Installing the remote device agent on Linux

The topics in this section describe how to install an optional The referenced document [xwiki:Automation-DevSecOps.Network-Automation.TrueSight-Network-Automation.tsna251.TrueSight Network Automation 25\.1._Inclusion-Library._Common-terminology.WebHome] was not found. remote device agent on a Linux server.

A remote device agent is installed using the same setup file as the The referenced document [xwiki:Automation-DevSecOps.Network-Automation.TrueSight-Network-Automation.tsna251.TrueSight Network Automation 25\.1._Inclusion-Library._Common-terminology.WebHome] was not found. application server. You cannot install a remote device agent on the application server computer.

Note

If you are installing multiple remote device agents, and prefer to use a repeatable procedure that is not wizard-based, and is non-iterative, see Running-the-installer-in-silent-mode.

Remote device agent deployment considerations

Installing the remote device agent is optional. When you install the application server, by default it installs a local device agent.

The local device agent is always active on the server. All devices by default are assigned to the local device agent. However, installing a remote device agent offers these operational benefits:

  • The remote device agent uses a single secure port (default 1099) to communicate with the application server and uses standard protocols to communicate with devices. This enables you to manage devices that are behind firewalls or in a demilitarized zone (DMZ) where you cannot open Telnet/SSH and TFTP/FTP/SCP ports, but can open an SSL port.
  • The remote device agent enables you to manage multiple networks that have duplicate IP address ranges. This improves performance and reduces WAN bandwidth when loading software images to devices in a region site/region. The OS image is transferred once to the remote device agent for distribution locally to the devices.
  • Managed service providers can securely manage customer networks through a dedicated remote device agent co-located at the customer premises. The customer remote device agents are managed over a single SSL connection.

Before you begin

Before you install the remote device agent, perform the following tasks:

  • Verify the following prerequisites:
    • Free space available: The remote device agent installation on Linux requires 2 GB of free disk storage. In addition, the /tmp directory requires at least 450 MB of free space.

      If the /tmp directory does not have sufficient free space, you can run the following commands, before installing, to make the installation use an alternate temp directory. The IATEMPDIR directory must have at least 200 MB of free space available.
      $ IATEMPDIR=/your/free/space/tmp_directory
      $ export IATEMPDIR

    • Permissions:

      The installation and temp directories must be assigned the permissions listed in the following table:

      The [confluence_table-plus] macro is a standalone macro and it cannot be used inline. Click on this message for details.

      * r=read, w=write, x=execute

  • If you have installed any intrusion prevention system, such as McAfee Intrusion Protection, ensure that it is disabled before you start the installation process. You can enable it once the installation is complete.

To install the remote device agent on Linux

  1. Log on as root to the host computer where you are installing the remote device agent.
  2. Run the umask 022 command.
  3. Extract the installation files, as explained in step 4 of   Installing the application server on Linux .
  4. Run the ./setup.sh command.
    The installer might take a minute or more to start.
  5. Welcome panel: Click Next.
  6. End User License Agreement panel: Review the The referenced document [xwiki:Automation-DevSecOps.Network-Automation.TrueSight-Network-Automation.tsna251.TrueSight Network Automation 25\.1._Inclusion-Library._Common-terminology.WebHome] was not found. Software License, accept the terms of this license agreement, and click Next to continue the installation.

  7.  Component Selection panel: Select the Remote Device Agent option, and click Next.

    Note

    The installer prevents the installation of the remote device agent, if it detects that the application server has been installed on this computer.

  8.  Installation directory panel: Specify the directory in which you want to install the product in the Destination Directory field, and click Next. (Default) /opt/bmc/bca-networks-agent

    Note

    • Do not use any spaces, or the pound ($), hash (#), or at (@) sign in the directory path.
    • The directory path cannot contain any non-Latin characters (Chinese, Japanese, Korean, or similar characters). These characters cause the installation to fail.
    • You must install the software on a local drive. Do not install the software on a network drive.
    • BMC recommends using the default for continuity with uninstallation and future upgrades.

  9.  Agent services account panel: Enter the user name of the account under which the device agent service runs, and click Next. This user account affects which TCP/UDP ports can be used to communicate with the agent.

    Note

    For security purposes, the bcanagent service starts with the user account that you provide in this step. By default, the installer restricts only the users that are part of the root group. Therefore, BMC recommends that you provide details of a non-privileged user account.

  10. RMI Port Number panel: Specify the Java Remote Method Invocation (RMI) port to use for communication between the application server and the remote device agent, and click Next.
    This port must be available on the system, and any local firewall might have to be configured to allow communication on this port between the application server and the remote device agent. The default port is 1099.

  11.  Certificate Information panel: Enter the information required for the SSL certificate, and click Next. The certificate is used for secure communications between the application server and the remote device agent.

    The [confluence_table-plus] macro is a standalone macro and it cannot be used inline. Click on this message for details.

  12. Memory and System Options panel: Change memory settings or enter additional startup options, if required, and click Next.


    The [confluence_table-plus] macro is a standalone macro and it cannot be used inline. Click on this message for details.

    The [confluence_table-plus] macro is a standalone macro and it cannot be used inline. Click on this message for details.

    Note

    In an environment where the The referenced document [xwiki:Automation-DevSecOps.Network-Automation.TrueSight-Network-Automation.tsna251.TrueSight Network Automation 25\.1._Inclusion-Library._Common-terminology.WebHome] was not found. agent is installed on a host computer that is behind a Network Address Translation (NAT) firewall, perform the following actions:

    • Specify -Djava.rmi.server.hostname=VALUE, an additional startup parameter during installation. Replace VALUE with the host name of the The referenced document [xwiki:Automation-DevSecOps.Network-Automation.TrueSight-Network-Automation.tsna251.TrueSight Network Automation 25\.1._Inclusion-Library._Common-terminology.WebHome] was not found. agent.
    • Ensure that the host name of the The referenced document [xwiki:Automation-DevSecOps.Network-Automation.TrueSight-Network-Automation.tsna251.TrueSight Network Automation 25\.1._Inclusion-Library._Common-terminology.WebHome] was not found. agent that you specify resolves to a public IP address from the The referenced document [xwiki:Automation-DevSecOps.Network-Automation.TrueSight-Network-Automation.tsna251.TrueSight Network Automation 25\.1._Inclusion-Library._Common-terminology.WebHome] was not found. server and resolves to a private IP address from the The referenced document [xwiki:Automation-DevSecOps.Network-Automation.TrueSight-Network-Automation.tsna251.TrueSight Network Automation 25\.1._Inclusion-Library._Common-terminology.WebHome] was not found. agent itself, by modifying hosts file accordingly.
  13. Installation Preview panel: Review the summary information, and then click Install.
    A panel appears indicating that the installation completed successfully.

  14.  Finish and log file panel: Review the summary information. To view the installation log file, click View Log. The name of the log file is bcan_install_log.txt. The location of the file is /tmp.

    As part of a successful server installation, the bcanagent.service is installed. The service binaries are installed in /etc/systemd/system/

    Note

    For security purposes, the bcanagent service starts with the user account that you provide in step 9. By default, the installer restricts only the users that are part of the root group. Therefore, BMC recommends that you provide details of a non-privileged user account.

    When the installation completes, you are reminded of the RMI port (Default: 1099) that is used to communicate between the application server and the remote device agent. Ensure that this port is not blocked by any firewall.

  15. When you are finished, click Done.

Where to go next

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*