Installing the Agent Manager

After downloading the installer to the machine on which you want to install the Agent Manager, you can use the installer interface, run the installer from the command-line, or use the silent (non-interactive) installer.

Install the Agent Manager on each host that you want to monitor locally. Many agents allow hosts to be monitored remotely, from an Agent Manager installed on another machine. A local Agent Manager is not required on remotely monitored machines.

The Agent Manager should be installed in a directory that is local to the system. It should also run using a local account, not a network or domain account. This should also include a local user home directory. Because the Agent Manager monitors and detects problems such as network and disk failures, having the Agent Manager installed in a local directory and running it as a local user makes the Agent Manager more resistant to failures in those services and better able to detect and report those failures.

Otherwise, having the Agent Manager installed on a network drive, could cause the Agent Manager to lock itself when the network drive fails, preventing this failure from being reported.

In some environments, the need for more efficient credentials management may require the use of domain accounts. In these environments, the use of gMSA (Group Managed Service Accounts) may provide additional security and efficiency.

This section covers the following key areas:

• Installing the Agent Manager using the installer interface
  
  • Step 1: Introduction
  • Step 2: License Agreement
  • Step 3: Choose Install Location
  • Step 4: Host Display Name
  • Step 5: Server URLs
  • Step 6: Configure Secure Launcher
  • Step 7: Install init.d Script
  • Step 8: Downstream Connection Configuration
  • Step 9: Windows Service
  • Step 10: Summary
  • Configuring Management Server URLs using the installer interface
• Installing the Agent Manager from the Command Line
• Starting or stopping the Agent Manager process

Installing the Agent Manager using the installer interface

To install the Foglight Agent Manager using the Agent Manager Installation and Configuration interface:

• Run the installer executable in GUI mode on the target machine. To start the installer interface from the command line, run the installer executable with no options.

  If you want to configure the Agent Manager to accept upstream HTTP connections during the installation, start the installer on the command line with the –allow-unsecured option: FglAM--windows-x86_64.exe –allow-unsecured

  If you want to install the Agent Manager as a Windows service, or as a Unix deamon, the installation interface appears with pre-selected options, indicating that the Agent Manager will start immediately after the installation. You can force these options to appear disabled by default (and enable them, if required, during the installation), if you start the installer executable with the –nostart-on-exit option: FglAM--windows-x86_64.exe –no-start-on-exit

  The installer program prompts you for information, and informs you of the progress of your installation. On some platforms, a command shell may appear while the installer loads and extracts files to a temporary location on your machine.

The Agent Manager installation program consists of several steps. Each installation screen includes a Previous button, allowing you to go back and adjust the information you specified.

Step 1: Introduction

The Agent Manager Installation and Configuration window opens, showing the Introduction step. Read the information in the Introduction step and click Next.

Step 2: License Agreement

• Read the information in the License Agreement step, enable the check box to accept the terms of the license agreement, then click Next.

Step 3: Choose Install Location

• In the Choose Install Location step, choose the directory where you want to install the Agent Manager and click Next.

If the selected directory does not exist, the installer informs you of this and prompts you regarding whether or not you want the directory to be created. To create the directory, click Yes. To return to the Installation Directory step and specify a different directory, click No.

If the Agent Manager is already installed in the directory, you must specify a different directory. The installer informs you if the Agent Manager is already installed in the directory, provides information about performing upgrades, and prompts you to select a different directory.

Step 4: Host Display Name

The Host Display Name step allows you to configure the host name that the Agent Manager uses to identify itself. This is also the name under which the Agent Manager submits metrics to the Management Server.

By default, the Agent Manager uses the host name that is automatically detected for the machine on which it is being installed. This host name initially appears in the Host Display Name box.

There are certain cases in which you should explicitly set the host name in this box: for example, if the host name is already in use by another machine. If necessary, you can replace the host name with a different (non-host name) value that suits the needs of your environment; for example, WebServer (Unix Cluster 1) or 12345.example.com (Databases).

By default, the Agent Manager logs a warning when it starts if the host name you set differs from the automatically detected host name. This warning message appears in the console when you start the Agent Manager and in the Agent Manager log file. If you do not want the warning logged, clear the check box in this step.

• Configure the host name settings, as required, and click Next.

Step 5: Server URLs

The Server URLs step provides multiple ways to configure the connection between the Agent Manager and the Management Server. For example, you can specify the URL of a single Management Server to which you want the Agent Manager to connect, or configure multiple Management Server URLs for failover purposes. You can also specify the URL of an Agent Manager concentrator to which you want the Agent Manager to connect.

From this step, you can also add SSL certificates to the Agent Manager’s certificate store, or configure reverse polling.

1. By default, the Agent Manager uses secure connections (HTTPS) with the Management Server. If you need to use an unsecure connection, click Allow Unsecured Connections to enable this option.

   To complete this configuration, you must clear the Connect Using HTTPS check box in Step 2.

2. In the Server URLs step, click Add.
   a. In the Edit Server URL dialog box that appears, specify the host name and port number that you want the Agent Manager to use when connecting to the Management Server. You can also configure other Agent Manager connection options in this dialog.
   b. To use an unsecure connection with the Management Server, clear the Connect Using HTTPS check box.

   This option is only available if you selected Allow Unsecured Connections in Step 1.

   
   c. Once you have specified the desired connection options, click OK.
   Repeat these steps for each Management Server URL that you want to add. As you add the URLs, they appear listed in the Server URLs step. If you want to remove a URL, select the URL from the list and click Delete.
   
3. Test the connection between the Agent Manager and the Management Server. Select a URL in the list and click Test. An icon on the left of each URL indicates if the URL is tested and the outcome of the connection test:
   • : The URL passed the connection test.
   • : The URL is not tested.
   • : The URL failed the connection test.
     
4. After you specify at least one Management Server for the Agent Manager to connect to, you can search for other Management Servers that have been configured to be part of the same HA (High Availability) partition by clicking Find HA Servers.

   You can specify URLs for both Management Servers and Agent Manager concentrators. However, only Management Servers can have HA (High Availability) peers, not concentrators. Clicking Find HA Servers does not cause any concentrators to be added to the list of URLs.

   If you specify a localhost address in the Edit Server URL dialog box and then search for HA servers, a URL that shows the real machine name is displayed as well as the URL for localhost.
5. To add SSL certificates, click SSL Certificates. The Manage SSL Certificates dialog box appears. Use this dialog box, to add and remove SSL certificates from trusted certificate authorities. Only certificates that you manually add appear in this list. The default set of trusted CA certificates is not included.
   a. Click Add.
   b. Use the file chooser to select an SSL certificate.
   c. In the SSL Certificate Alias dialog box, type a name (alias) to identify the certificate you are adding, and click OK.

   The alias must be unique.

   A summary of the new certificate appears in the Manage SSL Certificates dialog box.
   d. To add another certificate, repeat Step a through Step c.
   e. When done, click OK.
   
6. Click Next. If you choose not to configure any Management Server URLs, add any URLs without testing them, or if there are URLs listed that failed the connectivity test, a Warning message box appears, asking you to confirm that you want to continue.
7. If you are installing the Agent Manager on Windows, proceed to Step 9: Windows Service. Otherwise, continue with Step 6: Configure Secure Launcher and then Step 7: Install init.d Script.

Step 6: Configure Secure Launcher

UNIX platforms only

The Configure Secure Launcher step allows you to configure the external loader used by the Agent Manager to provide certain Foglight agents with permissions required to gather system-level metrics.

1. In the Configure Secure Launcher step, complete one of the following steps:
   • Accept the default setting.
   • Edit the path to point to a different sudo executable.
   • Edit the path to point to the executable for a sudo-like application.

     After the installation is complete, you must edit the sudoers file for your system. If you are using a privilege-escalation tool other than sudo (for example, setuid_launcher), you must make changes related to that application.

2. When you have finished making changes to the Configure Secure Launcher screen, click Next.

Step 7: Install init.d Script

UNIX platforms only

The UNIX init.d Script step allows you to configure the Agent Manager to run as a daemon. You do that by instructing the installer to installing an init.d-style script called quest-fglam in the init.d directory on your system.

The system calls the quest-fglam script when the host on which the Agent Manager is installed starts up or shuts down.

1. In the UNIX init.d Script step, complete one of the following steps:
   • If you want to use the default configuration options, ensure the Would you like to customize the start-up script check box is cleared, and click Next. Then, continue to Step 8: Downstream Connection Configuration.
   • To apply customized configuration options, click the Would you like to customize the start-up script check box, and proceed to Step 2.
2. Complete one of the following steps:
   • To install the script, select the Yes, install init.d scripts check box.

     This check box appears disabled if you are not running the Agent Manager installer as root.

   • If you do not want to install the scripts, ensure that the Yes, install init.d scripts check box is clear (the default setting).

     Even if you choose not to install the init.d script, or if you are not performing the installation as the root user, two scripts to perform the necessary setup are generated for later use. If you are not installing the init.d script at this time, it is recommended to configure as many options as possible in this step. They are referenced when generating these scripts for a later use.

3. Linux only- If the correct operating system is not auto-detected by the installer, from the Select OS Type menu, select your OS.
4. In the Run as user box, type the name of the user account used to run the Agent Manager. If you choose to have the Agent Manager run as a different user than the one who performed the installation, then that user account must already exist in the system. This user becomes the owner of the <fglam_home> directory and all files within it, including all state directories.
5. Select the one or more of desired numeric run levels for the Agent Manager.

   These numbers signify different run levels on different UNIX platforms. Consult your UNIX system administrator for more information.

6. If you want the Agent Manager to start immediately after the installation, ensure that Start Foglight Agent Manager at the end of the installation is selected.

   If the installer is started on the command line with the –no-start-on-exit option, this check box does not appear selected in the Install init.d Script step. Starting the installer without the –no-start-on-exit option causes the Start Foglight Agent Manager at the end of the installation check box to be selected by default.

7. Click Next. If the user specified in the Run as user box is not a local user, the installer displays a Warning and prompts you for further actions.
   • To continue with the specified user, click Yes.
   • To specify a different user, click No.
8. Continue to Step 8: Downstream Connection Configuration.

Step 8: Downstream Connection Configuration

Foglight Agent Manager can accept incoming connections and be configured as a concentrator that acts as an intermediary connection to aggregates one or more downstream Agent Manager clients. A concentrator configuration provides a single connection through either a firewall or proxy for all downstream clients, or as an aggregated connection directly to the server.

Configuring the Agent Manager to act as a concentrator involves configuring queue and heap sizes to adequately support accepting and transferring data from one or more downstream connections. You can configure downstream connections when the Agent Manager needs to accept connections from the Management Server and enable reverse data polling. This is useful when the Agent Manager cannot connect to the Management Server due to its location.

Using this installer step, you can configure:

• Downstream SSL connections, when a certificate host name and a password are provided.
• Downstream non-SSL connections, but only if you started the installer on the command line with the –allow-unsecured option (as instructed in Installing the Agent Manager using the installer interface). User-provided certificates or keystores are supported, but can be configured after the installation.

If you are configuring the Agent Manager as a concentrator in order to enable connections from the Management Server, additional setup is required. For more information about this procedure, or to find out to configure non-SSL connections and user-provided certificates, see Configuring the Agent Manager to accept connections from the Management Server.

1. If you want to enable downstream connections, in the Downstream Connection Configuration step, select the Enable concentrator/downstream connection support check box.
2. Drag the Pre-Configured Size slider to set the desired queue and memory sizes.
3. In the Port box, type the port number that you want the Agent Manager to use to listen for downstream connections.
4. In the Certificate Host Name box, type the name of the host on which you are installing the Agent Manager. The host name you specify here is added to the SSL certificate that is to be generated.
5. In the New Certificate Password and Re-enter Password boxes, type the password of the SSL certificate keystore.
6. Click Add. The Allowed Downstream Connections box refreshes, showing the newly created downstream connection URL.
7. If needed, create additional downstream connections. To delete any downstream connections, select them in the Allowed Downstream Connections box, and click Delete.
8. Click Next.
9. If you are installing the Agent Manager on Windows, proceed to Step 9: Windows Service. Otherwise, continue with Step 7: Secure Launcher and Step 8: Install init.d Script.

Step 9: Windows Service

Windows platforms only

The Windows Service step allows you to specify if you want to install the Agent Manager as a Windows service. A Windows service operates in the background while the system on which it is installed is running. Installing the Agent Manager as a Windows Service causes the Agent Manager to start automatically on your system startup.

1. In the Windows Service step, complete one of the following steps:
   • To install the Agent Manager as a Windows service, leave the check box selected.
   • If you do not want to install the Agent Manager as a Windows service, clear the check box.
2. If you want install the Agent Manager as a Windows service, and you want that service to start immediately after the installation, ensure that Start Foglight Agent Manager Windows Service at the end of the installation is selected.

   If the installer is started on the command line with the –no-start-on-exit option, this check box does not appear selected in the Windows Service step. Starting the installer without the –no-start-on-exit option causes the Start Foglight Agent Manager Windows Service at the end of the installation check box to be selected by default. For more information, refer to Installing the Agent Manager using the installer interface.

3. Click Next.

Step 10: Summary

The Summary step informs you that you can complete installation.

1. In the Summary step, click Finish. The Agent Manager installer copies the Agent manager files to the machine on which it is being installed.

   On UNIX platforms, if the Agent Manager installation is performed by a user without root privileges, the init.d-style script is not installed. One or more messages appear, informing you of this, and also of the location of the script installer and a copy of the script itself.

   The message The Agent Manager has been installed appears.
2. Click OK to close the message box.

   On some platforms, the Agent Manager Installer dialog might close automatically when the installation is complete or you might need to close it manually. If a command shell appeared while the installer was loading, this shell might also need to be closed manually.

   On Windows operating systems, if you chose to install the Agent Manager as a Windows service, it starts automatically.

   The Agent Manager starts automatically when the installation is complete only when it is installed as a service on Windows. It does not start automatically at the end of an installation on a UNIX platform.

Configuring Management Server URLs using the installer interface

As described in Step 5: Server URLs, you can configure the Agent Manager connection parameters using the installer interface.

Connecting to the Management Server using a proxy

You can specify whether the Agent Manager should connect to the Management Server using a proxy.

1. In Server URLs step, double-click a Management Server URL, or click Add to create a new one, as required.
2. In the Edit Server URL dialog box that appears, select the Connect using a proxy check box.
3. Configure the following settings:
   • Proxy URL: Type the URL of the proxy used to connect to the Management Server.
   • Username: Type the user name needed to access the proxy.
   • Password: Type the password associated with the user name. The password is saved encrypted in the Agent Manager configuration file (<fglam_home>/state//config/fglam.config.xml) the next time you start or restart the Agent Manager.
   • NTLM Domain: If the proxy uses Windows authentication specify the Windows domain.

Binding to a local address

You can specify a local network address from which you want the Agent Manager to connect to the Management Server.

1. In Server URLs step, double-click a Management Server URL, or click Add to create a new one, as required.
2. In the Edit Server URL dialog box that appears, select the Bind to a local address check box.
3. In the Local Address box, type the IP address of a NIC (network interface card) on the machine hosting the Agent Manager that you want to use to establish outbound connections to the Management Server.