Help Center/ Log Tank Service/ User Guide/ Host Management/ Managing Hosts/ Installing ICAgent (Non-Huawei Cloud Hosts) (Non-Cloud Hosts)
Updated on 2024-02-28 GMT+08:00

Installing ICAgent (Non-Huawei Cloud Hosts) (Non-Cloud Hosts)

ICAgent is a log collection tool for LTS. To use LTS to collect logs from extra-region hosts, you need to install ICAgent on the hosts.

Prerequisites

Ensure that the time and time zone of your local browser are consistent with those of the host to install ICAgent. If they are inconsistent, errors may occur during log reporting.

Restrictions

  • Linux: ICAgent can only be installed on hosts running the Linux OSs listed in OS Usage Restrictions.
  • Windows: ICAgent can only be installed on hosts running the following 64-bit Windows OSs:
    Windows Server 2016 R2 Datacenter
    Windows Server 2016 R2 Standard
    Windows Server 2016 Datacenter English
    Windows Server 2016 R2 Standard English
    
    Windows Server 2012 R2 Datacenter
    Windows Server 2012 R2 Standard
    Windows Server 2012 Datacenter English
    Windows Server 2012 R2 Standard English
    
    Windows Server 2008 R2 Enterprise
    Windows Server 2008 R2 Standard
    Windows Server 2008 Enterprise English
    Windows Server 2008 R2 Standard English

    ICAgent installed on Windows hosts cannot be upgraded or uninstalled on the Host Management page. To use a newer ICAgent version, uninstall the original one and then install the newer version.

Installation Methods

There are two methods to install ICAgent.

Table 1 Installation methods

Method

Scenario

Initial installation

You can use this method to install ICAgent on a host that has no ICAgent installed.

Inherited installation (supported only for Linux hosts)

When ICAgent has already been installed on one host but needs to be installed on multiple hosts, you can use this method.

Initial Installation (Linux)

Before installing ICAgent on a host not in this region, apply for an ECS as a jump server on the ECS console. For details, see Using Multiple Jump Servers.

The minimum specifications for the ECS are 1 vCPU and 1 GB of memory. The recommended specifications are 2 vCPUs and 4 GB of memory. You are advised to use an image of CentOS 6.5 64bit or later version.

  1. Apply for an ECS in the current region as a jump server. Modify the security group rules used by the jump server.

    1. On the ECS details page, click the Security Groups tab.
    2. Click a security group name and click Modify Security Group Rule in the upper right corner.
    3. On the security group details page, click the Inbound Rules tab and then click Add Rule. On the page displayed, add a security group rule based on Table 2.
      Table 2 Security group rule

      Direction

      Protocol

      Port

      Description

      Inbound

      TCP

      8149, 8102, 8923, 30200, 30201, and 80

      ICAgent will send data to the jump server through the listed ports.

      Open the inbound ports 8149, 8102, 8923, 30200, 30201, and 80 to ensure that data can be transmitted from the host not in this region to the jump server.

  2. Log in to the LTS console and choose Host Management in the navigation pane on the left.
  3. Click Install ICAgent in the upper right corner.
  4. Set OS to Linux.
  5. Set Host to Non-CLOUD host.
  6. Open the forwarding ports on the jump server.

    1. Enter the private IP address of the jump server and generate an SSH tunneling command, as shown in the following figure.
      Figure 1 Entering the private IP address of the jump server

      The private IP address of the jump server refers to the internal IP address of the Virtual Private Cloud (VPC) where the jump server is located.

    2. Click Copy Command.
    3. Log in to the jump server as user root and run the SSH tunneling command:
      ssh -f -N -L {Jump server IP address}:8149:{ELB IP address}:8149 -L {Jump server IP address}:8102:{ELB IP address}:8102 -L {Jump server IP address}:8923:{ELB IP address}:8923 -L {Jump server IP address}:30200:{ELB IP address}:30200 -L {Jump server IP address}:30201:{ELB IP address}:30201 -L {Jump server IP address}:80:icagent-{Region}.obs.{Region}.myhuaweicloud.com:80 {Jump server IP address}

      Enter the password of user root as prompted.

    4. Run the netstat -lnp | grep ssh command to check whether the corresponding TCP ports are being listened to. If the command output similar to Figure 2 is returned, the ports are open.
      Figure 2 Open TCP ports
      • Enter http://IP address of the jump server ECS in the address box of the browser. If the access is successful, the security group rule has taken effect.
      • If the jump server is powered off and restarted, run the preceding commands again.

  7. Obtain the AK/SK pair and specify the DC and the jump server connection IP address.

    Figure 3 Obtaining the AK/SK pair
    • DC: Specify a name for the data center of the host so it is easier to find the host.
    • Connection IP: For EIP connection, use the EIP of the jump server. For VPC peer connection, use the internal IP address of the VPC where the jump server locates.

  8. Copy the ICAgent installation command.

    Figure 4 Copying the ICAgent installation command

  9. Log in as user root to the host which is deployed in the region same as that you are logged in to (for example, by using a remote login tool such as PuTTY) and run the copied command.

    • When the message ICAgent install success is displayed, ICAgent has been installed in the /opt/oss/servicemgr/ directory of the host. You can then view the ICAgent status by choosing Host Management in the navigation pane of the LTS console and then clicking Hosts.
    • If the installation fails, uninstall ICAgent and reinstall it. If the reinstallation fails, contact technical support.

Using Multiple Jump Servers

You can use multiple jump servers to prevent the risk of single point of failures and improve access reliability.

  1. Create a Linux ECS that as a jump server.

    Configure the CPU and memory based on the service requirements. The recommended specifications are 2 vCPUs and 4 GB of memory, or above.

  2. Log in to the jump server as use root and use the internal IP address of the jump server to create an SSH tunnel.

    1. On the ECS console, locate the jump server and obtain its private IP address.
      Figure 5 Obtaining the private IP address
    2. On the LTS console, choose Host Management in the navigation pane, and click Install ICAgent in the upper right corner. In the dialog box displayed, select Linux for OS, select Non-CLOUD host for Host, and enter the private IP address to generate the SSH tunneling command. Log in to the jump server and run the command to create an SSH tunnel.
      Figure 6 Creating an SSH tunnel

  1. If there are multiple jump servers, repeat 2 and add them to the same VPC. When creating an ECS, select the same VPC for Network.

    Figure 7 Creating an ECS

  2. Create a load balancer. For details, see Creating a Dedicated Load Balancer. When creating the load balancer, you should:

    1. Select the same VPC as that of the jump servers.
    2. Create an EIP for connecting to the jump servers.
    3. Apply for the bandwidth based on the service requirements.

  3. Add listeners for TCP ports 30200, 30201, 8149, 8923, and 8102. For details, see Adding a TCP Listener.
  4. Add all jump servers to the backend server group. For details, see Adding Backend Servers.

Inherited Installation (Linux)

Let's assume that you need to install ICAgent on multiple hosts, and one of the hosts already has ICAgent installed. The ICAgent installation package, ICProbeAgent.tar.gz, is in the /opt/ICAgent/ directory. You can follow the directions below to install ICAgent on other hosts one by one.

  1. Run the following command on the host where ICAgent has been installed, where x.x.x.x is the IP address of the host you want to install ICAgent on.

    bash /opt/oss/servicemgr/ICAgent/bin/remoteInstall/remote_install.sh -ip x.x.x.x

  2. Enter the password for user root of the host when prompted.
    • If the Expect tool is installed on the host that has ICAgent installed, the ICAgent installation should be able to complete without prompting you for a password. Otherwise, enter the password as prompted.
    • Ensure that user root can run SSH or SCP commands on the host where ICAgent has been installed to remotely communicate with the remote host to install ICAgent.
    • When the message ICAgent install success is displayed, ICAgent has been installed in the /opt/oss/servicemgr/ directory of the host. You can then view the ICAgent status by choosing Host Management in the navigation pane of the LTS console and then clicking Hosts.
    • If the installation fails, uninstall ICAgent and reinstall it. If the reinstallation fails, contact technical support.

Batch Inherited Installation (Linux)

Let's assume that you need to install ICAgent on multiple hosts, and one of the hosts already has ICAgent installed. The ICAgent installation package, ICProbeAgent.tar.gz, is in the /opt/ICAgent/ directory. You can follow the directions below to install ICAgent on other hosts in batches.

  • The hosts must all belong to the same Virtual Private Cloud (VPC) and be on the same subnet.
  • Python 3.* is required for batch installation. If you are prompted that Python cannot be found during ICAgent installation, install Python of a proper version and try again.

Prerequisites

The IP addresses and passwords of all hosts to install ICAgent have been collected, sorted in the iplist.cfg file, and uploaded to the /opt/ICAgent/ directory on the host that has ICAgent installed. Each IP address and password in the iplist.cfg file must be separated by a space, as shown in the following example:

192.168.0.109 Password (Replace the IP address and password with the actual ones)

192.168.0.39 Password (Replace the IP address and password with the actual ones)

  • The iplist.cfg file contains sensitive information. You are advised to clear it after using it.
  • If all hosts share a password, list only IP addresses in the iplist.cfg file and enter the password manually during execution. If one of the hosts uses a different password, type the password behind its IP address.

Procedure

  1. Run the following command on the host that has ICAgent installed:

    bash /opt/oss/servicemgr/ICAgent/bin/remoteInstall/remote_install.sh -batchModeConfig /opt/ICAgent/iplist.cfg

    Enter the default password for user root of the hosts to install ICAgent. If the passwords of all hosts have been configured in the iplist.cfg file, press Enter to skip this step.

    batch install begin
    Please input default passwd:
    send cmd to 192.168.0.109
    send cmd to 192.168.0.39
    2 tasks running, please wait...
    2 tasks running, please wait...
    2 tasks running, please wait...
    End of install agent: 192.168.0.39
    End of install agent: 192.168.0.109
    All hosts install icagent finish.

    If the message All hosts install icagent finish. is displayed, ICAgent has been installed on all the hosts listed in the configuration file.

  2. You can then view the ICAgent status by choosing Host Management in the navigation pane of the LTS console and then clicking Hosts.