Trento reorg install agents (#204)

* Install agents include --------- Co-authored-by: Dmitri Popov <[email protected]>
SUSE · Feb 4, 2025 · ee3f7a8 · ee3f7a8
1 parent 1623c2e
commit ee3f7a8
Show file tree

Hide file tree

Showing 2 changed files with 184 additions and 146 deletions.
diff --git a/trento/xml/article_sap_trento.xml b/trento/xml/article_sap_trento.xml
@@ -83,152 +83,7 @@ As agreed on https://confluence.suse.com/x/DAEcN on our Trento doc kick off
 <xi:include href="trento-lifecycle.xml"/>
 <xi:include href="trento-requirements.xml"/>
 <xi:include href="trento-install-server.xml"/>
-
-  <section xml:id="sec-trento-installing-trentoagent">
-    <title>Installing &t.agent;s</title>
-    <important>
-      <title>Expect changes in the installation procedure</title>
-      <para>
-        The product is under active development. Expect changes in the described
-        installation procedure.
-      </para>
-    </important>
-
-    <para>
-      Before you can install a &t.agent;, retrieve the API key of your &t.server;.
-      Proceed as follows:
-    </para>
-    <procedure>
-      <step>
-        <para>
-          Open the URL of the Trento Web console (<uri>http://<replaceable>TRENTO_SERVER_HOSTNAME</replaceable></uri>).
-          It prompts you for a user name and password:
-        </para>
-        <!-- add login of Trento Server -->
-        <informalfigure>
-          <mediaobject>
-            <imageobject>
-              <imagedata fileref="trento-web-login.png" width="30%"/>
-            </imageobject>
-          </mediaobject>
-        </informalfigure>
-      </step>
-      <step>
-        <para>Enter the credentials for the <systemitem class="username">admin</systemitem> user
-          (established when installing &t.server;).</para>
-      </step>
-      <step>
-        <para>Click <guimenu>Login</guimenu>. As this is the first time you access the console,
-          you will be prompted to accept the license agreement. Click <guimenu>Accept</guimenu> to continue.
-          Otherwise, you cannot use Trento.</para>
-      </step>
-      <step>
-        <para>Once inside the console, go to Settings:</para>
-        <!-- Add API key screen -->
-        <informalfigure>
-          <mediaobject>
-            <imageobject>
-              <imagedata fileref="trento-settings-apikey.png" width="80%"/>
-            </imageobject>
-          </mediaobject>
-        </informalfigure>
-      </step>
-      <step>
-        <para>Click the <guimenu>Copy</guimenu> button to copy the key to your clipboard.</para>
-      </step>
-    </procedure>
-    <para>
-      To install the &t.agent; on an SAP host and register it
-      with the &t.server;, repeat the steps in <xref linkend="pro-trento-installing-trentoagent"/>:
-    </para>
-    <procedure xml:id="pro-trento-installing-trentoagent">
-      <title>Installing &t.agent;s</title>
-      <step>
-        <para>
-          Install the package:
-        </para>
-        <screen>&prompt.user;sudo zypper ref
-&prompt.user;sudo zypper install trento-agent</screen>
-      </step>
-      <step>
-        <para>
-          Open the configuration file <filename>/etc/trento/agent.yaml</filename>
-          and uncomment (use <literal>#</literal>) the entries for
-          <parameter>facts-service-url</parameter>, <parameter>server-url</parameter> and
-          <parameter>api-key</parameter>. Update the values appropriately:
-        </para>
-        <itemizedlist>
-          <listitem>
-            <para><parameter>facts-service-url</parameter>: the address of the AMQP RabbitMQ service used
-            for communication with the checks engine (wanda). The correct value of this parameter depends on
-            how &t.server; was deployed.</para>
-            <para> In a Kubernetes deployment, it is <uri>amqp://trento:trento@TRENTO_SERVER_HOSTNAME:5672/</uri>. If the default RabbitMQ username and password (trento) were updated using helm,
-            the parameter must use the custom value. </para>
-            <para> In a systemd or containerized deployment, the correct value is <uri>amqp://TRENTO_USER:TRENTO_USER_PASSWORD@TRENTO_SERVER_HOSTNAME:5672/vhost</uri>. If <replaceable>TRENTO_USER</replaceable> and <replaceable>TRENTO_USER_PASSWORD</replaceable> were replaced with custom values, you must use them.
-            </para>
-          </listitem>
-          <listitem>
-            <para><parameter>server-url</parameter>: URL for the Trento Server (<uri>http://TRENTO_SERVER_HOSTNAME</uri>)
-            </para>
-          </listitem>
-          <listitem>
-            <para>
-              <parameter>api-key</parameter>: the API key retrieved from the Web console
-            </para>
-          </listitem>
-        </itemizedlist>
-      </step>
-      <step>
-        <para>
-          If SSL termination has been enabled on the server side, you can encrypt the
-          communication from the agent to the server as follows:</para>
-        <itemizedlist>
-          <listitem>
-            <para>Provide an HTTPS URL instead of an HTTP one.</para>
-          </listitem>
-          <listitem>
-            <para>Import the certificate from the CA that has issued your
-              &t.server; SSL certificate into the &t.agent; host as follows:</para>
-            <procedure>
-              <step>
-                <para>Copy the CA certificate in PEM format to <filename>/etc/pki/trust/anchors/</filename>.
-                If your CA certificate is in CRT format, convert it to PEM using the <command>openssl</command>
-                  command as follows:
-                </para>
-                <screen><command>openssl</command> x509 -in mycert.crt -out mycert.pem -outform PEM</screen>
-              </step>
-              <step>
-                <para>Run the <command>update-ca-certificates</command> command.</para>
-              </step>
-            </procedure>
-          </listitem>
-        </itemizedlist>
-      </step>
-      <step>
-        <para>
-          Start the &t.agent;:
-        </para>
-        <screen>&prompt.user;sudo systemctl enable --now trento-agent</screen>
-      </step>
-      <step>
-        <para>Check the status of the &t.agent;:</para>
-        <screen>&prompt.user;sudo systemctl status trento-agent
-● trento-agent.service - &t.agent; service
-     Loaded: loaded (/usr/lib/systemd/system/trento-agent.service; enabled; vendor preset: disabled)
-     Active: active (running) since Wed 2021-11-24 17:37:46 UTC; 4s ago
-   Main PID: 22055 (trento)
-      Tasks: 10
-     CGroup: /system.slice/trento-agent.service
-             ├─22055 /usr/bin/trento agent start --consul-config-dir=/srv/consul/consul.d
-             └─22220 /usr/bin/ruby.ruby2.5 /usr/sbin/SUSEConnect -s
-
-[...]</screen>
-      </step>
-      <step>
-        <para> Repeat this procedure in all SAP hosts that you want to monitor. </para>
-      </step>
-    </procedure>
-  </section>
+<xi:include href="trento-install-agents.xml"/>
 
         <section xml:id="sec-trento-user-management">
     <title>User management</title>

diff --git a/trento/xml/trento-install-agents.xml b/trento/xml/trento-install-agents.xml
@@ -0,0 +1,183 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<?xml-model href="file:/usr/share/xml/geekodoc/rng/geekodoc5-flat.rnc"
+   type="application/relax-ng-compact-syntax"?>
+<!DOCTYPE article
+[
+  <!ENTITY % entities SYSTEM "generic-entities.ent">
+  %entities;
+]>
+<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xi="http://www.w3.org/2001/XInclude" xml:id="sec-trento-installing-trentoagent">
+  <title>Installing &t.agent;s</title>
+  <para>
+    Before you can install a &t.agent;, you must obtain the API key of your &t.server;.
+    Proceed as follows:
+  </para>
+  <procedure>
+    <step>
+      <para>
+        Open the URL of the Trento Web interface
+        (<uri>http://<replaceable>TRENTO_SERVER_HOSTNAME</replaceable></uri>).
+        It prompts you for a user name and password:
+      </para>
+      <!-- add login of Trento Server -->
+      <informalfigure>
+        <mediaobject>
+          <imageobject>
+            <imagedata fileref="trento-web-login.png" width="30%"/>
+          </imageobject>
+        </mediaobject>
+      </informalfigure>
+    </step>
+    <step>
+      <para>
+        Enter the credentials for the <systemitem
+        class="username">admin</systemitem> user (specified during installation of
+        &t.server;).
+      </para>
+    </step>
+    <step>
+      <para>
+        Click <guimenu>Login</guimenu>.
+      </para>
+    </step>
+    <step>
+      <para>
+        When you are logged in, go to Settings:
+      </para>
+      <!-- Add API key screen -->
+      <informalfigure>
+        <mediaobject>
+          <imageobject>
+            <imagedata fileref="trento-settings-apikey.png" width="80%"/>
+          </imageobject>
+        </mediaobject>
+      </informalfigure>
+    </step>
+    <step>
+      <para>
+        Click the <guimenu>Copy</guimenu> button to copy the key to the clipboard.
+      </para>
+    </step>
+  </procedure>
+  <para>
+    To install the &t.agent; on an SAP host and register it with the &t.server;,
+    repeat the steps in <xref linkend="pro-trento-installing-trentoagent"/>:
+  </para>
+  <procedure xml:id="pro-trento-installing-trentoagent">
+    <title>Installing &t.agent;s</title>
+    <step>
+      <para>
+        Install the package:
+      </para>
+<screen>&prompt.user;sudo zypper ref
+&prompt.user;sudo zypper install trento-agent</screen>
+    </step>
+    <step>
+      <para>
+        Open the configuration file <filename>/etc/trento/agent.yaml</filename>
+        and uncomment (remove the
+        <literal>#</literal> character) the entries for <parameter>facts-service-url</parameter>,
+        <parameter>server-url</parameter> and <parameter>api-key</parameter>.
+        Update the values as necessary:
+      </para>
+      <itemizedlist>
+        <listitem>
+          <para>
+            <parameter>facts-service-url</parameter>: the address of the AMQP
+            RabbitMQ service used for communication with the checks engine
+            (wanda). The correct value of this parameter depends on how
+            &t.server; was deployed.
+          </para>
+          <para>
+            In a &k8s; deployment, it is
+            <uri>amqp://trento:trento@TRENTO_SERVER_HOSTNAME:5672/</uri>. If the
+            default RabbitMQ username and password
+            (<literal>trento:trento</literal>) were updated using Helm, the
+            parameter must use a user-defined value.
+          </para>
+          <para>
+            In a systemd or containerized deployment, the correct value is
+            <uri>amqp://TRENTO_USER:TRENTO_USER_PASSWORD@TRENTO_SERVER_HOSTNAME:5672/vhost</uri>.
+            If <replaceable>TRENTO_USER</replaceable> and
+            <replaceable>TRENTO_USER_PASSWORD</replaceable> have been replaced
+            with custom values, you must use them.
+          </para>
+        </listitem>
+        <listitem>
+          <para>
+            <parameter>server-url</parameter>: URL for the Trento Server
+            (<uri>http://TRENTO_SERVER_HOSTNAME</uri>)
+          </para>
+        </listitem>
+        <listitem>
+          <para>
+            <parameter>api-key</parameter>: the API key retrieved from the Web console
+          </para>
+        </listitem>
+      </itemizedlist>
+    </step>
+    <step>
+      <para>
+        If SSL termination has been enabled on the server side, you can encrypt
+        the communication from the agent to the server as follows:
+      </para>
+      <itemizedlist>
+        <listitem>
+          <para>
+            Provide an HTTPS URL instead of an HTTP one.
+          </para>
+        </listitem>
+        <listitem>
+          <para>
+            Import the certificate from the Certificate Authority that has
+            issued your &t.server; SSL certificate into the &t.agent; host as
+            follows:
+          </para>
+          <procedure>
+            <step>
+              <para>
+                Copy the CA certificate in the PEM format to
+                <filename>/etc/pki/trust/anchors/</filename>. If the CA
+                certificate is in the CRT format, convert it to PEM using the
+                following <command>openssl</command> command:
+              </para>
+<screen><command>openssl</command> x509 -in mycert.crt -out mycert.pem -outform PEM</screen>
+            </step>
+            <step>
+              <para>
+                Run the <command>update-ca-certificates</command> command.
+              </para>
+            </step>
+          </procedure>
+        </listitem>
+      </itemizedlist>
+    </step>
+    <step>
+      <para>
+        Start the &t.agent;:
+      </para>
+<screen>&prompt.user;sudo systemctl enable --now trento-agent</screen>
+    </step>
+    <step>
+      <para>
+        Check the status of the &t.agent;:
+      </para>
+<screen>&prompt.user;sudo systemctl status trento-agent
+● trento-agent.service - &t.agent; service
+     Loaded: loaded (/usr/lib/systemd/system/trento-agent.service; enabled; vendor preset: disabled)
+     Active: active (running) since Wed 2021-11-24 17:37:46 UTC; 4s ago
+   Main PID: 22055 (trento)
+      Tasks: 10
+     CGroup: /system.slice/trento-agent.service
+             ├─22055 /usr/bin/trento agent start --consul-config-dir=/srv/consul/consul.d
+             └─22220 /usr/bin/ruby.ruby2.5 /usr/sbin/SUSEConnect -s
+
+[...]</screen>
+    </step>
+    <step>
+      <para>
+        Repeat this procedure on all SAP hosts that you want to monitor.
+      </para>
+    </step>
+  </procedure>
+</section>