Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

App Hosts

 

An App Host is a managed host that is dedicated to running apps. App Hosts provide extra storage, memory, and CPU resources for your apps without impacting the processing capacity of your JSA Console. Apps such as User Behavior Analytics with Machine Learning Analytics require more resources than are currently available on the Console.

The App Host replaces the App Node. Unlike the App Node, JSA manages all updates to the App Host, and you can include the App Host in your high-availability deployments.

Note
  • You can have only one App Host in your deployment.

  • Port 5000 must be open on your Console.

App Host specifications

The following table shows the minimum requirements and suggested specifications for an App Host.

Note

*The suggested specifications for medium and large sized deployments haven't been tested. If you are using some of the larger apps, such as the Pulse Dashboard and User Behavior Analytics with Machine Learning, the minimum requirements are probably insufficient. Consider upgrading your deployment environment.

CPU cores

4

12 or more

24 or more

Installation Scenarios

If you are installing an App Host and you do not have an App Node in your deployment, see "Installing an App Host" .

Installing an App Host

You can run apps on an App Host instead of your Console to lessen the processing load on the Console. Install an App Host the same way you would any other managed host for JSA. You can install an App Host on hardware or in a VM, and as either an appliance install or a software install.

  • This procedure assumes that you are doing an appliance install. For more information about appliance and software installations, see Juniper Secure Analytics Administration Guide.

  • Ensure that all apps on your system are updated.

  • Resolve any issues with applications in an error state or not displaying properly

  • Schedule a maintenance window for this task and ensure that users do not do any of the following during the migration.

    • Do not install or uninstall apps.

    • Do not do a full deploy.

    • Do not do a restore.

    • Do not delete the App Host.

    • Do not re-IP the Console.

  1. Type root at the login prompt to start the installation wizard. Type password if you are prompted for a password.
  2. Accept the End User License Agreement.
  3. Select App Host Appliance for the appliance type.
  4. For the type of setup, select Normal Setup (default), and set up the time.
  5. Select the Internet Protocol version:
    • Select ipv4 or ipv6.

  6. If you selected ipv6, select manual or auto for the Configuration type.
  7. Select the bonded interface setup, if required.
  8. Select the management interface.
  9. In the wizard, enter a fully qualified domain name in the Hostname field.
  10. In the IP address field, enter a static IP address, or use the assigned IP address.
  11. If you do not have an email server, enter localhost in the Email server name field.
  12. Enter a root password that meets the following criteria:
    • Contains at least 5 characters

    • Contains no spaces

    • Can include the following special characters: @, #, ^, and *.

  13. Click Finish.
  14. Follow the instructions in the installation wizard to complete the installation.

    The installation process might take several minutes.

  15. Add this managed host to your deployment and deploy changes.

Changing Where Apps are Run

Change where apps are run when you add an App Host to your deployment.

Apps are disabled during the transfer process. Apps are enabled when the transfer is complete.

If you don't have enough disk space or memory available on the Console, moving your apps from the App Host to the Console moves only the apps themselves, but not app data. Any app data remains on your App Host, and apps do not start on the Console when the transfer is complete. Apps start again when they are transferred back to the App Host.

  1. Sign in to the JSA user interface.
  2. Click Admin.
  3. On the System and License Management screen, click the Click to change where apps are run link.
  4. 4. Choose where apps are run.
    • Click App Host to transfer apps to the App Host.

    • Click Console to transfer apps to the Console.

    Note

    The more apps and app data you have, the longer the transfer takes.

Migrating from an App Node to an App Host

As of JSA 7.3.2, App Nodes are no longer supported. If you are upgrading to JSA 7.3.2 and you have an App Node in your deployment, you must back up your App Node data before you complete the upgrade. You can repurpose your App Node as an App Host appliance after you back up the App Node data and remove the App Node from your deployment. You might want to use another appliance instead of your App Node appliance to minimize the possibility of data loss.

  • If you are installing an App Host and you do not have an App Node in your deployment, see Installing an App Host

  • You must contact Juniper Customer Care to ensure that the required entitlements are set up for your migration from App Node to App Host.

  • Ensure that all apps on your system are updated.

  • Resolve any issues with applications in an error state or not displaying properly.

  • Schedule a maintenance window for this task and ensure that users do not do any of the following during the migration.

    • Do not install or uninstall apps.

    • Do not do a full deploy.

    • Do not do a restore.

    • Do not delete the App Host.

    • Do not re-IP the Console.

  1. Use ssh to log in to your Console as the root user.
  2. Mount the JSA 7.3.2 SFS on your Console to /media/updates.
  3. Create a backup archive of your App Node data and remove the App Node from your deployment by typing the following command on your Console.

    /media/updates/supplementary_scripts/app_node_data_backup.py

    The script outputs a backup archive on the App Node that is called /store/app-dockervolumes-<date_and_time_stamp>.tgz, and an MD5 checksum.

    Note

    There is no test mode for this script. The script removes the App Node from your deployment.

  4. To verify that the backup archive is valid, type the following command:

    tar -tzf app-docker-volumes-<date_and_time_stamp>.tgz

    The output should look something like this example:

  5. Make a copy of the backup archive and note the MD5 checksum.Note

    An MD5 checksum of d41d8cd98f00b204e9800998ecf8427e equates to a zero-byte file. This might be due to insufficient space available for the backup file.

    To make a backup archive copy on your Console, type the following commands on the Console:

    1. Type the following command to create an App Node back up directory under /store.

      mkdir /store/app_node_backup

    2. Type the following command to copy the backup archive from your App Node to the backup directory on your Console.

      scp root@<appnode_IP_address>:/store/app-dockervolumes-<date_and_time_stamp>.tgz /store/app_node_backup/

    3. Verify the MD5 checksum of the backup archive copy on your Console by typing the following command and comparing the result to the MD5 checksum of the backup archive on your App Node.

      md5sum /store/app_node_backup/app-docker-volumes-<date_and_time_stamp>.tgz

  6. Upgrade your JSA console to 7.3.2.
  7. Install your App Host and add the App Host to your deployment. See Installing an App Host.
  8. Copy the backup archive to the App Host.
  9. Restore your App Node data on the App Host by typing the following command on your Console.

    /opt/qradar/bin/app_node_data_restore.py -a <pphost_IP_address> - f <path_to_archive_on_apphost>

    The script checks the integrity of the archive by confirming the MD5 checksum, and then extracts the archive to the /store/docker/volumes directory.

  10. Sign in to the JSA user interface.
  11. Click Admin.
  12. On the System and License Management screen, click Migrate.
  13. Click Proceed to complete the migration from the App Node to the App Host.Note

    The more apps and app data you have, the longer the transfer takes.

    Your apps are running on the App Host.

Troubleshooting an App Node to App Host Migration

You can troubleshoot the following issues if you come across them with your App Node to App Host migration.

App Node backup file MD5 checksum is d41d8cd98f00b204e9800998ecf8427e

An MD5 checksum of d41d8cd98f00b204e9800998ecf8427e indicates that the App Node backup file is a zero-byte file. Insufficient disk space available for the backup file might be the cause. If you receive this value for the checksum:

  1. Use ssh to log in to your App Node as the root user.
  2. Type the following command and note the space available in /store.

    df -h /store

  3. Type the following command and note the used space in /store/backup/marathon.

    du -hs /store/backup/marathon/

  4. Type the following command and note the used space in /store/docker/volumes.

    du -hs /store/docker/volumes/

  5. Compare the total space that is used by /store/docker/volumes to the total space available in / store. You need at least 1 to 1.5 times as much free space in / store as space used by /store/ docker/volumes. If you don't have enough free space in / store, check to see whether you have enough used space in /store/backup/marathon to make up the difference.

    For example, if the space used by /store/docker/volumes is 100 GB, and the space available in / store is 90 GB, you don't have enough free space for the backup file. If /store/backup/marathon is using 10 GB or more of space, you can free space in /store/backup/marathon.

  6. Back up and remove files from /store/backup/marathon to free up space by following these steps:
    1. On your Console, create an App Node back up directory under /store by typing the following command.

      mkdir /store/app_node_backup

    2. Copy marathon backup files from the App Node to the Console by typing the following command.

      scp root@<appnode_IP_address>:/store/backup/marathon/backup.marathon-volumes.qapp.*.tgz / store/app_node_backup/

    3. Check the MD5 checksum of the marathon backup files on the Console by typing the following command.

      ls /store/backup/marathon/backup.marathon-volumes.qapp.*.tgz | xargs md5sum

    4. On the App Node, check the MD5 checksum of the marathon backup files by typing the following command.

      ls /store/backup/marathon/backup.marathon-volumes.qapp.*.tgz | xargs md5sum

    5. Verify that both checksum values are the same. If they are, remove the marathon backup files from the App Node by typing the following command on the App Node.

      Note

      The rm -rf command removes a directory and all files in it. Ensure that you enter the command exactly as shown here.

      rm -rf /store/backup/marathon/*

Removing an App Host

You can't remove an App Host if you have any apps that are running on it.

  1. Move your apps back to the Console. See "Changing Where Apps are Run".Note

    If you don't have enough disk space or memory available on the Console, moving your apps to the Console moves only the apps themselves, but not app data. Any app data remains on your App Host.

  2. Click Admin.
  3. On the System Configuration screen, click System and License Management..
  4. In the Display list, select Systems.
  5. Select your App Host.
  6. On the Deployment Actions menu, click Remove Host.