Frequently Asked Questions
This section addresses common questions about PATROL for AIX.
PATROL for UNIX and Linux and PATROL for AIX co-existence and attribute mapping
Can PATROL for UNIX and Linux and PATROL for AIX co-exist together?
Yes, PATROL for AIX 1.1.20 and PATROL for UNIX and Linux can co-exist together.
Which PATROL for UNIX and Linux attributes are present in PATROL for AIX?
The following tables list the attribute mapping of PATROL for UNIX and Linux and PATROL for AIX.
In PATROL for AIX, which CPU attributes are active in LPAR and WPAR?
| Parameter | Dedicated Logical Partition | Shared - Uncapped Logical Partition | Workload Partition |
|---|---|---|---|
| ActualUsedCores | Y | Y | |
| AllocWait | Y | Y | |
| AllocIdle | Y | Y | |
| UsedCores | Y | Y | Y |
| VoluntaryContextSwitches | Y | Y | |
| IdleDonated | Y | ||
| IdleStolen | Y | ||
| UtilizationPerVirtualCPU | Y | Y | |
| EntitlementUtilization | Y | Y | |
| PoolEntitlementUtilization | Y | ||
| PoolUtilization | Y | ||
| PhysicalUtilization | Y | Y | Y |
| IOWaitTime | Y | Y | |
| ContextSwitches | Y | Y | Y |
| Interrupts | Y | Y | Y |
| RunQueueSize | Y | Y | Y |
| Load | Y | Y | Y |
| IdleTime | Y | Y | |
| UserTime | Y | Y | Y |
| SystemTime | Y | Y | Y |
| Utilization | Y | Y | Y |
User access
Why should I add the user in adm group?
The KM uses sar command to collect the CPU, Memory and Kernel attribute information. This command must be a part of the adm group. The changes applied in the groups file are not picked dynamically.
After you modify the groups file perform the following:
- Disconnect and reconnect the host
- Stop and restart the PATROL Agent
Device Hierarchy and FQDN
Why is the HMC device hierarchy incorrect in TrueSight?
DNS must be enabled to obtain correct hierarchy of HMC, Managed Systems, and Partitions.
The nslookup command must work on Partitions and Managed Systems from the PATROL Agent. nslookup is always performed on the display name or IP address of the Partition that is received from the HMC. If the nslookup fails to get the FQDN, display name is used to form the device. If you want the devices to be identified using a different name, see How can I provide the FQDN details if the DNS is not configured? question.
How can I provide the FQDN details if the DNS is not configured?
For Logical Partitions (Lpar) in HMC monitoring:
Use the /LPARHostFQDN/<lpar display name> pconfig variable to provide the FQDN details. The format of the value is hostname.domain
Example: For test1 lpar, the value is:
/LPARHostFQDN/test1 = test1.testdomain.comFor remote monitoring:
Enter the FQDN after the hostname while configuring the remote host from TrueSight.
Example: For testHost1 remote host, use the following value in the Host Name field:
testHost1;testHost1.testdoamin.com
Remote monitoring scalability
Linux to AIX remote monitoring of 249 remote hosts
Hardware details
| Platform | Processor | Memory |
|---|---|---|
| AIX 7.1, POWER 7 | 2 | 8 GB |
Setup details
| KM | PATROL Agent | TrueSight |
|---|---|---|
| PATROL for AIX 1.1.20 | PATROL Agent 11.0.00.02 | TrueSight Presentation Server 11.0.00 |
Configuration details
| Monitor Profile | Monitoring option | Selected Monitor types |
|---|---|---|
| Complete | Advanced Monitoring | CPU, SMP, Memory, Disk, Filesystem, SWAP, Process, NFS, Kernel, Users, and Network |
Note
History Retention Period was set to 0 while performing these tests.
Performance and Scalability
Attribute and Instance Count
| Number of instances | Number of attributes |
|---|---|
| 9310 | 66388 |
Resource Utilization
Performance data of PATROL Agent, Remote Execution XPC, and network IO.
| Process | Average CPU (%) | Average Memory (MB) | Network - Total Bytes In and Out (KB/s) |
|---|---|---|---|
| Remote XPC | 0.9 | 21 | 204.19 |
| Data Parser | 8.25 | 86.6 | |
| PATROL Agent | 2.84 | 315 |
Linux to AIX remote monitoring of 325 remote hosts
Hardware details
| Platform | Processor | Memory |
|---|---|---|
| Red Hat Enterprise Linux Server 7.4 (Maipo) | 2 | 4 GB |
Setup details
| KM | PATROL Agent | TrueSight |
|---|---|---|
| PATROL for AIX 1.1.20 | PATROL Agent 11.0.00 | TrueSight Presentation Server 11.0.00 |
Configuration details
| Monitor Profile | Monitoring option | Selected Monitor types |
|---|---|---|
| Complete | Advanced Monitoring | CPU, SMP, Memory, Disk, Filesystem, SWAP, Process, NFS, Kernel, Users, and Network |
Note
History Retention Period was set to 0 while performing these tests.
Performance and Scalability
Attribute and Instance Count
| Number of instances | Number of attributes |
|---|---|
| 16295 | 132094 |
Instance count for each monitor type per remote host configuration
| Monitor type | Number of instances |
|---|---|
| CPU | 16 |
| Processes | 5 |
| Filesystems | 4 |
| Disks | 1 |
| SWAP | 3 |
Resource Utilization
Performance data of PATROL Agent, Remote Execution XPC, and Network IO.
| Process | Average CPU (%) | Average Memory (MB) | Network - Total Bytes In and Out (KB/s) |
|---|---|---|---|
| Remote XPC | 0.9 | 25 | 308.85 |
| Data Parser | 6.05 | 8.4 | |
| PATROL Agent | 33.9 | 627 |
Linux to AIX remote monitoring of 500 remote hosts
Hardware details
| Platform | Processor | Memory |
|---|---|---|
| Red Hat Enterprise Linux Server 6.0 | 2 | 8 GB |
Setup details
| KM | PATROL Agent | TrueSight |
|---|---|---|
| PATROL for AIX 1.1.20 | PATROL Agent 11.0.00 | TrueSight Presentation Server 11.0.00 |
Configuration details
| Monitor Profile | Monitoring option | Selected Monitor types |
|---|---|---|
| Complete | Advanced Monitoring | CPU, Memory, Filesystem, and Network |
Note
History Retention Period was set to 0 while performing these tests.
Performance and Scalability
Attribute and Instance Count
| Number of instances | Number of attributes |
|---|---|
| 14985 | 151308 |
Instance count for each monitor type per remote host configuration
| Monitor type | Number of instances |
|---|---|
| CPU | 16 |
| Filesystems | 4 |
Resource Utilization
Performance data of PATROL Agent, Remote Execution XPC, and Network IO.
| Process | Average CPU (%) | Average Memory (MB) | Network - Total Bytes In and Out (KB/s) |
|---|---|---|---|
| Remote XPC | 3.24 | 36 | 232.18 |
| Data Parser | 3.17 | 10.6 | |
| PATROL Agent | 16.84 | 647 |
Microsoft Windows to AIX remote monitoring of 100 remote hosts
Hardware details
| Platform | Processor | Memory |
|---|---|---|
| Microsoft Windows Server 2016 | 4 | 4 GB |
Setup details
| KM | PATROL Agent | TrueSight |
|---|---|---|
| PATROL for AIX 1.1.20 | PATROL Agent 11.0.00 | TrueSight Presentation Server 11.0.00 |
Configuration details
| Monitor Profile | Monitoring option | Selected Monitor types |
|---|---|---|
| Complete | Advanced Monitoring | CPU, SMP, Memory, Disk, Filesystem, SWAP, Process, NFS, Kernel, Users, and Network |
Note
History Retention Period was set to 0 while performing these tests.
Performance and Scalability
Attribute and Instance Count
| Number of instances | Number of attributes |
|---|---|
| 4388 | 31376 |
Resource Utilization
Performance data of PATROL Agent and Remote Execution XPC
| Process | Average CPU (%) | Average Memory (MB) |
|---|---|---|
| Remote XPC | 0.4 | 22.8 |
| Data Parser | 0.61 | 13.8 |
| PATROL Agent | 9.03 | 228.51 |
Microsoft Windows to AIX remote monitoring of 150 remote hosts
Hardware details
| Platform | Processor | Memory |
|---|---|---|
| Microsoft Windows Server 2016 | 4 | 4 GB |
Setup details
| KM | PATROL Agent | TrueSight |
|---|---|---|
| PATROL for AIX 1.1.20 | PATROL Agent 11.0.00 | TrueSight Presentation Server 11.0.00 |
Configuration details
| Monitor Profile | Monitoring option | Selected Monitor types |
|---|---|---|
| Complete | Standard Monitoring | CPU, Memory, Filesystem, and Network |
Note
History Retention Period was set to 0 while performing these tests.
Performance and Scalability
Attribute and Instance Count
| Number of instances | Number of attributes |
|---|---|
| 4500 | 45000 |
Resource Utilization
Performance data of PATROL Agent and Remote Execution XPC
| Process | Average CPU (%) | Average Memory (MB) |
|---|---|---|
| Remote XPC | 0.4 | 23 |
| Data Parser | 0.64 | 14 |
| PATROL Agent | 9.2 | 250.51 |
Remote monitoring FAQs
What is the role of iakremotexec.xpc in remote monitoring?
PATROL for AIX uses an XPC-based collection mechanism to support monitoring of the remote hosts. The iakremotexec.xpc stand-alone executable communicates with PATROL Agent through standard input (stdin) and output (stdout) channels connected with pipes. The communication between PATROL Agent and the XPC server is handled by the SDK libraries through PSL function calls.
iakremotexec.xpc is an XPC-based SSH2 client that opens sessions with remote hosts, runs commands on those hosts, and returns the output to the PSL collectors. For the PSL collectors, the command execution is transparent and the same PSL collectors work well with the local host and the remote host. The XPC-based SSH2 client has following advantages:
- A single SSH2 client (process) can handle multiple remote sessions simultaneously.
- Multiple system commands can be executed over a single remote session simultaneously.
The XPC-based client is responsible for collecting information from the remote host for the application classes.
Prerequisites and configuration requirements for the remote host
- The SSH2 server must be installed and running.
- The SSH2 server must be configured as follows:
- To configure the remote host for password-based authentication, add the following entry to the SSH2 server configuration (sshd_config) file, if it is not already present:
PasswordAuthentication yes - To configure the remote host for key-based authentication, add the following entry to the SSH2 server configuration (sshd_config) file, if it is not already present:
PubkeyAuthentication yes - To configure a port number on the remote host, add the following entry to the SSH2 server configuration (sshd_config) file, if it is not already present:
Port 22
- To configure the remote host for password-based authentication, add the following entry to the SSH2 server configuration (sshd_config) file, if it is not already present:
You must restart the SSH2 server after making configuration changes.
The following figure illustrates a configuration with multiple remote hosts.
Monitoring configuration with multiple remote hosts
Which authentication mechanisms are used in remote monitoring?
PATROL fo AIX supports the following types of user authentication mechanisms.
Password-based
When you configure a remote host for monitoring, you must provide a user name and a password to access the remote host. PATROL for AIX stores these login credentials in a secure key store. The SSH2 client submits the credentials to the remote host in order to initiate a remote connection. If the credentials are validated successfully, the SSH2 client starts collecting data for the remote host.
To configure the remote host for password-based authentication, add the following entry to the SSH2 server configuration (sshd_config) file, if it is not already present:
PasswordAuthentication yes
Key-based
When you configure a remote host for monitoring, you must provide the public and private key file paths, and the passphrase (if applicable). The key file paths must be absolute paths (for example, /home/user/id_rsa.pub), and the PATROL user must have read permissions to access the key files. PATROL for AIX stores the key file paths in a secure key store.
To configure the remote host for key-based authentication, add the following entry to the SSH2 server configuration (sshd_config) file, if it is not already present:
PubkeyAuthentication yes
Note
The KM stores the file name information and not the public or private key. BMC recommends that you set a passphrase for the private key.
How do I create RSA public and private keys?
An RSA key pair must be generated on the client system. The public portion of this key pair must reside on the servers that the client will access, and the private portion must reside on a secure local area of the client system (by default in the ~/.ssh/id_rsa directory).
The following figure shows the RSA key pair on client and server systems.
RSA key pair on client and server systems
You can generate the keys by using the ssh-keygen utility.
To generate the RSA key pair
- Enter the following command on the client system to create the ~/.ssh directory:
mkdir ~/.ssh - Enter the following command on the client system to change permissions on the ~/.ssh directory:
chmod 700 ~/.ssh - Enter the following command on the client system:
ssh-keygen -q -f ~/.ssh/id_rsa -trsa - Enter the passphrase if required.
- Enter the passphrase again.
The file permissions should be locked to prevent other users from being able to read the key pair data. OpenSSH might also refuse to support public key authentication if the file permissions are too open. These fixes should be done on all systems involved.
To lock file permissions
- Enter the following commands on the client system:
- chmod go-w ~/
- chmod 700 ~/.ssh
- chmod go-rwx ~/.ssh/*
To enable public key authentication
- Copy the public portion of the RSA key pair to the servers that the client will access.
The public key information to be copied should be located in the ~/.ssh/id_rsa.pub file on the client. - Append the public key information to the ~/.ssh/authorized_keys file on the servers.
You can use the scp or ssh-copy-id utility for copying the ID on the server. - Verify that public key connections to the servers work properly by executing the following commands:
- client$ ssh -o PreferredAuthentications=publickey sshServerName
- Enter passphrase for key '/…/.ssh/id_rsa': passphrase
- passphrase
- server$
How to use PuTTYgen for key based authentication?
On Microsoft Windows, PuTTYgen tool creates the keys in ssh.com format by default. These keys must be converted to openssh format.
Remote monitoring configuration using key-based authentication video
Can I use an earlier version of the PATROL Agent?
Yes. You can use any of the earlier PATROL Agent versions supported. BMC recommends you to use the latest version of the PATROL Agent for better performance.
Can I monitor AIX systems from a Microsoft Windows PATROL Agent?
Yes, you can monitor AIX system from a Microsoft Windows computer.
Does each collector have its own dedicated SSH session?
No, all of the collectors for a remote host use the same SSH session.
Is the SSH connection to a remote host persistent?
Yes, a persistent SSH connection is maintained for each remote host being monitored.
Can I change threshold values for a specific remote host instance?
Yes, you can configure threshold values for a specific remote host.
How does TrueSight discover remote hosts?
TrueSight discovers remote host instances as devices.
Are workload parameters in logical partition available in remote monitoring? OR Why are the workload parameters not visible in remote monitoring?
The KM uses perfstat API to retrieve the performance metrics of Workload partition from Logical partition. This restricts the collection mode of these parameters when the PATROL Agent is installed locally on the LPAR.
Which commands are used for monitoring the KM?
- prtconf
- sar (user must be part of
admgroup) - uptime
- lparstat
- vmstat
- mpstat
- iostat
- mpstat
- df
- mount
- ipcs
- getconf PAGE_SIZE
- netstat
- entstat
- who
- lsps
Debug and log information
Where should I look for debug or log monitoring files?
Log location:
- XPC (binaries) - Patrol3/iak/log directory
- Collectors or discovery (PSL processes) - Patrol3/log/trace/<agenthostname>/<port> directory
In Standard Monitoring the KM monitors CPU, Memory, Filesystem, and Network monitor types.
Online help
Will online help be available for KMs?
Online help will not be available from the following Consoles:
- PATROL Central Operator – Microsoft Windows Edition
- PATROL Central Operator – Web Edition
- PATROL Console for Microsoft Windows
- PATROL Console for UNIX.
However, online Help will continue to be available from the TrueSight Operations Management Console and BMC Central Monitoring Administration.
How can I access the online help?
You can access the online help from the TrueSight Operations Management console and the Central Monitoring Administration. For complete product documentation, refer to the KM documentation on docs.bmc.com.
What kind of offline documentation can I get?
KM documentation is available in PDF format.
How do I access the documentation PDF?
You can access the offline documentation from the following locations:
- Product documentation is available in PDF format along with the installation files on the EPD site.
- PDFs are also available on the PDFs and videos page of the respective KM documentation on docs.bmc.com
Note
Ready-made PDFs are created for new releases and service packs at the time of their release. Although these PDFs contain all topics, the content of some topics is better suited for online viewing.
Comments
Log in or register to comment.