Installing an eG Agent on Linux

There are two approaches to installing an eG agent on Linux:

  • The eG agent software for Linux is available in the eG web site as a tar file and an iAgent script - a pair each for the 32-bit and 64-bit versions of Linux. You can download the tar file and iAgent script that corresponds to the bit version of the target Linux host from the eG web site, and manually run the iAgent script on that host to install the eG agent. This approach is ideal if you want to deploy eG for a single organization - i.e., for the Enterprise deployment of eG.
  • The eG agent software for Linux is provided as a packaged application - one each for the 32-bit and 64-bit versions of Linux. You can download the agent package that corresponds to the target Linux host from the eG manager console, extract the contents of the package to any folder in the target host, and silently run a setup script on that host to install and configure the agent at one shot - i.e., to install the agent and also to configure agent-manager communication. If you are deploying eG Enterprise for SaaS, then it is mandatory that your tenants use this approach to install and configure the eG agents in their environment.

Both these approaches are discussed in this section.

Installing Linux Agents for an Enterprise Deployment of the eG Manager

An Enterprise deployment of the eG manager is typically used to monitor only a single organization's IT infrastructure. In this case, it is recommended that the following procedure be used to install eG agents on Linux hosts:

  1. The standard eG agent software for 32-bit Linux hosts is provided as a tar file named eGagent_linux.tar. For installations on 64-bit Linux hosts, the eGagent_linux_x64.tar file is provided. An accompanying script drives the installation process for the eG agent. On 32-bit Linux hosts, this script is called iAgent_linux, and for 64-bit Linux hosts, this is called iAgent_linux_x64. You can download the tar file and installation script suitable to your environment from the eG web site. To know how, refer to the eG Quick Installation Guide.
  2. After downloading, execute the iAgent_linux or the iAgent_linux_x64 script (as the case may be), with the eGagent_linux.tar file or the eGagent_linux_x64.tar file (as the case may be) located in the same directory as the corresponding script file (i.e., iAgent_linux or iAgent_linux_x64).

    Note:

    The agent installation must be performed from a super-user account.

  3. Next, specify the user account to be used for executing the eG agent. First enter the name of the eG user. The default value taken is “egurkha”.

    This script will install the eG agent. The eG agent must be installed and executed by a separate user. If you have installed the eG manager on the same system, you must use the same user and the same installation directory for the manager and the agent.

    Enter the name of the eG user [egurkha]:

    Note:

    • If the agent is being installed on the same system as the manager, the eG user configured for the agent should be the same as that used for the manager.
    • You can specify the name of an existing user or a new user here. If you provide the name of a new user, then the eG agent installer will automatically create an eG user with that name. By default, the user account so created will only be a normal user account, and not a service account. Because a service account is more secure, administrators of high-security environments may prefer to use a service account for agent installation and operations, instead of a normal account. Such administrators can do the following:

      • Start the agent installation process by running the following command on a 32-bit Linux host:

        iAgent_linux -s

        On 64-bit Linux hosts, run the following command:

        iAgent_linux_x64 -s

      • When prompted for a user name, specify the name of the eG user account you want the installer to create. Once you provide a user name, the installer will automatically create a service account with that name.
      • Then, proceed with the installation as described by steps 3 to 8 below.
  4. Then, enter the group with which the eG user is to be associated. The default value taken is “egurkha”. The installation will attempt to create the user account if it does not exist on the system. If you specify an existing user name, then this group prompt will not appear.

    Enter the group to which the eG user is to be associated [egurkha]:

  5. Next enter the path to the directory in which the eG agent will reside. The default base directory for the eG agent is /opt. A subdirectory named egurkha will be created under the base directory. If the base directory is not /opt, a symbolic link will be created from the egurkha subdirectory of the base directory to /opt/egurkha.

    Enter the directory in which the eG agent should be installed [/opt]:

  6. The install process will now request the user to confirm installation of the auto-restart feature. This feature will enable the agent to start automatically every time the system hosting the agent reboots. Now, press y to install the auto-restart feature, or n to proceed without installing the same.

    Would you like the eG agent to auto-restart on system boot-up? y/n [n] :

  7. If the agent is installed on the same system as the manager some common files need not be reinstalled.

    The following files are already installed on the system and are being used by another package: Do you want to install these conflicting files [y,n,?,q] n         

  8. As in the case of the eG manager, the agent package contains components that need to be installed with the set-uid permissions set. These components must be installed for the agent to function properly. Following this step, the eG agent components are extracted and stored.
  9. Then, the following message will be displayed depicting the success of the installation.

    The eG agent has been successfully installed! Please login as <eG user name> and run the script /opt/egurkha/bin/setup_agent to configure the agent.

  10. After the agent is deployed on the target Linux host successfully, the installation script automatically checks if the SELinux security module is 'Enforced' on that host. Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies. On a Linux host, SELinux can run in one of the three modes: disabled, permissive, or enforcing. Enforcing mode is the default, and recommended mode of operation. In the Enforcing mode, SELinux implements Mandatory Access Control (MAC). Every process and system resource has a special security label called a SELinux context. A SELinux context, sometimes referred to as a SELinux label, is an identifier which abstracts away the system-level details and focuses on the security properties of the entity. The SELinux policy uses these contexts in a series of rules which define how processes can interact with each other and the various system resources. By default, the policy does not allow any interaction unless a rule explicitly grants access.

    SELinux contexts have several fields: user, role, type, and security level. The SELinux type information - also known as SELinux domain - is perhaps the most important when it comes to the SELinux policy, as the most common policy rule which defines the allowed interactions between processes and system resources uses SELinux types/domains and not the full SELinux context. SELinux types/domains usually end with _t. For example, the type/domain name for the web server is httpd_t.

    If the installation script finds that SELinux is in the Enforcing mode on the target host, it allows users the option to run the eG agent as a 'confined process' on that host. When a process is confined, it runs in its own domain, such as the httpd process running in the httpd_t domain. If a confined process is compromised by an attacker, depending on SELinux policy configuration, an attacker's access to resources and the possible damage they can do is limited.

    Would you like the eG agent to b run as a confined process? y/n [n] :

     

    To run the eG agent as a confined process, type y at the prompt above. If this is done, then the egagent process will run in its own secure domain. To this effect, the installation script will automatically build a access control policy, which will assign a special 'security label' or 'SELinux Context' to the eG agent process. This label is: egagent_se. The agent process so labeled will run within the egagent_se_t domain.

    Note:

    If the eG agent installation script discovers that the SELinux security model is either in the disabled or permissive mode on the target Linux host, it will simply proceed to run the eG agent as an unconfined process. In other words, the prompt you see at step 10 above will not even appear, and the installation process will end at step 9.

  11. To auto-create a security policy and assign a label to the agent process, the eG agent installation script uses the following packages on the target host:

    • sepolicy

    • rpmbuild

    Typically, these packages will pre-exist on Linux hosts where SELinux is enforced. However, if for some reason, either or both of these packages are not available on the target host, then the installation script will not run the eG agent as a confined process. In this case therefore, after you press y at the prompt above, the confined process creation will fail with messages similar to the following:

    rpmbuild package needs to be installed to proceed to setup the eG agent as a confined process.

    sepolicy package needs to be installed to proceed to setup the eG agent as a confined process.

    If you still want to run the eG agent as a confined process, then, you will have to terminate the agent installation, install the missing package(s), and start installing the eG agent all over again.

  12. With that, the agent installation process ends.

If you install an eG agent using the procedure discussed above, then you will have to run a setup procedure later to configure agent-manager communication. To know how setup the eG agent, refer to the Configuring the eG Agent on Unix topic.

Note:

To install the eG agent on Tru64/FreeBSD/CentOS/openSUSE operating systems also, you will have to use the standard Linux package, and follow the installation procedure discussed above.

Installing Linux Agents for a SaaS Deployment of the eG Manager

As stated earlier, where eG Enterprise needs to support multiple tenants - eg., MSP environments with multiple customers, enterprises with multiple departments/domains - the individual tenants should use only this approach to deploy the eG agent on the Linux hosts in their specific environments.

A key pre-requisite of this approach is that the eG manager should already be deployed and running.

To enable a tenant to install eG agents, the administrator should first make sure that the agent packages that correspond to the tenant's environment are accessible to the tenant from the eG manager console. For that, the administrator should do the following:

  1. Login to the system hosting the eG manager.
  2. From a browser, connect to the URL: https://www.eginnovations.com/eval<current_version_num>/AgentPackages
  3. In this location, you will find a set of zip files. Each zip file is an agent package that corresponds to every operating system on which an eG agent can be installed.
  4. Download the agent packages / zip files that correspond to the hosts in your tenant's environment, to any folder on the eG manager host. The Linux-specific packages are as follows:

    • Linux.zip, for 32-bit Linux systems
    • Linux_x64.zip, for 64-bit Linux systems
  5. Copy the downloaded packages to the /opt/egurkha/agents/Universal/Latest folder on the eG manager.

The tenant can now proceed to install the eG agent using the procedure discussed hereunder:

  1. First, click the Get Started Now link in Figure 16.

  2. If the Yes option is chosen in Figure 20, then Figure 14 will appear. Here, you need to provide the details of the proxy server used for agent-manager communication.

    Figure 14 : Configuring agent-manager communication via a proxy server

  1. Specify the following in Figure 14:

    • Proxy Server IP/Hostname: Mention the IP address/hostname of the proxy server used for agent-manager communication.
    • Proxy Server Port: Specify the port number at which the proxy server listens.
    • Does the proxy server require authentication?: Indicate whether/not the proxy server requires authentication. Select the No option if authentication is required, and Yes if it is.
    • Username, Password, and Confirm Password: If the proxy server requires authentication, then provide the credentials of a valid proxy server user against the Username and Password text boxes. Confirm the password by retyping it in the Confirm Password text box.
    • Finally, click the Submit button to confirm the proxy server specifications and proceed with the downloading of the eG agent.

  2. Figure 15 will appear.

    Figure 15 : Downloading the eG monitor

  3. Figure 15 allows you the flexibility to choose an Installation Method. An agent can be installed using any of the following methods:
    • Using the Command line

    • Using the Agent Installer

    The Installation Method you choose will determine the course of the installation process. The sub-sections below will discuss each of these methods in detail.

Using ZIP/TAR Package for Agent Installation

To use this option, follow the steps below:

  1. First, download the ZIP/TAR file that includes the eG agent installable from the eG manager to your local host. For this, login to the system hosting the eG manager.

  2. From a browser, connect to the URL: https://www.eginnovations.com/eval728/AgentPackages

  3. In this location, you will find a set of zip files. Each zip file is an agent package that corresponds to every operating system on which an eG agent can be installed.
  4. Download the agent packages / zip files that correspond to the hosts in your tenant's environment, to any folder on the eG manager host.

  5. Copy the downloaded packages to the <EG_MANAGER_INSTALL_DIR>\agents\Universal\Latest folder.

  6. Then, login to the eG management console as a user with administrative rights.

  7. If the host to which you have downloaded the package is the target Windows host for agent installation, then login to that Windows host. On the other hand, if you want to install the eG agent on a host different from the one on which the package has been downloaded, then first copy the agent package to any location on the target Windows host. Then, login to that host.

  8. Open the folder to which the zip file has been copied/downloaded, and extract the contents of the file. The extracted contents will be as depicted by Figure 16.

    Figure 16 : The contents extracted from the agent package zip file

  9. As is evident from Figure 16, the following files are extracted:

    • eGAgent_<winflavor>_<win_bitrate>: This is the eG agent installable (exe) that corresponds to the version/flavor/bit rate of the target Windows host.
    • setup.bat: This is the batch file that drives the silent installation of the eG agent. Running setup invokes the eG agent executable and silently installs the agent on the target host.
    • eg_uaid: In a multi-tenant setup, once a tenant - eg., a user representing a customer / a department / a domain - registers with eG Enterprise to use its monitoring services, eG automatically generates a unique UAID and assigns the same to that tenant. If that tenant later logs into the eG management console using the registered credentials (email ID and password) and downloads the agents, each agent so downloaded is automatically tagged with that UAID. The downloaded agents, once installed and configured, will automatically start discovering applications on their respective hosts. eG Enterprise auto-manages the discovered applications and auto-assigns them to the user who has the same UAID as the eG agent that discovered these applications. The eg_uaid file contains the UAID of the tenant who downloaded agent packages from the eG management console; this is the same UAID that will be assigned to each agent installed by that tenant.

  10. Next, to install the eG agent on a Windows host silently, open Windows explorer and go to the folder to which the contents of the zip file have been extracted.

  11. Right-click on the setup.bat file in that folder, and click the Run as administrator option in the shortcut menu that pops up.

    Figure 17 : Running the setup.bat file as administrator

  12. This will automatically install an eG agent on the target Windows host. This eG agent will automatically report metrics to the eG manager from which the agent package was downloaded. Also, the hostname of such an agent is automatically set as its nick name.

Note:

In a multi-tenant setup, a hostname may not be unique across tenant environments. To avoid nick name duplication, eG Enterprise automatically employs the following algorithm when assigning nick names:

  • At the time of setting the hostname of an agent host as its nick name, eG first checks if that hostname has already been assigned to any existing agent.
  • If it finds that the hostname has already been taken, then it will attempt to assign the FQDN - the fully qualified domain name - of the agent host as the nick name.
  • In the process, if eG finds that the FQDN is also in use, then it will break-down the FQDN into smaller strings, and try to assign each of these strings, one after another, to the agent.
  • If all these FQDN strings have already been assigned to other agents, then the eG agent will suffix the hostname of the agent host with the number 0, and try to assign this as the nick name of the eG agent. For instance, if the hostname of the eG agent host is winpc, then the nick name assigned to that agent will be winpc0.
  • If this nick name is also taken, then eG will increment the number 0, which suffixes the hostname, by 1, and will try to assign the resultant string to the eG agent,. This way, eG will keep incrementing the number suffix until an unused string is found. Such a string will finally be assigned to the agent as its nick name.

    In a SaaS deployment, if a tenant manually adds components to be monitored by an eG agent, then that agent's nick name should only be added as the nick name of each of those components.

Using the Command Line to Install an eG Agent

For this, you need to execute the PowerShell script (for Windows) / Curl command (for Linux) that eG Enterprise provides, from the Windows PowerShell / Linux Shell prompt (as the case may be) of the target host. The script/command will automatically instal and start the eG agent on that host. Also, the agent will be automatically configured to report to the cloud manager.

To install an eG agent on a Windows host using the PowerShell script, do the following:

  • In Figure 18, set Command Line as the Installation Method.

  • Then, pick Windows as the Operating System.

  • Next, pick the Windows version and bit-rate from the Environment drop-down. The PowerShell script that corresponds to your specification will then be displayed, as depicted by Figure 18.

    Figure 18 : Installing an eG agent on a Windows host using the PowerShell script provided by eG

  • Click on the Copy button below the script to copy the script to the clipboard.

  • Next, open the PowerShell prompt on the target host, paste the script therein, and run it as an administrator.

  • The script, upon execution, will automatically install, start, and configure the eG agent. Later, the eG agent so installed, will automatically discover the environment and auto-manage the discovered components.

  • Repeat the steps above on each Windows host to install the eG agent on it.

Note:

Before attempting to use the Command line option for agent installation on a Windows host, make sure that PowerShell v5,0 (or above) exists on the target host.

To install the eG agent on Linux using the eG-provided Curl command, do the following:

  • In Figure 18, set Command Line as the Installation Method.

  • Then, pick Linux as the Operating System.

  • Next, pick the Linux version and bit-rate from the Environment drop-down. The Curl command that corresponds to your specification will then be displayed, as depicted by Figure 19.

    Figure 19 : Installing the eG agent on a Linux host by running a Curl command on the target host

  • Click on the Copy button below the command to copy it to the clipboard.

  • Next, open the Shell prompt on the target host, paste the command therein, and run it with root user privileges.

  • The command, upon execution, will automatically install and start the eG agent on the target host, and will also auto-configure the eG agent to report to the cloud manager. Later, the eG agent so installed, will also automatically discover the environment and auto-manage the discovered components.

  • Repeat the steps above on each Linux host to install the eG agent on it.

Note:

Before attempting to use the Command line option for agent installation on a Linux host, make sure that curl package exists on the target host.

 

 

 

 

 

 

 

 

  1. Using a browser, connect to the URL of the eG management console.
  2. Login to the eG management console using the credentials you used (corporate email ID and password) to register with eG Enterprise for SaaS.
  3. Click the icon in the top, right corner of the page that appears to download eG agents.
  4. Doing so will invoke Figure 20, where you need to indicate if the eG agent you are downloading should communicate with the eG manager via a proxy server. If not, then pick the No option. If a proxy server is to be used for agent-manager communication, then select the Yes option.

    Figure 20 : Indicating whether/not the eG agent being downloaded should communicate with the eG manager

  5. If the Yes option is chosen in Figure 20, then Figure 14 will appear. Here, you need to provide the details of the proxy server used for agent-manager communication.

    Figure 21 : Configuring agent-manager communication via a proxy server

  6. Specify the following in Figure 14:

    • Proxy Server IP/Hostname: Mention the IP address/hostname of the proxy server used for agent-manager communication.
    • Proxy Server Port: Specify the port number at which the proxy server listens.
    • Does the proxy server require authentication?: Indicate whether/not the proxy server requires authentication. Select the No option if authentication is required, and Yes if it is.
    • Username, Password, and Confirm Password: If the proxy server requires authentication, then provide the credentials of a valid proxy server user against the Username and Password text boxes. Confirm the password by retyping it in the Confirm Password text box.
    • Finally, click the Submit button to confirm the proxy server specifications and proceed with the downloading of the eG agent.

  7. Figure 22 will appear. By default, Figure 22 lists the 'internal agent packages' that have been uploaded to the eG manager - i.e., agent packages to be used for monitoring components in an agent-based manner. If you want to deploy a remote agent, click the agentless monitoring link in Figure 22. Likewise, to deploy an external agent, click the external monitoring link in the page.

    Figure 22 : eG's internal agent packages available for download from the eG manager console

    Note:

    Though the eG management console lists the packages meant for agent-less, agent-based, and external monitoring in separate pages, the procedure to download and install these packages remains the same across monitoring approaches.

  8. To download an agent package for Linux, click on the package that corresponds to the bit version of Linux that the target host is using. For instance, to install an agent on a 32-bit Linux host, download the Linux.zip file by clicking on it.
  9. If the host to which you have downloaded the package is the target Linux host for agent installation, then login to that Linux host as super-user. On the other hand, if you want to install the eG agent on a host different from the one on which the package has been downloaded, then first copy the agent package to any location on the target Linux host. Then, login to that host as a super-user.
  10. From the Shell prompt, open the folder to which the zip file has been copied/downloaded. Then, run the following command at the prompt to unzip the file and extract its contents.

    unzip <Zip_File_Name>

  11. The following files will then be extracted:

    • A tar file: If you downloaded the agent package for a 32-bit Linux host - i.e., if you downloaded Linux.zip - then upon unzipping the file, you will find a file named eGagent_linux.tar.gz. If you downloaded the agent package for a 64-bit Linux host - i.e., if you downloaded Linux_x64.zip - then upon unzipping the file, you will find a file named eGagent_linux_x64.tar.gz.
    • iAgent script: This is the script that installs the eG agent on a Linux host. An iAgent_linux script will be extracted from Linux.zip (32-bit package), and an iAgent_linux_x64 script will be extracted from Linux_64.zip (64-bit package).
    • setup.sh: This is the shell script that drives the silent installation of the eG agent. Running setup invokes the iAgent script and silently installs the agent on the target host.
    • eg_uaid: In a multi-tenant setup, once a tenant - eg., a user representing a customer / a department / a domain - registers with eG Enterprise to use its monitoring services, eG automatically generates a unique UAID and assigns the same to that tenant. If that tenant later logs into the eG management console using the registered credentials (email ID and password) and downloads the agents, each agent so downloaded is automatically tagged with that UAID. The downloaded agents, once installed and configured, will automatically start discovering applications on their respective hosts. eG Enterprise auto-manages the discovered applications and auto-assigns them to the user who has the same UAID as the eG agent that discovered these applications. The eg_uaid file contains the UAID of the tenant who downloaded agent packages from the eG management console; this is the same UAID that will be assigned to each agent installed by that tenant.
  12. Next, to install the eG agent on a Linux host silently, from the Shell prompt, switch to the folder to which the files have been extracted. Then, run the setup.sh script by issuing the following command:

    ./setup.sh

  13. Running setup will automatically install an eG agent on the target Linux host, and will also automatically configure manager-agent communication. This eG agent will automatically report metrics to the eG manager from which the agent package was downloaded. Also, the hostname of such an agent is automatically set as its nick name.

    In a multi-tenant setup, a hostname may not be unique across tenant environments. To avoid nick name duplication, eG Enterprise automatically employs the following algorithm when assigning nick names:

    • At the time of setting the hostname of an agent host as its nick name, eG first checks if that hostname has already been assigned to any existing agent.
    • If it finds that the hostname has already been taken, then it will attempt to assign the FQDN - the fully qualified domain name - of the agent host as the nick name.
    • In the process, if eG finds that the FQDN is also in use, then it will break-down the FQDN into smaller strings, and try to assign each of these strings, one after another, to the agent.
    • If all these FQDN strings have already been assigned to other agents, then the eG agent will suffix the hostname of the agent host with the number 0, and try to assign this as the nick name of the eG agent. For instance, if the hostname of the eG agent host is winpc, then the nick name assigned to that agent will be winpc0.
    • If this nick name is also taken, then eG will increment the number 0, which suffixes the hostname, by 1, and will try to assign the resultant string to the eG agent,. This way, eG will keep incrementing the number suffix until an unused string is found. Such a string will finally be assigned to the agent as its nick name.

    • Note:

      • In a SaaS deployment, if a tenant manually adds components to be monitored by an eG agent, then you should only assign that agent's nick name to each of the components it monitors.
      • In a SaaS deployment, if you are downloading an agent for installation on an imaging system (e.g. for Citrix Provisioning services), or on a snapshot (for Citrix Machine Creation Services), or on a VM template for virtual servers, then, make sure you first enable the Installation on a golden image / VM template flag in Figure 22 and then proceed with the downloading. If this is done, then after the agent so downloaded is installed, setup will stop that agent. Also, setup will auto-delete the eg_nick.ini file of that agent, so that no nick name is assigned to that agent.

        On the other hand, if you download and install an agent on an imaging system / snapshot / VM template WITHOUT ENABLING the Installation on a golden image / VM template flag in Figure 22, then the installation will automatically start the agent and assign the hostname of the system as the nick name automatically. In such a case, you need to do the following:

        • On the snapshot / golden image / master VM, open the eg_nick.ini file in the <EG_AGENT_INSTALL_DIR>\agent\config directory.
        • Check to see if the Nick parameter in that file is set to any value. If this parameter has no value, it implies that no nick name was set for the eG agent on that snapshot / golden image / master VM. On the other hand, if the Nick parameter has a value, it indicates that a nick name was set for the eG agent. In this case, make sure that you delete the eg_nick.ini file on the snapshot / golden image / master VM before you proceed further.
        • Likewise, delete the contents of the /opt/egurkha/agent/data folder and the /opt/egurkha/agent/logs folder are deleted.
        • Also, stop the eG agent.

Note:

  • If a tenant wants to install the eG agent on Tru64/FreeBSD/CentOS/openSUSE operating systems also, they will have to use the same installation procedure discussed above.

  • In a SaaS deployment, if you download and install the eG agent on a SELinux-enforced Linux hostusing the procedure described above, then the setup.sh script will automatically attempt to run the eG agent as a 'confined process' after installation. However, this attempt will succeed only if the sepolicy and rpmbuild packages pre-exist on the target host. If either one or both of these packages are unavailable for any reason, then setup will automatically run the eG agent as an 'unconfined' process only, even if the SELinux security module is in the 'Enforcing mode' on that host.