To integrate the NSP and NFM-P

Purpose

Perform this procedure to add an existing NFM-P system as an integrated component of an NSP deployment.

Note: When the NSP is integrated with an NFM-P system, the NSP UI is accessible only when the NFM-P is operational.

Note: release-ID in a file path has the following format:

R.r.p-rel.version

where

R.r.p is the NSP release, in the form MAJOR.minor.patch

version is a numeric value

Steps
Start PKI server
 

If you intend to use the PKI server, start the PKI server.

  1. Log in as the root user on the NSP deployer host.

  2. Open a console window.

  3. Enter the following:

    cd /opt/nsp/NSP-CN-DEP-release-ID/NSP-CN-release-ID/tools/pki ↵

  4. Enter the following:

    ./pki-server ↵

    The PKI server starts, and the following is displayed:

    date time Using Root CA from disk, and serving requests on port nnnn

Configure NFM-P
 

Perform Step 4 to Step 13 on each NFM-P main server station.

Note: If the NFM-P system is redundant, you must perform the steps on the standby main server station first.

Go to Step 14.

Configure main server
 

Log in as the nsp user on the NFM-P main server station.

Open a console window.

Stop the main server, if it is running.

  1. Enter the following:

    bash$ cd /opt/nsp/nfmp/server/nms/bin ↵

  2. Enter the following:

    bash$ ./nmsserver.bash stop ↵

  3. Enter the following:

    bash$ ./nmsserver.bash appserver_status ↵

    The server status is displayed; the server is fully stopped if the status is the following:

    Application Server is stopped

    If the server is not fully stopped, wait five minutes and then repeat this step. Do not perform the next step until the server is fully stopped.

  4. Enter the following to switch to the root user:

    bash$ su ↵

  5. Enter the following to display the NSP service status:

    nspdctl status ↵

    Information like the following is displayed.

    Mode:     redundancy_mode

    Role:     redundancy_role

    DC-Role:  dc_role

    DC-Name:  dc_name

    Registry: IP_address:port

    State:    stopped

    Uptime:   0s

    SERVICE           STATUS

    service_a         inactive

    service_b         inactive

    service_c         inactive

    You must not proceed to the next step until all NSP services are stopped; if the State is not ‘stopped’, or the STATUS indicator of each listed service is not ‘inactive’, repeat this substep.

Enter the following:

samconfig -m main ↵

The following is displayed:

Start processing command line inputs...

<main> 

Configure the NFM-P to use the NSP nspOs instance.

  1. Enter the following:

    <main> configure nspos ip-list cluster1_advertised_address;cluster2_advertised_address

    where

    cluster1_advertised_address and cluster2_advertised_address are the advertised addresses of the NSP clusters specified in the NSP configuration file

    For example, specify only one IP address for a standalone NSP system, or two, separated by a semicolon, for a DR deployment.

    The prompt changes to <main configure nspos>.

  2. Enter the following:

    <main configure nspos> exit ↵

    The prompt changes to <main>.

If you are using the PKI server, perform the following steps.

  1. Enter the following:

    <main> configure tls pki-server server

    where server is the PKI server IP address or hostname

  2. Enter the following sequence of commands by copying and pasting at the CLI:

    no keystore-file

    no keystore-pass

    no truststore-file

    no truststore-pass

    regenerate-certs

    exit

10 

Enter the following:

<main> apply ↵

The configuration is applied.

Note: Applying the configuration may take up to ten minutes.

11 

Enter the following:

<main> exit ↵

The samconfig utility closes.

12 

Enter the following to switch back to the nsp user:

exit ↵

13 

If you want to enable mTLS for internal Kafka authentication using two-way TLS, perform the following steps.

Note: Enabling mTLS for internal Kafka authentication is supported only in an NSP deployment that uses separate interfaces for internal and client communication.

Note: The parameter you must configure is displayed only:

  • if the ip-list parameter is set to a remote address

  • after the configuration is initially applied in a subsequent step

Note: The parameter is configurable only if the secure and internal-certs parameters in the nspos section are set to true.

  1. Enter the following:

    samconfig -m main ↵

    The following is displayed:

    Start processing command line inputs...

    <main> 

  2. Enter the following:

    configure nspos mtls-kafka-enabled back ↵

  3. Enter the following:

    <main> apply ↵

    The configuration is applied.

  4. Enter the following:

    <main> exit ↵

    The samconfig utility closes.

Start main servers
 
14 

Perform the following steps on each main server to start the server.

Note: If the NFM-P system is redundant, you must perform the steps on the primary main server first.

  1. Enter the following:

    bash$ cd /opt/nsp/nfmp/server/nms/bin ↵

  2. Enter the following:

    bash$ ./nmsserver.bash start ↵

  3. Enter the following:

    bash$ ./nmsserver.bash appserver_status ↵

    The server status is displayed; the server is fully initialized if the status is the following:

    Application Server process is running.  See nms_status for more detail.

    If the server is not fully initialized, wait five minutes and then repeat this step. Do not perform the next step until the server is fully initialized.

Stop PKI server
 
15 

If the PKI server is running, press Ctrl+C in the NSP deployer host console window to stop the PKI server.

Add NFM-P to NSP configuration
 
16 

Log in as the root user on the NSP deployer host.

17 

Open the following file using a plain-text editor such as vi:

/opt/nsp/NSP-CN-DEP-release-ID/NSP-CN-release-ID/config/nsp-config.yml

18 

Configure the parameters in the integration section, nfmp subsection, as shown below:

Note: If the NFM-P system is standalone, you do not need to configure the standbyIp parameter.

Note: In the client section of samconfig on the NFM-P main servers, if the address for client access is set using the hostname parameter, the primaryIp and standbyIp values in the nfmp section of the NSP configuration file, nsp-config.yml, must be set to hostnames.

Likewise, if the public-ip parameter in the client section is configured on the main servefr, the primaryIp and standbyIp values in the nsp-config.yml file must be set to IP addresses.

 integrations:

   nfmp:

     primaryIp: "server_1_address"

     standbyIp: "server_2_address"

     tlsEnabled: value

where

server_1_address is the IP address of the standalone main server, or the primary main server in a redundant NFM-P system

server_2_address is the IP address of the standby main server in a redundant NFM-P system

value is true or false

19 

If all of the following are true, configure the following parameters in the integrations section:

  • The NSP system includes the NFM-P.

  • You want the NFM-P to forward system metrics to the NSP cluster.

  • The NFM-P main server and main database are on separate stations:

    nfmpDB:

      primaryIp: ""

      standbyIp: ""

20 

If both of the following are true, configure the following parameters in the integrations section:

  • The NSP system includes the NFM-P.

  • You want the NFM-P to forward system metrics to the NSP cluster.

  • The NFM-P system includes one or more auxiliary servers:

    auxServer:

      primaryIpList: ""

      standbyIpList: ""

21 

Save and close the file.

Redeploy NSP
 
22 

Enter the following:

/opt/nsp/NSP-CN-DEP-release-ID/bin/nspdeployerctl install --config --deploy ↵

23 

Close the open console windows.

End of steps