Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Installing HealthBot Release 3.2.0

 

The Paragon Insights (formerly HealthBot) software package is available for download as a Debian (.deb) file for installation on Ubuntu, or a Red Hat Package Manager (.rpm) file for installation on CentOS and RedHat Enterprise Linux (RHEL).

Before You Begin

You will need the following details for the installation:

  • Deployment type—Single node or multinode installation. Multinode installations are useful for load distribution and scaling.

  • SSL certificate and private key—Supply your own key, or have HealthBot create one for you.

  • Host IP address—The server IP address, for SSH and Web UI access.

  • If you are using Paragon Insights to install a new Kubernetes cluster, ensure that the hostnames of the nodes resolve to the IP addresses of the nodes used in the Kubernetes cluster. You can use DNS to map the hostname to the IP address or add the entries to the local /etc/hosts file.

  • If you are installing Paragon Insights into an existing Kubernetes cluster, you need information about the existing Kubernetes cluster:

    • Docker registry name

    • The path to a kubeconfig file configured with the existing cluster details

    • A user account with administrator privileges for the Kubernetes cluster

Note

The following points regarding installation on an existing Kubernetes cluster must be considered:

  • Paragon Insights has only been qualified with the Calico container network interface (CNI). It should work with other CNI plugins, but has not been tested.

  • If your Kubernetes cluster uses other CNI plugins, such as Flannel, you might notice long playbook deployment times on some Kubernetes versions. One potential workaround, is to disable transmit (tx) and receive (rx) checksum offloading on VXLAN interfaces. An example of this, using Flannel: ethtool --offload flannel.1 tx off rx off.

    For discussions regarding the latency issue, see:

  • If there are a large number of device groups in HealthBot, there is the possibility that some of the Kubernetes pods might not get scheduled if the nodes are saturated by the maximum pods per node limit. By default, this limit is 110 pods per node in most Kubernetes distributions.

    As a workaround, you can increase the maximum pods per node setting. Refer to the documentation from your Kubernetes distribution for details on how to modify this setting.

  • If your CNI plugin is configured with a static IP CIDR block for each node, make sure the number of IP addresses in the block allocated to the node is at least double the size of the maximum pods per node setting.

Additional requirements:

  • You must have a Juniper.net user account with permissions to download the HealthBot software package.

  • The HealthBot server must have access to the Internet during the software extraction process of installation (.deb for Ubuntu or .rpm for CentOS/RedHat).

HealthBot creates a /var/local/healthbot/ directory as part of the installation process. This directory contains all the HealthBot-related files.

Installing HealthBot On Ubuntu

The general workflow for installing HealthBot on Ubuntu is shown in Figure 1.

Figure 1: Installation Workflow - HealthBot on Ubuntu
Installation Workflow
- HealthBot on Ubuntu
Note

For multinode installations, perform the following tasks only on the primary node.

If you are logged in as root or using root privileges, remove the sudo portion of each command below.

Part 1 - PREPARE

  1. Ensure that you have at least 60GB of free disk space. We recommend 100GB of free disk space.
  2. Set the environment variable, HB_EXTRA_MOUNT1, to allow HealthBot to access directories outside of the /var/local/healthbot directory.

    To set the environment variable:

  3. Set the environment variables— HB_IAM_SKIP_MAIL_VERIFICATION and HB_IAM_DISABLE_SMTP_SETTINGS— as false to enable e-mail verification of users.

    To set the environment variable:

  4. Ensure that the Ubuntu package lists on your host system are latest.
    $ sudo apt-get update
  5. (Optional) Install the wget package. This tool will be used later to download the HealthBot software package. On some installations, wget is installed by default.
    $ sudo apt-get install -y wget
  6. Install Docker CE.

    The following commands install the latest stable version on x86 machines:

    $ sudo apt-get install -y apt-transport-https ca-certificates curl gnupg-agent software-properties-common
    $ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
    $ sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
    $ sudo apt-get update
    $ sudo apt-get install -y docker-ce docker-ce-cli containerd.io

    For more information, see Get Docker CE for Ubuntu.

  7. (Optional) Add your user account to the Docker group. This is required for a later installation step.

    If installing and running with root privileges, this step is not required.

    $ sudo usermod -aG docker $USER
    $ <Log out of the current session, and log back in>

Part 2 - DOWNLOAD

  1. Download the HealthBot package from the Juniper Networks software download page to a temporary directory (like /var/tmp/) on the server. Note that downloading software requires a Juniper.net account.
    wget -O /<temp-directory>/healthbot-<version>.deb "<URL-from-the-software-download-page>
    Note

    You can also download the HealthBot package locally and push it to the server, if preferred.

Part 3 - INSTALL

  1. Install the .deb package using the following format:
    $ sudo apt-get install -y /<path-to-deb-file>/healthbot-<version>.deb

    HealthBot checks that prerequisite software is installed on your host device during this step. If any required software is not found, HealthBot will prompt you before installing those missing software packages.

    Note

    If you see the following error when running the sudo apt-get command, you can ignore it:

    “Can't drop privileges for downloading as file '/home/user/healthbot-3.0.0-1.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)”

    For more information, see Bug 1543280.

  2. HealthBot supports offline installation for Kubernetes-based installations.

    Download the Healthbot Package-Offline Support file from the HealthBot Downloads page. Once downloaded, change the name of the file to healthbot-offline.tgz and place it in the /var/local/healthbot directory.

  3. Enter sudo healthbot setup to configure your installation. You can also use sudo healthbot -v setup to display more detailed information.

    While running the sudo healthbot setup command, you are prompted to answer several questions as part of the setup process.

    To proceed with Docker Compose installation, enter N when you see this prompt: Do you want to install on kubernetes? [y/N]. To proceed with kubernetes-based installation, enter y.

    For more information, see Paragon Insights Interactive Installation Prompts.

  4. Enter healthbot start to start HealthBot services including the Web UI.
  5. Enter healthbot status to verify that the HealthBot services are up and running.

Part 4 - LOG IN

  1. Open a browser and enter the https://server-IP:8080 URL to access the Healthbot UI, where server-IP is the virtual IP address you entered, to connect to Healthbot services, during installation. Log in to the HealthBot Web UI using the credentials: Username: admin, Password: Admin123!. These are one-time credentials. When you enter them, HealthBot prompts you to change the password and gives instructions about the recommended length, case changes, and so on.

Installing HealthBot On CentOS

The general workflow for installing HealthBot on CentOS is shown in Figure 2.

Figure 2: Installation Workflow - HealthBot on CentOS
Installation Workflow
- HealthBot on CentOS
Note

For multinode installations, perform the following tasks only on the primary node. If you are logged in as root or using root privileges, remove the sudo portion of each command below.

Part 1 - PREPARE

  1. This procedure assumes you are installing HealthBot using a non-root user. If this user does not already have sudo privileges, set them now.
  2. While logged in as root, set secure_path in the /etc/sudoers file to include /usr/local/bin/ so that sudo will be able to locate the HealthBot script during the healthbot setup step, later in this procedure.
  3. Install the epel-release repository. This is required for installing Python3 and other packages.
    $ sudo yum install -y epel-release
  4. Install the yum-utils package used for handling repositories and extending package management.
    $ sudo yum install -y yum-utils
  5. Install the wget package. This tool will be used later to download the HealthBot software package.
    $ sudo yum install -y wget
  6. Verify the SELinux mode, and if set to enforcing change it to permissive. This is required to allow Docker commands to execute later in this procedure.
  7. Install Docker CE.

    $ sudo yum install -y yum-utils \ device-mapper-persistent-data \ lvm2
    $ sudo yum-config-manager \ --add-repo \ https://download.docker.com/linux/centos/docker-ce.repo
    $ sudo yum install docker-ce docker-ce-cli containerd.io
    $ sudo systemctl start docker
    $ sudo systemctl enable docker

    For more information, see Get Docker CE for CentOS.

Part 2 - DOWNLOAD

  1. Download the HealthBot package from the Juniper Networks software download page to a temporary directory (like /var/tmp) on the server. Note that downloading software requires a Juniper.net account.
    wget -O /<temp-directory>/healthbot-<version>.noarch.rpm "<URL-from-the-software-download-page>
    Note

    You can also download the HealthBot package locally and push it to the server, if preferred.

Part 3 - INSTALL

  1. Install the .rpm package using the following format:
    $ sudo yum install -y /<path-to-rpm-file>/healthbot-<version>.noarch.rpm

    HealthBot checks that prerequisite software is installed on your host device during this step. If any required software is not found, HealthBot will prompt you before installing those missing software packages. HealthBot uses an Internet connection to download any missing packages.

  2. HealthBot supports offline installation for Kubernetes-based installations.

    Download the Healthbot Package-Offline Support file from the HealthBot Downloads page. Once downloaded, change the name of the file to healthbot-offline.tgz and place it in the /var/local/healthbot directory.

  3. Enter sudo healthbot setup to configure your installation. You can also use sudo healthbot -v setup to display more detailed information.

    While running the sudo healthbot setup command, you are prompted to answer several questions as part of the setup process.

    To proceed with Docker Compose installation, enter N when you see this prompt: Do you want to install on kubernetes? [y/N]. To proceed with kubernetes-based installation, enter y.

    For more information, see Paragon Insights Interactive Installation Prompts.

    HealthBot installation is now complete.

  4. Enter healthbot start to start HealthBot services including the Web UI.
  5. Enter healthbot status to verify that the HealthBot services are up and running.

    For example:

  6. Reset the SELinux mode to enforcing, if applicable.

Part 4 - LOG IN

  1. Open a browser and enter the https://server-IP:8080 URL to access the HealthBot UI, where server-IP is the virtual IP address you entered, to connect to HealthBot services, during installation. Log in to the HealthBot Web UI using the credentials: Username: admin, Password: Admin123!. These are one-time credentials. When you enter them, HealthBot prompts you to change the password and gives instructions about the recommended length, case changes, and so on.