Installing an eG Agent on Linux

You can use any of the following approaches to install eG agents on Windows hosts:

  • The eG agent software for Linux is available in the eG web site as a tar file and an iAgent script - a pair each for every bit-rate and flavor combination of Linux. You can download the tar file and iAgent script that corresponds to the bit version of the target Linux host from the eG web site, and manually run the iAgent script on that host to install the eG agent. This approach is ideal if you want to deploy eG for a single organization - i.e., for the Enterprise deployment of eG. To know how to manually install the eG agent on a single Windows host, follow the procedure detailed in the Installing Linux Agents for an Enterprise Deployment of the eG Managertopic.
  • Where the eG manager is installed on-premise, you can automatically push eG agents to multiple Linux hosts at the same time from the eG manager. To know how to achieve this, refer to the Automated Installation of eG Agents in an Enterprise Deploymenttopic. Note that this approach again is ideal for Enterprise deployments of the eG manager.
  • The eG agent software for Linux is provided as a packaged application - one each for the 32-bit and 64-bit versions of Linux. You can download the agent package that corresponds to the target Linux host from the eG manager console, extract the contents of the package to any folder in the target host, and silently run a setup script on that host to install and configure the agent at one shot - i.e., to install the agent and also to configure agent-manager communication. If you are deploying eG Enterprise for SaaS, then it is mandatory that your tenants use this approach to install and configure the eG agents in their environment. To know how to silently install an eG agent on individual Linux hosts, refer to the Installing Linux Agents for a SaaS Deployment of the eG Managertopic.
  • To monitor a cloud infrastructure characterized by numerous Linux hosts, it may be cumbersome and time-consuming to download and silently install eG agents on individual Linux hosts. In such cases, it is best to automate agent installation on multiple Linux hosts using the agent installer. To know how to use the agent installer, refer to the Automated Installation of eG Agents in a SaaS Deploymenttopic. Note that this approach is recommended for SaaS deployments of the eG manager.

Installing Linux Agents for an Enterprise Deployment of the eG Manager

An Enterprise deployment of the eG manager is typically used to monitor only a single organization's IT infrastructure. In this case, it is recommended that the following procedure be used to install eG agents on Linux hosts:

  1. The standard eG agent software for Linux hosts is provided as a tar file. An accompanying script drives the installation process for the eG agent. The names of these tar files and scripts vary according to the different Linux flavors / bit-rates. The table below lists the tar files and the accompanying scripts for each Linux flavor that eG Enterprise supports out-of-the-box:

    Linux Flavor

    Tar File

    Script File

    Red Hat Linux 32-bit

    eGagent_linux.tar

    iAgent_linux

    Red Hat Linux 64-bit, openSUSE, Tru64, CentOS, Fedora, Debian

    eGagent_linux_x64.tar

    iAgent_linux_x64

    SCO Unix

    eGagent_linux.tar

    iAgent_sco_unix

    FreeBSD

    eGagent_linux.tar

    iAgent_freebsd

    Linux on PowerPC LE

    eGagent_linux_ppc64le.tar

    iAgent_linux_ppc64le

    Linux on ARM

    eGagent_linux_arm64.tar

    iAgent_linux_arm64

    You can download the tar file and installation script suitable to your environment from the eG web site. The package for Linux will be available in the LINUX folder.

    If you want to install an eG agent of version 7.2.10 (or above), then login to the target Linux host, and download the package from the LINUX folder in the URL, https://www.eginnovations.com/releases/v<version_number>/. For instance, https://www.eginnovations.com/releases/v7210/.

    Likewise, if you want to install an eG agent of a version below v7.2.10, then download the package from the LINUX folder in the URL, https://www.eginnovations.com/eval<version_number>/. For instance, https://www.eginnovations.com/eval754/.

  2. After downloading, execute the iAgent_linux_* script file, with the eGAgent_Linux_*.tar file located in the same directory as the corresponding script file.

    Note:

    The agent installation must be performed from a super-user account.

  3. Next, specify the user account to be used for executing the eG agent. First enter the name of the eG user. The default value taken is “egurkha”.

    This script will install the eG agent. The eG agent must be installed and executed by a separate user. If you have installed the eG manager on the same system, you must use the same user and the same installation directory for the manager and the agent.

    Enter the name of the eG user [egurkha]:

    Note:

    • If the agent is being installed on the same system as the manager, the eG user configured for the agent should be the same as that used for the manager.

    • You can specify the name of an existing user or a new user here. If you provide the name of a new user, then the eG agent installer will automatically create an eG user with that name. By default, the user account so created will only be a normal user account, and not a service account. Because a service account is more secure, administrators of high-security environments may prefer to use a service account for agent installation and operations, instead of a normal account. Such administrators can do the following:

      • Start the agent installation process by running the following command on a 32-bit Linux host:

        iAgent_linux -s

        On 64-bit Linux hosts, run the following command:

        iAgent_linux_x64 -s

      • When prompted for a user name, specify the name of the eG user account you want the installer to create. Once you provide a user name, the installer will automatically create a service account with that name.
      • Then, proceed with the installation as described by steps 3 to 8 below.

  4. Then, enter the group with which the eG user is to be associated. The default value taken is “egurkha”. The installation will attempt to create the user account if it does not exist on the system. If you specify an existing user name, then this group prompt will not appear.

    Enter the group to which the eG user is to be associated [egurkha]:

  5. Next enter the path to the directory in which the eG agent will reside. The default base directory for the eG agent is /opt. A subdirectory named egurkha will be created under the base directory. If the base directory is not /opt, a symbolic link will be created from the egurkha subdirectory of the base directory to /opt/egurkha.

    Enter the directory in which the eG agent should be installed [/opt]:

  6. The install process will now request the user to confirm installation of the auto-restart feature. This feature will enable the agent to start automatically every time the system hosting the agent reboots. Now, press y to install the auto-restart feature, or n to proceed without installing the same.

    Would you like the eG agent to auto-restart on system boot-up? y/n [n] :

  7. If the agent is installed on the same system as the manager some common files need not be reinstalled.

    The following files are already installed on the system and are being used by another package: Do you want to install these conflicting files [y,n,?,q] n         

  8. As in the case of the eG manager, the agent package contains components that need to be installed with the set-uid permissions set. These components must be installed for the agent to function properly. Following this step, the eG agent components are extracted and stored.

  9. Then, the following message will be displayed depicting the success of the installation.

    The eG agent has been successfully installed! Please login as <eG user name> and run the script /opt/egurkha/bin/setup_agent to configure the agent.

  10. After the agent is deployed on the target Linux host successfully, the installation script automatically checks if the SELinux security module is 'Enforced' on that host. Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies. On a Linux host, SELinux can run in one of the three modes: disabled, permissive, or enforcing. Enforcing mode is the default, and recommended mode of operation. In the Enforcing mode, SELinux implements Mandatory Access Control (MAC). Every process and system resource has a special security label called a SELinux context. A SELinux context, sometimes referred to as a SELinux label, is an identifier which abstracts away the system-level details and focuses on the security properties of the entity. The SELinux policy uses these contexts in a series of rules which define how processes can interact with each other and the various system resources. By default, the policy does not allow any interaction unless a rule explicitly grants access.

    SELinux contexts have several fields: user, role, type, and security level. The SELinux type information - also known as SELinux domain - is perhaps the most important when it comes to the SELinux policy, as the most common policy rule which defines the allowed interactions between processes and system resources uses SELinux types/domains and not the full SELinux context. SELinux types/domains usually end with _t. For example, the type/domain name for the web server is httpd_t.

    If the installation script finds that SELinux is in the Enforcing mode on the target host, it allows users the option to run the eG agent as a 'confined process' on that host. When a process is confined, it runs in its own domain, such as the httpd process running in the httpd_t domain. If a confined process is compromised by an attacker, depending on SELinux policy configuration, an attacker's access to resources and the possible damage they can do is limited.

    Would you like the eG agent to be run as a confined process? y/n [n] :

     

    To run the eG agent as a confined process, type y at the prompt above. If this is done, then the egagent process will run in its own secure domain. To this effect, the installation script will automatically build a access control policy, which will assign a special 'security label' or 'SELinux Context' to the eG agent process. This label is: egagent_se. The agent process so labeled will run within the egagent_se_t domain.

    Note:

    If the eG agent installation script discovers that the SELinux security model is either in the disabled or permissive mode on the target Linux host, it will simply proceed to run the eG agent as an unconfined process. In other words, the prompt you see at step 10 above will not even appear, and the installation process will end at step 9.

  11. To auto-create a security policy and assign a label to the agent process, the eG agent installation script uses the following packages on the target host:

    • sepolicy

    • rpmbuild

    Typically, these packages will pre-exist on Linux hosts where SELinux is enforced. However, if for some reason, either or both of these packages are not available on the target host, then the installation script will not run the eG agent as a confined process. In this case therefore, after you press y at the prompt above, the confined process creation will fail with messages similar to the following:

    rpmbuild package needs to be installed to proceed to setup the eG agent as a confined process.

    sepolicy package needs to be installed to proceed to setup the eG agent as a confined process.

    If you still want to run the eG agent as a confined process, then, you will have to terminate the agent installation, install the missing package(s), and start installing the eG agent all over again.

  12. With that, the agent installation process ends.

If you install an eG agent using the procedure discussed above, then you will have to run a setup procedure later to configure agent-manager communication. To know how setup the eG agent, refer to the Configuring the eG Agent on Unix topic.

Note:

To install the eG agent on Tru64/FreeBSD/CentOS/openSUSE operating systems also, you will have to use the standard Linux package, and follow the installation procedure discussed above.

Installing Linux Agents for a SaaS Deployment of the eG Manager

As stated earlier, where eG Enterprise needs to support multiple tenants - eg., MSP environments with multiple customers, enterprises with multiple departments/domains - the individual tenants should use only this approach to deploy the eG agent on the Linux hosts in their specific environments.

A key pre-requisite of this approach is that the eG manager should already be deployed and running.

The tenant can now proceed to install the eG agent using the procedure discussed hereunder:

  1. First, click the Get Started Now link in Figure 1.

    Simple steps to get started with eG Enterprise

    Figure 1 : Getting started with eG Enterprise

  2. In the page that appears next, click on the icon in the left panel to open Figure 2. Here, click on the option that represents the component / infrastructure group that you want to monitor. To monitor a Linux host, select the Operating Systems option in Figure 2.

    Slection of component for monitoring

    Figure 2 : Choosing what you want to monitor

  3. Figure 3 will then appear. The tiers that you can monitor in a Citrix infrastructure will be listed. To download and install eG agents on any of the listed tiers, click on Download and install the eG agent link in Figure 3.

    Figure 3 : Downloading and installing an eG

  4. Figure 4 will then appear prompting you to confirm if the eG monitors need to communicate with the eG manager via a proxy server. Click Yes to confirm the use of a proxy server, and No if you do not want to use a proxy server. Then, click the Submit button.

    Configuration of Proxy server details

    Figure 4 : Choosing how the eG agents should communicate with the eG manager

  5. If the Yes option is chosen in Figure 5, then Figure 5 will appear. Here, you need to provide the details of the proxy server used for agent-manager communication.

    Configuration of Agent-Manager communication via proxy server

    Figure 5 : Configuring agent-manager communication via a proxy server

  1. Specify the following in Figure 5:

    • Proxy Server IP/Hostname: Mention the IP address/hostname of the proxy server used for agent-manager communication.
    • Proxy Server Port: Specify the port number at which the proxy server listens.
    • Does the proxy server require authentication?: Indicate whether/not the proxy server requires authentication. Select the No option if authentication is required, and Yes if it is.
    • Username, Password, and Confirm Password: If the proxy server requires authentication, then provide the credentials of a valid proxy server user against the Username and Password text boxes. Confirm the password by retyping it in the Confirm Password text box.

    • Finally, click the Submit button to confirm the proxy server specifications and proceed with the downloading of the eG agent.

  2. Figure 6 will appear.

    Figure 6 : Downloading the eG monitor

  3. Figure 6 allows you the flexibility to choose an Installation Method. An agent can be installed using any of the following methods:

    • Using a downloaded ZIP/TAR file package

    • Using the Command line

    • Using the Agent Installer

    The Installation Method you choose will determine the course of the installation process. The sub-sections below will discuss each of these methods in detail.

Using the ZIP/TAR Package

To use this option, follow the steps below:

  1. First, download the ZIP/TAR file that includes the eG agent installable from the eG manager to your local host. For this, login to the system hosting the eG manager.

  2. From a browser, connect to the URL: https://www.eginnovations.com/eval<latest_version>/AgentPackages

  3. In this location, you will find a set of zip files. Each zip file is an agent package that corresponds to every operating system on which an eG agent can be installed.

  4. Download the agent packages / zip files that correspond to the Linux hosts in your tenant's environment, to any folder on the eG manager host.

  5. Copy the downloaded packages to the <EG_MANAGER_INSTALL_DIR>\agents\Universal\Latest folder.

  6. Then, login to the eG management console as a user with administrative rights.

  7. Navigate to Figure 6 as described in the previous section, and set Installation Method as Downloadable Package.

  8. Then, to install an eG agent on a Linux host, select Linux from the Operating System drop-down.

  9. From the Linux packages listed in Figure 7, click on the package that you wish to download.

    Figure 7 : Selecting the Linux package to be installed

  10. If the host to which you have downloaded the package is the target Linux host for agent installation, then login to that Linux host as a root user. On the other hand, if you want to install the eG agent on a host different from the one to which the package has been downloaded, then first copy the agent package to any location on the target Linux host. Then, login to that host as a root user.

  11. Then, open the Shell prompt, and switch to the folder to which the Linux package has been downloaded/coped. Next, extract the contents of the file by running the following commands, one after another:

    chmod 750 *.tar.gz

    gunzip *.tar.gz

    tar -xvf *tar

    chmod 750 ./setup.sh

    Note:

    The * (asterisk) in the above commands could be one of these: eGAgent_linux, eGAgent_linux_x64, eGAgent_linux_x64_arm, eGAgent_linux_x64_ppc

  1. Figure 8 depicts the files that will be extracted from the zipped file.

Figure 8 : The contents extracted from the agent package zip file

  1. As is evident from Figure 8, the following files are extracted:

    • eGAgent_Linux_<bitrate>_<flavor>: This is the eG agent installable (tar file) that corresponds to the bit rate and flavor ARM / PPC LE) of the target Linux host.
    • iAgent_linux_<bit_rate>: This is the accompanying script that drives the installation process for the eG agent
    • setup.sh: This is the script that drives the silent installation of the eG agent. Running setup invokes the eG agent executable and silently installs the agent on the target host.

    • eg_uaid: In a multi-tenant setup, once a tenant - eg., a user representing a customer / a department / a domain - registers with eG Enterprise to use its monitoring services, eG automatically generates a unique UAID and assigns the same to that tenant. If that tenant later logs into the eG management console using the registered credentials (email ID and password) and downloads the agents, each agent so downloaded is automatically tagged with that UAID. The downloaded agents, once installed and configured, will automatically start discovering applications on their respective hosts. eG Enterprise auto-manages the discovered applications and auto-assigns them to the user who has the same UAID as the eG agent that discovered these applications. The eg_uaid file contains the UAID of the tenant who downloaded agent packages from the eG management console; this is the same UAID that will be assigned to each agent installed by that tenant.

  2. Next, to install the eG agent on a Linux host silently, open the Shell prompt on the target host and switch to the folder to which the contents of the zip file have been extracted.

  3. Run the setup.sh file by issuing the following command at the prompt:

    ./setup.sh

  4. This will automatically install an eG agent on the target Linux host. This eG agent will automatically report metrics to the eG manager from which the agent package was downloaded. Also, the hostname of such an agent is automatically set as its nick name.

Note:

In a multi-tenant setup, a hostname may not be unique across tenant environments. To avoid nick name duplication, eG Enterprise automatically employs the following algorithm when assigning nick names:

  • At the time of setting the hostname of an agent host as its nick name, eG first checks if that hostname has already been assigned to any existing agent.
  • If it finds that the hostname has already been taken, then it will attempt to assign the FQDN - the fully qualified domain name - of the agent host as the nick name.
  • In the process, if eG finds that the FQDN is also in use, then it will break-down the FQDN into smaller strings, and try to assign each of these strings, one after another, to the agent.
  • If all these FQDN strings have already been assigned to other agents, then the eG agent will suffix the hostname of the agent host with the number 0, and try to assign this as the nick name of the eG agent. For instance, if the hostname of the eG agent host is winpc, then the nick name assigned to that agent will be winpc0.

  • If this nick name is also taken, then eG will increment the number 0, which suffixes the hostname, by 1, and will try to assign the resultant string to the eG agent,. This way, eG will keep incrementing the number suffix until an unused string is found. Such a string will finally be assigned to the agent as its nick name.

    In a SaaS deployment, if a tenant manually adds components to be monitored by an eG agent, then that agent's nick name should only be added as the nick name of each of those components.

Using the Command Line to Install an eG Agent

For this, you need to execute the Curl command that eG Enterprise provides, the Linux Shell of the target host. The command will automatically install and start the eG agent on that host. Also, the agent will be automatically configured to report to the cloud manager.

To install the eG agent on Linux using the eG-provided Curl command, do the following:

  1. In Figure 9, set Command Line as the Installation Method.

  2. Then, pick Linux as the Operating System.

  3. Next, pick the Linux version and bit-rate from the Environment drop-down. The Curl command that corresponds to your specification will then be displayed, as depicted by Figure 9.

    Installation of eG agent on Linux host by running Curl command on target host

    Figure 9 : Installing the eG agent on a Linux host by running a Curl command on the target host

  4. Click on the Copy button below the command to copy it to the clipboard.

  5. Next, open the Shell prompt on the target host, paste the command therein, and run it with root user privileges.

  6. The command, upon execution, will automatically install and start the eG agent on the target host, and will also auto-configure the eG agent to report to the cloud manager. Later, the eG agent so installed, will also automatically discover the environment and auto-manage the discovered components.

  7. Repeat the steps above on each Linux host to install the eG agent on it.

Note:

Before attempting to use the Command line option for agent installation on a Linux host, make sure that curl package exists on the target host.

Using the Agent Installer

You can download, install, and use eG's proprietary Agent Installer to automatically install eG agents on multiple Linux hosts from a centralized interface. To know how to deploy the installer and use it to push eG agents to targets, refer to theAutomated Installation of eG Agents in a SaaS Deploymenttopic.

Note:

  • If a tenant wants to install the eG agent on Tru64/FreeBSD/CentOS/openSUSE operating systems also, they will have to use the same installation procedure discussed above.

  • In a SaaS deployment, if you download and install the eG agent on a SELinux-enforced Linux hostusing the procedure described above, then the setup.sh script will automatically attempt to run the eG agent as a 'confined process' after installation. However, this attempt will succeed only if the sepolicy and rpmbuild packages pre-exist on the target host. If either one or both of these packages are unavailable for any reason, then setup will automatically run the eG agent as an 'unconfined' process only, even if the SELinux security module is in the 'Enforcing mode' on that host.