Skip to content

Latest commit

 

History

History
232 lines (187 loc) · 7.3 KB

getting-started.adoc

File metadata and controls

232 lines (187 loc) · 7.3 KB

Installation and Configuration

Objectives

  • Install all required OpenNMS {page-component-title} components, including PostgreSQL, on a single node.

  • Run {page-component-title} core and PostgreSQL with the default configuration (which is not optimized to run in production and monitor large networks).

  • Log in to the web UI and change the default admin password.

Requirements

  • A Linux physical server or a virtual machine running a supported Linux operating system.

  • Internet access to download the installation packages.

  • A working DNS server, and a localhost and server name that resolve properly.

  • A system user with administrative permissions (sudo) to perform installation.

Set up PostgreSQL

Tip
PostgreSQL 14 uses the scram-sha-256 password authentication method by default. If you use older versions of PostgreSQL, you should change the method in postgresql.conf and in pg_hba.conf before continuing with the core instance installation.

Install the core instance

Important
For security reasons, {page-component-title} is designed to run within an organization’s protected intranet. Do not expose the web console and login pages directly to the Internet without appropriate isolation controls (for example, a VPN with multi-factor authentication).

Set up the core instance

Encrypt database credentials

It is also possible to store the PostgreSQL credentials in the secure credentials vault. To achieve this, use the scvcli command line utility to add the credentials, and reference these credentials in your opennms-datasources.xml file.

Create encrypted credentials for the PostgreSQL database connections:
./bin/scvcli set postgres opennms opennms-password
./bin/scvcli set postgres-admin postgres postgres-password
Reference the encrypted credentials stored in the secure credentials vault:
<jdbc-data-source name="opennms"
                    database-name="opennms"
                    class-name="org.postgresql.Driver"
                    url="jdbc:postgresql://localhost:5432/opennms"
                    user-name="${scv:postgres:username}"
                    password="${scv:postgres:password}" />

<jdbc-data-source name="opennms-admin"
                    database-name="template1"
                    class-name="org.postgresql.Driver"
                    url="jdbc:postgresql://localhost:5432/template1"
                    user-name="${scv:postgres-admin:username}"
                    password="${scv:postgres-admin:password}" />

Receive SNMP traps/informs

{page-component-title} core lets you receive and process SNMP traps/informs out of the box. {page-component-title} services run as an unprivileged user and can’t bind on port numbers below 1024 without escalated privileges. For this reason, the default port for the SNMP trap/inform listener is set to port number 10162/udp instead of the IANA registered port number 162/udp. The following example shows how to configure the local firewall daemon to forward port 162/udp to 10162/udp.

Note
If you need the SNMP trap listener on port 162/udp directly, see the "Binding to privileged ports" steps in Set up the core instance.

You can verify your firewall and port forwarding configuration by sending an SNMP trap from a remote system to your {page-component-title} core instance:

snmptrap -v 2c -c public opennms-core-host '' 1.3.6.1.4.1.2021.991.17 .1.3.6.1.2.1.1.6.0 s "Milky Way"(1)(2)
  1. By default, OpenNMS uses the community string public. If you changed the community string in {page-component-title}, use that name here.

  2. Replace opennms-core-host with the IP or FQDN of your {page-component-title} core instance.

On RHEL and CentOS, the snmptrap command line tool is part of the net-snmp-utils. If you run on Debian or Ubuntu, the tool is part of the snmp-utils package.

Your configuration works as expected when you see an SNMP trap event in the web UI.

  1. Log in to the web UI.

  2. Click Status → Events → All events.

  3. Verify you received a uei.opennms.org/generic/traps/EnterpriseDefault event from your test host.

First login

After you start the {page-component-title} core services, access the web application at http://core-instance-ip:8980/opennms. The default login and password is admin.

Important
Immediately change the password to a secure one.
  1. Open http://core-instance-ip:8980/opennms in your web browser.

  2. Log in with with the default user name and password.

  3. Click admin → Change Password in the navigation bar.

  4. Use admin as the current password, then enter and confirm a new password in the appropriate boxes.

  5. Click Submit.

  6. Log out, then log in with your new password.

First monitored node

The default configuration will discover a single node with an interface 127.0.0.1 and detect services exposed on the loopback interface, including the OpenNMS-JVM service. Nodes with this service have JMX-based data collection performed on Java JVM statistics such as heap memory and open file handles.