Table Of Contents

Previous topic

Quickstart

Next topic

The Universal Probe

Installing the Universal Probe

System Requirements

The Universal Probe is supported on the following systems:

  • Red Hat Enterprise Linux™ 5 on x86 and x86_64 [1]
  • Red Hat Enterprise Linux™ 6 on x86 and x86_64 [1]
  • Debian 6.0 on x86 and x86_64 [1]
  • Ubuntu 10.04LTS on x86 and x86_64 [1]
  • Ubuntu 12.04LTS on x86 and x86_64 [1]
  • Ubuntu 14.04LTS on x86 and x86_64 [1]
  • Solaris™ 10 on SPARC™, x86 and x86_64 [1]

Footnotes

[1](1, 2, 3, 4, 5, 6, 7) On x86_64 UP runs as a 32-bit application and the OS needs to have the adequate 32-bit compatible userland support installed. Refer to X86 64 Bit Platforms for details.

X86 64 Bit Platforms

On x86 64 bit platforms up runs as a 32-bit application. While all the binaries required by UP are installed autonomously in the prefix (e.g. /opt/abilisoft.com) the application does require that the OS provides a 32 bit runtime. Sometimes the necessary packages not installed by default when imaging a 64bit UNIX OS but can be easily installed with the package manager.

Specifically for RHEL 6 the following packages using must be installed using yum:

  • glibc.i686
  • krb5-libs.i686

Likewise Debian and Ubuntu versions supporting multiarch need the following packages installed using apt-get for running the 32-bit versions of the agent:

  • libc6:i368

While for Debian and ubuntu versions without multiarch the package to be installed with apt-get needs to be:

  • libc6-i386

Debian or Ubuntu system supports multiarch when the dpkg --print-foreign-architectures command returns i386, assuming the native achitecture, as returned by dpkg --print-architecture, is amd64.

Consult your OS vendor’s documentation to understand the best way to add these packages.

Environment Variables

Setting the following environment variables is useful when working with the Universal Probe.

PATH

This is a standard UNIX environment variable which controls where the shell looks for programs, it is useful to add UP’s bin directory (/opt/abilisoft.com/up/bin) to this.

MANPATH

This is a standard UNIX environment variable which controls where man searches for manual pages. It is useful to add UP’s man directory (/opt/abilisoft.com/up/share/man) to this.

For convenience UP ships with a small script which can be sourced, doing so will set up the environment variables correctly:

$ . /opt/abilisoft.com/up/tools/env.sh

Lastly there is an environment variable which can help you debug issues with a broken installation:

AS_DEBUG

By setting this variable to any non-empty value the Abilisoft binaries will provide more details when execution fails. This is mostly useful to debug a broken installation. E.g.:

$ AS_DEBUG=t
$ export AS_DEBUG
$ up

Using the UNIX Shell

Most UNIX systems will have an sh compatible shell available. Below is a reminder of the several ways in which you can set environment variables using an interactive shell:

$ VAR=value

Will set the variable in the current shell only, which means any process started from the shell will not have this environment variable. To make the variable available to the children of the shell it must be exported:

$ VAR=value
$ export VAR

Lastly it is also possible to set an environment variable for just one child process created by the shell, e.g. using the echo command:

$ VAR=value echo The value is: $VAR

This manual may use any of these techniques in examples, but in each case any technique which sets a variable in the environment is appropriate.

Installing the Universal Probe

The Universal Probe is distributed in a tar archive which has the following format:

up_<VERSION>_<PLATFORM>.tar.gz

An archive compatible with the target platform should be unpacked, usually as follows:

$ tar -xzof up_<VERSION>_<PLATFORM>.tar.gz

This will give rise to the following directory and it’s contents:

up_<VERSION>_<PLATFORM>/
    install.sh
    thirdparty/
    up/

The Universal Probe must always be installed using the install.sh script, which must be invoked from inside the unpacked directory as follows:

$ cd up_<VERSION>_<PLATFORM>
$ ./install.sh

By default the script will install UP into /opt/abilisoft.com/ which should be fine. However there are a few options you can pass to it to modify the installation behaviour.

-h, --help

Display help output for the installer script.

--prefix <PATH>

This option installs UP to a different location from the default /opt/abilisoft.com/.

--force

If the destination directories already exist inside the chosen prefix (see --prefix) the installation will be aborted. This option will force the removal of any directories that may already exist and perform the installation anyway.

--platform <ARCH>-<OS>

The installation script will try to detect the host platform and will refuse to install if the target platform does not match the installation archive’s platform. You can override this behaviour (and coerce successful installation) with this option, when platform detection is not as expected or as required.

For example, you would use this option to install a 32-bit version of UP on a 64-bit Operating System.

--initd

By default UP will be installed but will not be started on system startup. Using this option will install the necessary init scripts in the correct location (/etc/rc?.d/) so that UP will automatically start when the operating system starts. If this option is not used, init.d script installation can be performed manually at a later time using the init.d script in the installed UP directory, by default at /opt/abilisoft.com/up/etc/init.d/abilisoft.com-up.

--profile

This option will add lines to /etc/profile which modify PATH and MANPATH to include the correct directories for the Universal Probe.

-i, --inplace

This option does not actually install UP, but makes it possible to run up in the location in which the tar archive was unpacked. This can be useful for a quick test or experiment but should not be used for production.

--notp

This option will inhibit the installation of the thirdparty software needed by UP. This can be useful when you need to install multiple Abilisoft products in the same prefix. See Installing alongside other Abilisoft applications for more information.

Installing alongside other Abilisoft applications

When installing multiple Abilisoft products you should use the --notp option to skip the unnecessary installation of a third-party bundle.

Note

Be sure that a compatible third-party bundle (of the correct version) is installed in the same prefix. For example, if you have installed UP or Reef then you may install MA with the –notp option as the third-party provided by those products is compatible. However the MA third-party is NOT suitable for UP and Ref.

Uninstalling the Universal Probe

The installation is entirely self-contained and uninstalling is simply a matter of stopping the up daemon and removing its files. Do however, remember to keep a copy of your configuration if you need it for future use:

$ up --stop
$ cp -r /opt/abilisoft.com/up/etc/ /home/myuser/upcfg
$ rm -rf /opt/abilisoft.com

Upgrading UP

Upgrading UP is simply a matter of uninstalling and re-installing. Make sure you read the product’s release notes in order to understand any significant changes which may affect your installation.

Installing Redis

It is very common and even recommended to install a Redis data store alongside the Universal Probe to provide a means for the rule chains to maintain state or persistent storage. The use cases and instruction on how to use this are detailed in the Maintaining State section of the rule writing documentation.

The Redis server is not bundled with the up but is easy enough to install on most supported platform. The only requirement is that the Redis server is version 2.2 or above, although 2.4 or higher is recommended as it allows to use hash keys.

The recommended way to install Redis is to install it on the same server as up is installed on and configure it to listen on the interface localhost on the default port, 6379. This configuration is the most performant and is the most straight forward to use when writing rule chains and since normally the rules will not be storing vasts amount of data in Redis the impact on required memory should be reasonable. However there is no restriction on how Redis is deployed and any advanced configuration for persistence or availability is possible, please refer to the Redis documentation for advanced deployments.

Note

Recommended Redis installation:

  • Same host as up
  • Bind to localhost or 127.0.0.1 (default).
  • Port 6379 (default)

For Debian 7 and Ubuntu 12.04 systems you can simply install Redis using apt-get:

# apt-get install redis-server

For Redhat based systems it most convenient to install Redis by using the Extra Packages for Enterprise Linux (EPEL) repository from the Fedora project. To configure this repository download and install the appropriate epel-release rpm package for the version and platform of RHEL from https://dl.fedoraproject.org/pub/epel/. E.g. for a 64-bit RHEL 6:

# curl -O https://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
% Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                               Dload  Upload   Total   Spent    Left  Speed
100 14540  100 14540    0     0  12036      0  0:00:01  0:00:01 --:--:-- 30482

# rpm -hUv epel-release-6-8.noarch.rpm
Preparing...             ########################################### [100%]
   1:epel-release        ########################################### [100%]

Once this package is installed Redis can be installed using a normal yum command:

# yum install redis

Finally the EPEL package does not start the Redis server automatically, so start it using:

# service redis start

After having installed the Redis using apt-get or yum a server which can be used immediately in the rule chains without any extra configuration is available. It will only listen on the localhost and persist it’s data across restarts.

Note

Redis considerations

Memory usage
Redis is an in-memory database for performance reasons. Depending on the amount of data the rules want to store this should be budgeted for on the host.
Backup and Recovery
Data stored in Redis is only stored in memory, while most default installations will persist data across restarts it is prudent to check this configuration if this is desired.

Please refer to The Redis documentation for more information on installing, configuring and operating Redis.