A couple of months ago InsightIQ 3.0 was released. This new release offers improvements in the interface and under the hood, especially when paired with OneFS 7.1. Upgrading is straightforward, done in under 30 minutes and also makes sure you’re not affected by the Heartbleed bug. Start clicking!
Upgrading to InsightIQ 3.0 – YUM!
No, that’s not YUM from “That pie is yummy, bake me another one!!” – it’s yum the package manager. We’re going to work with .rpm files. Log into the InsightIQ appliance via SSH and check if you”ve got enough free space on your InsightIQ datastore. “df -h” will do wonders; during the datastore upgrade process your InsightIQ data will increase by approximately 50% so make sure you’re safe capacity-wise. Since this system is storing its datastore on the Isilon systems via NFS there’s no concern here…
Next up, download the InsightIQ 3.0 update .rpm. I’ve pushed it from my workstation to the appliance using pscp, but you could just as easily “wget” it from the appliance directly. Run “sudo yum upgrade <path_to_insightIQ_rpm>“. Which, if you’re behind a proxy, will error out in a manner not unlike this:
[administrator@insightiq]# yum update Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=6 ... 64&repo=os error was 14: PYCURL ERROR 7 - "Failed to connect to 2a02:2498:1:3d:5054:ff:fed3:e91a: Network is unreachable" Error: Cannot find a valid baseurl for repo: base
This is probably because you’re behind a proxy server and yum doesn’t know about it. Fixing it is easy: change to root user, (“su – ” or “sudo su –” if you forgot the root password like I did…), edit /etc/yum.conf and add the following lines:
proxy=http://ipadd:port proxy_username=username proxy_password=password
Now run the sudo yum update <insightiq_rpm> command again and it should spit out a list of dependencies. Accept the list and wait for yum to update the system and InsightIQ; this shouldn’t take more than a couple of minutes.
Next up: update the datastore with “sudo upgrade_iiq_datastore“. Follow the on-screen instructions; this will take slightly longer since all historical data will be converted.
Once you’re done with the upgrade, point your browser to the InsightIQ appliance, log in and marvel at the new interface!
So what’s new?
At first glance not much has changed. A bit more white around the logo and a datastore usage percentage and that’s about it. But everything changes once you start clicking around through the performance reporting part or dive into the release notes.
If you mouse-over the graph the sample length is displayed. For recent data this is 5 seconds; for data older than 24 hours this is down sampled to roughly 10 minutes. The graph also shows you (with background coloring) what the min and max values during those 10 minutes were. There’s also new graphs that relate to the job engine; unfortunately these clusters aren’t running OneFS 7.1 yet so I’ll have to save that for a future post 😉
Another nifty feature is the fact that InsightIQ 3.0 will now email out in case of problems with the appliance or monitoring. Simply enable the functionality under Settings -> Status, add an email address and you’re done. InsightIQ is now capable of monitoring up to 8 clusters or 150 nodes in total. Last but not least, the datastore will automatically adjust once it’s running out of space by deleting old data and it’s also easier to monitor the usage from just about every page in InsightIQ.
While we’re at it … Heartbleed!
So you’ve probably heard of the Heartbleed bug in OpenSSL (CVE-2014-0160) by now, which affects any OpenSSL version between 1.0.1 up to and including 1.0.1g. Most EMC products weren’t affected, either because they don’t use OpenSSL to begin with or because they’re using a version that wasn’t vulnerable. So if you’re using an out-of-the-box version of InsightIQ you’re probably not affected. During the upgrade process described in this post, OpenSSL was updated as a dependency and you’re safe. If you want to double check; run the following commands:
rpm -qa | grep -i openssl
This should list the installed OpenSSL versions. The current latest versions that are not affected are:
If you’re running an older version that IS affected, simply update using the command sudo yum update openssl. Happy monitoring!