NetBrain System Setup Guide Two-Server Deployment

NetBrain® Integrated Edition 10.
1
System Setup Guide
Two-Server Deployment
Version 10.1 | Last Updated 2023-02-09

Copyright ©2004-2022 NetBrain Technologies, Inc. All rights reserved.
Contents
1. System Overview......................................................................................................................................................................... 3
2. System Requirements ................................................................................................................................................................ 5
3. Deploying and Installing System............................................................................................................................................ 10
3.1. Installing NetBrain Database Server on Linux ............................................................................................................ 10
3.2. Installing NetBrain Application Server on Windows .................................................................................................. 19
4. Setting Up Your System ........................................................................................................................................................... 29
4.1. Logging in to System Management Page..................................................................................................................... 30
4.2. Activating a Subscription License .................................................................................................................................. 30
4.3. Creating User Accounts ................................................................................................................................................... 31
4.4. Allocating Tenants to Front Server Controller ............................................................................................................ 33
4.5. Adding a Front Server to a Tenant ................................................................................................................................ 35
4.6. Registering a Front Server ............................................................................................................................................... 36
4.7. Configuring Auto Upgrade Settings .............................................................................................................................. 37
4.8. Monitoring Server and Service Metrics ........................................................................................................................ 48
5. Appendix..................................................................................................................................................................................... 49
5.1. Offline Installing Third-party Dependencies ............................................................................................................... 49
5.2. Editing a File with VI Editor.............................................................................................................................................. 50
5.3. SSL Certificate Requirements ......................................................................................................................................... 51
5.4. Third-Party User Authentication .................................................................................................................................... 52

1. System Overview
NetBrain Integrated Edition is an adaptive automation platform, where you can integrate with your existing
Network Management System (NMS) tools and IT workflows to automate documentation, troubleshooting,
network change, and defense. It serves as an operating system of your whole network to relieve network
professionals from manual CLI-digging and also empowers team collaboration to elevate productivity.
The browser-based interface of NetBrain Integrated Edition is backed by a full-stack architecture, adopting
advanced distributed technologies to support large-scale networks with more expansion possibilities.
The two-server system architecture is as follows:
Note: The port numbers listed in the above architecture diagram are defaults only. The actual port numbers used
during installation might be different.
The system components include:
Component Description
Browser-based Thin Client provides a user interface for end users to access the system.
MongoDB The database that stores user data (e.g., Map, site definition) and network data.
NetBrain Integrated Edition 10.1 System Setup Guide (Two-Server Deployment) | 3

Component Description
License Agent provides services that validate and activate licenses.
Elasticsearch serves as a full-text search and analytics engine in a distributed multi-user

environment.
Redis provides memory cache for the system.
RabbitMQ translates messages from a component to another component.
Web Server serves static content such as HTML, JavaScript, and CSS resources, which serves as the
user interface of the Thin Client.
Web API Server serves RESTful API calls from browsers and third-party applications for integration.
Worker Server serves as a resource manager to support computing tasks. It relies on both Redis and
RabbitMQ to work.
Task Engine coordinates computing tasks.
Front Server Controller serves to coordinate and communicate with Front Servers and other components.
Front Server serves as a polling server to collect and parse live network data. It is the only
component required to access the live network.
Service Monitor Agent monitors the health of your NetBrain Servers with operations management of related
services. Users can start/stop the service of components and view log of components.
Ansible Agent (add-on) integrates with Ansible to define, execute playbooks and visualize results in Change
Management Runbooks. See Ansible Integration for more details.
Smart CLI (add-on) provides a Telnet/SSH client to connect to devices from Windows and can be
integrated with NetBrain workflows. See Smart CLI for more details.
4 | NetBrain Integrated Edition 10.1 System Setup Guide (Two-Server Deployment)

2. System Requirements
This section introduces the hardware requirements, network connectivity requirements, and more prerequisites
for deploying a two-server system.
▪ Reference Specification
▪ Network Connectivity Requirements
▪ Deployment Prerequisites
Reference Specification
Note: The following specifications only apply to traditional network. Refer to Public Cloud System Specification if you
have activated the public cloud (AWS/Azure) license.
The two-server deployment requires one Windows server for applications and one Linux server for the database.
Both physical machines and virtual machines are supported.
Environment NetBrain Machine Count CPU Memory Hard Disk 3) Operating System
Component
(Free Space)
≤1,000 nodes Application Server 1 4 Physical 16GB 200GB ▪ Windows Server 2012/2012
≤10 users Cores 1)
R2 (Standard/Datacenter
▪ SSD
Edition), 64-bit
▪ Windows Server
2016/2019/2022
(Standard/Datacenter
Edition), 64-bit
Database Server 1 4 Physical 16GB 2) 300GB ▪ Red Hat Enterprise Linux

Cores 1) Server
▪ SSD 4)
7.5/7.6/7.7/7.8/7.9/8.2/8.3/8
.4/8.5/8.6, 64-bit
▪ CentOS
7.5/7.6/7.7/7.8/7.9/8.2/8.3/8
.4/8.5, 64-bit
▪ Oracle Linux
7.7/7.8/7.9/8.2/8.3/8.4/8.5/8
.6, 64-bit
▪ Rocky Linux
8.4/8.5/8.6, 64-bit

Environment NetBrain Machine Count CPU Memory Hard Disk 3) Operating System
Component
(Free Space)
▪ Alma Linux
8.4/8.5/8.6, 64-bit
1,001~2,000 Application Server 1 4 Physical 32GB 200GB ▪ Windows Server 2012/2012

nodes Cores 1) R2 (Standard/Datacenter
≤ 10 users SSD
Edition), 64-bit
Windows Server
2016/2019/2022
(Standard/Datacenter
Edition), 64-bit
Database Server 1 4 Physical 32GB 2) 300GB ▪ Red Hat Enterprise Linux

Cores 1)
Server
SSD 4）
7.5/7.6/7.7/7.8/7.9/8.2/8.3/8
.4/8.5/8.6, 64-bit
▪ CentOS
7.5/7.6/7.7/7.8/7.9/8.2/8.3/8
.4/8.5, 64-bit
▪ Oracle Linux
7.7/7.8/7.9/8.2/8.3/8.4/8.5/8
.6, 64-bit
▪ Rocky Linux
8.4/8.5/8.6, 64-bit
▪ Alma Linux
8.4/8.5/8.6, 64-bit
Notes:
1) If hyper-threading is enabled, one physical core equals to two logical processors; in a virtual environment, the number
of vCPUs required is twice the number of physical cores (as listed in the table).
2) Allocating at least half of the RAM amount for swap space on your Linux server is required to provide the necessary
additional memory when the RAM space has been exhausted.
3) The required hard disk space must be exclusively reserved for NetBrain.
4) For better performance, it is recommended to install the MongoDB on a machine equipped with Solid State Drive
(SSD), or Hard Disk Drive (HDD) RAID-10.
5) For Linux servers, make sure each path of /usr/lib, /usr/share, and /etc has more than 10GB free space to install the
component files.

Network Connectivity Requirements
Source Destination Protocol *) and Port Number **)
Thin Client Application Server HTTP/HTTPS (80/443)

Service Monitor Agent
Application Server Database Server TCP 5672/6379/9200/27017/27654/15672
Application Server Ansible Agent (add-on) TCP 9098
Application Server Live Network ICMP/SNMP/Telnet/SSH/REST API
Database Server Application Server TCP 9099
Note: *) If SSL was enabled for any component including MongoDB/ElasticSearch/Redis/RabbitMQ/License Agent/Front
Server Controller/Ansible Agent/Auto Update Server (within Web API Server), the SSL protocol should be added to
firewall rules to enable SSL connection between servers.
Note: **) The port numbers listed in this column are defaults only. The actual port numbers used during installation
might be different.
Deployment Prerequisites
The following requirements must be satisfied before setting up your NetBrain system:
▪ The operating system must be installed with an English-language version (not language packs).
▪ When installing NetBrain servers, comply with your company security policy to set the passwords and
archive them for further reference.
▪ NetBrain servers use hostnames to identify and communicate with each other. Make sure each server has a
unique hostname.
▪ Add all the NetBrain installation folders and files (on both Windows and Linux) to the allow list of antivirus
software for routine scans, and keep the TCP connections unblocked between NetBrain components.
▪ If the machine's firewall is turned on, make sure the firewall rules allow traffics to all the ports and protocols
that will be used by the NetBrain system.
▪ The Service Monitor Agent running on the Linux server(s) uses “netbrainadmin” user, and this user needs
sudoers privilege to monitor other NetBrain components as well as to execute the system update tasks.
▪ Special Requirements for Client Machine
o It is recommended to deploy the NetBrain Smart CLI on the same machine where the browser-based
thin client is used, and the machine needs to meet the following minimum system specifications:

❖ 4 Physical CPU Cores (If hyper-threading is enabled, one physical core equals to two logical
processors; in a virtual environment, the number of vCPUs required is twice the number of
physical cores)
❖ 8GB RAM
o Ensure to reserve at least 50% system capacity for the satisfactory performance of NetBrain Browser-
based Thin Client and Smart CLI Application.
▪ Special Requirements for Windows Server
o Users with administrative privileges of the machine are required to implement the installation.
o NetBrain Integrated Edition should not be installed on the same server as an existing NetBrain
Enterprise Edition (6.2 or earlier version), except that Front Server and Network Server (EEv6.2) can be
installed on the same machine.
o There must be more than 5GB free space in the system drive (for example, C drive) to complete the
installation no matter which drives the NetBrain system will be installed on.
o There must be more than 180GB free space for the Front Server PostgreSQL data path.
o Temporarily disable antivirus software during the installation process.
o Ensure the NetBrain installation process using administrator account has the necessary permissions
to modify “User Rights Assignment” in “Local Security Policy” or change the local user privileges.
Otherwise, the following error message will prompt when installing each Windows component.
▪ Click Ignore to continue with installation/upgrade process and NetBrain service will be configured to
run as Local System.
▪ If you have security concerns, click Abort to quit the installation/upgrade process.
▪ Click Retry after you have modified the system settings.

Note: Local System accounts have additional privileges that are considered a high risk. Please verify that this
is an acceptable risk in accordance with your SysAdmin policies.
Note: After clicking Abort, please check with your system administration team to enable the relevant
permissions, uninstall the affected component(s) and reinstall. Contact NetBrain support team if you need
any assistance during the process.
▪ Special Requirements for Linux Server
o Users with root privileges of the machine are required to implement the installation.
o It is highly recommended to store the data files and log files of NetBrain servers into separated disk
partitions. Make sure each partition has enough disk space.
• More than 100GB free space in the directory where the data files of MongoDB/Elasticsearch will be
saved.
• More than 50GB free space in the directory where the log files of MongoDB/Elasticsearch will be
saved.

3. Deploying and Installing System
Install the system components in the following order:
1. Install NetBrain Database Server on Linux.
2. Install NetBrain Application Server on Windows.
3.1. Installing NetBrain Database Server on Linux
All NetBrain Linux components, including MongoDB, License Agent, Elasticsearch, Redis, RabbitMQ, and Service
Monitor Agent, will be installed sequentially on this Linux server. However, if an error occurs during the
installation of any components, the installation will abort. After resolving the error, you can re-run the installation
package to install the remaining components.
Pre-installation Tasks
▪ Ensure you have upgraded the Linux OS to Red Hat Enterprise Linux Server
7.5/7.6/7.7/7.8/7.9/8.2/8.3/8.4/8.5/8.6, 64-bit, CentOS 7.5/7.6/7.7/7.8/7.9/8.2/8.3/8.4/8.5, 64-bit or Oracle
Linux Server 7.7/7.8/7.9/8.2/8.3/8.4/8.5/8.6, 64-bit, Rocky Linux Server 8.4/8.5/8.6, 64-bit, Alma Linux
Server 8.4/8.5/8.6, 64-bit to avoid installation or upgrade failure. Refer to Linux System Upgrade Instructions
Online for more details. If your Linux server has no access to the Internet, refer to Linux System Upgrade
Instructions Offline.
Note: During and after the Linux OS upgrade, do not restart the Linux server, and keep all the NetBrain services on Linux
server including MongoDB running normally and all the services on the Windows server stopped.
▪ Ensure the hostname of the Linux server must be resolvable by DNS or configured in /etc/hosts because
RabbitMQ needs a resolvable hostname no matter whether it is a standalone server or a cluster.
▪ RabbitMQ has dependencies on the third-party packages socat and logrotate. Run the rpm -qa|grep socat
and rpm -qa|grep logrotate commands to check whether socat and logrotate have been installed on this
Linux server. If they have not been installed yet, you can choose either option below to install the dependencies.
o Online Install: run the yum -y install socat and yum -y install logrotate commands to install them
online.
o Offline Install: refer to Offline Installing Third-party Dependencies for more details.
▪ Service Monitor Agent has dependencies on the third-party package zlib-devel readline-devel bzip2-devel
ncurses-devel gdbm-devel xz-devel tk-devel libffi-devel gcc. Run the rpm -qa|grep -E "zlib-
devel|readline-devel|bzip2-devel|ncurses-devel|gdbm-devel|xz-devel|tk-devel|libffi-devel|gcc"

command to check whether it has been installed on this Linux server. If it has not been installed yet, you can
choose either option below to install the dependencies:
o Online Install: run the yum -y install zlib-devel readline-devel bzip2-devel ncurses-devel gdbm-
devel xz-devel tk-devel libffi-devel gcc command to install it online.
o Offline Install: refer to Offline Installing Third-party Dependencies for more details.
▪ It is highly recommended to install numactl on this Linux server to optimize MongoDB performance. Run the
rpm -qa|grep numactl command to check whether it has been installed. If it has not been installed yet and the
Linux server has access to the Internet, run the yum install numactl command to install it online.
▪ If you want to enable SSL to encrypt the communications between servers, prepare a set of certificate files and
upload them to the /etc/ssl directory by using a file transfer tool. For more details regarding the requirements
for these certificate files, refer to SSL Certificate Requirements.
Installing Database Server

1. Log in to the Linux server as the root user.
2. Create a directory under the /opt directory to place the installation package. For example, netbraintemp10.1
[root@localhost ~]# mkdir /opt/netbraintemp10.1
3. Run the cd /opt/netbraintemp10.1 command to navigate to the /opt/netbraintemp10.1 directory.
Note: Don't place the installation package under any personal directories, such as /root.
4. Download the installation package.
▪ Option 1: If the Linux server has no access to the Internet, obtain the netbrain-all-in-two-linux-x86_64-
rhel-10.1.tar.gz file from NetBrain and then upload it to the /opt/netbraintemp10.1 directory by using a
file transfer tool.
▪ Option 2: If the Linux server has access to the Internet, run the wget <download link> command under the
/opt/netbraintemp10.1 directory to directly download the netbrain-all-in-two-linux-x86_64-rhel-
10.1.tar.gz file.
Note: Contact NetBrain Support Team to get the download link. The download link is case-sensitive.
Tip: Run the yum -y install wget command to install the wget command if it has not been installed.
5. Run the tar -zxvf netbrain-all-in-two-linux-x86_64-rhel-10.1.tar.gz command under the

/opt/netbraintemp10.1 directory to extract installation files.
[root@localhost netbraintemp10.1]# tar -zxvf netbrain-all-in-two-linux-x86_64-rhel-10.1.tar.gz
netbrain-all-in-two-linux-10.1/
netbrain-all-in-two-linux-10.1/servicemonitoragent/

netbrain-all-in-two-linux-10.1/servicemonitoragent/dependencies
...
netbrain-all-in-two-linux-10.1/install.sh
...
6. Run the cd netbrain-all-in-two-linux-10.1 command to navigate to the netbrain-all-in-two-linux-10.1

directory.
7. Run the ./install.sh command under the netbrain-all-in-two-linux-10.1 directory to install NetBrain Linux
components.
1) Read the license agreement, and then type YES and press the Enter key.
2) Type I ACCEPT and press the Enter key to accept the license agreement. The script starts to check whether
the system configuration of the Linux server meets the requirement, and all required dependent packages
are installed for each Linux component.
[root@localhost netbrain-all-in-two-linux-10.1]# ./install.sh
Please read the End User License Agreement (“EULA”) for the license type (perpetual or
subscription)purchased in the order form at https://www.netbraintech.com/legal-tc/ carefully.
I have read the subscription EULA, if I have purchased a subscription license, or the
perpetual EULA, if I have purchased a perpetual license, at the link provided above. Please
type “YES” if you have read the applicable EULA and understand its and understand its
contents, or “NO” if you have not read the applicable EULA. [YES/NO]: YES
Do you accept the terms in the subscription EULA, if you have purchased a subscription
license, or the perpetual EULA, if you have purchased a perpetual license? If you accept, and
to continue with the installation, please type "I Accept" to continue. If you do not accept,
and to quit the installation script, please type "CANCEL" to stop. [I ACCEPT/CANCEL]: I
ACCEPT
INFO: Creating installation log file

INFO: Collecting system information SUCCEEDED.
INFO: MongoDB was not installed. Fresh installation is required.
2022-01-29 14-39-23.453: Components to be installed:

2022-01-29 14-39-23.458: servicemonitoragent
2022-01-29 14-39-23.463: mongodb
2022-01-29 14-39-23.468: licenseagent
2022-01-29 14-39-23.473: elasticsearch
2022-01-29 14-39-23.478: rabbitmq
2022-01-29 14-39-23.483: redis
Getting rpm dependency list of servicemonitoragent...
Getting rpm dependency list of mongodb...
Getting rpm dependency list of licenseagent...
Getting rpm dependency list of elasticsearch...
Getting rpm dependency list of rabbitmq...
Getting rpm dependency list of redis...
Checking information for servicemonitoragent...
INFO: 2022-01-29 14-39-37.284: Start dependencies checking...
INFO: 2022-01-29 14-39-48.483: Dependencies checking SUCCEEDED.
Checking information for mongodb...

INFO: 2022-01-29 14-39-48.525: Dependent packages checking SUCCEEDED
Checking information for licenseagent...
INFO: 2022-01-29 14-39-48.560: Dependent packages checking SUCCEEDED.
Checking information for elasticsearch...
Checking information for rabbitmq...
INFO: 2022-01-29 14-39-48.642: Starting to check if rpm exists
INFO: 2022-01-29 14-39-49.892: Starting to check if erlang rpm exists
INFO: 2022-01-29 14-39-51.140: Dependent packages checking
INFO: 2022-01-29 14-39-54.907: Selinux-policy version: 3.14.3
Checking information for redis...
INFO: 2022-01-29 14-39-54.946: Dependent packages checking
Install NetBrain Linux components.
3) Configure the following parameters one by one with an interactive command line.
Install NetBrain Linux components.
The values in brackets are the default values of the parameters. To keep the default value
for the
current parameter, press the Enter key.
Please enter the data path for NetBrain [/var/lib/netbrain]:
Please enter the log path for NetBrain [/var/log/netbrain]:
Please enter the IP address of this machine [10.10.3.142]:
Please create NetBrain service username [admin]:
Please create NetBrain service password:
Please re-enter NetBrain service password to confirm:
Use SSL on NetBrain Services [no]:
Use customized server ports? [no]
Please enter the URL (must end with /) to call NetBrain Web API service for the Service
Monitor
[http(s)://<IP address or hostname of NetBrain Application Server>/]: http://10.10.3.141/
Note: Make sure the designated data path has more than 100GB free space and the designated log path has more
than 50GB free space. You can run the df -h command to check which directory has been mounted to a large disk.
Note: The certificate name specified in the path must strictly match the one you uploaded.
Note: Keep notes of the NetBrain service username and password because they will be used later.
4) After these parameters are configured, the key configurations for each component are listed for your
further confirmation. To continue the installation with the current configurations, press the Enter key. To
change any configurations, type no.
Data path: /var/lib/netbrain
Log path: /var/log/netbrain
MongoDB IP address: 10.10.3.142

MongoDB port: 27017
MongoDB username: admin
MongoDB password: ******
MongoDB uses SSL: no

License Agent port: 27654
License Agent uses SSL: no
Elasticsearch address: 10.10.3.142

Elasticsearch port: 9200
Elasticsearch username: admin
Elasticsearch password: ******
Elasticsearch uses SSL: no
RabbitMQ address: 10.10.3.142

RabbitMQ port: 5672
RabbitMQ username: admin
RabbitMQ password: ******
RabbitMQ uses SSL: no
Redis address: 10.10.3.142

Redis port: 6379
Redis password: ******
Redis uses SSL: no
NetBrain Web API service URL: http://10.10.3.141/ServicesAPI
Do you want to continue using these parameters? [yes]
8. After all the components are successfully installed, run the reboot command to restart the machine.
9. Run the following commands to check their service status separately.
- systemctl status mongod

[root@localhost ~]# systemctl status mongod
mongod.service - MongoDB service
Loaded: loaded (/usr/lib/systemd/system/mongod.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2021-02-22 01:30:29 EST; 23min ago
Process: 6136 ExecStart=/bin/mongod -f /etc/mongodb/mongod.conf (code=exited,
status=0/SUCCESS)
Main PID: 6375 (mongod)
Memory: 902.3M (limit: 8.0G)
...
- systemctl status netbrainlicense

[root@localhost ~]# systemctl status netbrainlicense
netbrainlicense.service - NetBrain license agent service
Loaded: loaded (/usr/lib/systemd/system/netbrainlicense.service; enabled; vendor preset:
disabled)
Process: 16490 ExecStart=/usr/bin/netbrainlicense/licensed -f
/etc/netbrainlicense/licensed.conf (code=exited, status=0/SUCCESS)
Process: 16488 ExecStartPre=/bin/chmod o+r /sys/class/dmi/id/product_uuid (code=exited,
status=0/SUCCESS)
Main PID: 16492 (licensed)
Memory: 15.0M
...
- systemctl status elasticsearch

[root@localhost ~]# systemctl status elasticsearch
elasticsearch.service - Elasticsearch
Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; vendor preset:
disabled)
Docs: http://www.elastic.co
Main PID: 5922 (java)
Memory: 4.6G
...
- systemctl status rabbitmq-server

[root@localhost ~]# systemctl status rabbitmq-server
rabbitmq-server.service - RabbitMQ broker
Loaded: loaded (/usr/lib/systemd/system/rabbitmq-server.service; enabled; vendor preset:
disabled)
Main PID: 4509 (beam.smp)
Status: "Initialized"
Memory: 96.5M
...
- systemctl status redis

[root@localhost ~]# systemctl status redis
redis.service - Redis
Loaded: loaded (/usr/lib/systemd/system/redis.service; enabled; vendor preset: disabled)
Main PID: 52318 (redis-server)
Memory: 7.7M
...
- systemctl status netbrainagent

[root@localhost ~]# systemctl status netbrainagent
netbrainagent.service - NetBrain Service Monitor Agent Daemon
Loaded: loaded (/usr/lib/systemd/system/netbrainagent.service; enabled; vendor preset:
disabled)
Main PID: 4520 (python3)
Memory: 73.5M
...
Post-installation Tasks
▪ If you have customized a port for any of MongoDB/License Agent/Elasticsearch/RabbitMQ/Redis or you have
configured DNS connection during Database Server installation, to make the Server Monitor Agent can still
detect and monitor its service, you must add the customized port number to the corresponding configuration
file.

Server Name File Name
MongoDB mongodb.yaml
License Agent license.yaml
Elasticsearch elasticsearch.yaml
RabbitMQ rabbitmq.yaml
Redis redis.yaml
Example: If you use FQDN during Database Server installation, do the following:
1) Run the cd /etc/netbrain/nbagent/checks command to navigate to the checks directory.
2) Add the following DNS info to the mongodb.yaml file, and save the changes. For how to modify the file,
refer to Editing a File with VI Editor.
Note: Follow the text format in the example strictly, including alignment, punctuations, and spaces.
init_config:
instances:
- name: default
dns: mongo2.cloud.netbraintech.com
Example: If you configured the port number 27000 during MongoDB installation, do the following:
3) Run the cd /etc/netbrain/nbagent/checks command to navigate to the checks directory.

4) Add the customized port number to the mongodb.yaml file, and save the changes. For how to modify the
file, refer to Editing a File with VI Editor.
Note: Follow the text format in the example strictly, including alignment, punctuations, and spaces.
init_config:
instances:
- name: default
port: 27000
Parameters
Refer to the following table for the parameters of NetBrain Database Server.

Parameter Default Value Description
Data path /var/lib/netbrain The directory to save data of all NetBrain Linux components. You can
press the Enter key to keep the default path or type a new one.
Log path /var/log/netbrain The directory to save logs of all NetBrain Linux components. You can
press the Enter key to keep the default path or type a new one.
IP address of this machine <current IP The binding IP address for MongoDB/ElasticSearch/NetBrain License
address
Agent. It will be used for establishing connections with NetBrain
automatically
Application Server. You can press the Enter key to keep the default value
obtained from the
machine> or type a new one.
Note: 127.0.0.1 is not supported.
Note: If you configured multiple network cards on this machine, type the
designated IP address to be bound.
NetBrain service admin The admin username and password created for MongoDB, Elasticsearch,
username RabbitMQ, Redis, Front Server and Service Monitor.
Note: The password must meet the following criteria:

NetBrain service password
• The length should be not less than 8 and not greater than 64
characters.
• Cannot be Admin1.#
• Cannot be empty and cannot start with! or #.
• Cannot contain any of the following special characters,
{ } [ ] : " , ' | < > @ & ^ % \ and spaces.
Note: The username must meet the following criteria:

• The length cannot exceed 64 characters.
• Cannot be empty and cannot start with! or #.
• Cannot contain any of the following special characters,
{ } [ ] : " , ' | < > @ & ^ % \ and spaces.
Note: Keep notes of the NetBrain service username and password

because they will be used for validating the connections with:
- MongoDB, Elasticsearch, RabbitMQ, and Redis when installing NetBrain
Application Server
- Front Server Controller when setting up the system
- Service Monitor Agent when communicating with Web API Server
Use SSL on NetBrain no Whether to enable SSL for all components on NetBrain Database Server.
Services To enable SSL, type yes.
Note: SSL cannot be enabled or disabled separately for the two-server

deployment mode.
Certificate file path The file name of the certificate file that contains the public key.

Note: It is required only if Use SSL on NetBrain Services is enabled.
Private Key file path The file name of the private key file.
Certificate Authority file The name and directory of the chain certificate authority (CA) file, which
path is used to authenticate the CA issuing the SSL certificates.
Use customized server no Whether to use customized port number for each Linux component. To
ports? customize ports, type yes.
MongoDB port 27017 The port number that the MongoDB service listens to. You can press the
Enter key to keep the default port or type a new one.
Note: Make sure the port is not used by other applications.
Note: Keep notes of the customized port because it will be used for
validating the connections with MongoDB when installing NetBrain
Application Server.
License Agent port 27654 The port number that the License Agent service listens to. You can press
the Enter key to keep the default port or type a new one.
validating the connections with License Agent when installing NetBrain
Application Server.
Elasticsearch port 9200 The port number that the Elasticsearch service listens to. You can press
the Enter key to keep the default port or type a new one.
validating the connections with Elasticsearch when installing NetBrain
Application Server.
Rabbitmq port 5672 The port number that the RabbitMQ service listens to. You can press the
validating the connections with RabbitMQ when installing NetBrain
Application Server.
Redis port 6379 The port number that the Redis service listens to. You can press the

validating the connections with Redis when installing NetBrain
Application Server.
URL to call NetBrain Web http(s)://<IP The URL to call NetBrain Web API service. For example,
address or
API service for the Service http://10.10.3.141/ or https://www.YOURCOMPANY.com/.
hostname of
Monitor Note: If SSL will be enabled with https binding created for the system
NetBrain
Application website in IIS Manager, type https in the URL.
Server>/
Note: When you type https in the URL, the CA verification will not be
performed during the configuration by default. To verify the CA
certificate, complete the following steps after the configuration:
1) Run the cd /etc/netbrain/nbagent command to navigate to the

/etc/netbrain/nbagent directory.
2) Run the vi agent.conf command to edit the agent.conf file as

follows and save the changes. For more details on how to edit the file
with the vi editor, refer to Editing a File with VI Editor.
▪ Modify the value of the enable_ssl_validation parameter to True.
▪ Remove the pound sign (#) in front of the cert_path parameter,

and then enter the path of the CA certificate file.
Example:
# enable ssl validation (default:False)
enable_ssl_validation: True
cert_path: /etc/ssl/smca.pem
3) Upload the CA certificate file under the specified path. Make sure the
CA certificate could be accessed and read by the Service Monitor
Agent Service.
3.2. Installing NetBrain Application Server on Windows
All NetBrain Windows components, including Web Server, Web API Server, Worker Server, Task Engine, Front
Server Controller, Front Server, and Service Monitor Agent will be installed sequentially on this Windows server.
Pre-installation Tasks
▪ Make sure the extended memory of your machine is larger than 16GB and the Windows update is of the
latest.
▪ Make sure the language of the operating system is English.

▪ Remove the Existing Internet Information Services (IIS) and disable the FIPS setting by modifying the
Enabled value to 0 under the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy directory of
Windows registry.
▪ If you use a proxy server to access the Internet on this server, you must add the IP address of Elasticsearch
into the proxy exception list so that the Application Server can communicate with the Elasticsearch.
1) Click the icon at the upper-right corner of Chrome and select Settings > Advanced.
2) In the System area, click Open proxy settings.

3) On the Connections tab, click LAN settings.
4) In the Proxy Server area, click Advanced to add the IP address and port number of Elasticsearch into
the Exceptions area.
Installing Application Server

Complete the following steps with administrative privileges.
1. Download the netbrain-all-in-two-windows-x86_64-10.1.zip file and save it in your local folder.
Tip: Contact NetBrain Support Team to get the download link.
2. Extract files from the netbrain-all-in-two-windows-x86_64-10.1.zip file.
3. Navigate to the netbrain-all-in-two-windows-x86_64-10.1 folder, right-click the netbrain-application-

10.1.exe file and then select Run as administrator to launch the Installation Wizard.
4. Follow the Installation Wizard to complete the installation step by step:
1) .NET Framework 4.8 must be pre-installed on this machine before you install the Application Server. The
Installation Wizard will automatically check this dependency. If it has not been installed, the wizard will
guide you through the installation as follows; if it has been installed, the wizard will directly go to step 2).

a) Click Install.
b) Read the license agreement of Microsoft .NET Framework 4.8, select the I agree to the license terms
and conditions check box and click Install. It might take a few minutes for the installation to be
completed.
Note: Some running applications must be closed during the installation of .NET Framework 4.8, such as Server
Manager.

c) You must click Restart to restart the machine immediately. Otherwise, the upgrade will fail due to the
failure of upgrading the new .Net Framework. After the machine reboots, continue with step 2).
Note: Ensure the FIPS is disabled after restarting the machine. To disable the FIPS setting, modify the Enabled
value to 0 under the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy
directory of Windows registry.
Note: The interface above may not appear if the .NET Framework has never been installed on the server. In
such case, it is still highly recommended to reboot the server after the installation of the .NET Framework
completes.
2) On the Welcome page, click Next.
3) On the NetBrain Integrated Edition Prerequisites page, read the list of Linux components that must be
deployed beforehand in your environment and click Next.
4) On the System Configuration page, review the system configuration summary and click Next.

5) On the License Agreement page, read the license agreement, and then select the I have read the
subscription EULA check box and click I ACCEPT.
6) On the Customer Information page, enter your registered user name and your company name. Click Next.
7) Click Next to install the Application Server under the default path: C:\Program Files\NetBrain\. If you
want to install it under another location, click Change.
Note: If you select to install it under another drive, make sure there are no spaces in the installation path. For
example, use D:\Program_Files\ instead of D:\Program Files\.
Note: Make sure the designated data folder has more than 100GB free space.
8) On the System Connectivity Configuration page, enter the information to connect to NetBrain Database
Server, including the IP of NetBrain Database Server and the service username and password created on
NetBrain Database Server. Click Next.
Note: If you enabled SSL on NetBrain Database Server, you must select the Use SSL check box here. Both
NetBrain Database Server and NetBrain Application Server must use the same set of SSL certificate files.

Note: Select the Use Customized Ports check box only if you customized a port number for any of Linux
components during the installation of NetBrain Database Server.
9) (Required only if the Use Customized Ports check box is selected) On the Customized Settings page, you
can customize the ports of Linux Components and customize the port for Front Server Controller if you
don't want to use the default port 9095. Click Next.
NetBrain Application Server will use the specified information of NetBrain Database Server, including IP
address, username, password, SSL Settings, and port settings to validate the connectivity to MongoDB,
License Agent, Elasticsearch, RabbitMQ, and Redis one by one.
10) On the Auto Update Server, enter the information for Auto Update Server and click Next.
Note: The Address must be the local server’s IP address which can be reached from other NetBrain servers
including Front Server.
11) On the Enable Platform Resources Auto Update page, if you want these resources to be downloaded
automatically, check the Download and Install Platform Resources Automatically box. Click Next.

12) (Required only if the Use SSL check box is selected) Configure the following SSL settings.
a) On the Certificate Authority Configuration page, to validate the Certificate Authority (CA) of the SSL
certificates used on NetBrain Database Server, select the Conduct Certificate Authority verification
check box (optional) and click Browse to upload the chain certificate file. Click Next.
b) On the Certificate Configuration page, click Browse to upload the certificate file and private key file to
enable SSL communications on Front Server Controller and Auto Update Server. Click Next.

13) On the KeyVault Administration Passphrase Settings page, create a passphrase to initialize and manage
the system KeyVault which contains all encryption keys to protect data security. Type it twice and click
Next.
Tip: The passphrase must contain at least one uppercase letter, one lowercase letter, one number, and one special
character, and the minimum permissible length is 8 characters. All special characters except for the quotation mark
(") are allowed.
Note: Keep notes of the passphrase because it is required when you scale up or upgrade the Application Server. In
case of losing the passphrase, select the Enable Resetting KVAP check box so that NetBrain system administrator
can reset the passphrase at any time.
14) On the NetBrain Front Server page, create a password for the PostgreSQL data. Type it twice and click
Next.
Note: If you want to save the PostgreSQL data under another location, click Change.
Note: Make sure the designated data folder has more than 180GB free space.

15) Review the server components to be installed and click Install. All the Windows components will be
installed one by one. It will take a long while for all the components to be installed.
Note: Depending on the hard drive type of the Application Server, the entire installation process may take
approximately 1hour (SSD) to 2.5 hours (HDD). Please expect the lengthy installation process and refrain from
interrupting it.
16) (Optional) Ensure the NetBrain installation process using administrator account has the necessary
permissions to modify “User Rights Assignment” in “Local Security Policy” or change the local user
privileges. Otherwise, the following error message will prompt when installing each Windows component.

o Click Ignore to continue with installation/upgrade process and NetBrain service will be configured to run as
Local System.
o If you have security concerns, click Abort to quit the installation/upgrade process.
o Click Retry after you have modified the system settings.
Note: Local System accounts have additional privileges that are considered a high risk. Please verify that this is an
acceptable risk in accordance with your SysAdmin policies.
Note: After clicking Abort, please check with your system administration team to enable the relevant permissions,
uninstall the affected component(s) and reinstall. Contact NetBrain support team if you need any assistance during
the process.
5. After all the components are successfully installed, click Finish to complete the installation process and exit the
Installation Wizard.
6. Open the Task Manager and navigate to the Services panel, you can find the following running NetBrain
services.
Tip: The NetBrainFrontServer service is not running because Front Server has not been registered.

4. Setting Up Your System
Complete the following steps to set up your system:
1. Log in to System Management Page.
2. Activate Your License.

3. Create System Users Accounts.
4. Allocate the Tenant to a Front Server Controller.

5. Add a Front Server to the Tenant.
6. Register the Front Server.
7. Configuring Auto Upgrade Settings.

8. Monitor Server and Service Metrics.
Note: The system is designed to work with a minimum screen resolution of 1440x900 pixels. Make sure the
Notifications and Popups are allowed for the Web Server URL in your web browser and zoom it at 100% to get the best
view.

4.1. Logging in to System Management Page
1. In your web browser, navigate to http(s)://<Hostname or IP address of NetBrain Application

Server>/admin.html. For example, https://10.10.3.141/admin.html or
http://10.10.3.141/admin.html.
2. In the login page, enter your username or email address, and password. The initial username/password is
admin/admin.
3. Click Log In.
4. Modify your password first and then complete your user profile in the pop-up dialog, by entering the email
address, first name, and last name, and then click Save.
4.2. Activating a Subscription License
1. In the System Management page, click Activate under the License tab. The activation wizard prompts.
2. Activate your subscription license:
1) Select Activate Subscription License and click Next.

2) Enter the license ID and activation key that you received from NetBrain, with your first name, last name,
and email address.
3) Select the activation method based on your situation.

▪ Online (recommended) — click Activate to connect to NetBrain License Server and validate your license
information immediately.
Note: If your NetBrain Application Server is not allowed to access the Internet, you can configure a proxy server.
Click the icon at the upper-right corner, select the Use a proxy server to access the internet check box and
enter the required information.
▪ Via Email — validate your license information by sending an email to NetBrain.
Note: Only use this activation method when your NetBrain Application Server is not allowed to access the
Internet.
a) Follow the instructions to generate your license file. Attach the file to your email and send it to
NetBrain Support Team. After receiving your email, the NetBrain team will fill in the license

information on NetBrain License Server and generate the corresponding activation file, and then
send it back to you.
b) Click Browse to select the activation file that you received from the NetBrain team, and then click
Activate.
4) A message box will prompt you the subscription license has been activated successfully. Click OK.
3. A confirmation dialog box prompts to ask you whether to generate an initial tenant. Click Yes and the initial
tenant will be created automatically with all purchased nodes assigned.
4. Check the tenant and domain nodes. If there is more than one domain, you need to allocate the domain.
4.3. Creating User Accounts
Tip: To synchronize authenticated user accounts that are managed in third-party user management servers, refer to
Third-Party User Authentication.
To manually create a user account, do the following:
1. In the System Management page, select the User Accounts tab.

2. Click Add at the upper-left corner, and complete the settings. This is an example:
1) Enter basic information. The fields marked with asterisks are mandatory.
2) Assign user rights, including access permissions and user roles. See online help for more details.
Note: For authenticated users account from external servers (LDAP/AD/TACACS+), their roles and privileges can be
locked as follows. After being locked, the roles and privileges will not be synced with any changed settings of
external authentication.
3) Configure the advanced settings if required, including account expiration and privilege to modify/reset
password.
3. Click Submit. The user account will be added to the Existing User List.

4.4. Allocating Tenants to Front Server Controller
1. In the System Management page, select the Front Server Controllers tab, and then click Add Front Server
Controller.
2. In the Add Front Server Controller dialog, configure the settings for the Front Server Controller, and then
allocate tenants to it.
1) Select the deployment mode, and then specify the basic information about the Front Server Controller. See
FSC Settings for more details.
▪ Standalone — applicable to a single Front Server Controller deployment.
▪ Group — applicable to a failover deployment of Front Server Controller.

2) Configure the SSL settings.
a) If SSL is enabled on Front Server Controller, select the Use SSL check box to encrypt the connections
established from the Worker Server and Front Server with SSL. Otherwise, leave it unchecked.
b) To authenticate the Certificate Authority (CA) certificate on the Front Server Controller, select the
Conduct Certificate Authority verification check box.
c) If CA has not been installed on the Worker Server and Task Engine, click Browse to upload the CA file,
for example, ca.pem.

Note: Only certificates in the Base-64 encoded X.509 PEM format are supported.
3) Click Test to verify whether the Web API Server can establish a connection to Front Server Controller with
the configurations.
4) In the Allocated Tenants area, select the target tenants to allocate them to the controller.
5) Click OK to save the settings.
The Front Server Controller is added.
Front Server Controller Settings

The following items (except Timeout and Description) are required to be consistent with those configured during
the installation of NetBrain Application Server.
Field Description
Name Keep the default value FSC as it is.
Hostname or IP Address Enter the IP address of NetBrain Application Server.
Port The port number created when you install the Front Server Controller for listening to the
connections from Worker Server. By default, it is 9095.
Username The user name created for NetBrain service when installing NetBrain Database Server.
Password The password created for NetBrain service when installing NetBrain Database Server
Timeout The maximum waiting time for establishing a connection from Worker Server to this Front Server
Controller. By default, it is 5 seconds.
Description The brief description to help you add more information about the Front Server Controller.

4.5. Adding a Front Server to a Tenant
1. In the Front Server Controller Manager, select the target tenant and click New Front Server.
2. Enter the following properties of the Front Server.
▪ Front Server ID — keep the default value FS1 as it is.
▪ Authentication Key — create an authentication key for the Front Server.
Tip: Keep notes of the Authentication Key because it is required when you register this Front Server.
3. Click OK. The Front Server is added to the Front Server list.

4.6. Registering a Front Server
Example: Register a Front Server on Windows Server 2012 R2.
Complete the following steps with administrative privileges.
1. On the machine where the Front Server is installed, click the Windows start menu and then click the icon to
open the Apps pane.
2. Under the NetBrain category, right-click Registration and then select Run as administrator from the drop-
down list.
3. In the Registration dialog, complete the registration form.
1) Enter the following information about the Front Server Controller.

▪ Hostname or IP address with port — the IP address of NetBrain Application Server and the port
number (defaults to 9095).
2) Configure the SSL settings.

a) Select the Use SSL check box to encrypt the connections to Front Server Controller with SSL. If SSL is
disabled on Front Server Controller, leave it unchecked and skip step b) to c).
Note: Select the Use SSL check box only if you enabled SSL on Front Server Controller.
b) To authenticate the Certificate Authority (CA) of SSL certificates on Front Server Controller, select the
Conduct Certificate Authority verification check box.

c) If the CA has not been installed on this machine, click Browse to upload the CA file, for example,
ca.pem; otherwise, select I have installed the Certificate Authority on this machine.
Note: Only the certificate in Base-64 encoded X.509 PEM format is supported.
3) Click Test to verify whether this Front Server can establish a connection with Front Server Controller.
4) Keep all default values, and then enter the authentication key created when you add this Front Server to a
tenant.
4. Click Register.
Tip: After registering the Front Server successfully, you can open the Task Manager and navigate to the Services panel
to check whether the NetBrainFrontServer service is running.
5. Click Close after the registration is finished. The Front Server information in the Front Server Controller
Manager will be synchronized by clicking Refresh.
4.7. Configuring Auto Upgrade Settings
Knowledge Cloud (KC) manages both the framework components and the platform resources and allows NetBrain
Workstation to automatically upgrade a patch or minor release. Besides replacing the files, the auto-upgrade
process may restart services, execute the database upgrading, check the system health and roll back the release if
the update fails.
Due to security considerations, there will be no direct connection between KC and NetBrain Workstation. NetBrain
System Administrator must download the software update package from NetBrain Customer Portal, manually
upload the package into the system and then schedule system updates accordingly.
NetBrain Workstation Auto Upgrade flow consists of the following steps:
Note: Only user with System Management permissions can perform the following actions.

1. Check the Latest Version
2. Download Package from NetBrain Customer Portal
3. Upload Package to NetBrain Workstation
4. Schedule Update
5. View Update Status
6. View Update History
Check the Latest Version

Follow the steps below to check the available releases from NetBrain:
Note: The following steps only apply to the online auto upgrade procedures.
1. In the System Management page, click the start menu> System Update.
2. By default, the Automatically check the latest version check box is enabled. You can click Check Update
Now to see if there is a new version available.
Note: After the check box Automatically check the latest version is enabled, users with 'sys admin' role will receive
auto notification via email when a new version becomes available.
Note: The Web API Server is required to have internet access with NetBrain public License Server in order to perform
the function of Automatically check the latest version and Check Update Now.
Note: In order to download and install platform resources automatically, you need to enable the Automatically check
the latest version check box, as well as the Download and Install Platform Resources Automatically check box.

3. When this check is enabled, NetBrain Workstation will check whether a minor release, a patch, a customized
built-in, a customized resource or common platform resource updates have been published since the last time
check (either auto or manual check). The latest available version will be displayed with the release note.
4. If the respective release or patch is available, after reviewing the Release Note, click Get Latest Version to
Download Package from NetBrain Customer Portal.
Download Package from NetBrain Customer Portal

Follow the steps below to download the system upgrade package from NetBrain Customer Portal:
1. Log into the NetBrain Customer Portal with your username and password.
Note: After clicking Get Latest Version in NetBrain Workstation, you will be redirected to the NetBrain Customer Portal.
The portal account credentials are required by the web browser to grant access to the NetBrain Customer Portal.
2. Confirm the required info and click Generate Package.
Tip: Required info includes the License ID, Framework Version, Common Repo Version, Customized Built-in Resource
Repo, Customized Resource Repo.
Tip: If you don’t want to download framework components, enable the Exclude Framework Patch check box.

3. Click Resource Package Link to download the package to your local drive.
4. Keep note of the password for next step- Upload Package to NetBrain Workstation.

Upload Package to NetBrain Workstation
Follow the steps below to upload the system upgrade package to NetBrain Workstation:
2. Click Upload Latest Version.
3. Click Browse and select the system upgrade package (.zip file).
4. Enter the password and click Upload.
Tip: With the Discard Uploaded Version button, you can discard the previous uploaded update package before it is
scheduled and delete the system update task before the scheduled task is executed.
Schedule Update
Follow the steps below to schedule the system update:
1. Run the system update pre-check tool to verify the environment readiness for the auto-update.
3. Click Schedule.
4. Review the license agreement, select the I have read the subscription EULA check box and click I ACCEPT.

5. (Optional) Check the Enable Test Plan checkbox.
Tip: You can leave the Enable Test Plan checkbox unchecked to skip the test plan.
Note: Only user with domain and tenant access will be granted permission to run the test plan.

1) Click Select and specify the desired Tenant/Domain to perform Domain Health Check.
Note: If there are more than one tenant or domain, step 1) must be completed before proceeding to step 2).
Note: If there is only one tenant and domain, the Initial Tenant will be automatically selected and you can directly
proceed to step 2).

2) Click Auto Test Group to specify the devices for Data Accuracy Test.
Tip: The devices in the Auto Test Group are automatically selected according to the device type discovered by the
system. You can also manually edit or delete any devices to suit your specific needs.

3) Click Auto Test Application Folder to specify the application for Data Accuracy Test.
Note: The last used Application Paths (up to 5 paths) will be automatically copied to the Auto Test Application
Folder. You can also manually change the auto selected path in Application Manager.
6. Set up the schedule to start the system update.

Tip: You can edit or remove the system update once it is scheduled.
7. Click Submit to apply the above settings.
Note: A confirmation message will prompt if the selected tenant/domain does not have application path, you can click
Yes to dismiss the message and continue with the update process.
View Update Status

The possible status of auto update are as follows:
Stage of the Auto Update Possible Status
Before the execution of Auto • Ready for schedule.

Update
• Ready for running.
During the execution of Auto • Running.

Update
After the execution of Auto Update • The system is successfully updated to the new version.
• The system is successfully updated to the latest version, but the user
performs a manual rollback and the rollback succeeds.
• The system is successfully updated to the latest version, but the user
performs a manual rollback and the rollback fails.
• The update fails, and the system is rolled back to the old version.
• The update fails at the beginning (due to insufficient disk space to perform
auto-upgrade, unavailable component and etc.) and the roll back is not
executed.
View Update History

Follow the steps below to view the update history:
2. Click View Update History.

The update history only records the releases the system is scheduled to update with. The update history table
provides the following information:
• Update From: the release number from which the system is updated.
• Update To: the release number to which the system is updated.
• Update Time: when the system finished the update.
• Executor: the person to schedule the update
• Action: upgrade or user roll back.
• Status: one of the statuses in View Update Status.
• Release Note: the link of the release note.
• Installation Log: the link of the installation log.
• Test Report: the link of the test results.

4.8. Monitoring Server and Service Metrics
NetBrain Service Monitor provides a portal for administrators to observe the health of deployed Windows and
Linux servers, with operations management of related services. It collects various types of metrics data from these
deployed servers and visualizes them in tables or line charts.
Note: The Service Monitor Agent must be installed on the servers that you want to monitor.
Note: System upgrade feature heavily relies on all the NetBrain servers and service metrics, therefore it is required to
ensure all the NetBrain servers and component metrics can be viewed in the Service Monitor page.
To monitor server and service metrics:
1. In the System Management page, click the start menu> Service Monitor.
2. In the Service Monitor home page, you can monitor key server metrics, server connectivity, resource utilization,
service status and so on.
3. Customize the conditions for when to send out alert emails and take more actions for low disk space on
MongoDB by clicking Alert Rules. See Managing Alert Rules for more details.

5. Appendix
▪ Offline Installing Third-party Dependencies
▪ Editing a File with VI Editor
▪ SSL Certificate Requirements

▪ Third-Party User Authentication
5.1. Offline Installing Third-party Dependencies
1. Download the dependency package from a server with the Internet access using one of the following download
links according to the version of your Operating System:
▪ CentOS7.5: http://download.netbraintech.com/dependencies-centos7.5.tar.gz
▪ RHEL7.5: http://download.netbraintech.com/dependencies-rhel7.5.tar.gz
▪ OL7.7: http://download.netbraintech.com/dependencies-ol7.7.tar.gz

▪ Alma8.4: http://download.netbraintech.com/dependencies-almalinux8.4.tar.gz
▪ Rocky8.4: http://download.netbraintech.com/dependencies-rockylinux8.4.tar.gz
2. Copy the downloaded dependency package to your Linux server.
3. Run the tar -zxvf dependencies-<OS version>.tar.gz command to decompress the package.
Tip: Possible values of OS version include: centos7.5; centos7.6; centos7.7; centos7.8; centos7.9; centos8.2;
centos8.3; centos8.4; centos8.5; rhel7.5; rhel7.6; rhel7.7; rhel7.8; rhel7.9; rhel8.2; rhel8.3; rhel8.4;
rhel8.5; rhel8.5; rhel8.6; ol7.7; ol7.8; ol7.9; ol8.2; ol8.3; ol8.4; ol8.5; ol8.6;almalinux8.4;
almalinux8.5; almalinux8.6; rockylinux8.4; rockylinux8.5; rockylinux8.6.
4. Run the cd dependencies command to navigate to the decompressed directory.
5. Run the offline-install.sh command to install the dependencies.
5.2. Editing a File with VI Editor
The following steps illustrate how to edit a configuration file with the vi editor, which is the default text file editing
tool of a Linux operating system.
1. Create a terminal and run the cd command at the command line to navigate to the directory where the
configuration file is located.
2. Run the vi <configuration file name> command under the directory to show the configuration file.
3. Press the Insert or I key on your keyboard, and then move the cursor to the location where you want to edit.

4. Modify the file based on your needs, and then press the Esc key to exit the input mode.
5. Enter the :wq! command and press the Enter key to save the changes and exit the vi editor.
5.3. SSL Certificate Requirements
The requirements of SSL certificates may vary for different NetBrain servers, depending on their different roles in
SSL encrypted connections, SSL-server or SSL-client.
▪ SSL Certificate Requirements for SSL-Server

▪ SSL Certificate Requirements for SSL-Client
Certificate Requirements for SSL-Server

The following table lists the requirements of SSL certificates for NetBrain servers that work as SSL-server in
encrypted connections.
NetBrain Server Required SSL Certificate and Key Format
MongoDB ▪ Certificate that contains a public key. For example, cert.pem. Base-64 encoded X.509 PEM
License Agent ▪ CA certificate (only required for Elasticsearch). For example,
Elasticsearch ca.pem.
Redis ▪ Private key. For example, key.pem. PKCS#8 key

RabbitMQ Note: Private keys protected by a password are not supported.
Front Server Controller
Ansible Agent
Tip: The certificates in PEM format usually have extensions such as .pem, .crt, .cer, and .key.
Certificate Requirements for SSL-Client
Note: By default, NetBrain servers that work as SSL-client don't require any SSL certificates. If you want to authenticate the
Certificate Authority of the certificates for SSL-server, then the SSL certificates are required on SSL-client.
The following table lists the certificate requirements for SSL-client, including Web Server, Web API Server, Worker
Server, Front Server, Task Engine, and Service Monitor Agent.

Authentication Method Requirements Format
Use the certificates installed ▪ All the certificates are valid and installed in the certificate N/A
on Windows store.
▪ The certificate store must be under the Trusted Root

Certification Authorities directory instead of the Personal
directory.
Upload certificates when ▪ For Front Server and Worker Server: CA certificate containing Base-64 encoded X.509 PEM
installing NetBrain servers root CA certificate and class 2 CA certificate is required.
▪ For other SSL-client: class 2 or class 3 CA certificate is required.
5.4. Third-Party User Authentication
In addition to creating user accounts manually, the system supports integrating with the following third-party user
management systems for authentication.
▪ LDAP Authentication
▪ AD Authentication
▪ TACACS+ Authentication
▪ SSO Authentication

NetBrain System Setup Guide Two-Server Deployment

Uploaded by

Copyright:

Available Formats

NetBrain System Setup Guide Two-Server Deployment

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

NetBrain System Setup Guide Two-Server Deployment

Uploaded by

Copyright:

Available Formats

NetBrain® Integrated Edition 10.

Version 10.1 | Last Updated 2023-02-09

2. System Requirements ................................................................................................................................................................ 5

3. Deploying and Installing System............................................................................................................................................ 10

3.1. Installing NetBrain Database Server on Linux ............................................................................................................ 10

3.2. Installing NetBrain Application Server on Windows .................................................................................................. 19

4. Setting Up Your System ........................................................................................................................................................... 29

4.1. Logging in to System Management Page..................................................................................................................... 30

4.2. Activating a Subscription License .................................................................................................................................. 30

4.3. Creating User Accounts ................................................................................................................................................... 31

4.4. Allocating Tenants to Front Server Controller ............................................................................................................ 33

4.5. Adding a Front Server to a Tenant ................................................................................................................................ 35

4.6. Registering a Front Server ............................................................................................................................................... 36

4.7. Configuring Auto Upgrade Settings .............................................................................................................................. 37

4.8. Monitoring Server and Service Metrics ........................................................................................................................ 48

5.1. Offline Installing Third-party Dependencies ............................................................................................................... 49

5.2. Editing a File with VI Editor.............................................................................................................................................. 50

5.3. SSL Certificate Requirements ......................................................................................................................................... 51

5.4. Third-Party User Authentication .................................................................................................................................... 52

The two-server system architecture is as follows:

The system components include:

NetBrain Integrated Edition 10.1 System Setup Guide (Two-Server Deployment) | 3

License Agent provides services that validate and activate licenses.

Elasticsearch serves as a full-text search and analytics engine in a distributed multi-user

Redis provides memory cache for the system.

RabbitMQ translates messages from a component to another component.

Task Engine coordinates computing tasks.

4 | NetBrain Integrated Edition 10.1 System Setup Guide (Two-Server Deployment)

▪ Network Connectivity Requirements

Database Server 1 4 Physical 16GB 2) 300GB ▪ Red Hat Enterprise Linux

NetBrain Integrated Edition 10.1 System Setup Guide (Two-Server Deployment) | 5

1,001~2,000 Application Server 1 4 Physical 32GB 200GB ▪ Windows Server 2012/2012

Database Server 1 4 Physical 32GB 2) 300GB ▪ Red Hat Enterprise Linux

6 | NetBrain Integrated Edition 10.1 System Setup Guide (Two-Server Deployment)

Source Destination Protocol *) and Port Number **)

Thin Client Application Server HTTP/HTTPS (80/443)

Application Server Database Server TCP 5672/6379/9200/27017/27654/15672

Application Server Ansible Agent (add-on) TCP 9098

Application Server Live Network ICMP/SNMP/Telnet/SSH/REST API

Database Server Application Server TCP 9099

NetBrain Integrated Edition 10.1 System Setup Guide (Two-Server Deployment) | 7

▪ Special Requirements for Windows Server

▪ Click Retry after you have modified the system settings.

8 | NetBrain Integrated Edition 10.1 System Setup Guide (Two-Server Deployment)

▪ Special Requirements for Linux Server

NetBrain Integrated Edition 10.1 System Setup Guide (Two-Server Deployment) | 9

Install the system components in the following order:

1. Install NetBrain Database Server on Linux.

2. Install NetBrain Application Server on Windows.

3.1. Installing NetBrain Database Server on Linux

10 | NetBrain Integrated Edition 10.1 System Setup Guide (Two-Server Deployment)

Installing Database Server

3. Run the cd /opt/netbraintemp10.1 command to navigate to the /opt/netbraintemp10.1 directory.

4. Download the installation package.

5. Run the tar -zxvf netbrain-all-in-two-linux-x86_64-rhel-10.1.tar.gz command under the

NetBrain Integrated Edition 10.1 System Setup Guide (Two-Server Deployment) | 11

6. Run the cd netbrain-all-in-two-linux-10.1 command to navigate to the netbrain-all-in-two-linux-10.1

INFO: Creating installation log file

2022-01-29 14-39-23.453: Components to be installed: