Configure TAS servers hosts

Configure all the TAS servers — Management, Application, and Datastore servers.

Before you begin 

Copy PEM and generated SSL certificates to TAS servers

Procedure 

  1. Add the log rotation options for the Alarm Monitor:

    1. Run:

      Copy
      vi /etc/logrotate.d/prometheus

    2. Add the following content to the file:

      Copy 
      /<data_folder>/log/prometheus/*.log {
      daily
      rotate 14
      missingok
      notifempty
      compress
      delaycompress
      copytruncate
      }

      where:

      • <data_folder> is the folder defined for data storage, and is by default opt/app/data.

  2. Add the log rotation options for the Alarm Manager:

    1. Run:

      Copy 
      vi /etc/logrotate.d/alertmanager

    2. Add the following content to the file:

      Copy 
      /<data_folder>/log/alertmanager/*.log {
      daily
      rotate 14
      missingok
      notifempty
      compress
      delaycompress
      copytruncate
      }

      where:

      • <data_folder> is the folder defined for data storage, and is by default opt/app/data.

  3. Add the log rotation options for the Alarms and Monitoring Agent:

    1. Run:

      Copy
      vi /etc/logrotate.d/cadvisor_exporter

    2. Add the following content to the file:

      Copy 
      /<data_folder>/log/cadvisor_exporter/*.log {
      daily
      rotate 14
      missingok
      notifempty
      compress
      delaycompress
      copytruncate
      }

      where:

      • <data_folder> is the folder defined for data storage, and is by default opt/app/data.

  4. Run:

    Copy 
    sysctl -q -w vm.max_map_count=262144

  5. Open the /etc/sysctl.conf file, and add the following line:

    Copy
    vm.max_map_count=262144

  6. Relogin with SSH to the TAS server you are configuring:

    Copy
    ssh tas_inst@<fqdn_tas_server>

    where:

    • <fqdn_tas_server> is the FQDN of the TAS server that you are configuring.

  7. Verify that podman is configured correctly:

    Copy
    podman ps & podman --version

    Example of expected output:

    CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

  8. Repeat step 1 through step 17 for each of the TAS servers in your deployment.

  9. On the Management server only, do the following:

    1. Generate the certificate:

      Copy
      ssh-keygen -t rsa

    2. In answer to the prompts, click Enter, as required.

    3. Copy the key to the TAS Management server and to all the other TAS servers, using the target's server's FQDN.

      Copy
      ssh-copy-id tas_inst@<target_server_fqdn>

      where:

      • <target_server_fqdn> is the FQDN of the TAS server to which you are copying the key.

  10. Do the following:

    1. Copy ca.pem to /etc/pki/ca-trust/source/anchors:

      Copy
      cp /home/tas_inst/.podman/ca.pem /etc/pki/ca-trust/source/anchors

    2. Update the CA trust:

      Copy
      /usr/bin/update-ca-trust

What to do next 

Unmount and delete RPM ISO file