NOC Project. Where to start and how to continue?

I walked around the NOC for a very long time and licked at him like that fox on grapes. Put, poked and threw. And then he returned again, for he deceived the scoundrel with his capabilities. And the understanding that it is not enough in life for “happiness” eventually forced to squeeze the nerves in a bridle and take up the NOC seriously.

If someone else doesn’t know what a noc project is, then this is the network infrastructure control center. The program allows you to organize monitoring of failures, monitoring performance, activating services, maintaining a knowledge base, address space management, managing virtual entities (VLAN, DLCI), archiving and maintaining a configuration database, ensuring DNS operation, generating reports. Here you can read about it, go nuts from its coolness and come back here. Specifically, here I will talk a little bit about the features of the installation, touch on the topic of adding equipment a little bit, delve into the issues of setting it up a little, go over some of the functions of this software and finish with something positive or not. We'll see how it goes :)

About installation features
So, you can install NOC in several ways. The easiest is to download a virtual machine image. It runs well in VirtualBox, but if your virtual environment is something like ESXi, you will have to convert it there. How to do it yourself will find, not small. There is also another elegant way.

For Ubuntu:

apt-get install ca-certificates wget -q -O- https://cdn.nocproject.org/bs/Ubuntu-12.04.txt | sh | tee /tmp/install.log 

For Debian:

 apt-get install ca-certificates wget -q -O- https://cdn.nocproject.org/bs/Debian-7.0.txt | sh | tee /tmp/install.log 

Warning for ubuntovodov! If you, like me, have decided to deploy noc on a virtual ubunt, say hello to the oblomingo bird - it will not rise. On a virtual debian, the system unfolds perfectly, but Ubunt accepts it only while living on hardware. Alas. But, there is a life hack. Put your favorite OS on any piece of hardware, roll noc, then shoot the image of Clonezilla-oh and already fill it with ESXi. I was able to transfer the installation from an old laptop to ESXi 5.1 in this way. Everything went without a hitch.
')
The main disadvantage of the noc project until recently was the lack of documentation. But now the developers are actively correcting this gap, and they do it in Russian. So those who want to plunge into the abyss of the original source can go here .

Actually installation is the easiest. Further setting. Here is more fun. I will not paint where it is what and what it is for. I'll write my setup sequence, after which the NOC produces the expected result. :)

So, you have installed the NOC or launched its virtual image. Set up alerts. Go to the topmost directory Main - Setup - Configs. In the Config field, select etc / noc-notifier.conf.



In the mail section, in the enabled field, in the Value column, we set True. We also fill in the smtp_server, smtp_port fields if use_tls, from_address, smtp_user, smtp_password is required. Also available are xmpp protocol alerts and file notifications. Fill them at your discretion. Click the Save button.



In the Users directory, you can create new users. There are no subtleties.
In Notification Group create an alert group. Click Add. Fill in the fields. In the Users section, we register the Time Pattern and the user. They are selected from the drop-down list. In the Other section we also select the time and method of notification.

Attention! I also fill in the Params field with the mail address of the recipient, for the file the file name. Without this, my alerts do not work. However, in the irc channel, people claim that everything works without the Params field based on the addresses listed in the user properties. To the confused "How so?", Was the answer: "This is noc, baby" :))

To check that the alerts work, check the group by checkbox and click the Test selected groups button on the toolbar. If the letters do not go away and are delayed in Main - Pending Notification, restart noc in the terminal of the /etc/init.d/noc-launcher restart server. If this does not help, study the logs in /srv/noc/log/noc-notifier.log



And further. Not sure how necessary it is, but somewhere on the project site I saw what I needed, in Main - Setup - Prefix Tables I registered the networks in the Prefixes section in both activators. Do not forget about Save.



A little touch on the topic of adding equipment
So, with Main it seems finished. Now we go to Service Activation - Managed Objects. Here, in fact, is the equipment that we will manage. Description of the installation, I will not copy-paste, but just give a link , because I will not write more fully and in detail.
Some important clarifications:
The snmp community, snmp traps must be configured in your devices and set to the correct time !!!
When adding a device, assign tags to it.
Do not create and especially do not install the Collector. This recommendation was given to me directly in the irc-channel of the project. By default it is not in the system, which seems to hint ...

Do not forget in Service Activation - Managed Object Selector to create a selector that will filter devices by a certain parameter, in my case by tag.



Slightly delve into its settings
And now a small recess in the subject of equipment and in particular in the SA Profile. SA Profile IMHO the most important part of the setup. It is she who sets how the NOC will communicate with the equipment. How correctly they (devices and NOC) understand each other can be viewed in Discovery on the device page.



Green check marks indicate that everything is OK. The most important of them, again for me, are version_inventory, config_discovery, and interface_discovery. Ideally, the greens were all. In my case I had to suffer a lot. The fact is that we have several Cisco SG500 switches in our company. Despite the famous brand, in its essence, these are typical Linksys. And the most suitable profile for these pieces of iron turned out to be, who would you think? - Eltex! Until that day, I had not even heard of such a manufacturer. How to choose the most suitable profile, there are no clear recommendations. It can be a long search. Please note that not all profiles are displayed in the drop-down list at once. The rest are on adjacent pages. Or, if you know exactly which command you need, you can search by the contents of the scripts that are in / opt / noc / sa / profiles / This is in the operating system itself, if that. I found it my way. If you have a similar situation and you have found the most appropriate profile not where expected, you can create the desired Sa Profile yourself. Go to the file system in the mentioned / opt / noc / sa / profiles / Brand /, create a directory with the desired name, fill it with scripts from a suitable profile. Then inside the scripts we replace the Manufacturer and the model with our own. I accordingly changed Eltex.MES to Cisco.SG5XX. Also, do not forget to change the name in the __init__.py script. In my opinion, this is where the name of the SA Profile will appear in the drop-down list. After that, restart noc - /etc/init.d/noc-launcher restart and go to watch the new profile, plug it into the equipment and see what happened. In order for the new profile to apply, you need to tick the device, click the Group Actions button and select Run Discovery Now. You can see the result again in Discovery.

I will run over some of the functions of this software
So, we added the equipment and correctly selected the profile. What do we have now?
On the device page, with the Config button, we can look at the hardware configuration, as well as when and what changes have been made.
The Interfaces button will show the network ports of the device.
Service Activation - Tasks - Mac Report - allows you to search by MAC address and determine which port of which switch a device with this MAC is connected to.
Service Activation - Tasks - Run commands - will help to run several operations of the same type on several devices at once.
Service Activation - Tasks - Version Inventory - will show the firmware version of one or all devices.
Address Space Managment - Assigned Addresses - displays a list of your IP addresses, shows how much is occupied and how much is free.
Notifications will be sent to the mail if the device configuration changes.

What else can we tweak?
We will make a map of the added devices and display the links between them. Important!!! Connections will only be displayed if the device has completed interface_discovery.
Go to Inventory - Setup - Network Charts, click Add, fill out the form. Do not forget to specify a selector. Then, in the Inventory - Interfaces, select the device, click on the "Link / Unlink" icon of the network interface, select Object, point to which port is connected, click Connect. After that we can go to Inventory - Network Map. in the Chart choose the name of the card, look what happened.



And further. The project creators themselves pay special attention to the Fault Managment module. Actually the name - “Incident and accident management module” says everything. At this stage, it is practically not configured and only collects snmp traps in the Events section. The classification of trap data, setting up alerts and reacting to events is a separate huge topic with which I am just starting to figure out.

I will finish on something positive or not so
Here is a small part of the NOC functionality that I managed to comprehend and implement. If you want more, smoke kb.nocproject.org , ask the official IRC channel is # nocproject.org at irc.freenode.net and sort it out by yourself learning the interface and copying logs. Good luck.