There is a few steps to get the virtual appliance up and running :
- Deploy the virtual machine
- Download NetApp Harvest and NMSDK from the NetApp web site
- Use the web interface to install these products
- Configure your systems credentials
Thanks to Matthias Rettl, there is a German installation guide available here
Deploying the OVA
Just point your browser to your vSphere Web Client, and use the Deploy OVF Template feature.
Wait for the deployment to finish and boot the appliance.
Once booted, if there is a DHCP server on the network, it will get an auto assigned IP, otherwise, you need to configure the IP informations in the console.
On the console you should see the IP address, it is also displayed in vCenter under the VM properties.
================================================== NAbox (2.3) Harvest not installed ================================================== Current IP address : 172.16.94.204 Connect to https://172.16.94.204/admin or login with 'admin' to configure the virtual appliance
https://<ip>/admin/ to configure the virtual appliance.
The default credentials to connect to the Web UI or the console menu are :
- Username :
- Password :
If you want to access the base appliance operating system (not necessary to use the appliance) you can login with:
- Username :
- Password :
Click on the icon to go to the settings area. It is divided in 8 sections :
Let you configure host name and IP address.
The time zone is important for data time accuracy and proper logging.
Note that if you disable NTP (the default) the time is synchronized with the hypervisor using VMware Tools.
It is recommended to change the
admin password and also the
The Virtual Appliance stores sensible informations like passwords to your storage system, anyone capable of logging in as root can easily retrieve these passwords.
LDAP / Active Directory
Configuring an Active Directory or LDAP server in NAbox is easy but you need to make sure you have the correct informations. It is especially important that you make sure that parameters do not have extra space and respect the original character case.
It is recommended that you use the ADSI utility in Windows to browse your users and groups and copy/paste parameters from there.
Bind Account DN and Bind Account Password are the full
DN for the user
and its password. This is usually a service account created in Active Directory to
get limited access to the directory.
Users Search Base DN(s) and Group Search Base DN(s) is usually something like
DC=mydomain,DC=com, but in big organizations it might be necessary to restrict the
search scope to something more specific.
In The Groups mapping section you specify the full DN for the groups according to Grafana roles that they must have.
It is not uncommon to set
"*" (star) in the Viewer DN field to allow everyone to view
Use the SSL configuration to :
- Re-generate the SSL certificate for NAbox as a Self Signed Certificate
- Generate Certificate Signing Request (CSR) that your organization can approve and return to you a signed certificate that you can install.
The later is usual in high security environment and to avoid Self Signed Certificate warnings in your web browser
Backup / Restore
You can download a backup file containing the configuration of NAbox.
Configuration for your systems and OCUM servers. The backup contains credential to the systems so you might want to keep it in a safe location
Graphite configurations related to specific data retention, additional blacklists, etc.
It is the content of the
/conf/ directory of Graphite
Specific adjustments made into the Grafana main configuration file (SMTP server or other parameters related to LDAP integration for example).
Exports your dashboards from Grafana.
Note that as a best praxtice you should nevers modify Harvest provided dashboards, as you’re taking the risk they will be overwritten with the next Harvest upgrade.
>Apache SSL certificate
Saves your custom certificates configured for NAbox web server.
>NABOX Configuration (Network & Timezone)
Other parameters related to NAbox itself.
Backup the full configuration for NAbox NTP client
This interface lets you import metrics from another NAbox or ADVA.
Simply specify the source VA IP address and
root credentials, as well as the local
admin password and the migration will start and display the progress.
This will overwrite any metrics data that you have locally.
You can upgrade and install products from this menu, as well as collect support data for troubleshooting.
Use this menu to install NAbox updates, new Harvest versions or NMSDK.
Install the NetApp components
Before NAbox will collect data from NetApp systems, you must install the following products :
Then go in the Maintenance section of the settings menu to upload the packages.
Upload both Harvest and NMSDK packages in any order.
Once both files are uploaded, you should see the versions indicated, you can also click on the upper left corner to see the installed components.
Configure Harvest user
You should use a non privileged user to connect Harvest to your storage systems.
Here is the required privileges and how to create a dedicated user :
On Clustered Data ONTAP
security login role create -role netapp-harvest-role -access readonly -cmddirname "version" security login role create -role netapp-harvest-role -access readonly -cmddirname "cluster identity show" security login role create -role netapp-harvest-role -access readonly -cmddirname "cluster show" security login role create -role netapp-harvest-role -access readonly -cmddirname "system node show" security login role create -role netapp-harvest-role -access readonly -cmddirname "statistics" security login role create -role netapp-harvest-role -access readonly -cmddirname "lun show" security login role create -role netapp-harvest-role -access readonly -cmddirname "network interface show" security login role create -role netapp-harvest-role -access readonly -cmddirname "qos workload show"
# Create role useradmin role add netapp-harvest-role -c "Role for performance monitoring by NetApp Harvest" \ -a login-http-admin,api-system-get-version,api-system-get-info,api-perf-object-*,api-ems-autosupport-log
Clustered Data ONTAP <= 8.2.x
security login create -username netapp-harvest -application ontapi -role netapp- harvest-role -authmethod password
Clustered Data ONTAP >= 8.3
security login create -user-or-group-name netapp-harvest -application ontapi -role netapp-harvest-role -authmethod password
# Create group useradmin group add netapp-harvest-group -c "Group for performance monitoring by NetApp Harvest" -r netapp-harvest-role # Create user admin user add netapp-harvest -c "User account for performance monitoring by NetApp Harvest" \ -n "NetApp Harvest" -g netapp-harvest-group
Add your first system
For 7-mode systems, make sure that TLS is enabled by setting :
options tls.enable on
Click on the Add System button to connect to a Clustered Data ONTAP system or 7-mode
Fill out the credentials and informations about the cluster. The value in gray are defaults and can be left as-is if appropriate.
Your cluster is now configured and collecting metrics.
You can connect go to Grafana dashboard interface, within a few minutes, metrics will be visible.
If you are in a situation where the web interface is not reachable, you can use the console to troubleshoot.
Use the console configuration if the web interface is not reachable for some reason.
By default, the virtual appliance uses DHCP. You can use the console, or ssh to connect with “admin” account. The default password is
Note that the root password if you ever need it is
[Main Menu] You are using NAbox v2.2 (2016-12-13)  Configure Network (Current IP: 192.168.99.20)  Set Host Name  Set Timezone (America/New_York)  Advanced/Maintenance  Configure Harvest  Power Off  Reboot [x] Quit Choice : 1
Use menu 1 to configure the network.
[Network Configuration] Method [static|dhcp]: static IP Address : 192.168.99.20 Netmask : 255.255.255.0 Default GW : 192.168.99.1 DNS 1 : 192.168.99.10 DNS 2 (or enter) : Use a proxy for internet access ? (y/n)n
Once the network is configured, point your web browser to https://ip_address/admin and you can finish the installation and configure other aspects (password, timezone, clusters, OCUM servers, etc…)
When a new version of NAbox is available, you can use the upgrade package to perform the upgrade, you do not have to deploy a new virtual appliance.
After downloading the upgrade as a
.tgz file, go in the wrench tool icon on the upper right hand corner and then go in
the Maintenance section.
From here you can just upload the file and confirm the installation.
Configuring OPM (optional)
You can point OPM to send metrics to NAbox, but note that there is no dashboards provided for it, all the default dashboards only work with Harvest.
Last login: Mon Dec 8 15:52:16 2014 OnCommand Performance Manager Maintenance Console Version : 1.1.0RC1 System ID : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx Status : Running Main Menu --------- 1 ) Upgrade (Disabled. Must be run on virtual machine console.) 2 ) Network Configuration 3 ) System Configuration 4 ) Support/Diagnostics 5 ) Unified Manager Connection 6 ) External Data Provider x ) Exit Enter your choice: 6
The magic happens in menu 6 “External Data Provider”. This is where you setup the information for the external database :
External Server Connection Menu ------------------------------- 1 ) Display Server Configuration 2 ) Add / Modify Server Connection 3 ) Modify Server Configuration 4 ) Delete Server Connection b ) Back x ) Exit Enter your choice: 2 Current Connection Settings: Server Name or IP = Server Port = Do you wish to continue? (y/n):y External Server Name or IP : 192.168.99.20 External Server Port : 2003 Here are your settings: External Server Name or IP : 192.168.99.20 External Server Port : 2003 Are these settings correct? (y/n/q):y Press any key to continue.
Last, you need to specify the level of detail you want exported. This is done through choice 3 and picking
DRILL_DOWN if you want the maximum level of details :
External Server Connection Menu ------------------------------- 1 ) Display Server Configuration 2 ) Add / Modify Server Connection 3 ) Modify Server Configuration 4 ) Delete Server Connection b ) Back x ) Exit Enter your choice: 3 Current Connection Configuration: Statistics group = RESOURCE_UTILIZATION Vendor tag = netapp-performance Transmit interval = 5 Enable/disable = ENABLE Do you wish to continue? (y/n):y Current statistics group: RESOURCE_UTILIZATION 0 - PERFORMANCE_INDICATOR 1 - RESOURCE_UTILIZATION 2 - DRILL_DOWN Statistics group id : 2 Vendor tag : netapp-performance Current transmit interval: 5 5/10/15 minutes Transmit interval : 5 Current transmit status: ENABLE 0 - DISABLE 1 - ENABLE Enable/disable : 1 Here are your settings: Statistics group : DRILL_DOWN Vendor tag : netapp-performance Transmit interval : 5 Enable/disable : ENABLE Are these settings correct? (y/n/q):y
Connect to the following address to have a view on the metrics hierarchy in Graphite UI:
After 10mn or so, you should see the first metrics showing up in Graphite UI in a new folder called “netapp-performance”
Appendix A - Firewall Configuration
NAbox uses the following ports that needs to be open on your firewall.
Workstation designates the computer used to run the web browser to access NAbox components.
|Workstation||NAbox||443||TCP||Web interface for admin/grafana/graphite|
|Workstation||NAbox||22||TCP||SSH for troubleshooting or maintenance|
|NetApp System||NAbox||514||UDP||Syslog for future use (optional)|
|NAbox||NetApp systems||443||TCP||HTTPS for data collection|
|NAbox||NetApp systems||80||TCP||HTTP for data collection (if needed)|