The neteye
Command¶
The neteye CLI command is used from the CLI to carry out a few tasks related to the NetEye Installations, both Single Nodes and Cluster. Various sub-commands are available and are analysed in this section:
neteye status
¶
neteye status is used to list the NetEye services and their status, either UP or DOWN.
neteye start | stop
¶
The neteye start and neteye stop command are used to start or stop all NetEye services at once.
neteye update
¶
The neteye update command runs a number of tasks as listed below in order of execution.
Task |
Order |
Single Node |
Cluster |
Description |
---|---|---|---|---|
Health checks |
#1 |
yes |
yes |
Carry out health checks to verify that NetEye installation is healthy and eligible for update |
Standby and fencing |
#2 |
no |
yes |
puts all nodes in standby except the Elected Master, and disables fencing, if enabled |
Update RPM |
#3 |
yes |
yes |
Installs all RPM updates (bugfixes) for the current version |
|
#4 |
yes |
yes |
Searches for
any |
Secure install |
#5 |
yes |
yes |
Execute |
If any of these tasks is unsuccessful, a message will explain where the command failed, allowing you to manually fix the corresponding step, then launch again the neteye update command. Check also the Troubleshooting section for more information and directions about fixing the problems.
neteye upgrade
¶
The neteye upgrade is called after neteye update and carries out a number of tasks that differ when it is executed on a Single Node or on a Cluster node.
Warning
The neteye upgrade command may take a long time before it completes successfully, so please do not interrupt it until it exits.
The tasks carried out by the neteye upgrade command are listed below in order of execution. It is also mentioned if they run on Clusters or Single Nodes.
Single Nodes and Cluster
Task |
Order |
Single Node |
Cluster |
Description |
---|---|---|---|---|
Health checks |
#1 |
yes |
yes |
Carry out health checks to verify that NetEye installation is healthy and eligible for update |
Check update status |
#2 |
yes |
yes |
NetEye is fully updated and there are no minor (bugfix) updates to be installed, otherwise it will install the available updates |
Upgrade eligibility |
#3 |
yes |
yes |
Verify that NetEye is eligible for upgrade: it checks which is the installed version (e.g., 4.20) and that the last upgrade was finalized |
Standby and fencing |
#4 |
no |
yes |
puts all nodes in standby except the Elected Master, and disables fencing, if enabled |
Master node check |
#5 |
no |
yes |
Make sure the Master Node is active (i.e. non in standby mode, please refer to section The Elected NetEye Master below to understand which node is considered as the Master Node. |
Repo update |
#6 |
yes |
yes |
Update all the NetEye repositories to the next version to which it is possible to upgrade (e.g., 4.21) |
Packages check |
#7 |
yes |
yes |
Check for new software packages in the repositories |
Package install |
#8 |
yes |
yes |
Install new packages |
Yum groups install |
#9 |
yes |
yes |
Install new packages that belong to the NetEye yum groups |
|
#10 |
yes |
yes |
Searches for
any |
Finalise installation |
#11 |
yes |
yes |
The
|
If the neteye upgrade command is successful, a message will inform you that the upgrade procedure concludes successfully. Otherwise, if the commands breaks at some point, you need to fix the failed tasks manually and then launch again the command. Check also the Troubleshooting section for more information and directions about fixing the problems.
What neteye update
and neteye upgrade
do not do on Clusters¶
The following tasks are required to bring a cluster back to the correct operative status after an update or an upgrade and need to be carried out manually:
Unstandby nodes
Restore stonith on cluster
Additionally, the commands can not be launched on Elastic-only or a Voting-only nodes. Please note that, however, even if the two commands can be executed on operative nodes only, the update/upgrade procedure is performed also on Elastic-only and Voting-only nodes.
neteye update
vs. neteye upgrade
¶
The main difference between the two commands is that the neteye update installs all available packages in the current version of NetEye. On the other side, neteye upgrade installs all available packages in next version of NetEye.
For example, given a NetEye version 4.20, neteye update fully updates NetEye 4.20 with the latest packages in the 4.20 repository, while neteye upgrade installs and configures all new packages available in the 4.21 repository.
neteye node
¶
The command neteye node is responsible for performing operations on the node on which it is executed such as updating the operating system. The only sub-command available is system-upgrade.
neteye node system-upgrade
¶
The command neteye node system-upgrade executed on a specific node is responsible for the upgrade of NetEye from version 4.22 to 4.23 and also of the upgrade of the operating system from CentOS 7 to RHEL 8.
As described in the upgrade procedure it will upgrade the operating system from NetEye 4.22 on CentOS 7 to RHEL 7 and then to RHEL 8 with NetEye 4.23. After each change of operating system, a reboot is required. In the case of a cluster, the command must be executed node by node and before starting with a new node, the previous one must have finished the upgrade to RHEL 8.
This command does not carry out any task on versions 4.23 onwards.
Supporting Scripts¶
Two scripts complement the abilities of the neteye update and neteye upgrade commands:
For more details, refer to the next two sections.
neteye_secure_install
¶
neteye_secure_install
is a wrapper around a number of scripts that
take care of the initial configuration of a NetEye installation and
then start all services that are required for NetEye to operate
correctly.
While this command is the first to be executed after the NetEye’ initial configuration, it must never be used in the update and upgrade procedures, because it is called automatically by the neteye update and neteye upgrade commands
In a nutshell, the tasks carried out by the script are:
To register the machine to RHEL 8
To set up Red Hat Insights
To reconfigure NetEye services and/or migrate configurations and databases after important changes
To restart services that were stopped or modified
To create certificates for secure communication
Before making any changes, the secure install script will also run a subset of light and deep health checks to ensure that NetEye will not be adversely affected due to a transient problem like low disk space or custom configurations.
Note
This automatic set of check is not intended to replace the good practice of running a separate, manual deep health check both before and after an update or upgrade.
The neteye_secure_install script is automatically called by the neteye update and neteye upgrade commands right after the installation of any new RPM packages from NetEye repositories
To run it manually, just type in the name of the script in a shell as root:
# neteye_secure_install
neteye_finalize_installation
¶
neteye_finalize_installation
is the last command executed during
an upgrade procedure and makes sure that the correct NetEye version is
stored. It is the last task of neteye upgrade.
Note
This command should never be used in the update and upgrade procedures, as it is called automatically by the neteye update and neteye upgrade commands. In case you need to launch it manually, follow the steps described below.
Complete the upgrade process by launching the following script:
# neteye_finalize_installation
Note
You should launch the finalize command only if you want to perform the upgrade manually and only if all previous steps have been completed successfully. If you encounter any errors or problems during the upgrade process, please contact our our service and support team to evaluate the best way forward for upgrading your NetEye system.
The Elected NetEye Master¶
The commands neteye upgrade and neteye update elect one of the operative nodes to always be online during the update/upgrade procedures. Different executions of the commands will always elect the same node as NetEye master.
For example, imagine to have the following content in
/etc/neteye-cluster
file:
{
"Hostname" : "my-neteye-cluster.example.com",
"Nodes" : [
{
"addr" : "192.168.47.1",
"hostname" : "my-neteye-01",
"hostname_ext" : "my-neteye-01.example.com",
"id" : 1
},
{
"addr" : "192.168.47.2",
"hostname" : "my-neteye-02",
"hostname_ext" : "my-neteye-02.example.com",
"id" : 2
},
{
"addr" : "192.168.47.3",
"hostname" : "my-neteye-03",
"hostname_ext" : "my-neteye-03.example.com",
"id" : 3
},
{
"addr" : "192.168.47.4",
"hostname" : "my-neteye-04",
"hostname_ext" : "my-neteye-04.example.com",
"id" : 4
}
],
"ElasticOnlyNodes": [
{
"addr" : "192.168.47.5",
"hostname" : "my-neteye-05",
"hostname_ext" : "my-neteye-05.example.com",
"id" : 5
}
],
"VotingOnlyNode" : {
"addr" : "192.168.47.6",
"hostname" : "my-neteye-06",
"hostname_ext" : "my-neteye-06.example.com",
"id" : 6
}
}
The elected NetEye Master will always be the first node appearing in the list
of Nodes, in this case my-neteye-01.example.com
.
Be sure that the elected NetEye Master is not in stand-by before running the update/upgrade commands.
See also
How nodes are managed by the NetEye update/upgrade commands is described with great details in a NetEye blog post: https://www.neteye-blog.com/2021/10/hosts-and-neteye-upgrade/