Quick Start Guide
Getting Started with Web Administration
Abstract
Chapter 1. Overview
Red Hat Gluster Storage Web Administration provides monitoring and metrics infrastructure for Red Hat Gluster Storage 3.4.0 and is the primary method to monitor your Red Hat Gluster Storage environment. The Red Hat Gluster Storage Web Administration environment is based on the Tendrl upstream project and utilizes Ansible automation for installation. The key goal of Red Hat Gluster Storage Web Administration is to provide deep metrics and visualization of Red Hat Storage Gluster clusters and the associated physical storage elements such as storage nodes, volumes, and bricks.
Key Features
- Monitoring dashboards for Clusters, Hosts, Volumes, and Bricks
- Top-level list views of Clusters, Hosts, and Volumes
- SNMPv3 Configuration and Alerting
- User Management
- Importing Gluster cluster
1.1. Web Administration System Concepts
The Red Hat Gluster Storage Web Administration environment consists of the following system components.
Web Administration Server
The Web Administration server system hosts the Web Administration user interface, the API and etcd. The Web Administration server is the system on which the Ansible installation process is run.
Red Hat Gluster Storage Node
The system on which Red Hat Gluster Storage is installed. Multiple systems with Red Hat Gluster Storage form a storage cluster and is monitored by the Web Administration server. Web Administration node agents are installed on the storage nodes.
Client System
Any external system that accesses the Web Administration user interface on a compatible web browser.
1.2. Web Administration Architecture
Figure 1.1. Web Administration Architecture

The components of the Web Administration architecture are described below:
Web Administration Server Components
- Web Administration UI: the primary user interface for monitoring Red Hat Gluster Storage clusters.
- Grafana Dashboard: a third party integrated dashboard that displays real-time metrics and monitoring data.
- Monitoring Integration: service that enables monitoring and alerting via integration with external systems such as Graphite and Grafana.
- Graphite Web Service: repository of (Gluster) telemetry data collected using collectd.
- Carbon Service: set of services dealing with receiving data from collectors (collectd), replication and sharding, and interfacing with Grafana.
- Whisper Database: database for storing time-series numeric metrics.
- Web Administration API: the Web Administration northbound API.
- etcd Key-value Store: central store that contains all the configuration state information for storage subsystems managed by Web Administration
- Notifier: notification service that enables various types of notifications and alerts including SMTP and SNMP
Red Hat Gluster Storage Server Components
Red Hat Gluster Storage server is a system with Red Hat Gluster Storage installed. Multiple Red Hat Gluster Storage servers form a Red Hat Gluster Storage cluster. The components are as follows:
- collectd Service: host-based system statistics collection daemon that gathers metrics from various sources such as the operating system, applications, log files and devices, Red Hat Gluster Storage clusters, etc.
- Gluster Integration: component that fetches data from Red Hat Gluster Storage cluster to be sent to the Web Administration server.
- Node Agent: takes care of node-specific flows and tasks to be performed.
Chapter 2. System Requirements
This chapter outlines the minimum hardware and software requirements to install Red Hat Gluster Storage Web Administration.
Ensure that all the requirements are met before the installation starts. Missing requirements can result in Red Hat Gluster Storage Web Administration environment not functioning as expected.
The Red Hat Gluster Storage Web Administration environment requires:
- One machine to act as the management server
- One or more machines to act as storage servers. At least three machines are required to support replicated volumes
- One or more machines to be used as clients to access the Web Administration interface
2.1. Requirements for Web Administration Server System
On the system to be designated as the Web Administration server, verify that these recommended hardware and software requirements are met.
2.1.1. Hardware Requirements
The following are the different hardware requirements based on different cluster configurations:
2.1.1.1. Small Cluster Configuration
- Number of nodes: upto 8 nodes
- Number of volumes: upto 6-8 volumes per cluster
- Number of bricks per node for replicated volumes: upto 2-3 bricks
- Number of bricks per node for Erasure Coded volumes: upto 12-36 bricks
Recommended Requirements
- 4 vCPUs
- 4 GB of available system RAM
- One Network Interface Card (NIC) with bandwidth of at least 1 Gbps
Additional Storage Devices
For hosting etcd data directory:
- Storage disk size: 20 GB per cluster
- Filesystem format: XFS
-
Mounting directory:
/var/lib/etcd
For hosting time-series data from Graphite, Carbon, and Whisper applications:
- Storage disk size: 200 GB per cluster
- Filesystem format: XFS
-
Mounting directory:
/var/lib/carbon
For more information on how to prepare and mount the additional disks, see the Creating a Partition and Mounting a File System sections in the Red Hat Enterprise Linux Storage Administration Guide.
2.1.1.2. Medium Cluster Configuration
- Number of nodes: 9-16 nodes
- Number of volumes: upto 6-8 volumes per cluster
- Number of bricks per node for replicated volumes: upto 2-3 bricks
- Number of bricks per node for Erasure Coded volumes: upto 12-36 bricks
Recommended Requirements
- 4 vCPUs
- 6 GB of available system RAM
- One Network Interface Card (NIC) with bandwidth of at least 1 Gbps
Additional Storage Devices
For hosting etcd data directory:
- Storage disk size: 20 GB per cluster
- Filesystem format: XFS
-
Mounting directory:
/var/lib/etcd
For hosting time-series data from Graphite, Carbon, and Whisper applications:
- Storage disk size: 350 GB per cluster
- Filesystem format: XFS
-
Mounting directory:
/var/lib/carbon
2.1.1.3. Large Cluster Configuration
- Number of nodes: 17-24 nodes
- Number of volumes: upto 6-8 volumes per cluster
- Number of bricks per node for replicated volumes: upto 2-3 bricks
- Number of bricks per node for Erasure Coded volumes: upto 12-36 bricks
Recommended Requirements
- 6 vCPUs
- 6 GB of available system RAM
- One Network Interface Card (NIC) with bandwidth of at least 1 Gbps
Additional Storage Devices
For hosting etcd data directory:
- Storage disk size: 20 GB per cluster
- Filesystem format: XFS
-
Mounting directory:
/var/lib/etcd
For hosting time-series data from Graphite, Carbon, and Whisper applications:
- Storage disk size: 500 GB per cluster
- Filesystem format: XFS
-
Mounting directory:
/var/lib/carbon
2.1.2. Software Requirements
Red Hat Gluster Storage Web Administration is supported on Red Hat Enterprise Linux 7.5 64-bit version.
Table 2.1. Software Requirements
| Software | Name and Version |
|---|---|
| Operating System | Red Hat Enterprise Linux 7.5 |
2.2. Requirements for Red Hat Gluster Storage Nodes
Ensure the following requirements are met on the Red Hat Gluster Storage nodes:
- Red Hat Enterprise Linux 7.5
- Red Hat Gluster Storage Server 3.4.0 or later
Minimum hardware requirements
NoteFor more information, see the knowledge base article on Red Hat Gluster Storage Hardware Compatibility.
- Network Time Protocol (NTP) setup
- Firewall access to ports
- Red Hat Gluster Storage servers updated to the latest Red Hat Gluster Storage version 3.4 or greater. For detailed instructions on the upgrade process, see the Upgrading Red Hat Storage section in the Red Hat Gluster Storage Installation Guide.
For detailed information on prerequisites and setting up Red Hat Gluster Storage server, see the Red Hat Gluster Storage 3.4.0 Installation Guide.
2.3. Requirements for the Client System
The Red Hat Gluster Storage Web Administration environment can be accessed by a client machine with the following web browser compatibility:
Table 2.2. Web Browser Compatibility
| Software | Name and Version |
|---|---|
| Web Browser | Mozilla Firefox 38.7.0 or later |
| Web Browser | Google Chrome 46 or later |
2.4. Firewall Configuration
Automated Firewall Setup
In this version of Red Hat Gluster Web Administration, firewall configuration is automated by Ansible automation. The tendrl-ansible installer configures the firewall during Web Administration installation as the variable *configure_firewalld_for_tendrl* is set to True by default. This automation opens all the required ports for the Web Administration environment.
To automatically configure the firewall, follow the Web Administration installation process. See the Web Administration installation section in the Quick Start Guide for details.
For tendrl-ansible to automate firewall setup, ensure the firewalld service is configured and enabled. For instructions, see Configuring Firewalld section in the Red Hat Enterprise Linux Security guide.
Manual Firewall Setup
To manually configure firewall for Web Administration services:
- Open the ports before manually configuring firewall
-
Set the variable configure_firewalld_for_tendrl to False in the
site.ymlplaybook.
The site.yml playbook file is created as part of the Web Administration Ansible installation process. For details, see the Web Administration Installation process of this guide.
- Run the site.yml playbook file.
The list of the ports and the port numbers are given in the table below:
Table 2.3. Web Administration Port Numbers
| TCP Port Numbers | Usage |
|---|---|
| 2379 | For etcd |
| 2003 | For Graphite |
| 10080 | For GraphiteWeb |
| 80 or 443 | For tendrl http or https |
| 3000 | For Grafana Server |
| 8789 | For tendrl-monitoring-integration |
To use Firewalld to open a particular port, run:
# firewall-cmd --zone=zone_name --add-port=5667/tcp # firewall-cmd --zone=zone_name --add-port=5667/tcp --permanent
To use iptables to open a particular port, run:
# iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 5667 -j ACCEPT # service iptables save
To be able to execute the iptables commands successfully, ensure the iptables-services package is installed. To install the iptables-services package, run yum install iptables-services.
Chapter 3. Installing Web Administration
This chapter covers installing Red Hat Gluster Web Administration using Ansible automation.
3.1. Prerequisites
Before installing Red Hat Gluster Web Administration, ensure the following prerequisites are met:
Enable the following repositories on the Web Administration server and all the Gluster storage servers:
# subscription-manager repos --enable=rhel-7-server-rpms # subscription-manager repos --enable=rhel-7-server-ansible-2-rpms
Enable the following repository on the Web Administration server:
# subscription-manager repos --enable=rh-gluster-3-web-admin-server-for-rhel-7-server-rpms
Enable the following repositories on all the Gluster storage servers:
# subscription-manager repos --enable=rh-gluster-3-for-rhel-7-server-rpms # subscription-manager repos --enable=rh-gluster-3-web-admin-agent-for-rhel-7-server-rpms
Set up SSH password-less connection from the Web Administration server system to the remote Gluster servers in addition to localhost (SSH to localhost).
NoteFor information on how to set up SSH key-based authentication, see the Using Key-based Authentication section in the Red Hat Enterprise Linux System Administrator’s Guide.
3.2. Installation Workflow
To install Web Administration, follow the sequence outlined below. For detailed instructions to execute the following sequence, see the next section entitled 3.3. Web Administration Installation of this Guide.
- Installing the latest version of Ansible and tendrl-ansible on the Web Administration server.
- Creating inventory file with required groups: tendrl_server and gluster_servers with mandatory and optional ansible variables.
-
Executing the
site.ymlplaybook and accessing the Web Administration environment.
See also the README file from tendrl-ansible package available at the following path: /usr/share/doc/tendrl-ansible-1.6.3/README.md
Ansible Groups
The site.yml playbook from tendrl-ansible package expects the hosts to be divided into two groups according to its functionality:
- tendrl_server: contains one machine acting as Web Administration server.
- gluster_servers: contains all the Red Hat Gluster Storage nodes.
Ansible Roles
The tendrl-ansible package contains two Ansible roles with tasks intended for a particular component:
tendrl-ansible.tendrl-server: contains tasks for Web Administration server belonging to the tendrl_server group in the inventory file.
NoteFor more information about this role and the variables, see the README file from tendrl-ansible package available at the following path:
/usr/share/ansible/roles/tendrl-ansible.tendrl-server/README.md- tendrl-ansible.tendrl-storage-node: contains tasks for Red Hat Gluster Storage nodes belonging to the gluster_servers group in the inventory file.
For more information on this role and the variables, see the README file from tendrl-ansible package available on the following path: /usr/share/ansible/roles/tendrl-ansible.tendrl-storage-node/README.md
3.3. Web Administration Installation
The following procedure outlines the steps to install Web Administration the Ansible way.
Procedure. Installing Web Administration
Install the latest version of Ansible and tendrl-ansible on the Web Administration server:
# yum install tendrl-ansible
NoteVerify the version installed by running
ansible --version. Web Administration supports Ansible version 2.x or greater.Create an Ansible inventory file with two Ansible groups: tendrl_server and gluster_servers. Ensure to use FQDNs for all the hosts in the inventory file as shown in the following example:
Sample Inventory groups
[tendrl_server] tendrl.example.com [gluster_servers] gl1.example.com gl2.example.com gl3.example.com gl4.example.com
NoteFor instructions on setting up an inventory file, see Ansible Inventory file setup in Ansible documentation.
Add the following required Ansible variables with their corresponding values in the inventory file:
- etcd_ip_address: configures where etcd instance is listening
- etcd_fqdn: configures Web Administration components to be able to connect to the etcd
graphite_fqdn: configures Web Administration components to be able to connect to graphite
Sample Inventory variables
[all:vars] etcd_ip_address=192.0.2.1 etcd_fqdn=tendrl.example.com graphite_fqdn=tendrl.example.com
NoteFor more detail, see the Sample Inventory variables at the end of this installation workflow.
Add any other optional variables in the inventory file as required. The other variables are listed in the Ansible roles README files at the following paths. Enable or disable features by specifying values to the variables such as etcd-tls client authentication. For detailed TLS configuration instructions, see Chapter 5. TLS Encryption Configuration of this Guide.
# /usr/share/ansible/roles/tendrl-ansible.tendrl-server/README.md # /usr/share/ansible/roles/tendrl-ansible.tendrl-storage-node/README.md
NoteThe firewall configuration variable is enabled by default.
NoteFor detailed inventory file configuration, see the README.md file provided with the installation at the following path:
# less /usr/share/doc/tendrl-ansible-1.6.3/README.md
Copy the
site.ymlplaybook into the working directory where the inventory file is stored.# cp /usr/share/doc/tendrl-ansible-1.6.3/site.yml .
Copy the
prechecks.ymlfile into the inventory file directory:# cp /usr/share/doc/tendrl-ansible-1.6.3/prechecks.yml .
Verify SSH connection to all the nodes from the inventory file without asking for password or validation of public key by running:
# ansible -i <inventory_file> -m ping all
Example
# ansible -i <inventory_file> -m ping all gl3.example.com | SUCCESS => { "changed": false, "failed": false, "ping": "pong" }NoteAnsible should return
SUCCESSandpongmessage for all the nodes as shown in the example above. Do not proceed until the SSH connection is successfully established.To check if Web Administration minimal requirements and setup are met, run the prechecks playbook:
# ansible-playbook -i <inventory_file> prechecks.yml
NoteIf there are any missing requirements, the prechecks playbook will detect it immediately, and direct your attention to the specific problem before running the installation.
Run the prepared
site.ymlplaybook using the following command to set up the Web Administration server and the Storage nodes:# ansible-playbook -i <inventory_file> site.yml
- Log in to the Web Administration environment. For login instructions, see the Web Administration Login chapter of this guide.
The tendrl-ansible.tendrl-server role creates the default user as admin and default password as adminuser. The default password is stored in the /root/password file of the Web Administration server.
Sample Inventory Variables
If there is a single network interface on all machines, the example inventory variables would be as follows:
[all:vars] etcd_ip_address=192.0.2.1 etcd_fqdn=tendrl.example.com graphite_fqdn=tendrl.example.com
In the above example:
- 192.0.2.1 is the IP address of the Web Administration server
- tendrl.example.com is the hostname of the Web Administration server
- tendrl.example.com hostname is translated to IP address 192.0.2.1.
See the full description in the README file of tendrl-ansible.tendrl-server role and pay attention to the values you specify there when you use multiple network interfaces on the machines.
You can define these variables in variable files or from the command line directly, but including them into the inventory file provides you with a single file with a full description of tendrl-ansible setup for future reference.
The consolidated variables in the inventory file can be used for the cluster expansion process and also to ensure the installation configuration is intact. The inventory file does not contain the grafana admin password which is stored in the grafana_admin_passwd file generated during tendrl-ansible execution.
Chapter 4. Upgrading to Red Hat Gluster Storage Web Administration 3.4
This chapter describes the procedure to upgrade Web Administration to version 3.4.0 from previous versions.
To upgrade your Web Administration environment to version 3.4, execute the following actions on the Gluster nodes and the Web Administration server:
On Gluster storage nodes
- Stop and disable all Web Administration services on storage nodes.
- Enable the Ansible repository and ensure the other required repositories are enabled.
- Upgrade Red Hat Gluster Storage to version 3.4.0.
On Web Administration server
- Reinstall Red Hat Enterprise Linux on the Web Administration Server.
- Install Web Administration 3.4.0
- Import the Gluster 3.4.0 cluster.
On Gluster storage nodes
Stopping and disabling Web Administration Services
Stop and disable the following services on the storage nodes by executing the commands given below.
To stop and disable the tendrl-node-agent service:
# systemctl stop tendrl-node-agent
# systemctl disable tendrl-node-agent
To stop and disable the collectd service:
# systemctl stop collectd
# systemctl disable collectd
To stop and disable the tendrl-gluster-integration service:
# systemctl stop tendrl-gluster-integration
# systemctl disable tendrl-gluster-integration
The tendrl-node-agent service is enabled and started during execution of the tendrl-ansible site.yml playbook. The collectd and tendrl-gluster-integration services are enabled and started after importing a cluster into the Web Administration environment.
Enabling Web Administration Repositories
Enable the Ansible repository by running the following command:
# subscription-manager repos --enable=rhel-7-server-ansible-2-rpms
Additionally, ensure that the other required Web Administration repositories are enabled. Run the following command to check if all the required repositories are enabled:
# yum repolist
To check the required repositories, see the Prerequisites section of the Quick Start Guide.
After the repositories are enabled, clear yum cache:
# yum clean all
Upgrading Red Hat Gluster Storage
After enabling the required repositories, upgrade your Red Hat Gluster Storage environment to 3.4. For detailed upgrade instructions, see the Upgrading to Red Hat Gluster Storage 3.4 chapter in the Red Hat Gluster Storage 3.4 Installation Guide. After a successful upgrade, resume the following steps.
On Web Administration server
Reinstalling Red Hat Enterprise Linux on the Web Administration Server After upgrading Red Hat Gluster Storage, reinstall Red Hat Enterprise Linux on the host system. For detailed installation instructions, see the Red Hat Enterprise Linux Installation Guide.
Installing Web Administration
After reinstalling Red Hat Enterprise Linux, install Web Administration and its associated components on the Web Administration server and the Gluster Storage servers using tendrl-ansible.
The Web Administration components already installed on the Gluster Storage servers will be reconfigured for the new installation. For detailed instructions on installation, see Chapter 3. Installing Web Administration, the preceding chapter of this Guide.
After installation, import the Gluster 3.4 cluster in the Web Administration environment. For detailed import procedure, see the Import Cluster chapter of the Web Administration 3.4 Monitoring Guide.
Chapter 5. TLS Encryption Configuration
Red Hat Gluster Storage Web Administration supports etcd’s TLS-based security model which supports authentication and encryption of traffic between etcd and Web Administration system components.
By default, etcd functions without authentication and encryption but it is recommended to use TLS authentication for client-server encryption.
5.1. Prerequisites
The tendrl-ansible installation of Web Administration does not generate and deploy encryption certificates and keys. To configure etcd TLS client-server authentication, generate and deploy encryption certificates on all the nodes of the cluster before executing tendrl-ansible based Web Administration installation.
Before setting up the Transport Layer Security (TLS ) encryption, ensure the following encryption components are generated:
Certificate Authority (CA) Certificate
Generate a CA certificate either self-signed or signed by a trusted Certificate Authority (CA). For instructions on generating a CA certificate, see Creating Your Own Certificates section of the Red Hat AMQ Security Guide.
Private Keys
Generate a private key and a client certificate for each storage node and the Web Administration server. For more information, see the Creating and Managing Encryption Keys section of the Red Hat Enterprise Linux Security Guide. On each Web Administration managed storage node, and on the Web Administration server, place the PEM-encoded private key and the client/CA certificates in a secure place that is only accessible by the Web Administration server’s root user.
5.2. Configuring TLS Encryption
After generating and placing the TLS certificate files in the preferred directory, update the value of the Ansible variables in the site.yml file with the respective file paths of the certificate files.
In the site.yml file, add and modify the etcd TLS variables.
etcd_tls_client_auth: this variable is to enable or disable TLS authentication.
etcd_cert_file: certificate used for SSL/TLS connections to etcd. When this option is turned on, advertise-client-urls can use the HTTPS schema.
etcd_key_file: key for the certificate which must be unencrypted.
etcd_trusted_ca_file: the trusted Certificate Authority.
Configuring TLS
-
Open the
site.ymlplaybook file. - Set the value for etcd_tls_client_auth variable to True for both the Ansible roles: tendrl_server and gluster_servers. By default, the value of this variable is False.
-
Edit the file path for the etcd_cert_file variable as per required. The default value is:
/etc/pki/tls/certs/etcd.crt -
Edit the file path for etcd_key_file variable as per required. The default value is:
/etc/pki/tls/private/etcd.key -
Edit the file path for the etcd_trusted_ca_file variable. The default value is:
/etc/pki/tls/certs/ca-etcd.crt - Continue the Web Administration installation process by following the Web Administration Installation chapter.
Chapter 6. Web Administration Login
The Web Administration interface is accessed on a client system using a compatible web browser.
Procedure. Logging in the Web Administration interface
Open the following URL in a web browser.
<http://web-admin-server.example.com>
NoteReplace web-admin-server.example.com with the hostname or FQDN of the Web Administration server.
The login page is displayed. Enter the default username admin and the default password adminuser, and click Log in.
Figure 6.1. Login Page

The Clusters interface is displayed after logging in to the Web Administration interface. This interface is the starting point to initiate a cluster import.
Figure 6.2. Landing Page
NoteFor instructions on how to import a Gluster cluster, see the Red Hat Gluster Storage Web Administration Monitoring Guide.















