 376015418222.dkr.ecr.us-east-1.amazonaws.com/cs-ontap-dsc:1.25.0

Install the Cloud Secure Agent

  1. Log in as Administrator or Account Owner to your Cloud Insights environment.

  2. Navigate to Cloud Secure Admin > Data Collectors and click the Agents tab.

  3. Click +Agent and specify RHEL as the target platform.

  4. Copy the Agent Installation command.

  5. Paste the Agent Installation command into the RHEL EC2 instance you are logged in to.
    This installs the Cloud Secure agent, providing all of the Agent Prerequisites are met.