1. Installation Guide
  2. Installing Session Monitor Using the My Oracle Support Website
  3. Installing Session Monitor - Using MOS, with Internet Connectivity
  4. Installing Session Monitor Using the Zip File Downloaded from the MOS Website

Installing Session Monitor Using the Zip File Downloaded from the MOS Website

This section describes installing the Session Monitor using Zip file downloaded from the My Oracle Support (MOS ) website.

You have to set up the machine with Oracle Linux 8.10 operating system to install Session Monitor using the Zip file. Configurations are necessary for proxies and repos, if there are any, see Configuring Proxies and Repos.

To install Session Monitor using the Zip file:

  1. Verify that the system hosting the Session Monitor is connected to the Internet.
  2. Log on to the Session Monitor server as the root user or root privileged user.
  3. Run this command to verify that Oracle Linux 8.10 has been installed.
    cat /etc/oracle-release
  4. If partitioning is required, refer to the section Creating a Separate Partition for Data and MySQL Storage.
  5. Download the Session Monitor software:
    1. Create a temporary directory (temp_dir) on the system that hosts the Session Monitor.
    2. Download the software pack for your operating system from the MOS website.
    3. Download the Session Monitor installation software Zip file to temp_dir.
    4. Make sure you have the utility to extract the contents of the installation software Zip file. If you do not have the utility to extract, then install the utility before installing Session Monitor.
    5. Extract the Session Monitor installation software Zip file.

Verifying the Contents of the Session Monitor Installation Bundle

Verify the contents of the Session Monitor installation.zip bundle that you downloaded from the My Oracle Support website (MOS) or Oracle Software Delivery Cloud (OSDC).

Extract the bundle and verify that it has following contents:

  1. README.txt
  2. meta.nfo
  3. ocsm-6.0.0.0.0-RPM-GA.zip
  4. other_files/
  5. other_files/my-8.0.cnf
  6. other_files/ocsm-6.0.0.0.0.revision.txt
  7. other_files/mysql-shell-commercial-8.4.4-1.1.el8.x86_64.rpm
  8. scripts/
  9. scripts/Install_OCSM_Rel_6.0.sh
  10. scripts/Upgrade_OCSM_Rel_6.0.sh
  11. scripts/Backup and Restore Scripts/
  12. scripts/Backup and Restore Scripts/MySQLDeltaUpgrade.sh
  13. scripts/Backup and Restore Scripts/backupAndRestoreBlockStorage.sh
  14. scripts/Backup and Restore Scripts/backupAndRestoreOtherFiles.sh
  15. scripts/Offline_Installation/
  16. scripts/Offline_Installation/Download_rpms.sh
  17. scripts/Offline_Installation/Offline_OCSM_Installation_Rel_6.0.sh
  18. scripts/Offline_Installation/Offline_Repo_OCSM_Rel_6.0.sh
  19. scripts/Offline_Installation/Offline_Repo_Server_preparation_Rel_6.0.sh
  20. scripts/Offline_Installation/Offline_Upgrade_OCSM_Rel_6.0.sh

Installing Session Monitor Software

To install Session Monitor software:

  1. Use the following commands to install the Oracle epel Repository:
    yum install oracle-epel-release-el8.x86_64
  2. For OCI Cloud Machines, complete the following additional step to enable ol8_developer_EPEL repo.
    1. Using an editor, open the file /etc/yum.repos.d/oracle-epel-ol8.repo.
    2. Under the section [ol8_developer_EPEL] set enabled=1.
    3. Save the file.
      [ol8_developer_EPEL]
name=Oracle Linux $releasever EPEL Packages for Development ($basearch)
baseurl=https://yum$ociregion.$ocidomain/repo/OracleLinux/OL8/developer/EPEL/$basearch/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpgcheck=1
enabled=1
  3. Install yum-utils and enable the required repositories:
    1. Use this command:
      yum install yum-utils
    2. Enable the latest Oracle Linux 8 repositories by running the following commands:
      yum-config-manager --enable ol8_baseos_latest ol8_appstream ol8_addons ol8_developer_EPEL
  4. Go to the directory where the Session Monitor Zip file is extracted and ensure that the installation script has the executable permission. If not, then set the execute permission using this command:
    chmod +x ./scripts/Install_OCSM_Rel_6.0.sh
  5. Install the Session Monitor and its dependencies using this command:
    ./scripts/Install_OCSM_Rel_6.0.sh ocsm-<rn>-RPM-GA.zip

    Note:

    In this command, <rn> is the latest Session Monitor release number. For example, ocsm-6.0.0.0.0-RPM-GA.zip.

Creating a Separate Partition for Data Storage and MySQL Storage

Perform the following tasks to create a separate partition for data (block) storage and MySQL Storage

The following partitioning options are available:
  • Single partition (default option)
  • Secondary partition for data and MySQL storage
Perform the following tasks to create the partition for data storage MySQL Storage.
  1. Run the following command to create a directory to mount the partition:
    mkdir -pv /opt/oracle/ocsm/var/vsi
mkdir -pv /var/lib/mysql
  2. Adjust /etc/fstab to mount the data storage partition. For example:
    For example,this entry may vary based on the environment:
LABEL=PLD_DATA /opt/oracle/ocsm/var/vsi xfs
defaults,nosuid,nodev,nofail 0 2
LABEL=MYSQL_DATA /var/lib/mysql xfs
defaults,nosuid,nodev,nofail 0 2
    During the MySQL and Session Monitor installation, partitions are detected by the product and the system uses these separate partitions.

Tasks to be Performed after Session Monitor Installation from the .Zip File

Perform the tasks given here after the Session Monitor installation.

  1. Verify the installation by doing the following:
    1. Navigate to /var/log/.
    2. Verify whether the following log file exists: ocsm_installed_*.log
    3. Navigate to /var/log/ directory and verify that the file ocsm_zip_install.log is present.
  2. Adjust the firewall to access the Session Monitor applications by doing the following tasks:
    1. Allow firewall to access the HTTPS service (port 443) by running the following command: firewall-cmd --permanent --zone=public --add-service=https.
    2. (Optional) If you are planning to configure the system as a Mediation Engine, allow the firewall to access the probe connection by doing these tasks:
      For SBC (embedded) probes:
      firewall-cmd --permanent --zone=public --add-port=4739/tcp
firewall-cmd --permanent --zone=public --add-port=4740/tcp
      For standalone probes:
      firewall-cmd --permanent --zone=public --add-port=4741/tcp
firewall-cmd --permanent --zone=public --add-port=4742/tcp

    Note:

    Please note that the ports 4740/4742 are the preferred ports for connecting to SBC / standalone probes respectively. So, the firewall should be opened for ports 4739/4741 only if you are agree to have non-TLS connections.
  3. Reload the configuration by running the following command: firewall-cmd --reload

    Note:

    If you are planning to enable additional services, see the discussion about network security in the Oracle Communications Session Monitor Security Guide for a complete list of services and their respective ports.
  4. Enable or Disable SELinux as per your requirement. For more information, see Enabling SELinux.

Enabling SELinux

Session Monitor currently supports the following top-level state of SELinux on a system – enforcing, permissive and disabled. The only supported SELinux type is targeted.

To enable SELinux:
  1. Run the command to set the SELinux mode as enforcing and SELinux policy as targeted:
    sed -i -e "s/^SELINUX=.*/SELINUX=enforcing/" /etc/selinux/config
    sed -i -e "s/^SELINUXTYPE=.*/SELINUXTYPE=targeted/" /etc/selinux/config
  2. Reboot the system using the command: 
    reboot
  3. After the reboot, run the command to verify the SELinux status:
    sestatus
    Verify the command output:
    SELinux status:        enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      31
  4. Install the customized SELinux policy modules for Session monitor using the command:
    cd /opt/oracle/ocsm/
./ocsm_ext.sh

Disabling SELinux

Use the following instructions to disable SELinux.

  1. Set the SELinux mode as disabled using the command as a root user:
    sed -i -e "s/^SELINUX=.*/SELINUX=disabled/" /etc/selinux/config
  2. Reboot the system using the command:
    reboot
  3. Verify the SELinux status using the command:
    sestatus
  4. Verify the output:
    SELinux status: disabled

Adding Ports in the SELinux Port List

On a SELinux enabled machine, in order to use any port other than the default ports in the Session Monitor, add the port in the SELinux port list using the following commands.

yum install -y setroubleshoot-server 
semanage port -a -t <Service_Name> -p <Protocol> <Port_Number>
You can view all ports allowed in the SELinux using the command: 
semanage port -l
For example: By default, SELinux allows http to listen on TCP ports 80, 443, 488, 8008, 8009, or 8443.
To configure http to run on a port other than the TCP ports listed above, such as 8001, then add the ports to the SELinux port list using the command:
semanage port -a -t http_port_t -p tcp 8001

Troubleshooting Tips

Following intructions will be helpful in solving issues in configuring SELinux.

To modify the mode in which SELinux runs in real-time, run the following commands:

Table 2-1 Modifying SELinux Mode

Mode Command
To run SELinux in permissive mode (System prints warnings only but does not enforce SELinux policy) 
setenforce 0
To run SELinux in the enforcing mode (SELinux security policy is enforced) 
setenforce 1
Verify the status using command 
getenforce