Distributed cluster setupΒΆ
Distributed clusters can include any combination of hardware and/or virtual appliances, regardless of physical location.
To set up a distributed cluster, follow these steps:
Deploy the Plixer Scrutinizer hardware or virtual appliances following the deployment guides in this documentation.
Important
To avoid potential bottlenecks in distributed configurations that include hardware appliances, 10 Gb networking is strongly recommended. If the appliances are geographically dispersed, 10G is only required if the WAN link can support it.
Start an SSH session as the
plixeruser with the appliance that should act as the primary Reporter.Launch the scrut_util interactive CLI by running:
/home/plixer/scrutinizer/bin/scrut_util
At the
SCRUTINIZER>prompt, designate the current appliance as the primary Reporter by entering:SCRUTINIZER> set selfreporter
From the primary Reporter, register each additional appliance as a remote Collector:
SCRUTINIZER> set registercollector [collector_appliance_ip] <secondary>
Hint
The optional
secondaryflag is used to promote the remote Collector to secondary Reporter status.After registering all remote Collectors, use the
exitcommand to exit the scrut_util interactive CLI.
Once the Plixer Scrutinizer distributed cluster has been set up, Exporters can be configured to send flows to any of the remote Collectors.
To access the web interface for the cluster, connect using the IP address of the primary Reporter.
Ports used
If appliances in a distributed cluster are unable to communicate with each other, it may be necessary to whitelist the connections between the remote Collectors and the primary Reporter.
The following network ports are used in communications between appliances in a distributed environment:
Collector(s) -> Reporter (UDP) |
Collector(s) <-> Reporter (TCP) |
514 |
22
80 (or 443)
6432 and 5432
|
Important
To learn more about licensing options for distributed environments or for additional assistance, contact Plixer Technical Support.