R28.1 TNM-DNA-M Server Administration Operations Guide
Short Description
DNA-m installation...
Description
DNA-M Server Administration Guide Document id: DNA-M-ServerAdmin Version 28.1, Rev A, 2017-02-16
Copyright © Copyright 2016 Infinera Corporation. All rights reserved. This Manual is the property of Infinera Corporation and is confidential. No part of this Manual may be reproduced for any purposes or transmitted in any form to any third party without the express written consent of Infinera. Infinera makes no warranties or representations, expressed or implied, of any kind relative to the information or any portion thereof contained in this Manual or its adaptation or use, and assumes no responsibility or liability of any kind, including, but not limited to, indirect, special, consequential or incidental damages, even if Infinera, its affiliates, or its suppliers have been advised of the possibility of such damages, (1) for any errors or inaccuracies contained in the information or (2) arising from the adaptation or use of or the inability to use the information or any portion thereof including any application of software referenced or utilized in the Manual. The information in this Manual is subject to change without notice. Trademarks Infinera, Infinera Intelligent Transport Networks, I-PIC, IQ NOS, FlexILS, DTN-X, DTN, ATN, FastSMP and logos that contain Infinera are trademarks or registered trademarks of Infinera Corporation in the United States and other countries. All other trademarks in this Manual are the property of their respective owners. Infinera DTN-X, DTN, FlexILS, Cloud Xpress, XT, and ATN Regulatory Compliance FCC Class A This device complies with Part 15 of the FCC rules. Operation is subject to the following two conditions: (1) this device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. Modifying the equipment without Infinera’s written authorization may result in the equipment no longer complying with FCC requirements for Class A digital devices. In that event, your right to use the equipment may be limited by FCC regulations, and you may be required to correct any interference to radio or television communications at your own expense. DOC Class A This digital apparatus does not exceed the Class A limits for radio noise emissions from digital apparatus as set out in the interference-causing equipment standard titled “Digital Apparatus," ICES-003 of the Department of Communications. Cet appareil numérique respecte les limites de bruits radioélectriques applicables aux appareils numériques de Classe A prescrites dans la norme sur le matériel brouilleur: "Appareils Numériques," NMB-003 édictée par le Ministère des Communications. Class A ITE This is a Class A product based on the standard of the VCCI Council. If this equipment is used in a domestic environment, radio interference may occur, in which case, the user may be required to take corrective actions.
Warning This is a class A product. In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures. FDA This product complies with the DHHS Rules 21CFR 1040.10 and 1040.11, except for deviations pursuant to Laser Notice No. 50, dated June 24, 2007.
Contents 1. System Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.1. Server Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.1.1. Size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.1.2. Complexity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.1.3. Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1.4. Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1.5. Disk space. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1.6. Virtualization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.2. Client workstation requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.3. Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 1.4. DCN Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. MariaDB database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.1. Assumptions and prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.2. MariaDB Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.2.1. Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.2.2. Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.3. MariaDB Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.3.1. Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.3.2. Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.4. MariaDB configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 2.4.1. Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 2.4.2. Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 3. Setting up the DNA-M Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 3.1. Managing users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 3.1.1. Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 3.1.2. User Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 3.1.3. Assigning user groups to user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 3.1.4. Display Access Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 3.2. NTP Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 3.3. DNA-M Server Preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 3.3.1. Available DNA-M server preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 3.3.2. DNA-M Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 3.3.3. DNA-M PM Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 3.3.4. DNA-M PCE Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 3.3.5. DNA-M WS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 3.3.6. DNA-M Webstart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 3.3.7. DNA-M Web Apps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 3.4. Adjustments for large DNA-M Server installations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 3.4.1. Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 3.4.2. Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 3.5. DNA-M Server GUI Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 3.5.1. TFTP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
3.5.2. Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 3.5.3. Node Defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 3.5.4. SNMP Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 3.5.5. RADIUS Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 3.5.6. Alarms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 3.5.7. Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 3.5.8. Upload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 3.5.9. PM Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 3.5.10. Web Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 3.5.11. Alarm Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 3.5.12. External Alarms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 3.5.13. Browser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 3.5.14. Server Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 4. Maintaining DNA-M . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 4.1. Server Status. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 4.2. Server logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 4.2.1. Log files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 4.2.2. Logging configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 4.2.3. Retrieving log files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 4.3. DNA-M Server Startup and Shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 4.3.1. Command line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40 4.3.2. DNA-M Server GUI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40 4.4. Upgrading the license file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 4.5. Upgrading the DNA-M . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 4.6. Preparation for upgrade analysis of the XTM nodes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 5. Scalability options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 5.1. Stand-alone PM server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 5.2. Dedicated database host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 5.2.1. Database configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 5.2.2. DNA-M Server configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 6. Backup Server Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 6.1. Synchronization and backup methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 6.1.1. Replication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 6.1.2. Hot standby . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 6.1.3. Script-based cold standby . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 6.2. Setting up a cold standby script-based backup server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 6.2.1. Server Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 6.2.2. Configuration of the primary server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 6.2.3. Configuration of the secondary server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 6.2.4. Backing up the primary server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 6.2.5. Transfer backup of primary server to secondary server . . . . . . . . . . . . . . . . . . . . . . . . 47 6.2.6. Automating the synchronization process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 6.3. Change server mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 6.3.1. Synchronize servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 6.3.2. Change automated scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
6.3.3. Switching primary and secondary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 7. Firewall configuration for DNA-M . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 8. Internationalization support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 8.1. Configuration of Japanese Locale Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 8.1.1. RedHat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 8.1.2. Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 8.2. MariaDB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 8.3. DNA-M. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 8.3.1. DNA-M Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 8.3.2. DNA-M Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 9. Red Hat Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 9.1. User level configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 9.2. Network buffer sizes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 9.3. Congestion control using Westwood . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 9.4. ARP cache parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
1. System Requirements
1. System Requirements 1.1. Server Requirements Table 1. Supported Operating Systems Linux
Windows
Red Hat Enterprise (RHEL) 6.6 x86-64
Windows Server 2008 R2 64-bit
Red Hat Enterprise (RHEL) 7.1 x86-64
Windows Server 2012 R2 64-bit
Hardware requirements and recommendations vary based on size and complexity of the transmission network.
1.1.1. Size Scaling the network size by increasing the number of active network elements (NE) taxes the DNAM Server with a larger memory footprint. Internal testing with a large number of NEs, each having an average of 12 traffic interfaces, show a marginal memory consumption of approximately 5 MB per NE (additional consumption for all other subsystems not included). For the network size classification in the table below we assume network elements (NE) with 12 interfaces on average.
1.1.2. Complexity The number of NEs is only one aspect of DNA-M’s system requirements. Another aspect is the topological complexity of the transmission network which is harder to quantify. The memory consumption mentioned above is based on a network model with a simple linear topology (point-topoint links). Introducing more complex topological structures like rings or mesh layouts will significantly increase DNA-M’s memory and CPU usage on the system. In general the expected system load is highly dependent on the number of possible paths between any two points in the network (on all layers). As a rule of thumb: If the network is ROADM switched it should be classified as "Large" or "Xlarge" irrespective the number of NEs. Up to 10000 NEs are supported in a network with a reasonably mixed complexity, for example 6000 TM nodes and 4000 EDU nodes.
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
1 (57)
1. System Requirements
1.1.3. Windows The host machine onto which you intend to install the DNA-M Server must meet the following requirements: Table 2. Option A: Small Hardware
Requirements
Comment
OS
Windows Server 2008 or 2012 R2 64-bit (x8664)
CPU
Intel Xeon 2.0 GHz or equivalent
RAM
8 GB
Storage
20 GB 10krpm SAS drive
OK?
1.1.4. Linux The host machine onto which you intend to install the DNA-M Server must meet the following requirements: Table 3. Option B: Medium Hardware
Requirements
OS
Red Hat Enterprise Linux 6.6 or 7.1
CPU
Intel Xeon 4-core 2.5GHz
RAM
16 GB
DNA-M-ServerAdmin | 2017-02-16
Comment
Infinera Proprietary and Confidential
OK?
2 (57)
1. System Requirements Hardware
Requirements
Storage
150 GB 10krpm SAS drive
Comment
OK?
Comment
OK?
Table 4. Option C: Large Hardware
Requirements
OS
Red Hat Enterprise Linux 6.6 or 7.1
CPU
Intel Xeon 6-core 2.5GHz
RAM
32 GB
Storage
2x 150 GB 10krpm SAS drive
Dedicated drive/array for the database is recommended
Table 5. Option D: X-Large Hardware
Requirements
Comment
OS
Red Hat Enterprise Linux 6.6 or 7.1
CPU
Dual Intel Xeon 6core 2.5GHz
RAM
142 GB
DNA-M mainserver memory requirements: 64 GB
Storage
2x 300 GB 10krpm SAS drive
Dedicated drive/array for the database is recommended
OK?
1.1.5. Disk space The DNA-M server has some requirements on disk space above that usually provided by modern dedicated server hardware. For large and extra-large installations it is recommended that a separate hard disk of at least 300 GB is used for MariaDB database storage. This will provide enough space for the current DNA-M database, legacy databases that remain after upgrade, backups, and space that may be needed for database replication, if any.
1.1.6. Virtualization The current version of the DNA-M system has been tested on some Linux-based virtualization technologies. There is no technical reason for the DNA-M server being unable to operate correctly on a virtual machine as long as the size and resource recommendations described above are followed. Make sure that the necessary system resources are made available to the virtual machine. The above system requirements apply to the specifications of the virtual machine not the virtual host/hypervisor.
1.2. Client workstation requirements A workstation for the DNA-M Client should meet at least the following specifications: Table 6. Client workstation requirements OS
Windows 7 Professional or later, Mac OS
CPU
Intel Pentium 2.0 GHz
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
3 (57)
1. System Requirements Memory
4 GB
Display resolution
SXGA (1280x1024)
Java
Java Runtime Environment (JRE) 8, latest available update recommended
Web Browser
Latest Mozilla Firefox is recommended. If Java WebStart is used, a browser supporting JNLP is required
1.3. Limitations Table 7. Limitations Number of simultaneously connected DNA-M clients
50
Number of network elements
Up to 6000 TM nodes and 4000 EDU nodes
Limitations on hierarchical subnets
Concatenated name not exceeding 128 characters
Network between DNA-M Server and Client
Minimum 10 Mbps
Simultaneous requests towards NBI WS single endpoint
1
1.4. DCN Requirements To improve DNA-M performance and reduce the time to perform certain OAM functions (such as node software upgrade, node refresh or adding a node) the following minimum DCN bandwidth is recommended depending on network element size: For networks with large nodes (multiple chassis) each DCN link should be dimensioned based on 70 Kbps un-contended bandwidth per node, with at least a total of 150 Kbps. For networks with small nodes each DCN link should be dimensioned based on 50 Kbps uncontended bandwidth per node, with at least a total of 150 Kbps. For networks with in-band management the recommendation in both cases are valid only up to the bandwidth of the in-band channel. Adding more bandwidth would not increase performance as the in-band management channel would become the bottleneck. Information about the theoretical in-band channel bandwidth of specific boards can be found in the TM- and TS series documentation. Table 8. DCN Usage Operation
Frequency
Traffic Volume (TM-3000 Traffic Volume (TM-301 with 22 trafficboards and 14 with 2 trafficboards and 2 filters) filters)
Check Timestamps
Every minute
2.4 KB
Fetch PM data
Every 15 minutes
39 KB
Add node
Occasionally
651 KB
172 KB
Full refresh
Occasionally
478 KB
88 KB
2.4 KB
The size of an upgrade file is about 10-30 MB. The figure below illustrates the time to perform a SW upgrade to a node as a function of the DCN bandwidth. It can be seen that the time to download a 20MB file in one hour requires a DCN bandwidth of about 50 Kbps (uncontended).
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
4 (57)
1. System Requirements
Figure 1. Theoretical time take to download a 20MB file as a function of the DCN bandwidth
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
5 (57)
2. MariaDB database
2. MariaDB database Infinera, and this documentation, supports any MariaDB 10.x version, when downloading from the official MariaDB site, we recommend to download latest stable 10.x available
DNA-M uses MariaDB as the default database. MariaDB is a fork of the original MySQL application, fully compatible with MySQL, and commands, most directories and settings are still named mysql. A database created with a previous MySQL installation can be used with MariaDB with no changes to the actual database, as long as the upgrade instructions in this guide are followed.
2.1. Assumptions and prerequisites • Readers are assumed to have at least some basic operating system administrative skills. • Readers are assumed to have at least some basic MariaDB administrative skills. • Root/Administrative access on the host is required.
2.2. MariaDB Installation 2.2.1. Linux The DNA-M Server requires a MariaDB server to run and instructions on how to install the latest stable version can be found at https://mariadb.com/kb/en/mariadb/rpm/
2.2.2. Windows The DNA-M Server requires a MariaDB server to run. Instructions on how to install the latest stable version can be found at https://mariadb.com/kb/en/mariadb/installing-mariadb-msi-packages-onwindows/
2.3. MariaDB Upgrade
The script mysql_upgrade [2: https://mariadb.com/kb/en/mariadb/mysql_upgrade/] should be executed each time you upgrade to a new MariaDB version. The script checks all tables in all databases for incompatibilities with the current version of MariaDB Server and upgrades the system tables.
2.3.1. Linux The DNA-M Server requires a MariaDB server to run and instructions on how to install the latest stable version can be found at https://mariadb.com/kb/en/mariadb/upgrading-from-mysql-to-mariadb/
2.3.2. Windows The DNA-M Server requires a MariaDB server to run. Instructions on how to install the latest stable version can be found at https://mariadb.com/kb/en/upgrading-mariadb-on-windows/
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
6 (57)
2. MariaDB database
2.4. MariaDB configuration
For large transmission networks (> 500 NEs), it is recommended to use a dedicated disk for the MariaDB data directory.
2.4.1. Linux Recommended configuration (my.cnf): # # # #
MySQL Server Instance Configuration File ---------------------------------------------------------------------The following options will be read by the MySQL Server. Make sure that you have installed the server correctly so it reads this file.
# NOTE! For mysql configuration adjustments to increase {productName} performance, # see System Requirements in Server Administration Guide. [mysqld] # Path to installation directory. All paths are usually resolved relative to this. # basedir = /opt/mysql # The path to the MySQL data directory (default is /var/lib/mysql). # Change the path if a custom data directory is being used. datadir = /var/lib/mysql #================================================================ # The maximum amount of concurrent sessions the MySQL server will # allow. One of these connections will be reserved for a user with # SUPER privileges to allow the administrator to login even if the # connection limit has been reached. max_connections = 300 # The number of open tables for all threads. Increasing this value # increases the number of file descriptors that mysqld requires. table_open_cache = 300 # The maximum size of a query packet the server can handle as well as # maximum query size server can process max_allowed_packet = 16M # How many threads we should keep in a cache for reuse. thread_cache_size = 32 thread_concurrency = 64 query_cache_size = 0 #================================================================ #*** INNODB Specific options *** # # # # #
InnoDB, unlike MyISAM, uses a buffer pool to cache both indexes and row data. The bigger you set this the less disk I/O is needed to access data in tables. On a dedicated database server you may set this parameter up to 80% of the machine physical memory size. Do not set it too large, though, because competition of the physical memory may
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
7 (57)
2. MariaDB database # cause paging in the operating system. # You may increase this value if more than 8GB of physical memory # is present in your system. innodb_buffer_pool_size = 3G # The transaction log is only written to the log file and # the log file flushed to disk approximately once per second. innodb_flush_log_at_trx_commit = 0 # Size of each log file in a log group. # Set the combined size of log files to about 25%-100% of your buffer pool size. innodb_log_file_size = 512M # Total number of files in the log group. innodb_log_files_in_group = 2 # Enable multiple tablespaces (i.e. store each InnoDB table and its indexes # in its own file) to prevent the file ibdata1 from growing. innodb_file_per_table # The flush method InnoDB will use for Log. # Enable direct I/O (no buffering) for UFS filesystems. # Remove this line if ZFS is used instead. innodb_flush_method = O_DIRECT #================================================================ # MySQL Slow Query Log #slow_query_log=1 #long_query_time=1 #slow_query_log_file=/var/lib/mysql/mysql_slow.log #log-queries-not-using-indexes #================================================================ # General Query Log #general-log #general-log-file=/var/lib/mysql/general.log #log-output=file #================================================================ [mysqldump] quick max_allowed_packet = 32M #================================================================ [mysql] no-auto-rehash #================================================================
Manual steps: • Edit datadir to correct data storage location • Set the variable innodb_buffer_pool_size to at least the size of Engine Size
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
8 (57)
2. MariaDB database
SELECT ENGINE, SUM(DATA_LENGTH + INDEX_LENGTH)/1024/1024 "Engine Size [MB]", COUNT(ENGINE) FROM information_schema.TABLES t WHERE t.TABLE_SCHEMA NOT IN ('information_schema','mysql') AND t.table_schema='tnmdb' GROUP BY ENGINE ORDER BY ENGINE ASC; Output example: +--------+------------------+---------------+ | ENGINE | Engine Size [MB] | COUNT(ENGINE) | +--------+------------------+---------------+ | InnoDB | 3689.84375000 | 52 | +--------+------------------+---------------+
When making these configuration changes to an existing MariaDB installation, make sure that the MariaDB server is restarted afterwards
2.4.2. Windows Recommended configuration (my.ini) # # # # # # # # # # # # # # # # # # # #
MySQL Server Instance Configuration File ---------------------------------------------------------------------Installation Instructions ------------------------On Windows you should keep this file in the installation directory of your server (e.g. C:\Program Files\MySQL\MySQL Server X.Y). To make sure the server reads the config file use the startup option "--defaults-file". To run the server from the command line, execute this in a command line shell, e.g. mysqld --defaults-file="C:\Program Files\MySQL\MySQL Server X.Y\my.ini" To install the server as a Windows service manually, execute this in a command line shell, e.g. mysqld --install MySQLXY --defaults-file="C:\Program Files\MySQL\MySQL Server X.Y\my.ini" And then execute this in a command line shell to start the server, e.g. net start MySQLXY
# The following options will be read by the MySQL Server. Make sure that # you have installed the server correctly (see above) so it reads this # file. [mysqld] # Path to installation directory. All paths are usually resolved relative to this. #basedir = "C:/Program Files/MySQL/MySQL Server 5.5/" # The path to the MySQL data directory. # Note that the default data directory location may vary on different Windows versions. # Default data directories:
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
9 (57)
2. MariaDB database # # # #
Windows 2003 Server: C:/Documents and Settings/All Users/Application Data/MySQL/MySQL Server x.y/data Windows 2008 Server: C:/ProgramData/MySQL/MySQL Server x.y/data
# Example: # Change the path if a custom data directory is being used. # datadir = "D:/db" #================================================================ # The maximum amount of concurrent sessions the MySQL server will # allow. One of these connections will be reserved for a user with # SUPER privileges to allow the administrator to login even if the # connection limit has been reached. max_connections = 200 # The number of open tables for all threads. Increasing this value # increases the number of file descriptors that mysqld requires. table_cache = 300 # The maximum size of a query packet the server can handle as well as # maximum query size server can process max_allowed_packet = 16M query_cache_size = 0 #================================================================ #*** INNODB Specific options *** # InnoDB, unlike MyISAM, uses a buffer pool to cache both indexes and # row data. The bigger you set this the less disk I/O is needed to # access data in tables. On a dedicated database server you may set this # parameter up to 80% of the machine physical memory size. Do not set it # too large, though, because competition of the physical memory may # cause paging in the operating system. Note that on 32bit systems you # might be limited to 2-3.5G of user level memory per process, so do not # set it too high. innodb_buffer_pool_size = 2G # The transaction log is only written to the log file and # the log file flushed to disk approximately once per second. innodb_flush_log_at_trx_commit = 0 # Size of each log file in a log group. # Set the combined size of log files to about 25%-100% of your buffer pool size. innodb_log_file_size = 224M # Total number of files in the log group. innodb_log_files_in_group = 2 # Enable multiple tablespaces (i.e. store each InnoDB table and its indexes # in its own file) to prevent the file ibdata1 from growing. innodb_file_per_table #================================================================ [mysqldump] quick max_allowed_packet = 32M
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
10 (57)
2. MariaDB database
#================================================================ [mysql] no-auto-rehash #================================================================
Manual steps: • Edit datadir to correct data storage location • Set the variable innodb_buffer_pool_size to at least the size of Engine Size SELECT ENGINE, SUM(DATA_LENGTH + INDEX_LENGTH)/1024/1024 "Engine Size [MB]", COUNT(ENGINE) FROM information_schema.TABLES t WHERE t.TABLE_SCHEMA NOT IN ('information_schema','mysql') AND t.table_schema='tnmdb' GROUP BY ENGINE ORDER BY ENGINE ASC; Output example: +--------+------------------+---------------+ | ENGINE | Engine Size [MB] | COUNT(ENGINE) | +--------+------------------+---------------+ | InnoDB | 3689.84375000 | 52 | +--------+------------------+---------------+
When making these configuration changes to an existing MariaDB installation, make sure that the MariaDB server is restarted afterwards
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
11 (57)
3. Setting up the DNA-M Server
3. Setting up the DNA-M Server This section describes how to configure the DNA-M Server
3.1. Managing users Managing user settings is done from a DNA-M Client by a DNA-M user with admin privileges.
3.1.1. Users Open the dialog box in File > Users. Three types of users can be defined: User category
Default password
Description
Admin
Admin
The administrator may perform all DNA-M operations including modifying user data
Operator
Operator
The operator may perform all DNA-M operations except modifying user data
Readonly
Readonly
May access all DNA-M functions but is not allowed to modify any data
It is strongly recommended that the default passwords are changed since all Infinera DNA-M systems are delivered with the same default settings.
To add a user, click Add, select the desired user type and enter the user name and password.
Figure 2. User
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
12 (57)
3. Setting up the DNA-M Server
Figure 3. Adding a user To edit a user, select the user and click Edit.
Figure 4. Edit a user To delete a user, select the user and click Delete. All users except the admin user can be deleted.
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
13 (57)
3. Setting up the DNA-M Server
RADIUS may be used in the DNA-M Server to take advantage of centralized user authentication. Refer to RADIUS client.
Table 9. User dialog properties User
User name
Password
User password
User category
User category, refer to above table
Enabled
If user is enabled
Auto logout enabled
Enables auto-logout
Auto logout timeout
Timeout for auto-logout in hours (default: 8 hours)
3.1.2. User Groups The access profiles feature in DNA-M defines the access rights of a user, and is maintained in the form of user groups
To enable the access profiles feature the User groups option should be selected in File > Users menu in the DNA-M Server GUI.
3.1.2.1. Create, Edit or Delete User Group Creating, editing or deleting a user group is only possible for an Admin user. All these three operations can be done by selecting File > User groups in DNA-M Client.
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
14 (57)
3. Setting up the DNA-M Server
Figure 5. User groups To create a user group, click on File > Users groups > Add. Give a name and description for that user group and choose the access control objects and entries that the group should have access to. To enable a user group, the Enabled checkbox also needs to be checked.
3.1.2.2. Access Control Every user group consists of a list of access control entries. The three main divisions of access control entries are Subnets, Managed Elements and List of Services Subnets: A user group define read or read-write access to one, several or all subnets. • Read access • Only view subnet details • Write access • Add or delete nodes in subnet • Add or delete subnets in the subnet • Delete the subnet Managed Elements: A user group define read or read-write access to one, several or all managed elements.
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
15 (57)
3. Setting up the DNA-M Server
• Read access • Only view details of the managed element • Write access • Delete the managed element Configuration operations listed for access control for each managed element • ROADM - Configuration of ROADM channels • Attenuator - Configuration of Variable Optical Attenuator (VOA) of the managed element • Amplifier - Configuration of Optical Amplifier (OA) details of the managed element • Topology - Configuration of the topology of the managed element List of Services: A user group define write access to one, several or all services • Read access • Requires read access to both A-end node and Z-end node of the service • Write access • Perform corresponding operations on the service • Requires write access to all nodes in the service
3.1.3. Assigning user groups to user Assigning a user group to a user gives the corresponding access rights to that user. Only an admin can assign a user group to a user. A user can be assigned with one or more user groups. When the access control is enabled, a user should be assigned to at least one user group.
An admin user is devoid of access profiles and no user groups will affect its access rights
To assign users to a user group, click on *File > Users. Select the user that needs to be assigned to a user group and click Edit. A user can be assigned several user groups, and the rights granted will be a combination of the highest possible access rights.
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
16 (57)
3. Setting up the DNA-M Server
Figure 6. Adding new user with user group enabled
3.1.4. Display Access Profile Any user except the admin class can view their access profile by selecting File > Access Profile.
Figure 7. Access Profile
3.2. NTP Client It is recommended to synchronize the system clock on the DNA-M servers and clients, for instance by using a NTP (Network Time Protocol) client. Please refer to your operating system documentation.
3.3. DNA-M Server Preferences The default preferences are designed to work for most installations, but you may want to tune the
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
17 (57)
3. Setting up the DNA-M Server
DNA-M Server by editing some parameters in the configuration file, described in the following sections.
Changing the name of the main server in server.conf will only have effect on the management domain name (MD name) if it is done before a fresh install of the DNA-M Server.
Server configuration is done in server.conf, and in order for changes made to take effect the server needs to be restarted. For instance, to change the name of the DNA-M Server that is displayed during client login, edit the following lines in the tnmserver section: main.serverName: Tnm Server main.serverDescription: Tnm Server
Table 10. server.conf default location Linux
/etc/tnm
Windows
C:\Program Files\transmode\tnm\conf
In Windows, the configuration text files cannot be edited with Notepad. Please use an editor capable of handling UNIX style new lines (for example WordPad). Make sure the changed files are saved in the appropriate format. No tabs are allowed in the configuration file, only spaces may be used.
3.3.1. Available DNA-M server preferences For each server module you can modify its respective section in server.conf file. Preferences common to all modules must be set in common section Table 11. Common server preferences Preference name
Description
db.host
Hostname of database server
db.name
Database schema name
db.jdbcUser
db.jdbcPassword
modules.pmserver.address
Address where DNA-M PM Server is running
upload.server
Upload server address
3.3.2. DNA-M Server DNA-M server preferences must be set in tnmserver section to be available to DNA-M server
Changing the name of the main server in server.conf will only have effect on the management domain name (MD name) if it is done before a fresh install of the DNA-M Server.
Table 12. DNA-M server preferences
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
18 (57)
3. Setting up the DNA-M Server Preference name
Description
main.serverName
Name of the server
main.serverDescription
Description of the server
main.serverMode
Server mode of the server, possible values: normal/primary/secondary
main.trapaddress
Address where the server listen for traps
main.neSetTrapAddress
Whether server sets the nodes trap destination address, possible values: true,false
main.neTrapAddress
Address to configured in nodes (SNMP sink address) for sending traps to the server
main.tftpRoot
Path to root of TFTP server
snmp.addr
SNMP agent address
snmp.port
SNMP agent port
db.seqUser
Database user name for identifier allocation
db.seqPoolInitial
Initial size for the sequence pool
db.seqPoolMax
Maximum size for the sequence pool
main.heap.size.min
Minimum heap size in MB
main.heap.usage.max
Maximum heap usage in percent
main.heap.sizeMinPerNode
Minimum heap memory per node in MB
rmi.rmiregisty.port
Port for Java´s RMI registry
rmi.firstport
First port number for Java RMI export. If set to 0 an system assigned anonymous will be used
user.ews
Default embedded node manager (ENM) user name
path.invsummary
Path for inventory summary
path.circuitsummary
Path for circuit summary
path.mib
Path for MIBs
images.background
Path for background images
javavm.java.rmi.server.hostname
If NAT is used, address to reach the server outside the NAT
upload.eduConfigurationServer
Address to EDU configuration server
3.3.3. DNA-M PM Server DNA-M PM server preferences must be set in pmserver section to be available to DNA-M PM server. Table 13. DNA-M PM server preferences Preference name
Description
pm.rmi.registry.port
Port for PM server´s Java RMI registry
pm.rmi.registry.firstport
First port for Java RMI export
main.rmi.registry.port
Port for main server´s Java RMI registry
main.server.address
Server address of main server
path.pm15m
Path to 15 minute PM export files
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
19 (57)
3. Setting up the DNA-M Server path.pm24h
Path to 24 hour PM export files
path.pmsummary
Path to PM export summary files
3.3.4. DNA-M PCE Server DNA-M PCE server preferences must be set in pceserver section to be available to DNA-M PCE server. Table 14. DNA-M PCE server preferences Preference name
Description
pce.rmi.rmiregistry.port
Port for the PCE server´s Java RMI registry
pce.rmi.firstport
First port for Java RMI export
main.server.address
Server address of the main server
3.3.5. DNA-M WS Server DNA-M WS server preferences must be set in wserver section to be available to DNA-M WS server. Table 15. DNA-M WS server preferences Preference name
Description
ws.rmi.registry.port
Port for the WS server´s Java RMI registry
ws.rmi.firstport
First port for Java RMI registry
main.rmi.rmiregisty.port
Port for the main server´s Java RMI registry
main.server.address
Server address of the main server
ws.heap.size.min
Minimum heap size in MB
ws.heap.usage.max
Maximum heap usage in percent
javavm.java.rmi.server.hostname
If NAT is used, address to reach the server from outside the NAT
3.3.6. DNA-M Webstart DNA-M Webstart server preferences must be set in webstart section to be available to DNA-M Webstart server. Table 16. DNA-M Webstart server preferences Preference name
Description
webstart.host
Hostname or IP of the DNA-M server running WebStart
webstart.port
Port for accessing webstart, default: 9000
main.server.address
Hostname or IP of the DNA-M server
webstart.doc.path
Path to documentation location, default: /doc
client.heapsize
Allocated memory (Java heap size) for the webstarted client, default: 1024m
main.rmi.registry.port
Port for the DNA-M server´s Java RMI registry, default: 1099
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
20 (57)
3. Setting up the DNA-M Server cli.path.windows
Path to default application for opening node CLI on Windows client
web.path.windows
Path to default browser application for opening node web GUI and User Guide on Windows client
cli.path.linux
Path to default application for opening node CLI on Linux client
web.path.linux
Path to default browser application for opening node web GUI and User Guide on Linux client
3.3.7. DNA-M Web Apps DNA-M Web application preferences must be set in webapp section to be available to DNA-M web applications. Table 17. DNA-M Web app preferences Preference name
Description
server.port
Port for accessing the web apps from a browser, default: 8081
server.ssl.enabled
Enable SSL support, default: false
server.ssl.key-alias
Alias that identifies the key in the key store, default: server
server.ssl.key-store
Path to the key store that holds the SSL certificate (typically a jks file), default: keystore
server.ssl.key-store-password
Password used to access the key store
dna.mtosi.url
URL to the DNA MTOSI web services interface, format: http://:/mtosi. Specifying a URL will make the Alarm web app retrieve the active alarms from the DNA server, which is required when DNA and DNA-M are integrated, otherwise the alarms will be retrieved from the DNA-M server only.
dna.mtosi.username
Username for DNA MTOSI web services interface
dna.mtosi.password
Password for DNA MTOSI web services interface
3.4. Adjustments for large DNA-M Server installations For large networks, up to 2000 nodes or more, some adjustments of memory settings towards the Java Virtual Machine (JVM) have to be done.
Before adjusting the size of the memory heap space make sure that your host can manage large networks.
3.4.1. Windows Configuring of the Java Virtual Machine (JVM) memory settings is done in the .ini configuration files for each individual application, by default located in C:\Program Files\transmode\tnm\\bin Specify vm.heapsize.preferred to your desired value, e.g: vm.heapsize.preferred=2048m.
3.4.1.1. DNA-M server Main server configuration may control initial and maximum heap size Specify value for main server
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
21 (57)
3. Setting up the DNA-M Server
• vmarg.1=-Xms512m - Inital heap size • vmarg.2=-Xmx1024m - Maximum heap size
3.4.2. Linux Configuring of the Java Virtual Machine (JVM) memory settings is done in the sysconfig configuration file, /etc/sysconfig/tnmserver. Recommended configuration:3.5.2.1 DNA-M Server Specify variables at the top to your desired values Table 18. Sysconfig variables Name
Description
MAIN_MAXHEAP
Maximum heap size for main server
MAIN_INITHEAP
Initial heap size for main server
MAIN_NEWSIZE
Young generation size for main server
PM_MAXHEAP
Maximum heap size for pm server
WS_MAXHEAP
Maximum heap size for ws server
PCE_MAXHEAP
Maximum heap size of pce server
CLIENT_MAXHEAP
Maximum heap size for client
3.4.2.1. DNA-M Server 1. Open /etc/sysconfig/tnmserver 2. Edit the MAIN_* variables For networks up to 2000 nodes, we recommend setting the initial and maximum heap size to 16GB and the size of the young generation space to 2GB. MAIN_INITHEAP=16G MAIN_MAXHEAP=16G MAIN_NEWSIZE=2G
For up to 4000 nodes, use a heap size of 42G, and young generation of 4G. MAIN_INITHEAP=42G MAIN_MAXHEAP=42G MAIN_NEWSIZE=4G
For up to 10000 nodes, use heap size of 64G, and young generation of 4G. MAIN_INITHEAP=64G MAIN_MAXHEAP=64G MAIN_NEWSIZE=4G
3. Save the changes and close the file
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
22 (57)
3. Setting up the DNA-M Server
3.4.2.2. DNA-M PM Server 1. Open /etc/sysconfig/tnmserver 2. Edit the PM_MAXHEAP variable. For large networks, at least 1G is recommended. PM_MAXHEAP=1G
3. Save the changes and close the file
3.4.2.3. DNA-M WS Server 1. Open /etc/sysconfig/tnmserver 2. Edit the WS_MAXHEAP variable. For large networks, at least 2G is recommended. WS_MAXHEAP=2G
3. Save the changes and close the file
3.4.2.4. DNA-M PCE Server 1. Open /etc/sysconfig/tnmserver 2. Edit the PCE_MAXHEAP variable. For large networks, at least 2G is recommended. PCE_MAXHEAP=2G
3. Save the changes and close the file
3.5. DNA-M Server GUI Options
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
23 (57)
3. Setting up the DNA-M Server
Figure 8. DNA-M Server GUI Options DNA-M Server settings can be changed in the Options menu in the DNA-M Server GUI
3.5.1. TFTP Server The DNA-M uses an embedded TFTP server to store configurations uploaded by nodes and for upgrading node software (TM-3000 nodes only) The TFTP Server can be configured in the DNA-M Server GUI Table 19. TFTP server TFTP server enabled
Enables TFTP server
TFTP root directory
Root directory for the TFTP server (configured in server.conf)
The TFTP server allows write requests only to the selected destination directory, Upload. Using the embedded TFTP server requires write access for user starting DNA-M.
3.5.2. Logs 3.5.2.1. Alarm and Event Defines the max size of the DNA-M Server logs for alarm and events Max size
Maximum number of entries
Max days
Maximum number of days of logs retained
All records exceeding the log limits will be deleted each hour and upon configuration changes of upon values
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
24 (57)
3. Setting up the DNA-M Server
3.5.2.2. Syslog DNA-M supports sending events (e.g. set operations) and node configuration changes to remote Syslog server. Table 20. Syslog Enabled
Enables syslog server
Hostname
Hostname of syslog server
Port
Port of syslog server
DNA-M Server GUI set operation are not logged to Syslog
3.5.3. Node Defaults When adding new nodes, some fields are filled automatically. These pre-sets are configured in Options > Node Defaults, for each node family
The tab for EDU nodes contains list of accepted EDU firmware versions. To use EDU firmware released before upcoming DNA-M release it can be added in this section in order for DNA-M to accept nodes running this new firmware. Contact Infinera customer service at http://www.infinera.com before doing so
3.5.4. SNMP Agent The DNA-M server uses an embedded SNMP agent and it can act as an alarm mediator and send SNMP notifications.
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
25 (57)
3. Setting up the DNA-M Server
Figure 9. SNMP Agent options The SNMP agent is configured using the DNA-M server GUI SNMP agent enabled
Enables the SNMP agent
Alarm event log size
Size of alarm events log. Each alarm change generates one event. Typically an alarm will generate two events; one when the alarm is raised and one when the alarm is cleared.
Address
Address for SNMP agent (configured in server.conf)
Port
UDP port for SNMP agent (configured in server.conf)
Community
Community string for SNMP v1 and v2c read requests
Contact/Location
Values for attributes sysContact.0 and sysLocation.0 in MIB-II: RFC1213
Set agent-addr to orig.addr
Enables setting of original IP address in notifications sent by agent
Filter alarms
Enables alarm filtering in the SNMP agent
Alarm filter
Active alarm filter for SNMP agent, alarms matching filter is not export by SNMP agent
Heartbeat interval
Interval in minutes for SNMP heartbeat trap feature (value of 0 disables heartbeat)
Table 21. Notification Targets Enabled
Enables sending notification to target
Address
IP address of the notification target
Port
UDP port for notifications
Trap type
SNMP version for the notifications (v1 traps or v2c notifications)
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
26 (57)
3. Setting up the DNA-M Server
Maximum number of targets is limited to 10
Refer to DNA-M Northbound Interfaces for details on trap contents and supported MIBs. Refer to Alarm Overview for detailed information about alarms for the TM 3000 Series.
3.5.5. RADIUS Client The DNA-M server supports using external RADIUS servers (primary and secondary) for authentication i.e. user names and password.
DNA-M does not support RADIUS accounting
Table 22. RADIUS options Name
Description
Authentication type
Type of authentication requests
Enabled
Enables RADIUS server
Address
IP address of RADIUS server
Port
UDP port for RADIUS authentication
Secret
Secret string shared between client and server
The login attempt is denied if any of the RADIUS servers reject the authentication request. If the primary server rejects the authentication request the secondary server is not used even if enabled. If both RADIUS servers are unreachable the DNA-M servers own user database is used.
3.5.5.1. User category The user category for the user authenticated through RADIUS is either set to operator or based on a vendor specific RADIUS attribute if present in the RADIUS Access Accept message. The user category is set based on the first matching attribute containing a printable value. To enable this feature add the attribute to RADIUS server database or configuration. The RADIUS server should return the appropriate attribute in the Access Accept response. The value should be set to the user category; readonly, operator or administrator. For existing and new users the category is updated in the DNA-M user database if a user category is assigned through RADIUS. If no user category is assigned the old or default user category (operator) is used. Table 23. User category Vendor id
Attribute id
Vendor id
26 (Vendor specific) 26 (Vendor specific) 8708 (Transmode)
Vendor attribute id
Value
1 (Transmode-User-Category) ‘readonly’, ‘operator’ or ‘administrator’
3.5.6. Alarms DNA-M supports auto-acknowledgement and layered alarm, and these are configured under Options > Alarms Table 24. Alarm properties
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
27 (57)
3. Setting up the DNA-M Server Name
Description
Auto-acknowledge enabled
Enables auto-acknowledge of alarms
Active alarms clear time-out
Minimum time for alarm to remain cleared to leave active state
Table 25. Layered Alarm properties Name
Description
Enable Trail and Network Connection alarms
Enables Trail and Network Connection alarms
Enable Trail and Network Connection alarm filtering
Enables Trail and Network Connection alarm filtering and customize its severity levels
Trail and Network Connection alarm filtering will be run for each matching alarm and enabling this may cause a large number of processes to be started which may degrade the DNA-M server performance
Alarm Severity Assignment allows the user to customize severity of a given OID. The customized severity will be shown in DNA-M Client and northbound export, both via Web Services and SNMP agent
Figure 10. Alarm options Table 26. Alarms New Severity
Adds new alarm severity with OID, Text, Description and Severity
Delete Severity
Removes selected severity
Save Severity
Saves seberity details
Cancel severity
Cancel severity and undoes all unsaved changes
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
28 (57)
3. Setting up the DNA-M Server Move Up
Move selected severity assignment one level higher
Move down
Move selected severity assignment one level lower
Figure 11. Alarm options, alarm severity assignment For example, if the first row of the table contains an OID 1.3.6.1.4.1.8708.2.1.2.7.11 with an assigned alarm severity as Critical, and the second row contains an OID 1.3.6.1.4.1.8708.2.1.2.7 with an assigned severity as Major, the alarms that matches the first row will be of severity Critical and all other alarms that starts with the OID as in the second row will be of the severity Major. If the second row is moved up and made the first row using the Move Up button, all the alarms that starts with the OID 1.3.6.1.4.1.8708.2.1.2.7 as in the first row will be of severity Major, including the OID 1.3.6.1.4.1.8708.2.1.2.7.11 since it is a child of the first row. By using Move Up for a parent alarm, all the child alarms that are found after the parent in the assignment table will be assigned the parent’s severity. By using Move Up for a child alarm, to bring it above the parent alarm, the child alarm will retain its original assigned alarm severity. Move Down works in the opposite way of that of the example given above. By using Move Down of a child alarm, bringing it below a parent alarm, the child alarm will be assigned the parent’s severity. By using Move Down on a parent alarm, to move it below a child alarm, the child alarm will be assigned its original alarm severity. The following fields are associated with the above operations of Alarm Severity:
It is possible to specify an OID manually, the chosen OID should be available in the predefined list which can be accessed by clicking the OID… button, of at least be a part of one of the predefined OIDs from this list. For instance the OID 1.3.6.1.4.1.8708.2.1.2.5.2 filters the "Test of quality of service type warning alarm". To change the severity of all test alarms it is enough to enter the string 1.3.6.1.4.1.8708.2.1.2.5
Table 27. Alarm severity properties Name
Description
OID
Fault status OID
Text
Name of fault status
Description
Description of fault status
Severity
Severity level of fault status
Alarm Severity Assignment is not supported for TM EDU nodes.
It is recommended to log-out from the client and log-in again after setting the alarm severity assignment in the server gui.
3.5.6.1. Link Loss Alarms The DNA-M server can automatically monitor a link’s actual loss and generate an alarm when the
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
29 (57)
3. Setting up the DNA-M Server
difference between measured loss and a saved reference value exceeds a threshold. The reference value is saved using Amplifier View in Transmission Control Table 28. Link Loss properties Link Loss Enabled
Enables link loss alarms
Poll Interval
Poll interval between each link loss measurement, range between 15 minutes to 7 days specified in minutes, hours or days with m,h or d without
Polling start hour
Start hour for polling
The size of the Poll interval should reflect what kind of link loss measurement that is wanted. For measuring fiber aging, a poll interval of 24h or larger is recommended. If fiber intrusion measurement is wanted, an interval of 15min is recommended.
If the poll interval is too short or other circumstances cause performance problems, a DNA-M server event log message is generated specifying the number of link loss measurement tasks that are late and their average poll interval. This event log message is shown both in the Server GUI and the DNA-M client.
3.5.7. Users Configuring user defaults for new users and RADIUS authenticated users is done in Options > Users Table 29. User defaults properties Auto-logout enabled
Enables auto-logout
Auto-logout timeout
Timeout for auto-logout of user
Disable user after failed login attempts
Enables disabling of user after given failed login attempts
Failed login attempts limit
Limit for number of failed login attempts, before user is disabled
Enable user and reset password
Enables and resets disabled user
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
30 (57)
3. Setting up the DNA-M Server
Figure 12. Users options Table 30. Misc. properties User Groups Enabled
Enables usage of Access Profile
Default - object positions locked on GUI map
Enables object positions lock, at every login. User have to disable lock to move objects
3.5.7.1. Broadcast Message Use to broadcast message to all logged in clients
Broadcast message must be between 3 and 1000 characters
3.5.7.2. Logged in User Administration Lists session details of all logged in clients, and enables force logout of selected DNA-M Client session. Forced Logout from the DNA-M Server GUI would send a warning message to the corresponding users’ DNA-M Clients. After 10 seconds the DNA-M Client will be forcibly terminated.
3.5.8. Upload Upload configuration is done in Options > Upload
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
31 (57)
3. Setting up the DNA-M Server
Figure 13. Upload options Table 31. Upload properties Upload hour
Hour for nodes to create and upload configuration to TFTP server
DNA-M server destination directory
Destination directory of DNA-M server where upload configurations is stored
Upload to TFTP server
Enables configuration of upload time, TFTP server and TFTP server destination directory in TM node
TFTP server address
IP address to TFTP server (configured in server.conf)
TFTP server destination directory
Destination directory of TFTP server where upload configurations is stored
Upload to DNA-M server
Enables upload of node configuration (TS series release 17.0 and later)
Versions
Number of versions of TS configuration files stored on DNA-M server
Cross-Connect backup
Enable automatic cross-connect backup for ROADM boards
Cross-Connect backup hour
Hour for automatic cross-connect backup for ROADM boards
Upload EDU configuration
Enables EDU configuration upload
EDU upload hour
Hour for EDU configuration upload
EDU upload server
Server to upload EDU configuration to (configured in server.conf)
EDU upload path
Destination directory for EDU configuration files
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
32 (57)
3. Setting up the DNA-M Server
3.5.9. PM Server Configuration of Performance Management is done in Options > PM Server
Figure 14. PM server options Table 32. PM Server Mode Local
PM server runs on same machine as DNA-M server
Standalone
PM server runs on separate host (host address configured in server.conf)
Disabled
PM server is disabled
Table 33. PM Collection Enabled PM collection
Enabled PM collection from nodes
Table 34. Logging Max days, 24h
Maximum number of days of 24h PM data retained
Max days, 15m
Maximum number of days of 15m PM data retained
Table 35. Layer 2 PM Enable Layer 2 PM collection
Enables collection of Layer 2 PM data
Table 36. EDU PM Data storage, max days
Maximum number of days of EDU PM data retained
EDU PM files directory
Destination directory for EDU PM reports (default: /upload/edufiles)
EDU to EMXP services - MEG name is unique for each service
Indicates that MEG names are uniquely defined for each EDU service (required for outside-traffic PM measurements)
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
33 (57)
3. Setting up the DNA-M Server
3.5.9.1. EDU File Handling The EDUs shall be set up to transfer their PM report files to a directory specified in the EDU PM files directory field. The PM server will immediately read the uploaded file and move the necessary data to the DNA-M database. Upon completion, the PM report file is moved to a history directory edufilehistory located next to the EDU PM files directory. The files are kept in the history folder for 30 min to allow scripts to copy or move them to an external directory for backup purposes, if desired. A PM report file that is not successfully processed will be moved to a directory called edufaultyfiles located next to the EDU PM files directory. The faulty files are kept for 24 hours. When there are files in the edufaultyfile directory, an Erroneous EDU PM report files exist alarm will be issued. Deleting the files in the edufaultyfile directory will clear the alarm.
If the PM server is stopped while the EDUs keep transferring their PM report files to the PM server, a significant number of files will be stored in the edufiles directory. There is no limitation on how many files that can be stored in the edufiles directory, hence there is a risk that the disc may be filled over time unless there is a cron job or other service clearing the edufiles directory from unprocessed files. An additional safety would be to configure the edufiles directory on a separate partition that has a size limit not to put the PM and DNA-M server at risk.
3.5.9.2. EDU PM Data Backup and Restore The EDU PM data is useful to compare system performance with established Service-Level Agreements. Therefore it is important that no EDU PM data is lost. Methods to backup EDU PM data: • Replicate the DNA-M database • Backup the DNA-M database regularly • Export EDU PM data continuously through web services using DNA-M’s northbound interface. Typically used when the data shall be stored for a longer period of time and presented in a more sophisticated way by external tools. • Copy or move the EDU PM files from the edufilehistory directory to an external directory with an interval shorter than 30 min. The purpose is to cover the gap between database backups, where EDU PM files have been received and added to the database. If the DNA-M database for some reason fails, the database is restored from the latest backup and then any later received EDU PM files can be restored into the database. To restore the EDU PM file data, simply copy the backup files back to the EDU PM files directory.
3.5.10. Web Services Configuration of Web Services is done in Options > Web Services
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
34 (57)
3. Setting up the DNA-M Server
Figure 15. WS server options Table 37. Web services options Web Services enabled
Enables web services
Basic authentication enabled
Enables HTTP basic authentication
Port
TCP port for web services requests (default: 8080)
Max. requests
Maximum number of simultaneous requests
Max. number of subscriptions
Maximum number of allowed notification subscriptions
Max. notification queue size
Maximum number of notifications in queue for notification consumer, oldest notifications will be discarded
Notification basic auth. user
Notification user name in superior OSS system
Notification basic auth. password
Notification password in superior OSS system
Notification Port
TCP port for notifications
Enable GCT for Administrators
Enables GuiCutThrough login for admin users
Disable suppression of TL equiv. route
Disabling export Topological Links with same name
Filter alarms
Enables alarm filtering
Alarm Filter
Active alarm filter
Consumer End-point Reference
Current active notification subscriptions
Heartbeat interval
Interval in minutes for heartbeat messages, disabled if set to 0
3.5.11. Alarm Filters Configuration of alarm filters used in northbound export over Web Service and SNMP agent is done in Options > Alarm Filters Alarm filters view provides following operations
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
35 (57)
3. Setting up the DNA-M Server
• Creating, deleting and updating alarm filter • Associating, updating and deleting a fault status with an existing alarm filter • Display a type of device associated with a fault status • Display number of fault statuses associated with an existing alarm filter
Figure 16. Alarm filter options Table 38. OIDs OID…
Displays all available OIDs
EDU5…
Displays all available OIDs for EDU5
EDU5GT…
Displays all available OIDs for EDU10
3.5.12. External Alarms DNA-M supports receiving alarms from a Chronos SyncGEM server. Received alarms will be visible in in DNA-M Client in Active Alarms. Configuration of Chronos SyncGEM is done in Options > External Alarms Table 39. Chronos SyncGEM receiver options Enabled SyncGEM alarms
Enables receiving of alarms notifications from a Chronos server
SyncGEM server address
Address of SyncGEM server from which DNA-M will receive alarm notifications
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
36 (57)
3. Setting up the DNA-M Server
SyncGEM server should be configured to send SNMP traps to DNA-M server Table 40. SyncGEM server settings (at year 2015)
Host
Hostname of DNA-M server
Port
Port where DNA-M server receives SNMP traps
Type
SNMP type version 2c
Community string
public
3.5.13. Browser Configuration of DNA-M´s handling of the System´s browser, when accessing ENM is done in Options > Browser Table 41. ENM properties Automatic login enabled
Enabling login to ENM without entering username and password
User name and password
Access ENM using default account in nodes (Node properties) or in DNA-M (DNA-M user)
To use DNA-M account option, the account with the appropiate user rights must be specified in the nodes. The user type readonly does not support auto-login
3.5.14. Server Mode Server mode of DNA-M is configured in server.conf Refer to Backup Server Setup
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
37 (57)
4. Maintaining DNA-M
4. Maintaining DNA-M This section describes how to maintain the DNA-M Server
4.1. Server Status
Figure 17. DNA-M server statuses Status menu in DNA-M Server GUI provides information about DNA-M status. Table 42. Status menu Services
Service calculation status, start and end time as well as the result. Result include Warnings and Errors, Protection groups and Services and segments detected in the network
Nodes
Node related information such as IP-address, name, node family and status of the node
Subnets
Nodes organized by subnet
Clients
Currently logged in clients to the DNA-M server
Server
Server information, when it started. Also provides License information, Number of nodes, Number of nodes by shelf type, memory usage, handling of incoming traps and trap ques for each node and Threads.
PCE server
Status of the PCE Server
PM Server
Status of PM Server (start time, memory usage)
Alarms
Active alarms from nodes in the DNA-M Server
4.2. Server logging By default the DNA-M Server logs all runtime errors and warnings.
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
38 (57)
4. Maintaining DNA-M
4.2.1. Log files All log files to are co-located. Table 43. Log files location Linux
/var/log/tnm
Windows
C:\Program Files\transmode\tnm\log
4.2.2. Logging configuration Server logging is configuring is done in logback.xml found in conf folder. Table 44. Logging configuration Linux
/etc/tnm/logback.xml
Windows
C:\Program Files\transmode\tnm\conf\logback.xml
To enable verbose logging output remove .DISABLE from logback.xml as below
The DNA-M Server will detect the configuration change automatically, and does NOT need to be restarted. It can take up to two minutes for the change to take effect. Additionally, the log file size and the log file rotation behavior can be controlled through the logging configuration files. Check the logback.xml directly for more information.
4.2.3. Retrieving log files Infinera customer support might ask you to provide them with DNA-M Server´s log files in order for them to troubleshoot. The easiest way to do this is to simply compress and send the log directory of your DNA-M Server installation. For Linux installations there is also an support script available in /opt/transmode/tnm/mainserver/scripts. Running this script generates a compressed file with various useful information for troubleshooting inlcuding all log files. The compressed will be located in current user home directory named --tnmsupport.tar.gz
4.3. DNA-M Server Startup and Shutdown DNA-M Server can be started and shutdowned in two ways, from command line and using DNA-M Server GUI
When performing a restart of the DNA-M Server all connected DNA-M Client users will be logged out.
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
39 (57)
4. Maintaining DNA-M
4.3.1. Command line Open a command line prompt and control the DNA-M server with the following commands
4.3.1.1. Linux Start service tnmserver start
Shutdown service tnmserver stop
Status service tnmserver status
Stopping separate servers is not supported via service, instead use DNA-M Server GUI, or kill the process by using the process ID
4.3.1.2. Windows Start net start tnmserver
Shutdown net stop tnmserver
DNA-M GUI provides a more safe and controllable shutting down of DNA-M Server, PM and/or WS server. Hence It is recommended to use the DNA-M Server GUI to shut down any of the three servers already mentioned
4.3.2. DNA-M Server GUI To start the DNA-M Server GUI, start the application typically located in C:\Program Files\transmode\tnm\servergui\bin\servergui64.exe on Windows or /opt/transmode/tnm/servergui/bin/servergui on Linux Start the DNA-M Server by selecting Control > Start. The DNA-M Server will be up and running when the Server status field in the lower right corner shows Up on a green background. To stop the DNA-M Server, select Control > Stop. The DNA-M Server will be stopped when the Server status field in the lower right corner shows Down on a red background.
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
40 (57)
4. Maintaining DNA-M
Figure 18. DNA-M Server GUI
If any module gets the status Warning displayed on a yellow background after server startup, control the corresponding log file, see Server Logging
4.4. Upgrading the license file If a new license file has been obtained, replace the existing one with the new file and activate it on the running DNA-M server by selecting Control > Reload license file in the DNA-M Server GUI.
4.5. Upgrading the DNA-M Upgrade instructions can be found in the documents: DNA-M Installation Guide for Linux DNA-M Installation Guide for Windows
4.6. Preparation for upgrade analysis of the XTM nodes Prior to upgrading the XTM nodes, an analysis of the XTM nodes in the network can be done to see where traffic hits may be expected. To enable the analysis of an upgrade to a certain release, an impact file for that particular release may be needed to install on the DNA-M server. The impact file is available in the XTM node release zip file and is named something like 27.0-v2.json. It shall be copied to the directory: • /etc/tnm/upgrade_impact_resources/json/release on Linux • C:\Program Files\transmode\tnm\conf\upgrade_impact_resources\json\release on Windows
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
41 (57)
5. Scalability options
5. Scalability options There are two options to increase the size of the network that the DNA-M Server can manage. Table 45. Scalability options Stand-alone PM server
Retains a centralized server architecture but allows the PM processing to be performed on a separate host
Dedicated database host
Retains a centralized server architecture but allows MariaDB database server to run in separate host to decrease overall load on the DNA-M Server
5.1. Stand-alone PM server Contact Infinera customer service at www.infinera.com for assistance to run PM server on separate host
5.2. Dedicated database host To lower the memory usage and overall load on the server, the MariaDB database can be moved to a dedicated host.
Dedicated database host is not compatible with stand-alone PM Server
5.2.1. Database configuration At first the dedicated database host has to be set up. 1. Install and configure the MariaDB database server on the dedicated host according to MariaDB 2. Initialize the database according to DNA-M Installation Guide for Windows or DNA-M Installation Guide for Linux 3. Login into MariaDB mysql -uroot -p
4. Grant remote access to database, with replaced by hostname or IP address of DNA-M address GRANT ALL ON *.* TO 'tnmuser'@'' IDENTIFIED BY 'd4NaZ9j3k'; GRANT ALL ON *.* TO 'sequser'@'' IDENTIFIED BY 'd4NaZ9j3k';
The password d4NaZ9j3k has to be entered literally for the DNA-M server processes to operate correctly.
5.2.2. DNA-M Server configuration DNA-M server needs to be configured to connect to the remote dedicated database host instead of a local database
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
42 (57)
5. Scalability options
• Uncomment, and replace localhost in server.conf with the address of your dedicated host #db.host:
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
43 (57)
6. Backup Server Setup
6. Backup Server Setup This section describes how to setup backup and synchronization of DNA-M server
6.1. Synchronization and backup methods There are three methods to synchronize the primary and back-up server. Table 46. Methods Replication
Only backs up the database within the DNA-M server
Hot standby configuration
Two DNA-M servers running in parallel
Script-based cold standby configuration
Backs up database and node files at pre-determined intervals
6.1.1. Replication The update of the database from the primary server (master) to the backup server (slave) is continuous. The back-up DNA-M server cannot run at the same time as the main DNA-M server, but the back-up host and database must be running. Replication does not include back-up of node configurations that are stored on the primary server. Back-ups of node configurations may be transferred between the primary and back-up server using scripts. If needed, switching between the master and slave server is done manually. Information about database replication can be found in the replication manual, Database Replication Guide for Linux and Windows.
6.1.2. Hot standby The primary and the secondary (i e backup) DNA-M servers run simultaneously. If one server fails, the other server will continue to monitor the nodes. Both DNA-M servers receive data directly from the NEs. Therefore, this setup requires that you configure all NEs with two entries of SNMP trap receivers, one entry for each DNA-M Server. You cannot guarantee that the databases will be identical - the databases will contain minor differences in alarm log, available PM data, and so on. This configuration is not recommended for large networks because all management traffic between server and NEs will be doubled.
6.1.3. Script-based cold standby The update of the database from the primary to the backup server occurs at pre-determined intervals and includes backup files from the nodes. Data is mirrored to the secondary DNA-M server at regular intervals (when a script is executed), which means that there are times when both DNA-M servers do not contain the exact same data. At a switch from the primary to the backup DNA-M server the difference between the databases depend on the time passed since the last synchronization. It is recommended to perform this synchronization every 24 hours. The backup DNA-M server is started manually if the primary DNA-M server fails. This is the recommended configuration, because it requires less management traffic to the NEs. A setup of this kind is described in the following steps.
There is no alarm if the synchronization between the primary and secondary server fails. To verify the result from synchronization check the return code from the synchronization script.
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
44 (57)
6. Backup Server Setup
6.2. Setting up a cold standby script-based backup server 6.2.1. Server Mode The DNA-M server can be run in three different server modes. Table 47. Server Modes Normal
Default non-backup mode
Primary
Server is the primary one
Secondary
Server is the secondary one
To be able to run the secondary server after a restore operation without any need for handson configuration, the parameters for SNMP agent address and the TFTP server address must be set in the server.conf file on each host
For back-up purposes, the two hosts must be run simultaneously. The upload function must have identical configuration on both the DNA-M server and, if applicable, the separate PM server. Also, all changes done to the secondary server will disappear after the next synchronization.
6.2.2. Configuration of the primary server 1. Set main.serverMode: to primary in the server.conf file on the primary server 2. Restart the DNA-M server and verify that Server Mode (Options > Server Mode in DNA-M Server GUI) is set to primary
6.2.3. Configuration of the secondary server 1. Install the DNA-M Server intended to use as the secondary server on a separate host according to DNA-M Installation Guide for Linux or DNA-M Installation Guide for Windows without starting the DNA-M Server 2. Set main.serverMode: to secondary in the server.conf file on the secondary server 3. Start the secondary DNA-M Server, and verify that Server Mode (Options > Server Mode in DNA-M Server GUI) is set to secondary 4. On the secondary server, set up a shared directory for the data transfer between the primary and the secondary server
To avoid any truncation problems, when restoring the secondary server later on, avoid any white spaces in the directory path for the shared directory.
Do not use the shared directory for other purposes than synchronizing the DNA-M servers since all non DNA-M related files will be removed.
a. Linux # exportfs -i -o rw :
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
45 (57)
6. Backup Server Setup
This command requires an NFS daemon to be installed and running on the secondary server. The parameter is the hostname of the primary server. The shared directory’s permissions must also be set for reading and writing.
b. Windows > net share = /GRANT:,FULL /REMARK:"{productName} Script-based backup server"
The shared directory need to have write permission for the data transfer to work, this is done by the option /GRANT:,FULL when creating the shared directory.
Refer to http://support.microsoft.com (select your Windows server version, and search for net share).
6.2.4. Backing up the primary server 1. On the primary server, mount the shared directory created on the secondary server. You can also place the data transfer directory on a third server, used for storage only, and mount that directory on both the primary and the secondary server. Linux # mount -o vers=3 :
Windows > net use \\\ /SAVECRED
Enter the username followed by the password when prompt
/SAVEDCRED stores the credentials (store username and passwords) as a key in the Credential Manager for the resource when the connection is made.
Refer to http://support.microsoft.com (select your Windows server version, and search for net use). 2. Navigate to the DNA-M scripts directory in a command prompt Linux # cd /opt/transmode/tnm/mainserver/scripts
Windows
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
46 (57)
6. Backup Server Setup
> cd c:\Program Files\transmode\tnm\mainserver\scripts
3. Execute the script to backup the primary server Linux # ./backup_primary.sh -uroot -proot -ntnmdb -d
Windows > backup_primary.cmd -u root -p root -n tnmdb -i "c:\Program Files\transmode\tnm" -d \\\
The options given are: DNA-M database name (-n), database user name (-u), database password (-p), DNA-M installation directory (-i) and the network mounted data transfer UNC path (-d), as stated in step 1.
The option (-p) for a database password should be excluded if no password has been set for the MariaDB root user. Additional options: • Flag -i specifies path to the install directory • Custom backup file name (-b) Execution without this option will give the backup file the same file name as the defined database name (-n), e.g. tnmdb.sql. If the backup file should be given another file name than the default, append the option -b to the command above: Linux: -b.sql Windows: -b .sql 4. Backup was successfully completed if a file named backupedOK.txt exists in the shared transfer directory together with all backup files.
6.2.5. Transfer backup of primary server to secondary server 1. Navigate to the DNA-M scripts directory in a command prompt Linux # cd /opt/transmode/tnm/mainserver/scripts
Windows > cd c:\Program Files\transmode\tnm\mainserver\scripts
2. Execute the script to to update the secondary server using the backup files from the primary server.
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
47 (57)
6. Backup Server Setup
Linux # ./restore_secondary.sh -uroot -proot -ntnmdb -d
Windows > restore_secondary.cmd -u root -p root -n tnmdb -i "c:\Program Files\transmode\tnm -d
Additional options: • Custom backup file name (-b) Execution without this option assumes that the backup file name, from the primary server, has the same file name as the database name. If the secondary server should be using a backup file with another file name than the default, append the option -b to the command above: Linux: -b.sql Windows: -b .sql • Custom database name (-n) • DNA-M Server restart (-r) The DNA-M Server will be shut down during execution of the restore script. If the secondary server should be restarted after execution of the restore script, append the option -r to the command above. 3. Restoring was successfully completed if a file named restoredOK.txt exists in the shared transfer directory, and the secondary now contains the same data and setting as the orimary server.
6.2.6. Automating the synchronization process This synchronization process can be automated in both Linux and Windows. If customized error handling is needed to automate the status reporting of the backup- and restore procedure, put the script executions within other scripts and call this script from the scheduler.
6.2.6.1. Linux Automating synchronization in Linux is done using cron 1. On the primary server, add backup script as cron job # /opt/transmode/tnm/mainserver/scripts/backup_primary.sh [options] > ../log/backup_primary.log
2. On the secondary server, add restoring script as cron job # /opt/transmode/tnm/mainserver/scripts/restore_secondary.sh [options] > ../log/restore_secondary.log
3. Let the cron job run once and check the backup_primary.log and restore_secondary.log
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
48 (57)
6. Backup Server Setup
afterwards. The scripts will set the $? environment variable to 1 if something goes wrong during execution.
6.2.6.2. Windows Automating synchronization in Windows is done using Task Scheduler 1. On the primary server, add backup script to a scheduled task > cmd.exe /c backup_primary.cmd [options] > C:\log\backup_primary.log
2. On the secondary server, add restoring script to a scheduled task > cmd.exe /c restore_secondary.cmd [options] > C:\log\restore_secondary.log
3. Let the scheduled jobs run once and check the backup_primary.log and restore_secondary.log afterwards. The scripts will set the errorlevel environment variable to 1 if something goes wrong during execution.
6.3. Change server mode The following section describes how to convert the secondary server to a primary server and the primary server to a secondary server.
6.3.1. Synchronize servers
Before any change of the server mode is performed, make sure that the secondary server is synchronized with the primary server. Perform the procedures for backup and restore as described in Backing up the primary server and Transfer backup of primary server to secondary server.
6.3.2. Change automated scripts If the synchronization process previously has been configured to be automated, as described in Automating the synhronization process, make sure to delete the previous cron job in Linux or Task Scheduler in Windows.
6.3.3. Switching primary and secondary • On secondary server 1. Follow the instruction described in Configuring the primary server 2. Set SNMP address to corresponding local host in server.conf 3. Set TFTP server address to corresponding local host in server.conf • On primary server 1. Follow the instructions described in Configuring the secondary server
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
49 (57)
6. Backup Server Setup
The servers are now re-configured, follow instructions starting in Backing up the primary server to setup backup and automation
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
50 (57)
7. Firewall configuration for DNA-M
7. Firewall configuration for DNA-M This section describes which network ports are required for the DNA-M server system and XTMSeries network elements (NE) to work properly with a firewall Table 48. Ports used between DNA-M Server and NE Type
Source port / Location
Destination port / location
Protocol
Remark
SNMP
- / DNA-M Server
161 / NE
UDP
Configurabl e
SNMPTRA - / NE P
162 / DNA-M Server
UDP
Configurabl e
FTP
- / DNA-M Server
21 / NE - / NE to 114 / DNA-M Server 20 / NE
TCP
ICMP (ping)
NE or DNA-M Server
Table 49. Ports used between DNA-M Client and NE Type
Source port / Location
Destination port / location
Protocol
Remark
Telnet
- / DNA-M Client
23 / NE
TCP
TFTP
- / DNA-M Client
69 / NE - / NE
UDP
ICMP (ping)
NE or DNA-M Client
HTTP
- / DNA-M Client - / ENM GUI
80 / NE
TCP
HTTPS
- / DNA-M Client - / ENM GUI
443 / NE
TCP
Not used on all XTMSeries nodes
SSH
- / DNA-M Client
22 / NE
TCP
Not used on all XTMSeries nodes
Not used in TS-1100 systems
Table 50. Ports used between DNA-M Server and DNA-M Client Type
Source port / Location
Destination port / location
Protocol
Remark
RMI
- / DNA-M Client
1099 / DNA-M Server 17000 / DNA-M Server 17001…17025 / DNA-M Server (one per client)
TCP
Configurabl e
Table 51. Ports used between any web browser and DNA-M Server Type
Source port / Location
Destination port / location
Protocol
Remark
HTTP
- / Web browser (Web apps)
8081 / DNA-M Server
TCP
Configurabl e
HTTP
- / Web browser (Java web start)
9000 / DNA-M Server
TCP
Configurabl e
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
51 (57)
7. Firewall configuration for DNA-M
Table 52. Ports used between DNA-M Server and higher level SNMP Agents (northbound OS) Type
Source port / Location
Destination port / location
Protocol
Remark
SNMP
- / any NOS
161 / DNA-M Server
UDP
Configurabl e
162 / any NOS
UDP
Configurabl e
Remark
SNMPTRA - / DNA-M Server P
Table 53. Ports used between RADIUS server and DNA-M Server Type
Source port / Location
Destination port / location
Protocol
RADIUS
- / DNA-M Server
1812 / RADIUS server
UDP
Table 54. Ports used between Syslog server and DNA-M Server Type
Source port / Location
Destination port / location
Protocol
Syslog
- / DNA-M Server
514 / Syslog server
UDP
Remark
Table 55. Ports used between DNA-M Server, DNA-M Client, NE and NTP Server Type
Source port / Location
Destination port / location
Protocol
NTP
- / DNA-M Server - / DNA-M Client - / NE
123 / NTP Server
UDP
Remark
Table 56. Ports used between DNA-M Server, DNA-M Client and RabbitMQ server Type
Source port / Location
Destination port / location
Protocol
Remark
AMQP
- / DNA-M Server - / DNA-M Client - / NE
5672 / RabbitMQ Server
TCP/UDP
Configurabl e
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
52 (57)
8. Internationalization support
8. Internationalization support This section describes how to configure operating system (Linux and Windows) and MariaDB to use UTF-8, in particular, Japanese characters. Support for UTF-8 is limited to text strings local to the DNA-M Server and DNA-M Client. • Strings that are relevant to ME´s are not supported (e.g. node name)
• String from configuration files are not supported (e.g. main.serverName and main.serverDescription in server.conf) • Encryption in UTF-8 encoding is not supported (e.g. DNA-M user password)
8.1. Configuration of Japanese Locale Support 8.1.1. RedHat Japanese language support is usually configured via the system-config-language tool provided with RedHat.
Figure 19. Selecting default language
Language change will take effect after next login to the server
8.1.2. Windows Japanese language support is usually configured via Control Panel > Region and Language
8.2. MariaDB MariaDB needs to configured to use UTF-8 for all tables.
The following configuration applies only for new DNA-M installations, where no previous DNA-M database has been used. The described MariaDB configuration will not convert an existing database to use UTF-8 encoding.
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
53 (57)
8. Internationalization support
MariaDB configuration file (Linux: my.cnf, Windows: my.ini) additions: [client] default-character-set=utf8 [mysqld] character-set-server=utf8 [mysqldump] default-character-set=utf8 [mysql] default-character-set=utf8 [mysqladmin] default-character-set=utf8 [mysqlcheck] default-character-set=utf8 [mysqlimport] default-character-set=utf8 [mysqlshow] default-character-set=utf8 [myisamchk] default-character-set=utf8 [myisampack] default-character-set=utf8
MariaDB needs to restarted for changes to take effect
Verify that both MariaDB server and client are speaking UTF-8 +--------------------------+----------------------------------+ | Variable_name | Value | +--------------------------+----------------------------------+ | character_set_client | utf8 | | character_set_connection | utf8 | | character_set_database | utf8 | | character_set_filesystem | binary | | character_set_results | utf8 | | character_set_server | utf8 | | character_set_system | utf8 | | character_sets_dir | /opt/mysql/mysql/share/charsets/ | +--------------------------+----------------------------------+
If you see latin1 mentioned anywhere, double-check your MariaDB configuration, and make sure you have restarted the MariaDB daemon.
8.3. DNA-M DNA-M server and client needs to be configured to support Japanese Locale
8.3.1. DNA-M Server Contact Infinera customer service at www.infinera.com for further assistance on configuring Japanese Locale support in DNA-M.
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
54 (57)
8. Internationalization support
8.3.2. DNA-M Client To view Japanese characters in the DNA-M Client, a Unicode font that supports Japanese characters must be chosen from File > Preferences in DNA-M Client.
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
55 (57)
9. Red Hat Considerations
9. Red Hat Considerations This section describes special considerations if using Red Hat Enterprise Linux
9.1. User level configuration DNA-M needs lots of open files (remember "everything" in Linux is a file). /proc/sys/fs/file-max is already set to a large number. However the limit is set on a user basis, and therefore the number of open files shall be set in /etc/security/limits.conf. Additional lines into /etc/security/limits.conf root soft nofile 65535 root hard nofile 65535
If DNA-M is not running by root user, above lines need to be changed accordingly
9.2. Network buffer sizes Too small may cause network problems when DNA-M tries to open many sockets. Increase the network buffer sizes by adding the following lines to /etc/sysctl.conf. net.core.wmem_max = 1048576 net.core.wmem_default = 1048576 net.core.rmem_max = 1048576 net.core.rmem_default = 1048576
9.3. Congestion control using Westwood PPP Links and other slow connections may cause problems when transferring large files with FTP (primary at Software upgrade). Replacing the congestion control algorithm might improve both the FTP capacity and prevent SNMP timeouts during the FTP transfers. This can be done without stopping anything. First check that Westwood exists: ls /lib/modules/`uname -r`/kernel/net/ipv4/ (show available tcp congestions)
Load and use Westwood # modprobe tcp_westwood # echo westwood > /proc/sys/net/ipv4/tcp_congestion_control # cat /proc/sys/net/ipv4/tcp_congestion_control westwood # cat /proc/sys/net/ipv4/tcp_allowed_congestion_control westwood cubic reno
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
56 (57)
9. Red Hat Considerations
9.4. ARP cache parameters ARP lookup translates the IP address into the hardware MAC address and is performed often when there are many nodes on the same subnet. Since the DNA-M is sending packets to many different IP’s, the local ARP table fills up quickly, hits 1024 (the default value), and will cause Java exceptions. This won’t happen if the DNA-M server is on another subnet since neighbor ARP lookups will not be performed. Instead the ARP lookups will be handled by a router on the network. If nodes are on the same subnet as the DNA-M server add the following lines to /etc/sysctl. conf net.ipv4.neigh.default.gc_thresh1 = 65535 net.ipv4.neigh.default.gc_thresh2 = 65535 net.ipv4.neigh.default.gc_thresh3 = 65535
You should not need to reboot after making changes to /etc/sysctl.conf. Just run the command: # sysctl -p
DNA-M-ServerAdmin | 2017-02-16
Infinera Proprietary and Confidential
57 (57)
View more...
Comments
