6.1 Installing Vertica

This section provides information about installing and configuring Vertica.

6.1.1 Prerequisites

To complete the prerequisites, see the following sections:

Configuring the Vertica Node

  1. Provision the Vertica server with at least 3 GB of swap space.

    NOTE:Identity Intelligence supports using Vertica on a host with a Linux Logical Volume Manager (LVM) formatted disk.

  2. Register a service with the operating system to start the Vertica Kafka scheduler automatically when the operating system starts. You can register a service manually or by using the /opt/<Identity_Intelligence_Installer>/scripts/postinstall_create_kafka_scheduler_svc.sh script.

  3. Add the following parameters to /etc/sysctl.conf and reboot the server for the changes to take effect:

    Parameter

    Description

    net.core.somaxconn = 1024

    Increases the number of incoming connections

    net.core.wmem_max = 16777216

    Sets the send socket buffer maximum size in bytes

    net.core.rmem_max = 16777216

    Sets the receive socket buffer maximum size in bytes

    net.core.wmem_default = 262144

    Sets the receive socket buffer default size in bytes

    net.core.rmem_default = 262144

    Controls the default size of receive buffers used by sockets

    net.core.netdev_max_backlog = 100000

    Increases the length of the processor input queue

    net.ipv4.tcp_mem = 16777216 16777216 16777216

    net.ipv4.tcp_wmem = 8192 262144 8388608

    net.ipv4.tcp_rmem = 8192 262144 8388608

    net.ipv4.udp_mem = 16777216 16777216 16777216

    net.ipv4.udp_rmem_min = 16384

    net.ipv4.udp_wmem_min = 16384

    net.ipv4.tcp_max_syn_backlog = 4096

    Increases the allowed number of outstanding syn requests

    dirty_ratio = 8

    Sets the number of pages at which a process that generates disk writes starts writing out dirty data

    For more information, see Tuning Linux Dirty Data Parameters for Vertica.

    vm.swappiness = 1

    Defines the amount and frequency at which the kernel copies RAM contents to a swap space

    For more information, see Check for Swappiness.

  4. Add the following parameters to /etc/rc.local. You must reboot the server for the changes to take effect.

    Parameter

    Description

    echo 'echo <scheduler_value> > /sys/block/sda/queue/scheduler' >> /etc/rc.local

    Changes I/O scheduling to a supported scheduler

    For more information, see I/O Scheduling.

    chmod +x /etc/rc.local

  5. To increase the process limit, add the following parameters including * in the /etc/security/limits.d/20-nproc.conf:

    * soft nproc 10240

    * hard nproc 10240

    * soft nofile 65536

    * hard nofile 65536

    * soft core unlimited

    * hard core unlimited

  6. In /etc/default/grub, append line GRUB_CMDLINE_LINUX with intel_idle.max_cstate=0 processor.max_cstate=1.

    Example:

    GRUB_CMDLINE_LINUX="vconsole.keymap=us crashkernel=autovconsole.font=latarcyrheb-sun16 rhgb quiet intel_idle.max_cstate=0processor.max_cstate=1"

  7. Execute the command grub2-mkconfig -o /boot/grub2/grub.cfg to update the configuration changes.

  8. If you have firewall configured in the Vertica node, ensure to open the Vertica ports in the firewall.

  9. Disable the firewall:

    iptables -F

    iptables -t nat -F

    iptables -t mangle -F

    iptables -X

    systemctl mask firewalld

    systemctl disable firewalld

    systemctl stop firewalld

    You can enable the firewall after the installation. For more information, see Firewall Considerations.

  10. Set SELinux to permissive mode:

    vi /etc/selinux/config

    SELINUX=permissive

    For more information, see SELinux Configuration.

  11. Configure the BIOS for maximum performance:

    System Configuration > BIOS/Platform Configuration (RBSU) > PowerManagement > HPE Power Profile > Maximum Performance

  12. Reboot the server and use the ulimit -a command to verify that the limits have increased.

Enabling Password-less SSH Access

Before you install the Vertica database, generate a key pair on node 1 and then copy the public key to all nodes in the cluster, including node 1. This enables password-less SSH access from the node 1 server to all of the other node servers in the cluster.

NOTE:You must repeat the authentication process for each node in the cluster.

  1. Log in to Vertica cluster node 1 server.

  2. Run the command:

    ssh-keygen -q -t rsa

  3. Copy the key from node 1 to all of the nodes, including node 1, using the node IP address:

    ssh-copy-id -i ~/.ssh/id_rsa.pub root@11.111.111.111

    The system displays the key fingerprint and requests to authenticate the node server.

  4. Specify the credentials for the node.

    The operation is successful when the system displays the following message:

    Number of key(s) added: 1

  5. To verify successful key installation, run the following command from node 1 to the target node to verify that node 1 can successfully log in:

    ssh root@11.111.111.111

Setting Vertica Properties

Before installing Vertica, you must set the values for various Vertica properties based on your deployment size.

To set Vertica properties, perform the following:

  1. Log in to the Vertica cluster node 1 server.

  2. Change to the directory where you want to install Vertica:

    cd <vertica_installer_directory>

    For example:

    cd /opt

  3. Create a folder for Vertica database installer script:

    mkdir arcsight-vertica

  4. Copy the downloaded Vertica installer file to arcsight-vertica:

    cp <download_directory>/identityintelligence-x.x.x.x/installers/arcsight-vertica-installer_x.x.x.tar.gz /opt/arcsight-vertica

    For information about downloading the Vertica installer file, see Downloading Identity Intelligence.

  5. Unzip the copied file using the command:

    tar xvfz arcsight-vertica-installer_x.x.x.tar.gz

  6. (Conditional) If you plan to deploy Vertica and Identity Intelligence on the same node, set the values for the following properties. For information about the values that must be set, see Hardware Requirements and Tuning Guidelines

    File

    Properties

    vertica.properties

    • tm_concurrency

    • tm_memory

    • active_partition

    config/resource_pools.properties

    • ingest_pool_memory_size

    • mf_entity_ingest_pool_memory_size

    • mf_entity_ingest_pool_planned_concurrency

    config/sched.properties

    • plannedconcurrency

    • maxconcurrency

    • tm_memory_usage

  7. (Conditional) If you plan to deploy Vertica on an independent node, retain the default Vertica resource tuning values.

  8. In the config/vertica_user.properties file, set the values as explained in the following table:

    Property

    Description

    hosts

    Specify the IP address of the Vertica node.

    If you want to install Vertica on multiple nodes, provide a comma-separated list of node IP addresses in IPv4 format (for example, 1.1.1.1, 1.1.1.2, 1.1.1.3).

    For high availability, you must set up minimum 3 Vertica nodes.However, if you have modified the value of K-safe, ensure that you set up the required number of nodes. For more information, see K-Safety.

    If you plan to expand the cluster by adding nodes after installation, avoid using loopback address (localhost, 127.0.0.1, etc.) and specify the IP address or hostname of the node.

    license

    Vertica is installed with community edition when there is no license file.

    To upgrade to enterprise edition, download the license file from the Micro Focus Customer Center portal and edit this parameter to point to the license file. This installs the Vertica license during installation.

    You can also install the license anytime during the trial period. For more information, see Installing the License for Vertica.

    db_retention_day

    Used for the data retention policy.

6.1.2 Installing Vertica

To install Vertica, complete the following steps.

  1. Log in to Vertica cluster node 1 server.

  2. Change to the directory where you have the Vertica installation package.

    cd <vertica_installer_directory>/arcsight-vertica

  3. Install Vertica using the command:

    ./vertica_installer install

  4. Execute the following firewall commands to complete the installation successfully:

    systemctl unamsk firewalld
    systemctl start firewalld
    systemctl enable firewalld
  5. When prompted, create the database administrator user and the search user.

    You will need the database administrator credentials to access the Vertica database host. You will need the search user credentials when you configure Vertica in CDF.

  6. Create the schema:

    ./vertica_installer create-schema

  7. Set the database lock time out value as 600 by using the command:

    runuser -l <db_admin_username> -c "vsql -w \"<db_admin_password>\" -c \"ALTER DATABASE investigate set LockTimeout = 600\""

  8. (Conditional) If you plan to have both Vertica and CDF on the same node, you must configure the Vertica agent to use a different port.

    To change the Vertica agent port:

    1. Change the Vertica agent port using the command:

      sed -i 's/^agent_port = 5444/agent_port = <new_port>/g' "/opt/vertica/agent/config.py"

      Example:

      sed -i 's/^agent_port = 5444/agent_port = 5445/g' "/opt/vertica/agent/config.py"

    2. Restart Vertica agent by using the command:

      systemctl restart vertica_agent