Preparing for installation
Installation of TrueSight Automation Console requires you to complete these preinstallation tasks. You can download the installation files from the BMC Electronic Product Distribution (EPD) site.
Setting up your installation environment
Complete the following tasks to set up your environment:
- Ensure that the target computer meets the system requirements.
For more information, see System requirements. - Ensure that the servers on which you want to install the application and database are in the same time zone.
Install a compatible TrueSight Server Automation version.
Note
BMC recommends that you install the Automation Console and TrueSight Server Automation on different hosts.
For more information, see System requirements.
Set up Docker in an internet-enabled environment.
OR
Set up Docker in an air-gapped environment.Note:
To avoid docker network conflicts, do not install TrueSight Automation Console and TrueSight Vulnerability Management on the same docker host.
If you want to install using a non-root user, ensure that the user has read and write permissions to the installation directory. This user must also be a part of the docker user group on the host.
- If installing the database (containerized) and the application on different hosts, ensure that the Docker registry is created on each host.
If using an external PostgreSQL database, ensure that it is installed (along with the
PostgresSQL contribmodules) and is running.
Setting up Docker in an internet-enabled environment
This section provides sample procedures for installing the Docker Community Edition (CE) on CentOS and the Docker Enterprise Edition (EE) on Red Hat Linux Enterprise (RHEL). Commands might vary for other operating system and Docker edition combinations.
Note
- Docker CE is not supported on RHEL. Therefore, the following operating system and Docker Edition combinations are supported: Docker CE on a CentOS system and Docker EE on an RHEL system
For information about the supported operating system and Docker versions, see System requirements. - While setting up Docker in an internet-enabled or an air-gapped environment, the location where Docker is to be installed must have at least 50 GB storage space.
To set up Docker CE on a CentOS computer
Add a Docker repository to your system required to install Docker:
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repoInstall Docker Community Edition:
sudo yum -y install docker-ce device-mapper-libs device-mapper-event-libsStart the Docker daemon:
systemctl start dockerEnable the Docker services:
systemctl enable docker.serviceDownload Docker compose:
sudo curl -L https://github.com/docker/compose/releases/download/1.19.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-composeImportant
After you download Docker compose, ensure that /usr/local/bin/ is added to the PATH variable.
Grant the required permissions to Docker compose:
sudo chmod +x /usr/local/bin/docker-composeCreate a local Docker registry to manage Docker images, as follows:
Download the TSAC<versionNo>-IMAGES-LIN64.zip file from the BMC Electronic Products Distribution (EPD).
Create a directory on the Docker host (for example, /opt/tsac_<version>/dockerrepo) and extract the TSAC<versionNo>-IMAGES-LIN64.zip into the directory.
Ensure that the file system size of this directory is at least 10 GB. BMC recommends that you use version numbers while creating a directory to identify mapped locations for different versions. For example, /opt/tsac_20_08/dockerrepoRun the following command to log in to Docker using your Docker Hub username and password:
docker login Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one. Username:<Enter a username> Password:<Enter a password>Note
From November 2020, Docker has limited the number of Anonymous and Free Docker Hub users to 100 and 200 container image pull requests per six hours. While installing or upgrading TrueSight Automation Console, you may encounter an error message,
toomanyrequests: You have reached your pull rate limit. You may increase the limit by authenticating and upgrading: https://www.docker.com/increase-rate-limit.
To prevent this issue, you must log in to your Docker Hub account before creating the local registry. For details, see Troubleshooting installation and upgrade issues.Run the following command to create the local Docker registry. Replace
<Directory>with the complete path of the directory that you created in step b. If there are multiple Docker hosts, repeat this step on all hosts.docker run -d \ -p 5000:5000 \ --restart=always \ --name registry \ -v <Directory>:/var/lib/registry \ registryFor example,
docker run -d \ -p 5000:5000 \ --restart=always \ --name registry \ -v /opt/tsac_<version>/dockerrepo:/var/lib/registry \ registryThis command creates a local Docker registry on port 5000.
Note
If installing the containerized database and the application on different hosts, you must create a local registry on each host.
Verify that Docker images have been pulled successfully by running the following command:
curl http://localhost:5000/v2/_catalogAlternatively, you can verify by using the http://localhost:5000/v2/_catalog URL in a browser.
If successful, the command returns the following output (contains 24 repositories):
{"repositories":["bmcsoftware/elasticsearch","bmcsoftware/postgres","bmcsoftware/truesight-app-drw","bmcsoftware/truesight-app-patch-manager-core","bmcsoftware/truesight-app-patch-manager-portal","bmcsoftware/truesight-catalog-service","bmcsoftware/truesight-common-discovery-onprem-connector","bmcsoftware/truesight-common-exceptions-service","bmcsoftware/truesight-common-itil","bmcsoftware/truesight-common-login","bmcsoftware/truesight-common-tenant-onboarding-utility","bmcsoftware/truesight-common-tso-connector","bmcsoftware/truesight-common-tssa-connector","bmcsoftware/truesight-connectors-service","bmcsoftware/truesight-identitymanagement-service","bmcsoftware/truesight-infra-ext-redis","bmcsoftware/truesight-organization-service","bmcsoftware/truesight-platform-portal","bmcsoftware/truesight-policy-service","bmcsoftware/truesight-resource-service","bmcsoftware/truesight-stack-manager","bmcsoftware/truesight-tssp-nginx","bmcsoftware/truesight-users-service","bmcsoftware/truesight-workmanager-service"]}
To set up Docker EE on an RHEL computer
To install Docker EE, you need the URL of the Docker EE repository associated with your trial or subscription, as follows:
Go to https://store.docker.com/my-content. All of your subscriptions and trials are listed.
Click the Setup button for Docker Enterprise Edition for Red Hat Enterprise Linux.
- Copy the URL from Copy and paste this URL to download your Edition and save it for later use.
Export the Docker URL:
sudo export DOCKERURL="<DOCKER-EE-URL>"DOCKER-EE-URL is the URL that you have obtained in step 1.
Store the value of the variable,
DOCKERURL(from the previous step), in a yum variable in /etc/yum/vars/:sudo -E sh -c 'echo "$DOCKERURL/rhel" > /etc/yum/vars/dockerurl'Store your OS version string in
/etc/yum/vars/dockerosversion. If you are using version 7.2, type the exact version.sudo sh -c 'echo "7" > /etc/yum/vars/dockerosversion'Install the required packages. The
yum-utilspackage provides the yum-config-manager utility. The device-mapper-persistent-data and lvm2 packages are required by the devicemapper storage driver:sudo yum install -y yum-utils device-mapper-persistent-data lvm2Enable the extras RHEL repository. This ensures access to the container-selinux package required by docker-ee.
sudo yum-config-manager --enable rhel-7-server-extras-rpmsAdd the Docker repository to your system required to install Docker EE:
sudo yum-config-manager --add-repo "$DOCKERURL/rhel/docker-ee.repo"Install the Docker EE:
sudo yum -y install docker-ee device-mapper-libs device-mapper-event-libsStart the Docker daemon:
systemctl start dockerEnable the Docker services:
systemctl enable docker.serviceDownload and install docker compose:
sudo curl -L https://github.com/docker/compose/releases/download/1.19.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-composeAfter you download docker compose, add /usr/local/bin/ to the PATH variable.
Grant the required permissions to docker compose:
sudo chmod +x /usr/local/bin/docker-composeCreate a local Docker registry to manage Docker images, as follows:
Download the TSAC<versionNo>-IMAGES-LIN64.zip file from the BMC Electronic Products Distribution (EPD).
Create a directory on the Docker host (for example, /opt/tsac_<version>/dockerrepo) and extract the TSAC<versionNo>-IMAGES-LIN64.zip into the directory.
Ensure that the file system size of this directory is at least 10 GB. BMC recommends that you use version numbers while creating a directory to identify mapped locations for different versions. For example, /opt/tsac_20_08/dockerrepoRun the following command to log in to Docker using your Docker Hub username and password:
docker login Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one. Username:<Enter a username> Password:<Enter a password>Note
From November 2020, Docker has limited the number of Anonymous and Free Docker Hub users to 100 and 200 container image pull requests per six hours. While installing or upgrading TrueSight Automation Console, you may encounter an error message,
toomanyrequests: You have reached your pull rate limit. You may increase the limit by authenticating and upgrading: https://www.docker.com/increase-rate-limit.
To prevent this issue, you must log in to your Docker Hub account before creating the local registry. For details, see Troubleshooting installation and upgrade issues.Run the following command to create the local Docker registry. Replace
<Directory>with the complete path of the directory that you created in step b. If there are multiple Docker hosts, repeat this step on all hosts.docker run -d \ -p 5000:5000 \ --restart=always \ --name registry \ -v <Directory>:/var/lib/registry \ registryFor example,
docker run -d \ -p 5000:5000 \ --restart=always \ --name registry \ -v /opt/tsac_<version>/dockerrepo:/var/lib/registry \ registryThis command creates a local Docker registry on port 5000.
Note
If installing the containerized database and the application on different hosts, you must create a local registry on each host.
Verify that Docker images have been pulled successfully by running the following command:
curl http://localhost:5000/v2/_catalogIf successful, the command returns the following output (contains 24 repositories):
{"repositories":["bmcsoftware/elasticsearch","bmcsoftware/postgres","bmcsoftware/truesight-app-drw","bmcsoftware/truesight-app-patch-manager-core","bmcsoftware/truesight-app-patch-manager-portal","bmcsoftware/truesight-catalog-service","bmcsoftware/truesight-common-discovery-onprem-connector","bmcsoftware/truesight-common-exceptions-service","bmcsoftware/truesight-common-itil","bmcsoftware/truesight-common-login","bmcsoftware/truesight-common-tenant-onboarding-utility","bmcsoftware/truesight-common-tso-connector","bmcsoftware/truesight-common-tssa-connector","bmcsoftware/truesight-connectors-service","bmcsoftware/truesight-identitymanagement-service","bmcsoftware/truesight-infra-ext-redis","bmcsoftware/truesight-organization-service","bmcsoftware/truesight-platform-portal","bmcsoftware/truesight-policy-service","bmcsoftware/truesight-resource-service","bmcsoftware/truesight-stack-manager","bmcsoftware/truesight-tssp-nginx","bmcsoftware/truesight-users-service","bmcsoftware/truesight-workmanager-service"]}
Setting up Docker in an air-gapped environment
This section provides sample procedures for installing the Docker Community Edition (CE) on CentOS and the Docker Enterprise Edition (EE) on Red Hat Linux Enterprise (RHEL). Commands might vary for other operating system and Docker edition combinations.
To set up Docker CE on a CentOS computer in an air-gapped environment
To set up Docker EE on an RHEL computer in an air-gapped environment
Configuring the product for firewall and Security-Enhanced Linux
Ensure that firewall is not running or won't start automatically, and Security-Enhanced Linux (SELinux) is disabled on the computers where you want to install the database and the application.
If firewall is running and Security-Enhanced Linux (SEL) is enabled, follow these instructions to open the ports:
Open these ports on the firewall using the following command for each of the ports:
firewall-cmd --permanent --add-port portNumber/tcpImportant
You cannot change the port numbers after the installation or upgrade. You can use port numbers of your choice only during installation.
Port
Protocol
Configured on
User can change the port number?
Firewall exception needed?
Description
10443 TCP Host containing the Automation Console application installation Yes Yes Secure port used to access the Automation Console application. 5000 TCP Host containing the Automation Console application installation
Yes (at the time of installation) Yes Port used for communication with the Docker repository 9443
TCP Host containing the Automation Console application installation
Yes Yes Port used for the WorkManager communication 5432 TCP Host containing the database installation No Yes Port used by the database (PostgreSQL) for communication Restart the firewall by running the following command:
systemctl restart firewalldStop the Docker service by running the following command:
systemctl stop dockerReset the Docker network adapter by running the following commands:
iptables -t nat -F ifconfig docker0 down brctl delbr docker0Start the Docker service by running the following command:
systemctl start docker
Where to go from here?
After completing the pre-installation tasks, you can begin installing in the interactive mode.
Comments
SELInux needs to be disabled or permissive before loading the docker container.
Thanks for the comment, Vinnie. Let me ask the QA team to quickly validate and update the docs accordingly.
Updated the documentation to reflect the requirement.
Log in or register to comment.