Installing ONES Application
These steps will guide a user how to install a tar-ball package on base Linux based machine
ONES Application system - Installation Steps
Enable super-user mode
user@ones-application:~$ sudo su
Extract the contents of the downloaded ONES Installer tar.gz file
root@ones-application:~$ tar -xvf ONES-4.0.0.tar.bz2
Go to ONES-4.0 folder on the server machine
root@ones-aplication:~$ cd ONES-4.0
Run ones-installer.sh to Install the ONES application function
root@ones-application:~/ONES-4.0$ ./ones-installer.sh
While upgrading there is no dependency of prevision version files, Once the upgrade process is completed, user manually have to delete the previous version files/Packages from the device, Script do not touch old version files
By default, the installer does not provide any license, user needs to contact AVIZ support Team.
ONESv4.0 support SSL certificate integration
User can choose YES if the User wants to integrate their own SSL certificate
root@aviz:/home/aviz/ones-1754654734-onprem# ./ones-installer.sh Installing Open Networking Enterprise Suite (ONES) .................................................. Starting ONES Installer ONES Containers not found. Initiating a fresh installation... Installing prerequisites for ONES application pip is installed, so skipping it containerd package is installed, so skipping it docker packages are installed, so skipping it docker-compose is installed, so skipping it ssh package is installed, so skipping it ONES is getting installed for the first time, Please follow the prompts carefully and select the appropriate options as instructed .................... Installing ONES application... Do you want to install domain SSL certificate(if not, self-signed certificate will be used)? [y/n]: y Enter the path to the private key file: /home/aviz/server.pem Enter the path to the certificate file: /home/aviz/server.crt.pemNote* Replace the Private key & certificate path to correct location
Choose No, if the user wants to use a self-signed certificate that is integrated into ONES package
root@aviz:/home/aviz/ones-1754654734-onprem# ./ones-installer.sh Installing Open Networking Enterprise Suite (ONES) .................................................. Starting ONES Installer ONES Containers not found. Initiating a fresh installation... Installing prerequisites for ONES application pip is installed, so skipping it containerd package is installed, so skipping it docker packages are installed, so skipping it docker-compose is installed, so skipping it ssh package is installed, so skipping it ONES is getting installed for the first time, Please follow the prompts carefully and select the appropriate options as instructed .................... Installing ONES application... Do you want to install domain SSL certificate(if not, self-signed certificate will be used)? [y/n]: n Using self signed certificates...
Enable or disable the ONE DL feature
User can choose YES if the User wants to enable ONES DataLake feature.
Do you want to enable ONE-DL feature? [y/n]: y Since ONE-DL configuration has been chosen, please provide the information below... Enter EC2 ONE-DL Backend Public DNS Endpoint: <Path>User can choose No if need not to enable ONES DataLake feature
Do you want to enable ONE-DL feature? [y/n]: n
The installation allows a user to enable DB backup
Users can choose the local or remote location to backup the database
By default, the application creates a database backup every 86400 seconds(1 day), but the user can modify it as per the requirement
Local and Remote Backup
By-default application creates 1 backup for local and for remote,
It has a range of 1 to 3 and once it will add one more it will remove the first copy of the database,
User can modify the number of backup files at the time of installation
By-default ONES create ./backup directory to maintain local database
Local backup:
Do you want to enable DB backup feature? [y/n]: y
Where do you want to store the backups? [local/remote]: local #local keyword trigger local database on server
Enter the full path to the backup directory: ./backups #Enter the server directory in which user wants to take backup
Enter the number of backups (between 1 and 3) to retain (Older backups will be deleted): 1 #Enter the number of backup user wants to create
Enter the backup interval in seconds (3600 seconds or higher): 86400 #Enter the value in seconds to take a backup Remote backup:
Do you want to enable DB backup feature? [y/n]: y
Where do you want to store the backups? [local/remote]: remote #remote keyword trigger remote database on server
Please make sure the remote server is reachable via SSH
Enter the remote machine IP: 10.0.0.1
Enter the remote machine username: admin
Enter the remote machine password:
Connected to remote machine
Enter the backup directory: ~/backups #Enter the remote server directory in which user wants to take backup
Backup is being done in 10.0.0.1 at ~/backups
Enter the number of backups (between 1 and 100) to retain (Older backups will be deleted): 5 #Enter the number of backup user wants to create
Enter the backup interval in seconds (3600 seconds or higher): 86400 #Enter the value in seconds to take a backup ONESv4.0 support certificate-based authentication between ONES App and devices for GNMI and Auto-discovery
For agent auto-discovery agent will act as a client and the collector as a server. For normal gnmi communication, the agent will act as a server and the collector as a client. Need certificates based on this.
No:
Do you want to enable certificate based authentication between ONES controller and devices? [y/n]: nYes:
Do you want to enable certificate based authentication between ONES controller and devices? [y/n]: y
Enter the path to the ca-cert.pem file: ca-cert.pem
Enter the path to the server-cert.pem file: server-cert.pem
Enter the path to the server-key.pem file: server-key.pem
Enter the path to the client-cert.pem file: client-cert.pem
Enter the path to the client-key.pem file: client-key.pem
Proceeding with certificates for Agent Auto Registration
Enter the path to the ca-cert-reg.pem file: ca-cert-reg.pem
Enter the path to the server-cert.pem file: server-cert.pem
Enter the path to the server-key.pem file: server-key.pem
Enter the path to the client-cert.pem file: client-cert.pem
Enter the path to the client-key.pem file: client-key.pem
The user needs to provide the certificate path and replace the key name with the path of the certificate to be used here
ONES Application support IP-based Access & FQDN Access
IP based
Enter the ONES App URL for Rule-Engine Alert [https://<host-ip or domain>]: https://1.1.1.1FQDN based
Enter the ONES App URL for Rule-Engine Alert [https://<host-ip or domain>]: https://ga.aviz.comONESv4.0 support password-based(MD5) authentication between ONES App and devices for GNMI and Auto-discovery
User can choose yes if need password based authentication
Do you want to enable agent authentication ? [y/n]: y Enter the ones-agent username: admin Enter the ones-agent password:User can choose no if there no requirement of authentication
Do you want to enable agent authentication ? [y/n]: n
ONES AI Assistnce Feature
User can also enable this feaure if required
Do you want to enable AI Assistant feature? [y/n]: y
Users cannot simultaneously select both certificate-based authentication and password-based authentication between the agent and the ONES application. They must choose one authentication method at a time for securing communication between the agent and the ONES app if required.
Installation begins
root@aviz:/home/aviz/ones-1755167586-onprem# ./ones-installer.sh
Installing Open Networking Enterprise Suite (ONES)
..................................................
Starting ONES Installer
ONES Containers not found. Initiating a fresh installation...
Installing prerequisites for ONES application
pip is installed, so skipping it
containerd package is installed, so skipping it
docker packages are installed, so skipping it
docker-compose is installed, so skipping it
Installing sshpass...
dpkg: warning: downgrading sshpass from 1.09-1 to 1.06-1
(Reading database ... 82230 files and directories currently installed.)
Preparing to unpack .../sshpass_1.06-1_amd64.deb ...
Unpacking sshpass (1.06-1) over (1.09-1) ...
Setting up sshpass (1.06-1) ...
Processing triggers for man-db (2.10.2-1) ...
ONES is getting installed for the first time, Please follow the prompts carefully and select the appropriate options as instructed
....................
Installing ONES application...
Do you want to install domain SSL certificate(if not, self-signed certificate will be used)? [y/n]: n
Using self signed certificates...
Do you want to enable ONE-DL feature? [y/n]: n
Do you want to enable DB backup feature? [y/n]: n
Do you want to enable certificate based authentication between ONES controller and devices? [y/n]: n
Enter the ONES App URL for Rule-Engine Alert [https://<host-ip or domain>]: https://ga.aviz.com
Do you want to enable agent authentication ? [y/n]: n
Do you want to enable AI Assistant feature? [y/n]: n
AI Assistant feature not enabled. Setting to false.
Setting up the environment and loading essential dockers...
Loading images:
- avizdock/ones-collector:v4.0.0... Done
- avizdock/timescaledb:pg16... Done
- avizdock/ones-ui:v4.0.0... Done
- avizdock/pty-server:v4.0.0... Done
- avizdock/ones-gateway:v4.0.0... Done
- avizdock/ones-fm:v4.0.0... Done
- avizdock/postgres:14... Done
- avizdock/docker:v4.0.0... Done
- avizdock/ones-db-backup:v4.0.0... Done
- avizdock/zookeeper:v4.0.0... Done
- avizdock/kafka:v4.0.0... Done
- avizdock/schemaregistry:v4.0.0... Done
- avizdock/kafka-connect:v4.0.0... Done
- avizdock/ksqldb-server:v4.0.0... Done
- avizdock/ones-stream-processor:v4.0.0... Done
- avizdock/apiserver:v4.0.0... Done
- avizdock/ones-rule-service:v4.0.0... Done
- avizdock/air-model:latest... Done
- avizdock/ai-assistant:v4.0.0... Done
Creating volumes:
- ones-collector-db-data... Created.
- ones-ui-data... Created.
- ones-fm-db-data... Created.
- ones-fm-data... Created.
- ones-rule-db-data... Created.
- ones-configdiff-data... Created.
....
- Total images loaded: 19
- Total failed loads: 0
- Volumes created: 6
- ones-network... Already exists.
Cleaning up containers...
Cleaning containers: [100%] [#############################.]
All containers cleaned up successfully.
Bringing up ONES app containers
Bringing up ONES-collector-db container in no recreate mode and ONES-fm-db
Creating ones-collector-db ... done
Creating ones-fm-db ... done
Creating ones-rule-service-db ... done
Creating zookeeper ... done
Name Command State Ports
----------------------------------------------------------------------------------------------------------------------------
ones-collector-db /docker-entrypoint.sh postgres Up 0.0.0.0:5432->5432/tcp,:::5432->5432/tcp, 8008/tcp, 8081/tcp
ones-fm-db docker-entrypoint.sh postgres Up 0.0.0.0:2345->5432/tcp,:::2345->5432/tcp
ones-rule-service-db docker-entrypoint.sh postgres Up 0.0.0.0:2456->5432/tcp,:::2456->5432/tcp
zookeeper /etc/confluent/docker/run Up 0.0.0.0:2181->2181/tcp,:::2181->2181/tcp, 2888/tcp, 3888/tcp
please wait for collector-db, rule-service-db and fm-db to initialize
........................................................................................................................zookeeper is up-to-date
Creating broker ... done
ones-collector-db
ones-rule-service-db
................................................................................................................................................................................................................................................zookeeper is up-to-date
broker is up-to-date
Creating ksqldb-server ... done
Creating schema-registry ... done
Creating kafka-connect ... done
............................................................
ones-fm-db is up-to-date
zookeeper is up-to-date
broker is up-to-date
Creating ones-gateway ... done
Creating ones-fm ... done
Creating ones-collector ... done
........................................................................................................................Creating ones-ui ...
Creating ones-rule-service ...
Creating docker ...
ones-fm-db is up-to-date
Creating ones-pty-server ...
Creating api-server ...
ones-collector-db is up-to-date
zookeeper is up-to-date
ones-gateway is up-to-date
ones-rule-service-db is up-to-date
ones-fm is up-to-date
Creating ones-ui ... done
Creating ones-rule-service ... done
Creating docker ... done
Creating ones-pty-server ... done
Creating api-server ... done
Creating air-model ... done
Creating stream-processor ... done
Name Command State Ports
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
air-model ./start.sh Up 0.0.0.0:8091->8091/tcp,:::8091->8091/tcp
api-server java -jar /app/apiserver.jar Up 0.0.0.0:8080->8080/tcp,:::8080->8080/tcp
broker /etc/confluent/docker/run Up 0.0.0.0:29092->29092/tcp,:::29092->29092/tcp, 0.0.0.0:9092->9092/tcp,:::9092->9092/tcp, 0.0.0.0:9101->9101/tcp,:::9101->9101/tcp
docker python3 app.py Up
kafka-connect /etc/confluent/docker/run Up (healthy) 0.0.0.0:8083->8083/tcp,:::8083->8083/tcp, 9092/tcp
ksqldb-server /etc/confluent/docker/run Up 0.0.0.0:8088->8088/tcp,:::8088->8088/tcp
ones-collector java -jar -XX:MaxGCPauseMi ... Up 0.0.0.0:50053->50053/tcp,:::50053->50053/tcp, 8093/tcp
ones-collector-db /docker-entrypoint.sh postgres Up 0.0.0.0:5432->5432/tcp,:::5432->5432/tcp, 8008/tcp, 8081/tcp
ones-fm /bin/sh -c { gunicorn --wo ... Up 0.0.0.0:8787->8080/tcp,:::8787->8080/tcp, 0.0.0.0:8443->8443/tcp,:::8443->8443/tcp
ones-fm-db docker-entrypoint.sh postgres Up 0.0.0.0:2345->5432/tcp,:::2345->5432/tcp
ones-gateway ./gnmi-gateway -TargetLoad ... Up 0.0.0.0:9339->9339/tcp,:::9339->9339/tcp
ones-pty-server docker-entrypoint.sh node ... Up 0.0.0.0:8885->8885/tcp,:::8885->8885/tcp
ones-rule-service java -jar /app/rule-engine.jar Up 8080/tcp
ones-rule-service-db docker-entrypoint.sh postgres Up 0.0.0.0:2456->5432/tcp,:::2456->5432/tcp
ones-ui docker-entrypoint.sh node ... Up 3002/tcp, 0.0.0.0:443->443/tcp,:::443->443/tcp
schema-registry /etc/confluent/docker/run Up 0.0.0.0:8081->8081/tcp,:::8081->8081/tcp
stream-processor java -jar /app/stream-proc ... Up 8080/tcp
zookeeper /etc/confluent/docker/run Up 0.0.0.0:2181->2181/tcp,:::2181->2181/tcp, 2888/tcp, 3888/tcp
Completing ONES Installation...
............................................................
ONES application installed successfully!
....................
Access the ONES application at https://ga.aviz.com
Log file created at: /home/aviz/ones-1755167586-onprem/installation.logsAccess ONES Application Web GUI from a supported browser using https://<host-ip/FQDN>
Activation:
For a Trail license, the user needs to reach out to AVIZ Support
For Activation, the user can choose Activate License if the user has an activation key of any subscription
1. Activate License
2. Activate Key
Use Default credentials as below;
Username: superadmin
Password : Admin@123
Update/Change your password on the first login
Login To ONES
After Resetting the password use new credentials to login
You will see the default page with a Fabric view
1. Upgrade License
After Trail use, if the user wishes to upgrade new Subscription-based license, so user can navigate to the below page.
Admin View >> License >> Renew License
Click Renew License & Enter the subscription-based key
If Switches Deployment is large so user needs to enable the large config inside Database Config File
Copy the postgresql.config file outside to do changes
docker cp ones-collector-db:/home/postgres/pgdata/data/postgresql.conf dbconfig.confedit the file and uncomment few lines to activate Large config and save the changes
vi dbconfig.conf
Uncomment the below lines in the above file is the change
#------------------------------------------------------------------------------
# LARGE CONFIGURATION - START
#------------------------------------------------------------------------------
timescaledb.max_background_workers = 16 # Increased for more concurrent background processes
# MEMORY SETTINGS (LARGE)
shared_buffers = 8GB # Adjust based on your available system memory
work_mem = 16MB # Set based on your workload; adjust as needed
maintenance_work_mem = 1GB # Important for bulk operations and autovacuum
effective_cache_size = 16GB # Estimate the cache available for PostgreSQL (usually 50-75% of system memory)
# WAL SETTINGS (LARGE)
wal_level = logical # Recommended for logical replication and high-volume streaming
max_wal_size = 8GB # Increase to accommodate more WAL data during peak operations
checkpoint_timeout = 15min # Spread checkpoint operations for better performance
checkpoint_completion_target = 0.9 # Further spreads the checkpoint process
wal_compression = on # Reduces WAL size, useful in high-traffic scenarios
# CONNECTION AND PROCESS SETTINGS (LARGE)
max_worker_processes = 16 # Increased to allow more background workers
max_parallel_workers = 16 # More parallel workers for better throughput
max_parallel_workers_per_gather = 4 # Adjust based on the complexity of your queries
# AUTOVACUUM SETTINGS (LARGE)
autovacuum_max_workers = 10 # Handle larger tables or high data churn more effectively
autovacuum_naptime = 10s # Increase the frequency of autovacuuming
autovacuum_vacuum_cost_limit = 5000 # Handle vacuum operations more aggressively
autovacuum_vacuum_scale_factor = 0.01 # Trigger autovacuum sooner on large tables
# PERFORMANCE SETTINGS (LARGE)
effective_io_concurrency = 500 # For SSDs, this can be set high to optimize I/O
synchronous_commit = off # Improves throughput at the cost of potential data loss in a crash
random_page_cost = 1.1 # Optimized for SSDs
seq_page_cost = 1.0 # Optimized for SSDs
jit = on # Enable JIT compilation for performance boosts in complex queries
#------------------------------------------------------------------------------
# LARGE CONFIGURATION - END
#------------------------------------------------------------------------------Copy the changes to DB config file
docker cp dbconfig.conf ones-collector-db:/home/postgres/pgdata/data/postgresql.conf Restart the ones-collector-db
docker restart ones-collector-dbLast updated