1. Linux packages that are required for Entuity
Important note regarding RNG Tools package
Checking if a package is installed
To install missing required packages
To install Linux 8 packages that use the dnf command
rpcbind Service
2. Maximum number of processes per non-root user
5. Checking Linux firewall configurations
This covers a fresh installation and configuration of Entuity for Linux.
If you want to know how to upgrade an installation, please take the Installation and Upgrade course on our training site or contact our support team.
Important: Please review the list of Known Issues before starting installation.
System requirements
Entuity is only certified for use with the 64-bit English edition variants of:
ENA v17.0:
- Red Hat Enterprise Linux ES version 6.
- Red Hat Enterprise Linux ES version 7.
- Oracle Linux 6.
- Oracle Linux 7.
ENA v18.0 and Entuity v19.0:
- Red Hat Enterprise Linux ES version 7.
- Red Hat Enterprise Linux ES version 8.
- Oracle Linux 7.
- Oracle Linux 8.
- CentOS 7
- CentOS 8
Entuity v20.0:
- Red Hat Enterprise Linux ES version 7.
- Red Hat Enterprise Linux ES version 8.
- Oracle Linux 7.
- Oracle Linux 8.
Entuity v21.0 and v22.0:
- Red Hat Enterprise Linux ES version 8.
- Red Hat Enterprise Linux ES version 9.
- Oracle Linux 8.
- Oracle Linux 9.
1. Linux packages that are required for Entuity:
When installing Entuity to any supported Linux platform, a particular set of 64-bit packages must already be installed. These are as follows:
- alsa-lib.x86_64
- fontconfig
- glibc.x86_64
- libaio.x86_64
- libgcc.x86_64
- libgcrypt.x86_64
- libgpg-error.x86_64
- libICE.x86_64
- libnsl.so.1
- libpcap.x86_64 (required for ENA v18.0 onwards)
- libSM.x86_64
- libstdc++.x86_64
- libuuid.x86_64
- libX11.x86_64
- libXau.x86_64
- libxcb.x86_64
- libXext.x86_64
- libXi.x86_64
- libxml2.x86_64
- libxslt.x86_64
- libXtst.x86_64
- libXt.x86_64
- ncurses-libs.x86_64
- nss-softokn-freebl.x86_64
- rng-tools.x86_64
- rpcbind.x86_64
- zlib.x86_64
Additional libraries are required on Red Hat Linux 8 or Oracle Linux 8 onwards (for ENA v18.0 onwards):
- compat-openssl10.x86_64
- openssl-libs.x86_64
- libnsl.x86_64
- ncurses-compat-libs.x86_64
Note, when installing Entuity v21.0 upwards for Linux on Red Hat Linux 9 or Oracle Linux 9 upwards, you only require the following two packages:
- libnsl.x86_64
-
nfs-utils.x86_64
Note, the following shared libraries (required for Entuity v21.0 on Red Hat Linux 9 or Oracle 9) cannot be installed using dnf or yum, but are shipped with the Entuity product:- libcrypto.so.1.0.1e
- libssl.so.1.0.1e
- libncurses.so.5.7
- libnsl.so-2.12.so
- libtinfo.so.5.7
- libcrypto.so.1.0.1e
Important note regarding move to OpenJDK11 in ENA v17.0 P06:
Following ENA v17.0 P06, the move to OpenJDK11 has unbundled fonts and instead relies on OS-provided fonts. OpenJDK11 recommends installing the native OS package, which can be done with ‘yum install fontconfig’ on rpm-based systems. This is a requirement for running Entuity on Linux, otherwise reports will not work.
Important note regarding RNG Tools package:
The rng-tools package must be installed and the rngd service started when deploying Entuity on Linux. The rng-tools package generates the entropy required to securely create the initialization vector, which in turn is required for the digital encryption process. If the rng-tools package is not installed, then configure will hang for a long time because it will be unable to generate enough entropy to securely create the initialization vector.
Checking if a package is installed:
From the server command line, you can use the RPM Package Manager (RPM). For example, to check if the rpcbind.x86_64 package is installed, enter:
rpm -q rpcbind.x86_64
- If the package is not installed, RPM returns:
rpcbind.x86_64 is not installed
- If the package is installed, RPM returns full details of the package, e.g.:
rpcbind-0.2.0-9.e16.x86_64
You can also check all packages through one instruction, an example of which is displayed below. This example does not include the packages required for the BMC integrations. This example can be copied and pasted to the command line as it includes the multi-line indicator \.
for i in alsa-lib.x86_64 fontconfig glibc.x86_64 libaio.x86_64 libgcc.x86_64 \
libgcrypt.x86_64 libgpg-error.x86_64 libICE.x86_64 libSM.x86_64 \
libstdc++.x86_64 libuuid.x86_64 libX11.x86_64 libXau.x86_64 \
libxcb.x86_64 libXext.x86_64 libXi.x86_64 libxml2.x86_64 \
libxslt.x86_64 libXtst.x86_64 libXt.x86_64 ncurses-libs.x86_64 \
nss-softokn-freebl.x86_64 rng-tools.x86_64 rpcbind.x86_64 zlib.x86_64; \
do rpm -q $i ;done
To install missing required packages:
You must install any missing packages to the server before installing Entuity. We recommend you consult the Linux documentation before installing the missing required packages.
Red Hat Linux users must register their system with Red Hat Network to receive updates.
Oracle Linux users can obtain the required packages from Oracle Public Yum Server. You can use the command line package utility Yellowdog Updater, Modified (YUM) to install missing packages. You can install all packages through one instruction, an example of which is displayed below. This example does not include the packages required for the BMC integrations. This example can be copied and pasted to the command line as it includes the multi-line indicator \.
yum install alsa-lib.x86_64 fontconfig glibc.x86_64 libaio.x86_64 libgcc.x86_64 \
libgcrypt.x86_64 libgpg-error.x86_64 libICE.x86_64 libSM.x86_64 \
libstdc++.x86_64 libuuid.x86_64 libX11.x86_64 libXau.x86_64 \
libxcb.x86_64 libXext.x86_64 libXi.x86_64 libxml2.x86_64 \
libxslt.x86_64 libXtst.x86_64 libXt.x86_64 ncurses-libs.x86_64 \
nss-softokn-freebl.x86_64 rng-tools.x86_64 rpcbind.x86_64 zlib.x86_64
To install Linux 8 packages that use the dnf command:
Please find below an example of how to install Linux 8 packages that support the new dnf command, and include the new packages.
The first check is to check if the packages are installed, using rpm -qa in Linux 8.
for i in alsa-lib.x86_64 fontconfig glibc.x86_64 libaio.x86_64 libgcc.x86_64 \
libgcrypt.x86_64 libgpg-error.x86_64 libICE.x86_64 libSM.x86_64 \
libstdc++.x86_64 libuuid.x86_64 libX11.x86_64 libXau.x86_64 \
libxcb.x86_64 libXext.x86_64 libXi.x86_64 libxml2.x86_64 \
libxslt.x86_64 libXtst.x86_64 libXt.x86_64 ncurses-libs.x86_64 \
nss-softokn-freebl.x86_64 rng-tools.x86_64 rpcbind.x86_64 zlib.x86_64 \
compat-openssl10.x86_64 openssl-libs.x86_64 libnsl.x86_64 ncurses-compat-libs.x86_64; \
do rpm -q $i ;done
The second checks for additional packages in Linux 8.
dnf install alsa-lib.x86_64 fontconfig glibc.x86_64 libaio.x86_64 libgcc.x86_64 \
libgcrypt.x86_64 libgpg-error.x86_64 libICE.x86_64 libSM.x86_64 \
libstdc++.x86_64 libuuid.x86_64 libX11.x86_64 libXau.x86_64 \
libxcb.x86_64 libXext.x86_64 libXi.x86_64 libxml2.x86_64 \
libxslt.x86_64 libXtst.x86_64 libXt.x86_64 ncurses-libs.x86_64 \
nss-softokn-freebl.x86_64 rng-tools.x86_64 rpcbind.x86_64 zlib.x86_64 \
compat-openssl10.x86_64 openssl-libs.x86_64 libnsl.x86_64 ncurses-compat-libs.x86_64
rpcbind Service:
The rpcbind package is the Linux RPC port mapper. Entuity uses the portmap (rpc.portmap, portmap or rpcbind) service to obtain unused ports for its internal communications, e.g. licensing functions cannot run without access to available ports, and therefore Entuity cannot run.
After installing the rpcbind package, you should check that the rpcbind service is running. By default, rpcbind only starts when the server boots up.
- To check if rpcbind is running, enter:
service rpcbind status
- When the service is not running, Linux returns:
rpcbind is stopped
- When the service is running, Linux returns:
rpcbind (pid nnn) is running ...
- When the service is not running, Linux returns:
- To start rpcbind, enter:
service rpcbind start
- We recommend you ensure that rpcbind starts every time the server starts, by entering:
chkconfig rpcbind on
2. Maximum number of processes per non-root user
You can run Entuity using a non-root user account. However, Red Hat Linux 6, Oracle Linux 6 and RHEL 7.x default the maximum number of processes per non-root user to 1024. Entuity requires a higher limit - we recommend a value of 4096.
To check the current value of maximum user processes, from the server command line enter:
ulimit -a
To set the maximum number of processes per non-root user:
- From /etc/security/limits.d/90-nproc.conf, or /etc/security/limits.d/20-nproc.conf, amend the soft nproc value to 4096:
* soft nproc 4096
- Restart the Linux server to apply the change.
- From the server command line, run ulimit to check that the value of max user processes is now set to 4096.
3. Preparing for installation:
- For direct customers, Entuity uses a secure FTP server to distribute its network analytics software. The Entuity FTP server is located here: ftp.entuity.com. Access to the Entuity FTP site requires a valid username and password that can be obtained from Entuity Support. For added security, the FTP site requires connection via SFTP. BMC customers obtain Entuity via BMC EPD (Electronic Product Distribution).
- You need a valid account to access the server:
- If you have purchased the software, please contact Entuity Support and they will be able to provide you the necessary details.
- If you are trialing Entuity software, please contact your Sales Engineer and they will be able to help you.
- Open the ftppub folder, and then open the /Images/19.0 folder (/Images/18.0 for ENA v18.0, /Images/17.0 for ENA v17.0). This folder includes the Windows version, Linux version, and the checksum file. The Linux version is entuity_19_0_red.iso.gz (entuity_18_0_red.iso.gz for ENA v18.0, entuity_17_0_p1_red.iso.gz for ENA v17.0). Download the Entuity image, which is a compressed file.
- Check the integrity of the image by validating the checksum using the command line utility 'md5sum'. Use the following syntax to generate an MD5 checksum: certutil -hashfile <file> MD5
4. Installing Entuity:
Please find below instructions on how to install Entuity, with the commands required at each step. Note that the commands in [square brackets] are not fixed - the user will need to create their own input.
- Navigate to the compressed image
-
cd /[folder path]
-
- Decompress the image
-
zcat ./entuity_18_0_red.iso.gz > /tmp/Entuity.iso
-
- Create mount point
-
mkdir /mnt/EntuityInstaller
-
- Mount image
-
mount -o loop /tmp/Entuity.iso /mnt/EntuityInstaller
-
- Run installer. Note, installer must be run as root or using sudo as a regular user.
-
/mnt/EntuityInstaller/install
-
- Accept the terms and conditions with yes or y.
- Specify an install directory by entering the path.
- Note, it is important to use an absolute path, not a relative path. This means that every path must start at the root, starting with /.
- Note, if you are installing Entuity v21.0 to a different directory compared to a previous location on RHEL 9 and equivalent Linux OS, you will need to remove previously created symbolic links in Entuity/compatibility/lib64: libcrypto.so.10 libssl.so.10 libtinfo.so.5 libncurses.so.5 before installing Entuity to the new location.
- Run configure
-
/[install path]/install/configure
-
- On Linux, configure runs from the command line, and so responses need to be typed out. Absolute paths need to be provided where applicable. For more help and information, please see How do I configure Entuity from the command line?
- Start Entuity
-
/[install path]/bin/starteye
-
5. Checking Linux firewall configurations:
Netfilter can have a default configuration to block inbound traffic to the standard webserver ports.
- To check existing firewall rules:
iptables -L
- If inbound webtraffic is blocked, you need to enable it:
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
- Or, if TLS is enabled:
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
Comments
0 comments
Please sign in to leave a comment.