Distributed cluster setup

Distributed clusters can include any combination of hardware and/or virtual appliances, regardless of physical location.

To set up a distributed cluster, follow these steps:

  1. Deploy the required number of Plixer Scrutinizer hardware or virtual appliances following the appropriate deployment guides and complete the initial appliance setup process.

  2. Start an SSH session as the plixer user with the appliance that will be used as the primary reporter for the cluster.

  3. Launch the scrut_util interactive CLI by running:

    /home/plixer/scrutinizer/bin/scrut_util

  4. At the SCRUTINIZER> prompt, register each additional appliance as a remote collector:

    SCRUTINIZER> set registercollector <APPLIANCE_IP>

  5. After registering all remote collectors, use the exit command to exit the scrut_util interactive CLI.

Once the Plixer Scrutinizer distributed cluster has been set up, exporters can be configured to send flows to any of the remote collectors. The web interface for the cluster can be accessed using the IP address or hostname of the primary reporter.

Note

  • When registering remote collectors, it is highly recommended that one collector should also be assigned the secondary reporter role.

    set registercollector <APPLIANCE_IP> secondary

    This appliance can later be promoted to function as the primary reporter (using the set selfreporter scrut_util command) if the cluster’s original primary reporter becomes unavailable.

  • To avoid potential bottlenecks in distributed configurations that include hardware appliances, 10 Gb networking is strongly recommended. If the appliances are geographically dispersed, the WAN link should also support 10G.

Ports used

If appliances in a distributed cluster are unable to communicate with each other, it may be necessary to whitelist the connections between the remote collectors and the primary reporter.

The following network ports are used in communications between appliances in a distributed environment:

Collector(s) -> Reporter (UDP)

Collector(s) <-> Reporter (TCP)

514
22
80 (or 443)
6432 and 5432

Note

To learn more about licensing options for distributed environments or for additional assistance, contact Plixer Technical Support.

Certificate management

Run these scripts to generate certificate signing requests (CSRs) and install the signed certificates to remote nodes in a distributed cluster.