• On-Premises Installation Prerequisites

    ControlUp On-Premises Architecture

     

    ControlUp On-Premises mode enables organizations to install the ControlUp back-end components on their on-premise private cloud / data-center. The following drawing is a high-level overview of ControlUp 7.x architecture when working in On-Premises mode:

      

    IOP_Diagram.png

     

    On-Premises Server Prerequisites:

    Supported Operating Systems

    • Windows Server 2012 R2 Fully Patched
    • Windows Server 2008 R2 Fully Patched
    •  

    Requirements

    • Free space of 50 GB
    • 4 GB of RAM
    • 2 vCPUs
    • Join server to Domain
    • Disable the UAC
    • Microsoft .Net Framework 4.5.1
    • Microsoft .Net Framework 3.5

     

    Database

    Supports Microsoft SQL Server versions –

    • SQL Server 2016 Express, Standard, and Enterprise Editions.
    • SQL Server 2014 R2, Express, Standard, and Enterprise Editions.
    • SQL Server 2012 R2, Express, Standard, and Enterprise Editions.
    • Note –
      • It is recommended to separate the ControlUp server from the SQL server for better performance
      • SQL 2008 is NOT supported, in case you are upgrading from v5, please plan accordingly
        • The ControlUp data base needs to be moved to a supported SQL
        • In the on-premises upgrade wizard define the new SQL details
        • Run the exported upgrade SQL script on the ControlUp DB (follow the installation guide)
      • SQL Express requires enabling the TCP\IP (Explanation in the appendix)

    Email Alerts Feature

    Requires a local SMTP Server.

     

    Required Files

    • Please download the latest version of ControlUp’s On-Premises MSI from here

     

    License

    • ControlUp On-premises requires a license file provided by ControlUp
      • The license is a XML file
      • In order to receive the file, please follow the steps described in step 3 of the ControlUp On-premises installation guide.

     

     Required AD Users & Groups

    • ControlUp Users Group
      • Members of this group will be authorized to use the ControlUp console
      • Global AD groups are supported
    • ControlUp Service Account
      • The ControlUp service account runs the ControlUp On-premises server services, IIS Pools and will have db_owner right on the SQL database
      • Note – the installation wizard supports configuring a different account for the SQL database user

    Related Ports

    • In order for the solution to work, you need few ports to be open:
      • On-premises server <-> ControlUp Console: Port 443
      • On-Premises server <-> SQL server: Port 1433 (need to verify with DBA)
      • ControlUp Console <-> ControlUp Agent: Port 40705
      • ControlUp Console <-> ControlUp Monitor: Port 40706

    Appendix

    • During the installation we add IIS and LDS Roles to the ControlUp On-Premises Server
      • If the IIS is already installed and contains any other sites, they will be overwritten
    • SQL Express has its TCP\IP disabled by default. To enable it, please follow these steps:
    1. Open SQL Server Configuration Manager
    2. Go to Protocols for MSSQLSERVER
    3. Enable the TCP\IP protocol o Restart the SQL service

    Capture.PNG

     

    ControlUp’s Insights Server Prerequisites:

     

    Supported Operating Systems

    • Windows Server 2012 Fully Patched
    • Windows Server 2012 R2 Fully Patched

     

    Requirements

    • Free space of 50 GB (as starting point)
    • CPU: 2 x 6 cores of 2+ GHz
    • RAM: 12 GB
    • RAID: 0 or 1+0

    Note: 

    • Make sure the server does not have splunk already installed, we do not support parallel installations.
    • RAID 0 disk configurations do not provide fault-tolerance. Confirm that a RAID 0 configuration meets your data reliability needs before deploying a Splunk Enterprise indexer on a system configured with RAID 0.

    In an enterprise production deployment, it is recommended that ControlUp Insights On-Premises is provided with dedicated hardware resources, especially I/O. Running the system on virtual machines is supported, but performance is expected to degrade when hardware resources are allocated from a shared pool.

    Daily Indexing Volume

    The daily amount of data ingested into the Insights database is a key parameter that will be used for deployment and capacity planning. This parameter can be estimated using the following calculations:

     

    • For end-user computing workloads using shared desktops (e.g. in a server-based computing scenario using Remote Desktop Services) - 3MB per user / day
    • For end-user computing workloads using private desktops (e.g. in a VDI scenario) - 6MB per user / day
    • For general-purpose servers (e.g. infrastructure servers / DC / database / DNS / file servers, etc.) - 8MB per server / day

     

    The following example demonstrates a calculation of daily indexing volume for a virtualized environment with 1000 shared desktop users (peak concurrent), 500 personal desktop users (peak concurrent) and 30 general-purpose servers:

     

    Resource type

    Count

    MB / day

    Expected Daily Indexing Volume

    Shared desktop users

    1000 (peak concurrent)

    3

    3,000 MB

    Personal desktop users

    500 (peak concurrent)

    6

    3,000 MB

    General purpose servers

    30

    8

    240 MB

    Total

       

    6.24 GB

     

    The end result of the calculation above (6.24 GB) is the daily indexing volume that will be used for capacity planning of Insights database storage as described below.

     

    Insights Database

    The sizing of storage for hosting the Insights database is based on the daily indexing volume multiplied by the number of days for which data is expected to be retained in the database, and by then multiplied by an additional constant which estimates the overhead associated with summary indexing and other auxiliary data accumulated in the database.

    For example, an environment in which the daily indexing volume is 6.24 GB and the retention requirement is 365 days, the amount of disk space required for the Insights database is expected to be 2.28 TB. This estimate should be multiplied by 1.3 to predict indexing overhead, resulting in a total storage volume of 2.96 TB.

     

    Data File Share

    The data file share is a temporary storage location in which activity files are queued before ingestion into the Insights database.

    The recommended amount of free space available on the data file share depends on the daily indexing volume.

    By default, activity files are not removed from the data file share after being successfully ingested into the Insights database. It is therefore recommended that the data file share has sufficient capacity to accommodate activity files for the maximal period of time during which Insights On-Premises Server might be down.

     For example, to accommodate for 7 days of downtime in the example environment described above, the data file share size should be 6.24 GB x 7 days = 43.68 GB.

    Note:

    • Please give modify permissions to the Network Service account (which runs the Controlup Monitor service) on the shared folder of the data activity files.
    • Until further notice we do not remove the activity files from the shared folder. Please make sure you have enough free space and the needed hardware to support the IOPS activity.

     

    ControlUp Real Time Console

     

    Supported Operating Systems

     

    • Windows 7
    • Windows 8 and 8.1
    • Windows 10
    • Windows Server 2008, Windows Server 2008 R2
    • Windows Server 2012, Windows Server 2012 R2
    • Windows Server 2016

     

    The only software prerequisite for the console is Microsoft .NET 4.5. Please ensure this prerequisite is met before running ControlUp or when upgrading from older (pre-v6) versions of ControlUp.

     

    ControlUp Monitor

     

    Supported Operating Systems

    • Windows Server 2008 or later

    Other Prerequisites

    • .Net Framework 4.5
    • RPC Access (at the installation phase)

     

    If you need a hard copy of the prerequisites or the installation guides, here are 2 links to the documents:

    ControlUp On-Premises Prerequisites Guide

    ControlUp On-Premises Installation Guide

     

     

     

  • Console Requirements

    ControlUpConsole.exe is the main executable used for data display and task invocation. There is no setup routine necessary in order to start using ControlUp. Just download the executable and run it on your admin station or a management server.

    ControlUp console was tested on:

    • Windows XP
    • Windows Vista
    • Windows 7
    • Windows 8 and 8.1
    • Windows 10
    • Windows Server 2003
    • Windows Server 2008, Windows Server 2008 R2
    • Windows Server 2012, Windows Server 2012 R2
    • Windows Server 2016.

    The only software prerequisite for the console is Microsoft .NET 4.5. Please ensure this prerequisite is met before running ControlUp or when upgrading from older (pre-v6) versions of ControlUp.

    ControlUp Console is the primary user interface for monitoring and managing your resources.

    • The Console requires no database.
    • All the data you see in it is stored in RAM, which allows for blazingly fast manipulation of data. As a result, ControlUp Console memory usage can be intensive, depending on the number of managed machines.
    • A RAM footprint of about 1GB (Working Set) is normal when managing an enterprise with up to 500 live user sessions, while thousands of sessions can bring the console’s RAM usage up to several gigabytes.

    In larger environments we recommend using a high-performance server for running the console. There are also some performance optimizations you should consider in order to reduce the amount of resources used by ControlUp Console. Please refer to the Advanced Settings documentation page for more details.

  • Managed Computers Requirements

    ControlUp supports managing computers that run:

    • Windows XP (end of life so best effort)
    • Windows Vista
    • Windows 7
    • Windows 8 (or 8.1)
    • Windows 10
    • Windows Server 2003
    • Windows Server 2008 (Full installation only\core edition is not supported), Windows Server 2008 R2
    • Windows Server 2012
    • Windows Server 2016 (Core or Full Installation).

    Managed computers should have:

    • Microsoft .NET Framework 3 installed (3.5 SP1 recommended)
    • Windows 7 or Server 2008 R2, the built-in .NET Framework feature should be enabled
    • Alternatively, .NET Framework 4.5 can be used on managed computers running Windows 8 / Server 2012 or later
    • ControlUp requires RPC access for remote agent installation and a single configurable incoming TCP port open (40705 by default) for agent communication. In case your managed computers are inaccessible using RPC, you can deploy the ControlUp agent using an MSI package. For more details, see “Add Managed Computers”.
  • Active Directory & DNS Requirements

    Active Directory is a prerequisite for managing computers using ControlUp. If your network includes computers that are not joined to a domain, you will be able to connect to these computers using ControlUp’s Remote Desktop view while other actions will not be available.

    The computer on which ControlUp Console is executed does not have to be a domain member. However, you will be required to enter valid domain credentials in order to manage computers in your environment.

    Full DNS name resolution is also mandatory for management connections using ControlUp. You should be able to access all of your managed computers using their Fully Qualified Domain Names (FQDN).

    As an exception to the above, virtual machines (including non-Windows guests) can be monitored via the hypervisor layer without the need for DNS resolution or AD domain membership. This agentless approach only enables access to VM-related data known to the hypervisor, not guest OS data.
    (Read more…)

    By default, ControlUp queries Active Directory for the DNS suffix when managed computers are added to the organization tree. For networks in which the domain name is not identical to the default DNS suffix of all computers, ControlUp supports for providing a custom DNS suffix during computer addition.
    (More details…)

  • Security Rights & Permissions

    By default, local administrative privileges on all managed computers are required in order to connect to these computers using ControlUp. Every time you attempt to run a management action using ControlUp, your Windows credentials will be evaluated according to your current ControlUp mode:

    • Enterprise Mode – in this mode ControlUp operates by evaluating both your current Windows credentials and the Security Policy configured using your organization’s central configuration. In Enterprise Mode the permissions may be restricted to limit access to ControlUp features for designated administrators, regardless of their existing Windows rights.
    • Standalone Mode – your Windows user account will always need to have full administrative rights on all target computers. If your account is not a local administrator on the managed computer, ControlUp agent will refuse the connection and you will not be able to monitor performance or execute management actions on that computer.

    For more information on configuring ControlUp permissions, see the Secure Your Organization chapter.

    For agentless monitoring of virtual machines, access permissions for the hypervisor are required. For more details, see Hypervisor Monitoring Requirements.

  • Hypervisor Monitoring Requirements

    Supported Hypervisor Platforms

    ControlUp supports VMware v4.x/5.x/6.x environments that are managed by vCenter. Standalone ESX/ESXi servers are not supported. ControlUp also supports Citrix XenServer v6.1 (with the Performance Monitoring Enhancement Pack, CTX135033) or v6.2. For earlier versions, some performance columns not yet implemented in XenServer might be displayed as N/A. 

    Microsoft Hyper-V 2012 R2, Microsoft Hyper-V 2016 including standalone and clustered hosts. Please note that ControlUp Agent needs to be installed on the Hyper-V hosts to enable monitoring them as hypervisors (The console does not work on any version of Core, but the agent is fine as long as you have .Net 3.5.1 or .Net 4.6.2.).

    Network Connectivity

    ControlUp data collection agents (ControlUp Console by default, or agents if explicitly designated) require https (tcp/443) access to the vCenter server or the XenServer pool master.

    Hypervisor Permissions

    VMware

    Required vCenter permissions: the Read-Only role is sufficient for all monitoring purposes. If you want to be able to use the built-in hypervisor-based VM power management functions, then you will need to create a custom role based on the Read-Only role, adding the following permissions:

    • In the Virtual Machine/Interaction category:
      • Power Off
      • Power On
      • Reset

    XenServer

    If Active Directory authentication is enabled for the XenServer pool, then the Read-Only role is sufficient. If you want to be able to use the built-in hypervisor-based VM power management functions, then you will need to upgrade the user role to ‘VM Operators’.