• Insights On-Premise 8.1 Virtual Appliance Based Installation

    The IOP component captures, indexes, and correlates real-time data in a searchable repository from which you can view a variety of dashboards build from graphs, vast amounts of reports, alerts, etc. The following are the prerequisites for an Insights server in the On-Premises topology.

    ControlUp Insights On-Premise v8.1 has significant improvements in performance and user experience. This version of Insights is available in 2 installation modes:

    • "Virtual Appliance" - This option comes as an OVA that runs Photon OS Linux distribution.
      Currently Supported only on VMWare.
    • "Linux OS Installation" - This option allows you to install the IOP on varied Linux distribution.

    To read more about IOP 8.1 Linux Based Installation go to this article - Link

    In IOP 8.1 we add a new component called "IOP Forwarder". This component is in charge of moving (forward) the Activity files from the Monitors servers to the IOP servers.


     Table of Content

    1. Insights On-Premise Pre-Requisites
    2. Insights On-Premise Installation
    3. Configuration After the Install
    4. Forwarder Installation

    Insights On-Premise Pre-Requisites

    Sizing Recommendations

    • For Single (Standalone) installation Under 5000 Session
      • 12 Cores (Minimum)
      • 32 GB RAM
      • Storage:
        • 100 GB OS drive
        • 500 GB DATA disk drive with 800 IOPs (SSD preferred)
    • For Clustered (Master and Data) installation Over 5000 Sessions
      • Master server
        • 12 Cores (Minimum)
        • 32 GB RAM
        • Storage:
          • 100 GB OS disk drive with 800 IOPs (SSD preferred)
      • Data servers (each)
        • 8 Cores (Minimum)
        • 16 GB RAM
        • Storage:
          • 100 GB OS drive
          • 1 TB DATA disk drive with 800 IOPs (SSD preferred) 

    Browser

    • We fully support Chrome browser and the New Edge (based on chromium)

    Insights On-Premise Installation

    You can install IOP 8.1 as a Single (Standalone) variation or as a Cluster for better performance in larger environments.

    • Single (Standalone) - Recommended for companies with up to 5000 sessions, you need to prepare only one Linux server.
    • Cluster - Recommended for companies with 5000 sessions and more, in this variation you will need to prepare several Linux servers, 1 for the Master role and 1 Data role for every 5000 sessions.
      In cluster mode, you need to repeat the next chapters one time for the Master server and for each Data server.
      Sizing examples:
    # of Session # of Master nodes # of Data nodes
    6000 1 2
    9000 1 2
    11000 1 3

     

    OVA Deployment

    1. Download the latest IOP OVA file from here - Link
    2. Login to your V-Sphere with your Admin account.
    3. Right-click on one of your hosts, and choose “Deploy OVF Template…” option.
      mceclip1.png
    4. Check the “Local file” > Choose IOP OVA file.
      mceclip2.png
    5. Specify the VM name and select the datacenter the VM will be under.
    6. Select the host where the VM will be deployed.
    7. Next on “Review details” page.
    8. Select the Virtual Disk format and the VM storage policy (both of the “thick” formats are recommended for better performance and flexibility).
      mceclip3.png
    9. Select a preferred network for the VM.
    10. In the “Customize template” page, specify for each section:
      1. Hostname Details:
        • Required: Hostname of the appliance. (i.e. iop_server)
        • Recommended: The DNS domain name of the appliance.
      2. Networking:
        • If you want DHCP - leave them all empty
          • IP Adress - IP + CIDR that you want for the machine. (Default: DHCP)
            Example: CIDR notation for static IP - 10.10.10.10/24 
          • Default Gateway - The default gateway address for this VM. (Default: DHCP)
          • DNS - The IP address of the DNS server of the organization. (Default: DHCP)
      3. Credentials:
        • Required: Password for the root user of the VM.
          • Notes for the password:
            • Recommended putting a "Strong" password.
            • This is an Admin password for the IOP.
            • It will be used in the future for upgrades.
      4. Appliance Settings:
        • Required:
          • Machine type. (standalone / master / data)
          • If you chose “data” as your machine type - specify the DNS / IP of the master appliance.
            • Standalone
    11. Review the settings you specify, update if needed then click “Finish”.
    12. Before starting the VM, go over the next chapter.

    Configuration After the Install

    The step you need to do after the installation process is finished and before you start the VM.

     

    The default disk capacity for IOP “data” volume is set to 150 GB.
    If your machine type is standalone / data, and you wish to increase your disk capacity for this volume:

    1. Right click on your VM name from the list on the left.
    2. Choose the “Edit Settings…” option.
    3. Change the number for the “Hard disk 2 *” option to the capacity you want.

    When all the settings are ready:

    1. Click on the green button to start the machine.
      • In order to see the console logs, go to the “summary” section in your VM page, and click the “Launch Web Console” option under the image square.
      • Choose the “Web Console” option and click “OK”. (The login to the VM is “root”)
    2. When the installation is complete, you can connect to your Insights by browsing to https://<Server_IP>

    Forwarder Installation

    The Forwarder is a component that forwards the activity files from Monitors servers to the IOP servers.

    Durning the ControlUp On-Premise Installation you choose where to put the "Activity Files".
    If you choose a local folder, then you need to install the IOP Forwarder on each Monitor. If you choose a shared location, you need to install only one IOP Forwarder.

    Steps for the Installation of Forwarder:

    1. Login to your Monitor windows machine.
    2. Download the Forwarder from here - Link (if you didn't download that in the beginning)
    3. Run the “iop_forwarder_8.1.XXX.XX.msi” file:
      f1.png
    4. Specify where to install the forwarder (on the Monitor machine).
      f2.png
    5. Choose the type of installation accordingly to the type of Insights installation.
      f3.png
    6. Select the "Activity Files" folder location.
      Enter the IP of your IOP Server machine.
      fw006.png
    7. Install the forwarder.
      f5.png
      fr05.png
  • Insights On-Premise 8.1 Linux Based Installation

    CentOS-01.png Ubuntu-01.png RedHat-01.png

    The IOP component captures, indexes, and correlates real-time data in a searchable repository from which you can view a variety of dashboards build from graphs, vast amounts of reports, alerts, etc. The following are the prerequisites for an Insights server in the On-Premises topology.

    ControlUp Insights On-Premise v8.1 has significant improvements in performance and user experience. This version of Insights is available in 2 installation modes:

    • "Virtual Appliance" - This option comes as an OVA that runs Photon OS Linux distribution.
      Currently Supported only on VMWare.
    • "Linux OS Installation" - This option allows you to install the IOP on varied Linux distribution.

    To read more about IOP 8.1 Virtual Appliance Based Installation go to this article - Link

    In IOP 8.1 we add a new component called "IOP Forwarder". This component is in charge of moving (forward) the Activity files from the Monitors servers to the IOP servers.


     Table of Content

    1. Insights On-Premise Pre-Requisites
    2. Insights On-Premise Installation
    3. Forwarder Installation

    Insights On-Premise Pre-Requisites

    You can install IOP 8.1 as a Single (Standalone) mode or as a Cluster mode for better performance in larger-scale environments.

    • Single (Standalone) - Recommended for companies with up to 5000 sessions, you need to prepare only one Linux server.
    • Cluster - Recommended for companies with 5000 sessions and more, in this variation you will need to prepare several Linux servers, 1 for the Master role and 1 Data role for every 5000 sessions.
      In cluster mode, you need to repeat the next chapters one time for the Master server and for each Data server.
      Sizing examples:
      # of Session # of Master nodes # of Data nodes
      6000 1 2
      9000 1 2
      11000 1 3

    Sizing Recommendations

    • For Single (Standalone) installation Under 5000 Session
      • 12 Cores (Minimum)
      • 32 GB RAM
      • Storage:
        • 100 GB OS drive
        • 500 GB DATA disk drive with 800 IOPs (SSD preferred) mounted under /opt/iop_volumes/data/
    • For Clustered (Master and Data) installation Over 5000 Sessions
      • Master server
        • 12 Cores (Minimum)
        • 32 GB RAM
        • Storage:
          • 100 GB OS disk drive with 800 IOPs (SSD preferred)
      • Data servers (each)
        • 8 Cores (Minimum)
        • 16 GB RAM
        • Storage:
          • 100 GB OS drive
          • 1 TB DATA disk drive with 800 IOPs (SSD preferred) mounted under /opt/iop_volumes/data

    Operation System

    • Linux Kernel 2.4
      • CentOS 7 (or above)
      • ubuntu 16.4 (or above)
      • Red Hat Enterprise Linux 7.6

    Required Packages

    • Python 3.6
    • Docker 18.09.8 (or above)

    Browser

    • We fully support Chrome browser and the New Edge (based on chromium)

    Firewall Settings

    The following ports need to be opened, depending on the installation mode.

    Machine type
    Inbound open ports

    Standalone

    • 443
    • 9997
    Master
    • 443
    • 8089

    Data

    • 9887
    • 9997
    • 8089

    More information about each port:

    Ports
    Accept incoming traffic from
    Usage
    9997/tcp CU Monitors Forwarder(s) send data to the Data node(s).
    443/tcp IOP users IOP UI.


    8089/tcp

    • Data nodes
    • Master node
    • CU Monitor

    Management port - connects between the master node and the data node(s).

    9887/tcp Data nodes Data Replication.

    Insights On-Premise Installation

    Checking the Pre-Requisites

    Before you start the IOP installation, check if the pre-requisites were installed:

    Check if the Python and the Docker are installed:

    Note: The Syntax can be different between the Linux OS versions.

    • Connect to your Linux.
    • Type "python" and press twice on the "Tab" key
    • Run "docker -v"
    • If the components are not installed:
      Sen01.png
    • If the components installed:
      Sen02.png

    If you don't have Docker installed, you can follow the instructions from one of the sites below:

    1. Docker - Docks
    2. Digitalocean

    If the Linux OS is ready, you can start the IOP installation.

    Copy files from Windows to Linux

    1. Download the IOP packaged to your Windows machine from here - Link
      • iop_forwarder-8.1.XXX.XX.msi
      • iop_8.1_images_stable.tgz
      • ioppcmd-8.1.XXX.XX.tgz
    2. Copy iop_8.1_images_stable.tgz and iopcmd-8.1.XXX.XX.tgz to your Linux machine.
      • To copy files from Windows OS to Linx OS you can use the WinSCP tool.
      • Open the WinSCP tool and make a connection to your Linux.
        movefiles02.png
      • Copy the files to your Linux user home folder.
        movefiles01.png

        Screenshot_1.png

    Prepare the files for the Installation

    1. Log in to your Linux machine.
    2. Move the iop_8.1_images_stable.tgz and iopcmd-8.1.733.37.tgz from the user folder to /opt folder.
      • sudo mv iop_8.1_images_stable.tgz /opt/
      • sudo mv iopcmd-8.1.733.37.tgz /opt/
    3. CD into “/opt/” directory.
    4. Extract the installation file
      • sudo tar zxvf iopcmd-8.1.733.37.tgz
    5. Move the iop_8.1_images_stable.tgz to “/opt/iopcmd/iop_images.tgz” 
      • sudo mv /opt/iop_8.1_images_stable.tgz /opt/iopcmd/iop_images.tgz
    6. CD into "/opt/iopcmd/" directory.

    Installation Process

    Before the installation there a few Important Notes for the Installation:

    1. Password:
      • Recommended putting a "Strong" password.
      • This is an Admin password for the IOP.
      • It will be used in the future for upgrades.
    2. After the installation is done, it is recommended to remove the iop_images.tgz from the /opt/iopcmd/ directory.
    3. When the installation is complete, you can connect to your Insights by browsing to https://<Server_IP>

    Single (Standalone) Installation

    1. Run the Install command.
      • sudo ./iopcmd install local -t standalone -pwd <Your Password>
      • For example:
      • sudo ./iopcmd install local -t standalone -pwd abc123
    2. Wait till the installation is finished.

    Cluster Installation

    1.  Run the Install command on the Master server
      • sudo ./iopcmd install local -t master -pwd <Your Password>
      • For example:
      • sudo ./iopcmd install local -t standalone -pwd abc123
    2. Wait till the installation is finished. 
    3. Run the Install command on the Data servers

      • sudo ./iopcmd install local -t data -m <DNS name or ip address of Master> -pwd <Your Password>
    4. Wait till the installation is finished. 

    Forwarder Installation

    The Forwarder is a component that forwards the activity files from Monitors servers to the IOP servers.

    Durning the ControlUp On-Premise Installation you choose where to put the "Activity Files".
    If you choose a local folder, then you need to install the IOP Forwarder on each Monitor. If you choose a shared location, you need to install only one IOP Forwarder.

    Steps for the Installation of Forwarder:

    1. Login to your Monitor windows machine.
    2. Download the Forwarder from here - Link (if you didn't download that in the beginning)
    3. Run the “iop_forwarder_8.1.XXX.XX.msi” file:
      f1.png
    4. Specify where to install the forwarder (on the Monitor machine).
      f2.png
    5. Choose the type of installation accordingly to the type of Insights installation.
      f3.png
    6. Select the "Activity Files" folder location.
      Enter the IP of your IOP Server machine.
      fw006.png
    7. Install the forwarder.
      f5.png
      fr05.png
  • Horizon Integration

    Version 8.1 of ControlUp allows VMware Horizon integration by monitoring and collecting metadata directly from Horizon API. This allows ControlUp to display real-time Horizon specific information.

    Native API integration with VMware Horizon enables customers to add Horizon environments to the ControlUp Console in a few clicks, including:

    • Automatic discovery of Horizon components in both standard and Cloud Pod architecture.
    • Seamless association of Horizon components with entities from different data sources such as hypervisors and in-guest agents for complete line-of-sight from infrastructure to process.
    • Connection server health status & license monitoring.
    • Enhanced session monitoring with Horizon performance metrics.
    • Horizon-focused presets for Horizon Pods, Connection Servers, Pools, Machines, and Sessions views.
    • Enhanced Horizon environment management capabilities include new Horizon specific:
      • Built-in actions
      • Security policy permissions
      • Script Actions
      • Automated Actions
      • Enhanced Virtual Expert rules and recommendations
    • For Horizon integration, ControlUp Agent deployment is not required for this discovery process.
    • ControlUp Agent is required in order to monitor the performance of your VDIs and Connection Servers, and in order to display processes running on your VDIs and Connection Servers.

    Note: Each session discovered by the Horizon connection is counted as 1 ControlUp license.

    Integration Requirements

    • Permissions
      • Read-Only
        • Manage Help Desk (Read only)
        • Direct Interaction
      • Actions
        • Enable Farms and Desktops Pools
        • Manage Machine
        • Manage Sessions
        • Manage Global Sessions (Cloud Pod architecture only)
    • Network
      • 443 open to all Horizon connection servers
    •  Support
      • Full Support - VMware Horizon v7.4 and up
      • Limited Support - VMware Horizon v7.0 to 7.3

  • ControlUp Data Collector

    The Data Collector is responsible for collecting metrics from “External” sources such as VMware vCenter, Citrix Delivery Controllers, XenServer Poolmasters, AHV Clusters, and NetScaler appliances. Having a data collector will increase the performance capabilities of both your console & monitor. 

    What does having a data collector means? 

    Looking at the images below, on the left side, we see 2 consoles and a monitor both connected straight to the vCenter without a DC (data collector). Each of these components is each initiating its own API query to vCenter to gather data.

    In this method, the API gets 3 API queries each interval and in very large environments, the traffic can be substantial. 

    On the right side, we have a data collector. With a data collector deployed, the only entity that does the API query is the data collector and it saves the data locally on the machines memory buffer. The consoles & monitor, which are connected to the agent on the data collector (light connection), can read the data from the agent itself instead of performing their own API queries. 

    inline1865324782.png

    *Example shows 443 but can also be referred to 80\9440

    Data Collector requirements

    1. A data collector will be assigned with 2-4 vCPUs and 8 GB of RAM. (view the Sizing Guidelines article for exact sizing information).
    2. The OS can be either a client or server. 
    3. The machine must have the ControlUp Agent installed on. 
    4. .Net Framework v4.5
    5. Port-wise you should enable 80\443\9440 based on the type of connection. 
    6. A pair of data collector can be provided for HA purposes. 
      • In the event of a failure of the data collector, a backup data collector will assume this role until the data collector is brought back online.
    7. SDKs from Citrix will need to be deployed to the Data Collector in order to connect to the XenDesktop Delivery Controllers (you can download it from the following article).

    If you have more than 5 external sources to connect to a data collector, please contact us for sizing recommendations at support@controlup.com

     

     

  • Proxy Information for ControlUp - Hybrid Cloud

    Customers of ControlUp that are using a proxy in their environment should have the ControlUp cloud configuration servers whitelisted and open going out via the proxy. 

    The following URL's/IP addresses should be available via https (443):

    • fe1.controlup.com - 52.31.169.19
    • fe2.controlup.com - 52.22.91.133
    • fe3.controlup.com - 52.31.158.49
    • fe4.controlup.com - 52.23.86.15
    • US Load Balancers:
      • rt-app.controlup.com - 34.195.43.52
      • rt-app.controlup.com - 54.86.39.124
    • EU Load Balancers
      • rt-app.controlup.com - 18.200.38.56
      • rt-app.controlup.com - 52.212.202.250
    • *.amazonaws.com   --- NOTE: The AWS URL is essential for data upload to Insights.  The dynamic IP range of the S3 URL changes according to AWS policies.
    • uploads.controlup.com

    Note - customers that use the limited availability 8.x version should add insights-hec.controlup.com:443 as well to the exception list. At the moment, the IP is dynamic for this URL. 

    If you have any further questions regarding proxy, feel free to contact us at support@controlup.com

  • Moving from On-Premises to Hybrid Cloud

    ControlUp users can choose to move from an On-Premises deployment to a Hybrid Cloud deployment.
    This action needs to be coordinated with your account manager in order to achieve this process because there are licensing differences.
    Moving to our Hybrid Cloud will require these following steps:

    1. License change from On-Premises to Hybrid Cloud. (for this step, please contact your account manager or support at support@controlup.com)
    2. Log in to your On-premises ControlUp Console.
    3. Uninstall & remove all Monitors.
    4. Chane Registry (on each computer where the Console is launched).
      • Go to HKEY_LOCAL_MACHINE > SOFTWARE > SMART-X > CONTROLUP > AGENT > PRIVATECLOUD and change the value of "IsUsingPrivateCloud" to 0.
    5. Log in to the same organization that you used on your ControlUp On-Premises environment.
    6. Launching the Console after the changes from the same machine will upload your configuration to the Cloud so it will be stored there and synced with the other Consoles in your organization. 

     

  • ControlUp Hybrid Cloud Implementation Requirements

    A ControlUp Hybrid Cloud implementation is composed of three main components; a 'Console' for real time environment monitoring and management, 'Monitor' to monitor your environment 24/7 for uploading historical and analytical data to our Hybrid Cloud infrastructure, and 'Agents' to communicate with the Console and Monitor. 

    ControlUp Console Requirements

    ControlUpConsole.exe is the main executable used for data display and task invocation. There is no setup routine necessary in order to start using ControlUp. Just download the executable and run it on your admin station or a management server.

    ControlUp console was tested on:

    • Windows 7
    • Windows 8 and 8.1
    • Windows 10
    • Windows Server 2008, Windows Server 2008 R2
    • Windows Server 2012, Windows Server 2012 R2
    • Windows Server 2016.

    ControlUp Console is the primary user interface for monitoring and managing your resources.

    • The Console requires no database.
    • All the data you see in it is stored in RAM, which allows for blazingly fast manipulation of data. As a result, ControlUp Console memory usage can be intensive, depending on the number of managed machines.
    • A RAM footprint of about 1GB (Working Set) is normal when managing an enterprise with up to 500 live user sessions, while thousands of sessions can bring the console’s RAM usage up to several gigabytes.

    In larger environments, we recommend using a high-performance server for running the console. There are also some performance optimizations you should consider in order to reduce the amount of resources used by ControlUp Console. Please refer to the Advanced Settings documentation page for more details.

    Prerequisites for ControlUp Console

    • Domain joined desktop, laptop, Windows VM, or can be published as a XenApp application. 
    • .Net 4.5
    • Download the executable from our website. (No installation required, run the executable with ease!)
    • AD account with privileges on the machines you wish to Monitor/Manage
    • Credentials (a service account is best) and URL for your hypervisor (XenServer, VMware, Hyper-V)
    • AD account with help-desk or higher permissions in the 7.15 environment and the Broker IP or hostname
    • Firewall exceptions inside the company for RPC/WMI and ports 40705 and 40706 (or Windows firewalls off)
    • Internet connectivity from the Monitor and Console machines (it can be via proxy) 

    ControlUp Monitor Requirements

    ControlUp Monitor is a component principally equivalent to ControlUp Console but without an interactive user interface. The primary difference between a Monitor and a Console is the fact that the Monitor runs as a Windows service, requiring no user interaction and allowing for continuous monitoring of your resources.

    Prerequisites for ControlUp Monitor

    • Windows Server 2008 or above
    • .NET Framework 4.5 
    • RPC Access enabled at the installation phase

    Read more about the benefits of Control-Up Monitor and how to set it up here.

    ControlUp Agent

    The ControlUp Agent is a lightweight service that gets installed on the managed computers in your organization. Installing the Agent on your systems allows you to use ControlUp Real Time Console to perform in depth monitoring, advanced systems management, and in depth configuration evaluation. 

    ControlUp agents have a minimal performance impact

    • CPU usage – consistently 0% to 1%
    • RAM consumption – 60 to 90 MB
    • I/O – zero disk activity
    • No software hooks, no drivers and no reboot needed

    Prerequisites for ControlUp agents

    • Windows OS (Windows OS (all versions supported, from Windows 7 or Windows 2008 R2)
    • .Net Framework 3.5 SP1 or 4.5
    • Single incoming TCP port (by default 40705) open for ongoing console/monitor communications
    • RPC and WMI access for initial deployment via the console, if access not available manual installation can be done using an MSI package
  • On-Premises Installation Prerequisites

    ControlUp On-Premises Architecture

    ControlUp On-Premises mode enables organizations to install the ControlUp back-end components on their on-premise private cloud / data-center. The following drawing is a high-level overview of ControlUp 7.x architecture when working in On-Premises mode:  

    Architecture_COP_2020.png

     On-Premises Server Prerequisites:

    Supported Operating Systems

    • Windows Server 2016 Fully Patched
    • Windows Server 2012 R2 Fully Patched
    • Windows Server 2008 R2 Fully Patched

    Requirements

    • Free space of 50 GB
    • 4 GB of RAM
    • 2 vCPUs
    • The server part of a Domain
    • Disable the UAC
    • Microsoft .Net Framework 4.5.1
    • Microsoft .Net Framework 3.5
    • PowerShell 5.X or above

     Database

    Supports Microsoft SQL versions are supported (both Standard and Enterprise editions):

    • SQL 2008 is NOT supported (R2 as well)
    • SQL Server 2012 (Note: Some of the builds are not supported)
    • SQL Server 2014
    • SQL Server 2016
    • SQL Server 2017
    • Note:
      • We strongly recommend having a dedicated clean server for the installation.
      • The ControlUp database needs to be moved to a supported SQL.
      • In the on-premises upgrade, the wizard defines the new SQL details.
      • In On-Prem v7.4, the installer has the option to auto-install a standalone SQL express (an automated process by the installer).
      • It is recommended to separate the ControlUp server from the SQL server for better performance
      • In case of upgrading from v5\v6, you will need to upgrade from v5 > v6 > v7 etc. Upgrade from 5 to 7 not supported. 
      • Run the exported upgrade SQL script on the ControlUp DB (follow the installation guide)
      • SQL DataBase recommended size - 50GB

    Email Alerts Feature

    Requires a local SMTP Server.

     Required Files

    • Please coordinate with ControlUp Support to receive the installation media for ControlUp On-Premises

     License

    • ControlUp On-premises requires a license file provided by ControlUp
      • The license is a XML file
      • If you’re conducting a trial (POC), the installer will issue you a 21 days license automatically.
      • In order to receive the file, please follow the steps described in the ControlUp On-premises installation guide.

      Required AD Users & Groups

    • ControlUp Users Group
      • Members of this group will be authorized to use the ControlUp console.
      • Global - Security AD groups are supported. (Universal & Domain-Local not).
      • 'Domain Users' group is not supported.
    • ControlUp Service Account
      • The ControlUp service account runs the ControlUp On-premises server services, IIS Pools and will have db_owner right on the SQL database
      • Make sure the User Account is an Administrator on the on-premises server
      • Note – the installation wizard supports configuring a different account for the SQL database user
    • Primary Monitor Account -
      • Account defined in the monitor settings -> Identity 
      • The Monitor primary AD account require the "Log on Locally" user right on the Monitor service VM, so please verify 2 things:
        • the account has the "Allow log on locally" user right
        • the account is not part of the "Deny log on locally" user right

    Related Ports

    • In order for the solution to work, you need few ports to be open:
      • On-premises server <-> ControlUp Console: Port 443
      • On-Premises server <-> SQL server: Port 1433 (need to verify with DBA)
      • ControlUp Console <-> ControlUp Agent: Port 40705
      • ControlUp Console <-> ControlUp Monitor: Port 40706

    Appendix

    • During the installation, we add IIS and LDS Roles to the ControlUp On-Premises Server
      • If the IIS is already installed and contains any other sites, they will be overwritten

     ControlUp’s Insights Server Prerequisites:

     Supported Operating Systems

    • Windows Server 2016 Fully Patched
    • Windows Server 2012 Fully Patched
    • Windows Server 2012 R2 Fully Patched

    Requirements

    • Free space of 50 GB (as a starting point)
    • CPU: 12 CPU cores at 2Ghz or greater speed per core
    • RAM: 12 GB
      • Recommended - 16GB RAM.
    • RAID: 0 or 1+0
    • 800 IOPS~ disk capabilities.

    Note: 

    • Make sure the server does not have splunk already installed, we do not support parallel installations.
    • RAID 0 disk configurations do not provide fault-tolerance. Confirm that a RAID 0 configuration meets your data reliability needs before deploying a Splunk Enterprise indexer on a system configured with RAID 0.

    In an enterprise production deployment, it is recommended that ControlUp Insights On-Premises is provided with dedicated hardware resources, especially I/O. Running the system on virtual machines is supported, but performance is expected to degrade when hardware resources are allocated from a shared pool.

    Daily Indexing Volume

    The daily amount of data ingested into the Insights database is a key parameter that will be used for deployment and capacity planning. This parameter can be estimated using the following calculations:

     

    • For end-user computing workloads using shared desktops (e.g. in a server-based computing scenario using Remote Desktop Services) - 3MB per user/day.
    • For end-user computing workloads using private desktops (e.g. in a VDI scenario) - 6MB per user/day.
    • For general-purpose servers (e.g. infrastructure servers / DC / database / DNS / file servers, etc.) - 8MB per server/day.

     

    The following example demonstrates a calculation of daily indexing volume for a virtualized environment with 1000 shared desktop users (peak concurrent), 500 personal desktop users (peak concurrent) and 30 general-purpose servers:

     

    Resource type

    Count

    MB / day

    Expected Daily Indexing Volume

    Shared desktop users

    1000 (peak concurrent)

    3

    3,000 MB

    Personal desktop users

    500 (peak concurrent)

    6

    3,000 MB

    General-purpose servers

    30

    8

    240 MB

    Total

       

    6.24 GB

     

    The end result of the calculation above (6.24 GB) is the daily indexing volume that will be used for the capacity planning of Insights database storage as described below.

    Insights Database

    The sizing of storage for hosting the Insights database is based on the daily indexing volume multiplied by the number of days for which data is expected to be retained in the database, and by then multiplied by an additional constant which estimates the overhead associated with summary indexing and other auxiliary data accumulated in the database.

    For example, an environment in which the daily indexing volume is 6.24 GB and the retention requirement is 365 days, the amount of disk space required for the Insights database is expected to be 2.28 TB. This estimate should be multiplied by 1.3 to predict indexing overhead, resulting in a total storage volume of 2.96 TB.

     

    Data File Share

    The data file share is a temporary storage location in which activity files are queued before ingestion into the Insights database.

    The recommended amount of free space available on the data file share depends on the daily indexing volume.

    By default, activity files are not removed from the data file share after being successfully ingested into the Insights database. It is therefore recommended that the data file share has sufficient capacity to accommodate activity files for the maximal period of time during which Insights On-Premises Server might be down.

     For example, to accommodate for 7 days of downtime in the example environment described above, the data file share size should be 6.24 GB x 7 days = 43.68 GB.

    Note:

    • Please give modify permissions to the Monitors primary AD account on the shared folder of the data activity files (both share and NTFS).
    • Please add the Monitor's primary AD account to the local Performance Log Users Group (On the Monitor server).
    • The Monitor's primary AD account requires the permission "Log on Locally" on the Monitor VM where the service is installed.
    • The Monitors primary AD account can not be assigned the group policy "Deny log on locally"
    • Until further notice, we do not remove the activity files from the shared folder. Please make sure you have enough free space and the needed hardware to support the IOPS activity.
    • The IOP Server's AD machine account must have read access to the file share via both NTFS and Share permissions. 

    ControlUp Real Time Console

     Supported Operating Systems

    • Windows 7
    • Windows 8 and 8.1
    • Windows 10
    • Windows Server 2008, Windows Server 2008 R2
    • Windows Server 2012, Windows Server 2012 R2
    • Windows Server 2016

     The only software prerequisite for the console is Microsoft .NET 4.5. Please ensure this prerequisite is met before running ControlUp or when upgrading from older (pre-v6) versions of ControlUp.

     

    ControlUp Monitor

     Supported Operating Systems

    • Windows Server 2012 or later

    Other Prerequisites

    • .Net Framework 4.5
    • RPC Access (at the installation phase)
    • Powershell 5.0 (for Windows PS API)
    • The Monitor's primary AD account requires the "Log on Locally" user right on the Monitor service VM (the service account defined in the monitor settings-> identity tab). So please verify 2 things:
      • The account has the "Allow log on locally" user right.
      • The account is not part of the "Deny log on locally" user right.

         

     For Any Sizing recommendations please refer to this KB article: ControlUp Sizing Guidelines

     

     

     

     

     

  • Managed Computers Requirements

    ControlUp supports managing computers that run:

    • Windows 7
    • Windows 8 (or 8.1)
    • Windows 10
    • Windows Server 2008 (Full installation only\core edition is not supported), Windows Server 2008 R2
    • Windows Server 2012
    • Windows Server 2016 (Core or Full Installation).

    Managed computers should have:

    • Microsoft .NET Framework 3.5 installed or greater. 
    • Windows 7 or Server 2008 R2, the built-in .NET Framework feature should be enabled
    • Alternatively, .NET Framework 4.5 can be used on managed computers running Windows 8 / Server 2012 or later
    • ControlUp requires RPC access for remote agent installation and a single configurable incoming TCP port open (40705 by default) for agent communication. In case your managed computers are inaccessible using RPC, you can deploy the ControlUp agent using an MSI package. For more details, see “Add Managed Computers”.
  • Active Directory & DNS Requirements

    Active Directory is a prerequisite for managing computers using ControlUp. If your network includes computers that are not joined to a domain, you will be able to connect to these computers using ControlUp’s Remote Desktop view while other actions will not be available.

    The computer on which ControlUp Console is executed does not have to be a domain member. However, you will be required to enter valid domain credentials in order to manage computers in your environment.

    Full DNS name resolution is also mandatory for management connections using ControlUp. You should be able to access all of your managed computers using their Fully Qualified Domain Names (FQDN).

    As an exception to the above, virtual machines (including non-Windows guests) can be monitored via the hypervisor layer without the need for DNS resolution or AD domain membership. This agentless approach only enables access to VM-related data known to the hypervisor, not guest OS data.
    (Read more…)

    By default, ControlUp queries Active Directory for the DNS suffix when managed computers are added to the organization tree. For networks in which the domain name is not identical to the default DNS suffix of all computers, ControlUp supports for providing a custom DNS suffix during computer addition.
    (More details…)

  • Security Rights & Permissions

    By default, local administrative privileges on all managed computers are required in order to connect to these computers using ControlUp. Every time you attempt to run a management action using ControlUp, your Windows credentials will be evaluated according to your current ControlUp mode:

    • Enterprise Mode – in this mode ControlUp operates by evaluating both your current Windows credentials and the Security Policy configured using your organization’s central configuration. In Enterprise Mode the permissions may be restricted to limit access to ControlUp features for designated administrators, regardless of their existing Windows rights.
    • Standalone Mode – your Windows user account will always need to have full administrative rights on all target computers. If your account is not a local administrator on the managed computer, ControlUp agent will refuse the connection and you will not be able to monitor performance or execute management actions on that computer.

    For more information on configuring ControlUp permissions, see the Secure Your Organization chapter.

    For agentless monitoring of virtual machines, access permissions for the hypervisor are required.
    For more details, see Hypervisor Monitoring Requirements.

  • Hypervisor Monitoring Requirements

    Supported Hypervisor Platforms

    ControlUp supports VMware v4.x/5.x/6.x environments that are managed by vCenter. Standalone ESX/ESXi servers are not supported. ControlUp also supports Citrix XenServer v6.1 (with the Performance Monitoring Enhancement Pack, CTX135033), v6.2 and v7.0. For earlier versions, some performance columns not yet implemented in XenServer might be displayed as N/A. 
    Microsoft Hyper-V 2012 R2, Microsoft Hyper-V 2016 including standalone and clustered hosts. Please note that ControlUp Agent needs to be installed on the Hyper-V hosts to enable monitoring them as hypervisors (The console does not work on any version of Core, but the agent is fine as long as you have .Net 3.5.1 or .Net 4.6.2.).
    ControlUp Console supports two hypervisors platforms running on Nutanix (AOS), VMware vSphere and Nutanix Acropolis Hypervisor (AHV). You can now also manage your Nutanix AHV clusters - live, with real-time metrics in the familiar ControlUp way(https://support.controlup.com/hc/en-us/articles/360001166145-Connecting-to-your-Nutanix-AHV-hypervisor).

    Network Connectivity

    ControlUp data collection agents (ControlUp Console by default, or agents if explicitly designated) require https (tcp/443) access to the vCenter server or the XenServer pool master.

    Hypervisor Permissions

    VMware

    Required vCenter permissions: the Read-Only role is sufficient for all monitoring purposes. If you want to be able to use the built-in hypervisor-based VM power management functions, then you will need to create a custom role based on the Read-Only role, adding the following permissions:

    • In the Virtual Machine/Interaction category:
      • Power Off
      • Power On
      • Reset

    vSAN Prerequisites
    In order to retrieve vSAN metrics and meta data, please follow these requirements 

    System Requirements for the ControlUp data collector:
    PowerShell minimum Version 5.0 (with RemoteSigned execution policy)

    • VMware PowerCLI 10.1.1.x
    • .NET framework version 4.5

    vSAN Requirements:

    • vSAN Performance service should be turned on
    • The user account configured for the hypervisor connection requires the "storage.View"

    XenServer

    If Active Directory authentication is enabled for the XenServer pool, then the Read-Only role is sufficient. If you want to be able to use the built-in hypervisor-based VM power management functions, then you will need to upgrade the user role to ‘VM Operators’.

    Nutanix

    ControlUp requires for the user\service account to have 'Viewer' only role for view only capabilities (the user that you connect your Console to the hypervisor with). If you want to perform VM power management & host maintenance actions, you'll need to grant the user\service account with the 'Cluster Admin' role.
    In order to use a dedicated user\service account that you already have configured in your environment - you'll need to add your organizational Active Directory to Nutanix by going into Prism, Click the Gear Icon> 'Authentication'. When you're finished with adding your AD - you can 'Test' the connection in ControlUp console and verify that it works. 
    If you don't want to connect your AD to your Nutanix cluster, you can create a local user in the Nutanix local management within Nutanix Prism. Click the Gear Icons > 'Local User Management' and add the user with the proper role required.