Purpose of this document
This document is intended to be used for deploying ATOM Cloud Agent in customer Data Center to communicate with Network Devices and ATOM Cloud servers.
ATOM deployment and operations requires hands-on experience installing . This document assumes that you are familiar with Docker, containers, hypervisors, networking, and a good working knowledge of the operating systems.
ATOM Cloud Overview
Anuta Networks ATOM Cloud is a Software-as-a-Service offering. It delivers Assurance, Telemetry, and Orchestration for Multi-Vendor Networks.
Anuta ATOM Cloud enables enterprises and service providers to rapidly design and provision network services, collect real-time telemetry, develop in-depth network analytics, ensure compliance and provide service assurance for multi-vendor physical and virtual infrastructure.
Anuta ATOM Cloud offering takes a cloud-first approach and is hosted within a Tier-1 cloud. The underlying infrastructure is validated and is governed by a quality assurance and regulatory compliance process. With Anuta ATOM Cloud, networking teams can deliver services faster, eliminate human errors, avoid security violations, reduce OpEx and meet SLAs with exceptional high availability.
Key Benefits of the Anuta ATOM Cloud offer include:
- Hassle-free deployments and upgrades
- Flexible & Secure connectivity to enterprise networks
- Network Orchestration and Closed-Loop Assurance for 45+ vendors
- Auto-Scale to satisfy fluctuations in demand
- Real-time Analytics and Historical Reports
- Flexible Pay as you Grow license model
- SDK and other productivity tools for rapid customization.
ATOM Agent Overview
The ATOM Cloud Agent is an application that runs on a Linux server within your infrastructure as a docker container. ATOM agents have to be installed on each location of your infrastructure.
ATOM agents can be assigned with multiple CIDR blocks to manage the devices. It is used to communicate, collect and monitor the networking devices in your infrastructure using standard protocols. Once the agent collects the data, it gets encrypted and sent to Anuta ATOM Server over an outgoing SSL Connection.
One Agent can typically manage hundreds of devices. However, it depends on many other factors such as device type, data collection, size of the data, frequency etc. Checkout ATOM Agent Hardware requirements for further information.
Agent Requirements and Installation
ATOM Agent has to be deployed on the Customer corporate network and it needs the following hardware at the minimum.
|1 Virtual Machine||Storage reserved in ESXi = 40 GB (SSD)|
ATOM Agent needs to communicate with the network devices to collect and transfer the data to atom cloud. So, it requires certain ports to be opened in a secured network. Below is the sample network interaction diagram for agent communication.
Required Ports between Agent and Managed Network Devices
Below are the ports required by the Agent to communicate with targeted network infrastructure.
|21||TCP||Both||Data Transfer using FTP (Remote Agent <==> Device)|
|22||TCP||Outbound||SSH Communication to the targeted Network Device|
|23||TCP||Outbound||Telnet Communication to the targeted Network Device|
|161||UDP||Outbound||Data Collection via SNMP through MIBs from the targeted Network Device|
|162||UDP||Inbound||SNMP Traps receiver from the targeted Network Device|
|514||UDP||Inbound||Syslog Message receiver from the targeted Network Device|
|830||TCP||Outbound||NetConf Communication to the targeted Network Device|
Required Ports between Agent and ATOM Cloud Infrastructure
Below are the ports required by the Agent to transfer the data collected from network devices to ATOM Cloud with TLS encryption.
|7000||TCP||Outbound||Remote agent to ATOM Cloud Server (it is a proprietary port)|
Note: Connection is always initiated by the ATOM Agent and which acts as client in server-client model
ATOM Agent Installation
The ATOM Agent manages your network infrastructure. You do not need to install an Agent on every device, instead one agent on a server should be used to monitor all the resources in that location. See About the ATOM Cloud Agent section.
Below is the procedure to install an ATOM agent on a customer corporate network.
- Navigate to Agents Page from Navigation bar.
- Click on the Download dropdown on top right side and choose ISO File.
- Once the ISO is downloaded, create a VM out of it.
Assign an IP, hostname, DNS etc. to that VM.
- Login and change the credentials of above. This step is optional but recommended.
- Default credentials : admin/admin .
- Change the hostname in /etc/hostname and update the same in /etc/hosts and reboot the remote agent instance.
- Connect to VPN from the agent instance if the ATOM cluster is on the private network.
- Navigate to the IP Range tab of Agents Page to add some IP ranges for the devices.
- Navigate to the Agents tab and add a remote agent agent1. Select some device ip ranges (mandatory) and some description (optional).
- Select a particular agent and download the agent configuration file from the toolbar.
- Copy the content from the downloaded agent config.xml file and login to the agent instance:
Paste the content in the agent.xml file and save it.
- Update the config.yaml.
- Change/Add the image version in this format. ( Version can be seen in the Administration -> About Page in ATOM)
- Change/Add the atom_lb value with SSO url.
- Run the run.sh file
Agent Connection Verification
To verify the agent container status on the virtual machine where it was deployed, use docker ps command. Below is the sample output. Make sure the status is UP.
Once the agent container is up on the agent VM instance, the status of the agent created on ATOM comes online by performing health checks. We can verify the status of the Agent on ATOM on Agents Page. The status should turn into green.
Some Scenarios in Remote Agent
- Edit a particular IP Range
Go to IP Range tab and edit an Ip range.
Ex. Previous range ->
Range name : iprange3
Ranges : 172.16.3.1 – 172.16.3.255
New Range ->
Range name : iprange3
Range : 172.16.3.1 -> 172.16.3.50
Now the remote agent which has iprange3 will serve only the devices specified in that updated range.
- Edit a remote agent and add/delete other ranges
Go to the Agents tab and edit a particular agent.
Ex. Previous ranges attached to the remote agent -> iprange1,iprange3
New ranges attached to the remote agent -> iprange1 (removed iprange3)
Now the remote agent will serve only the devices specified in the range iprange3.
- ‘Devices’ and ‘Services’ attached to the Agent.
By clicking on the agent name, it will redirect to another page which has
‘Devices’ and ‘Services’ tabs.
- Devices tab will list all the devices attached to the agent.
- Services tab will list all the services attached to the agent.
- Restart Agent
After selecting a particular agent, it can be restarted from the above toolbar.
Some important points
- If we add a remote agent for a tenant, it will be visible to all the tenants/subtenants which are mentioned in the shared-with field of the agent.
- A tenant can add multiple remote agents but one remote agent will serve only one tenant.
- Overlapping of ip ranges is not allowed.
- A device can be served by only one remote agent for a particular tenant.
ATOM upgrade scenario
Once the ATOM system is upgraded, the remote agent will automatically upgrade after 2 minutes. To verify this step :
- Login to the remote agent vm instance.ssh firstname.lastname@example.org.X.Y
- Go to this path :cd /opt/atom/agent/configs/
- See the config.yaml file. If the auto_upgrade flag is true ( by default it’s true), it will automatically upgrade itself and the image version will change.
As it’s by default in the auto upgrade mode, it will check after every 2 minutes whether there is a change in the ATOM version.
To see the upgrade logs –
- Go to this path :cd /tmp
- vi install.out
Some Common Exception scenarios
- Build version mismatch scenario
As remote agents will be deployed on a different machine, it is mandatory that the atom version and the agent version should match.
- For Agent version : Agents -> Grid View -> Build Version
- For Atom version : Administration -> About
If it is not the case, the remote agent will not come online.
- Debug/error logs in Remote Agent
Login to the IP address mentioned in the grid for a particular agent.
Refer below example.
After logging in, go to the /opt/atom/agent/logs folder.
All the logs are visible in this directory.