Managed Servers

The "Managed Servers" sub-tab under Admin Settings includes modules for Monitoring Settings, Update Settings, Monitoring Services, and RabbitMQ settings.

After making any settings updates, be sure to click "Save Changes" under the updated module.

Monitoring Settings

Under Monitoring Settings, select the "Default Monitoring API IP", and enter any additional setting options as follows:

Default Monitoring API IP: The default IP to be used for API calls (heartbeat, activation, etc.) for managed server monitoring and to send API requests, as multiple IPs may be available depending on the Provision set up.

• Note: The Default Monitoring API IP can be set to a default value in this area, but it may also be set individually per managed server as an override.

Verify CA: Toggle to "on" if you wish to enable the CA check.

Communication type: Push (when the server pushes data to ProVision) and pull (when ProVision connects to the server and pulls the data). Push is preferred, but Pull-based may be desirable in cases where a firewall would not allow inbound connections to ProVision.

Monitoring of the system: Toggle to "on" to enable monitoring of system statistics.

System monitoring interval: How often (in seconds) the system will be checked. The smaller the interval, the more data there will be to store. 

Monitoring of the DNS: Toggle to "on" to enable gathering statistics from the DNS server.

DNS monitoring interval: How often (in seconds) the DNS server will be monitored. Data will be aggregated for the set period of time and the aggregated results will be sent. 

Raw data retention: The number of minutes to retain raw data. By default, this is set to 1440 minutes (1 day). Raw data requires sizable storage needs.

Aggregated data retention: The number of days to retain aggregated data.

Managed Backup Settings

If in use, enter the password for Managed Backup Servers and click "save changes".

Password: Used to encrypt backups. Users will need this password in case of backup restore.

Update Settings

Enter Update settings to use for Managed Servers, starting with API timeout (in milliseconds) and Update Mode.

Fill in the remaining update settings as applicable to the selected update mode:

Internet Docker Update (Recommended) - This uses a Docker update directly from our docker registry. Internet connection is required for the managed server in order this mode to work.

• When this is chosen, fields to enter tokens for the DNS / DHCP repository will displayed.
  For assistance obtaining repository tokens, please contact support@6connect.com.

  
  

  Update Settings - Docker Update (Internet)...

  Update Settings  - Docker Update Mode (Internet)

  

  API timeout: Timeout for API calls in milliseconds.

  Update Mode: Enter the source for updates, depending on internet accessibility. Two options are available:

  • Image Download (Local) - This option is to update from ProVision, locally. No internet connection is required from the managed server, but an image file must be manually downloaded from a separate secure site and then uploaded into ProVision. 

  If "Image Download (Local)" is selected, you must download the image file from a secure 6connect site to then upload for this setting. Please contact support@6connect.com for credentials to access the image download area.

  • Internet Docker Update - This uses a Docker update directly from our docker registry. Internet connection is required for the managed server in order this mode to work. When this is chosen fields for tokens for our gitlab/registry appear to be filled in:
    • Update username: Enter the username for updates.
    • DNS update token: Enter the token for the DNS repository.
    • DHCP update token: Enter the token for the DHCP repository.
    • Monitoring update token: Enter the token for the Monitoring repository.
    • Backup update token: Enter the token for the Backup Monitoring repository.
  • Test Tokens: Click to test the applied tokens for DNS, DHCP, and Monitor.

  For assistance obtaining repository tokens, please contact support@6connect.com.

  
  

ProVision Image Download - If Update Mode is set to "Image Download (Local)", then no internet connection is required from the managed server, but an image file must be manually downloaded from a separate secure site to then upload into ProVision. 

• Update Settings  - Image Download (Local)...

  Update Settings  - Image Download (Local)

  If Update Mode is set to "Image Download (Local)", the following settings will display to enter:

  

  Image file: Attach the Image file for upload to ProVision.

  If "Image Download (Local)" is selected, you must download the image file from a secure 6connect site to then upload for this setting. Please contact support@6connect.com for credentials to access the image download area.

  API timeout: Timeout for API calls in milliseconds.

  Update Mode: Enter the source for updates - Image Download (Local), or opt to change to Docker Update (Requires Internet).

  Images history: Available only after saving changes. Once a history is available, it will display at the top of the module.

  

  Test Tokens: Click to test the applied tokens for DNS, DHCP, and Monitor. 

Monitoring Services

The Monitoring Services module shows the OS services running on Provision's server and their activity state. Available actions are: Stop, Start, and Restart Service.

• pv_heartbeat: sends simple stats from a managed server to ProVision, runs on the managed server
• pv_mq_knot: processes KNOT DNS data from RabbitMQ, runs on ProVision's server
• pv_mq_system: processes system data from RabbitMQ, runs on ProVision's server
• pv_mq_aggregate_system: aggregates system data , runs on ProVision's server
• pv_delete_expired_data: deletes data according to the retention settings, runs on ProVision's server
• pv_whois: runs on ProVision's server
• pv_rabbit_relay: services used in "Pull" setups (see below), runs on ProVision's server

RabbitMQ Settings

RabbitMQ is used to handle communication between ProVision and the managed server, and settings must be included for successful server communication and monitoring.

Enter or update the following settings:

• RabbitMQ IP: RabbitMQ IP is the address to which managed serves will send data, and to which the worker scripts will connect to get data.
  • Note: This should typically be the same as Default Monitoring API IP, if RabbitMQ is installed there.
• RabbitMQ Port: The RabbitMQ Port used
• Username: The RabbitMQ username
• Password: The RabbitMQ password

To verify the settings, click "Test Credentials". When done, click "Save Changes".

After making any settings updates, be sure to click "Save Changes" under the updated module.

Installing RabbitMQ

If RabbitMQ has not already been installed on your ProVision instance / VM, you will need to install it by running the included shell script (Note: Installing RabbitMQ requires internet access.):

1) Run install_rabbitmq.sh. 

/usr/bin/sh /path_to_provision/tools/install_rabbitmq_{OS}.sh

Ubuntu RabbitMQ installation script:

#!/usr/bin/sh
 
# https://www.rabbitmq.com/install-debian.html#apt-quick-start-cloudsmith
 
sudo apt-get install curl gnupg apt-transport-https -y
 
## Team RabbitMQ's main signing key
curl -1sLf "https://keys.openpgp.org/vks/v1/by-fingerprint/0A9AF2115F4687BD29803A206B73A36E6026DFCA" | sudo gpg --dearmor | sudo tee /usr/share/keyrings/com.rabbitmq.team.gpg > /dev/null
## Launchpad PPA that provides modern Erlang releases
curl -1sLf "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xf77f1eda57ebb1cc" | sudo gpg --dearmor | sudo tee /usr/share/keyrings/net.launchpad.ppa.rabbitmq.erlang.gpg > /dev/null
## PackageCloud RabbitMQ repository
curl -1sLf "https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey" | sudo gpg --dearmor | sudo tee /usr/share/keyrings/io.packagecloud.rabbitmq.gpg > /dev/null
 
## Add apt repositories maintained by Team RabbitMQ
sudo tee /etc/apt/sources.list.d/rabbitmq.list <<EOF
## Provides modern Erlang/OTP releases
##
## "bionic" as distribution name should work for any reasonably recent Ubuntu or Debian release.
## See the release to distribution mapping table in RabbitMQ doc guides to learn more.
deb [signed-by=/usr/share/keyrings/net.launchpad.ppa.rabbitmq.erlang.gpg] http://ppa.launchpad.net/rabbitmq/rabbitmq-erlang/ubuntu focal main
deb-src [signed-by=/usr/share/keyrings/net.launchpad.ppa.rabbitmq.erlang.gpg] http://ppa.launchpad.net/rabbitmq/rabbitmq-erlang/ubuntu focal main
 
## Provides RabbitMQ
##
## "bionic" as distribution name should work for any reasonably recent Ubuntu or Debian release.
## See the release to distribution mapping table in RabbitMQ doc guides to learn more.
deb [signed-by=/usr/share/keyrings/io.packagecloud.rabbitmq.gpg] https://packagecloud.io/rabbitmq/rabbitmq-server/ubuntu/ focal main
deb-src [signed-by=/usr/share/keyrings/io.packagecloud.rabbitmq.gpg] https://packagecloud.io/rabbitmq/rabbitmq-server/ubuntu/ focal main
EOF
 
## Update package indices
sudo apt-get update -y
 
## Install Erlang packages
sudo apt-get install -y erlang-base \
	                        erlang-asn1 erlang-crypto erlang-eldap erlang-ftp erlang-inets \
				                        erlang-mnesia erlang-os-mon erlang-parsetools erlang-public-key \
							                        erlang-runtime-tools erlang-snmp erlang-ssl \
										                        erlang-syntax-tools erlang-tftp erlang-tools erlang-xmerl
 
## Install rabbitmq-server and its dependencies
sudo apt-get install rabbitmq-server -y --fix-missing

sudo rabbitmq-plugins enable rabbitmq_management

sudo rabbitmq-server start -detached

sleep 5

sudo rabbitmqctl add_user pv_rabbitmq S3curePassW0rd!
sudo rabbitmqctl set_user_tags pv_rabbitmq administrator
sudo rabbitmqctl set_permissions -p / pv_rabbitmq ".*" ".*" ".*"

sudo systemctl enable rabbitmq-server

echo "RabbitMQ user is:  pv_rabbitmq"
echo "RabbitMQ password is:  S3curePassW0rd!"
echo "RabbitMQ port is:  5672"
echo "RabbitMQ management port is:  15672"
  

CentOS RabbitMQ installation script:

#!/usr/bin/sh

# https://www.rabbitmq.com/install-debian.html#apt-quick-start-cloudsmith

sudo yum install curl gnupg apt-transport-https -y

## Team RabbitMQ's main signing key
curl -1sLf "https://keys.openpgp.org/vks/v1/by-fingerprint/0A9AF2115F4687BD29803A206B73A36E6026DFCA" | sudo gpg --dearmor | sudo tee /usr/share/keyrings/com.rabbitmq.team.gpg > /dev/null
## Launchpad PPA that provides modern Erlang releases
curl -1sLf "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xf77f1eda57ebb1cc" | sudo gpg --dearmor | sudo tee /usr/share/keyrings/net.launchpad.ppa.rabbitmq.erlang.gpg > /dev/null
## PackageCloud RabbitMQ repository
curl -1sLf "https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey" | sudo gpg --dearmor | sudo tee /usr/share/keyrings/io.packagecloud.rabbitmq.gpg > /dev/null

## Add apt repositories maintained by Team RabbitMQ
#sudo tee /etc/apt/sources.list.d/rabbitmq.list <<EOF
## Provides modern Erlang/OTP releases
##
## "bionic" as distribution name should work for any reasonably recent Ubuntu or Debian release.
## See the release to distribution mapping table in RabbitMQ doc guides to learn more.
#deb [signed-by=/usr/share/keyrings/net.launchpad.ppa.rabbitmq.erlang.gpg] http://ppa.launchpad.net/rabbitmq/rabbitmq-erlang/ubuntu focal main
#deb-src [signed-by=/usr/share/keyrings/net.launchpad.ppa.rabbitmq.erlang.gpg] http://ppa.launchpad.net/rabbitmq/rabbitmq-erlang/ubuntu focal main

## Provides RabbitMQ
##
## "bionic" as distribution name should work for any reasonably recent Ubuntu or Debian release.
## See the release to distribution mapping table in RabbitMQ doc guides to learn more.
#deb [signed-by=/usr/share/keyrings/io.packagecloud.rabbitmq.gpg] https://packagecloud.io/rabbitmq/rabbitmq-server/ubuntu/ focal main
#deb-src [signed-by=/usr/share/keyrings/io.packagecloud.rabbitmq.gpg] https://packagecloud.io/rabbitmq/rabbitmq-server/ubuntu/ focal main
#EOF

## Update package indices
sudo yum update -y

## Install Erlang packages
sudo yum install -y erlang-base erlang-asn1 erlang-crypto erlang-eldap erlang-ftp erlang-inets erlang-mnesia erlang-os-mon erlang-parsetools erlang-public-key erlang-runtime-tools erlang-snmp erlang-ssl erlang-syntax-tools erlang-tftp erlang-tools erlang-xmerl

## Install rabbitmq-server and its dependencies
sudo yum install rabbitmq-server -y

sudo rabbitmq-plugins enable rabbitmq_management

sudo rabbitmq-server start -detached

sleep 5

sudo rabbitmqctl add_user pv_rabbitmq S3curePassW0rd!
sudo rabbitmqctl set_user_tags pv_rabbitmq administrator
sudo rabbitmqctl set_permissions -p / pv_rabbitmq ".*" ".*" ".*"

sudo systemctl enable rabbitmq-server

echo "RabbitMQ user is:  pv_rabbitmq"
echo "RabbitMQ password is:  S3curePassW0rd!"
echo "RabbitMQ port is:  5672"
echo "RabbitMQ management port is:  15672"

This script is taken from Installing on Debian and Ubuntu — RabbitMQ and may need an update in future.

2) You may verify the installation is working by opening http://your.host:15672 

3) Once confirmed working, go to ProVision Admin Settings → Managed Server Settings. Then, enter the RabbitMQ IP, port, username, and password into the RabbitMQ Settings section. When done, click "Save Changes".

Additional Information

For additional information on working with Managed Servers, see Managed Servers