Introduction to Installing Skylar One

This manual describes how to install and configure Skylar One (formerly SL1).

What is Skylar One?

Skylar One offers you the capabilities to monitor your hybrid cloud infrastructure, improve service visibility, and automate your IT workflows.

In a Distributed system, there are four general functions that a Skylar One appliance can perform:

• Database functions
• User interface
• Data collection
• Message collection

In large Skylar One systems, dedicated nodes or appliances perform each function. In smaller systems, some nodes or appliances perform multiple functions. In an All-In-One Appliance system, a single Skylar One node or appliance performs all four functions.

Database Functions

The node or appliance that provides the database functions is responsible for:

• Storing all configuration data and policy data.
• Storing performance data collected from managed devices.
• In a distributed system, pushing data to and retrieving data from the nodes or appliances responsible for collecting data and collecting messages.
• Processing and normalizing collected data.
• Allocating tasks to the other nodes or appliances in the Skylar One system.
• Executing some automation actions in response to events.
• Sending all email generated by the system.
• Receiving all inbound email for events, ticketing, and round-trip email monitoring.

The following appliances can perform these database functions:

• Database Server. A dedicated Database Server provides all database functions.
• All-In-One Appliance. An All-In-One Appliance performs all functions.

User Interface

Administrators and users access the user interface through a web browser. In the user interface, you can view collected data and reports, define organizations and user accounts, define policies, view events, and create and view tickets, among other tasks. The node or appliance that provides the user interface also generates all scheduled reports and provides access to the ScienceLogic API. The following nodes or appliances provide the user interface:

• Administration Portal. A dedicated Administration Portal node or appliance can provide the user interface.
• Database Server. A Database Server can provide the user interface in addition to its database function.
• All-In-One Appliance. An All-In-One Appliance performs all functions, including providing the user interface.

NOTE: The Administration Portal communicates only with the Database Server and no other Skylar One appliance. All connections between the Administration Portal and the Database Server are encrypted in both directions.

Data Collection

In a distributed system, nodes or appliances retrieve data from monitored devices and perform some pre-processing of collected data and execute automation actions.

The following appliances can perform the data collection function:

• Data Collector. One or more Data Collectors are configured in collector groups for resilience. A collector group can be configured such that if an individual collector fails, other members of the group will pick up and share the load (N+1). A Data Collector can also perform the message collection function.
• All-In-One Appliance. An All-In-One Appliance performs all functions.

NOTE: The Skylar One Agent can also be used to collect data from devices on which it can be installed. See the System Requirements page of the ScienceLogic Support Site for a complete list of operating systems and versions supported by the agent. You can collect data from devices using only Data Collectors, using only the Skylar One Agent, or using a combination of both.

Message Collection

In a distributed system, nodes or appliances receive and process inbound, asynchronous syslog and trap messages from monitored devices.

The following nodes or appliances can perform the message collection function:

• Message Collector. A dedicated Message Collector receives and processes inbound, asynchronous syslog and trap messages from monitored devices.

NOTE: In distributed systems that use the Skylar One agent, the Message Collector passes agent data to the Database Server. On these distributed systems, the Message Collector must be a standalone node or appliance, not a combination Data Collector/Message Collector.

• Data Collector. A Data Collector can also perform the message collection function in addition to data collection.
• All-In-One Appliance. An All-In-One Appliance performs all functions.

What is Skylar One Extended?

The Skylar One Extended Architecture includes additional types of Skylar One nodes or appliances. The following Skylar One features require the Skylar One Extended Architecture:

• Expanded Agent Capabilities. You can configure the Skylar One agent to communicate with Skylar One via a dedicated Message Collector. However, this configuration limits the capabilities of the Skylar One agent. If you configure the Skylar One agent to communicate with Skylar One via a Compute Cluster, you expand the capabilities of the Skylar One agent to include features like extensible collection and application monitoring.
• Data Pipelines. Data pipelines transport and transform data. Data transformations include enrichment with metadata, data rollup, and pattern-matching for alerting and automation. The Data Pipelines provide an alternative to the existing methods of data transport (data pull, config push, streamer, and communication via encrypted SQL) in Skylar One. Data pipelines introduce message queues and communicate using encrypted web services.
• Publisher. Publisher enables the egress of data from Skylar One. Publisher can provide data for long-term storage or provide input to other applications the perform analysis or reporting.
• Anomaly Detection and future AI/ML developments. Anomaly detection is a technique that uses machine learning to identify unusual patterns that do not conform to expected behavior. Skylar One does this by collecting data for a particular metric over a period of time, learning the patterns of that particular device metric, and then choosing the best possible algorithm to analyze that data. Anomalies are detected when the actual collected data value falls outside the boundaries of the expected value range.

Skylar One Extended Architecture includes the following additional Skylar One functions:

Computing

Skylar One Extended includes a Compute Cluster that includes a minimum of three Compute Nodes. Compute nodes are the Skylar One appliances that transport, process, and consume the data from Data Collectors and the Skylar One Agent. Skylar One uses Docker and Kubernetes to deploy and manage these services. The compute node sends configuration data to the Database Server and performance date to the Storage Node cluster.

Load Balancing

A load balancer is the Skylar One node or appliance that brokers communication with services running on the Compute Cluster. Services running on the Compute Cluster are managed by Kubernetes. Therefore, a single service could be running on one Compute node in the Compute Cluster; to provide scale, multiple instances of a single service could be running on one, many, or all nodes in the Compute Cluster. To provide scale and resiliency, you can include multiple Load Balancers in your configuration.

Storage

Skylar One Extended includes a Storage Cluster that includes multiple Storage Nodes and a Storage Manager. These Skylar One nodes or appliances provide a NoSQL alternative to the Skylar One relational database. The Storage Cluster can store performance and log data collected by the Data Collectors and the Skylar One Agent.

Management

The Management Node allows administrators to install, configure, and update packages on the Compute Nodes cluster, Storage Nodes , and the Load Balancer. The Management Node also allows administrators to deploy and update services running on the Compute Cluster.

The Skylar One Agent

The Skylar One agent is a program that you can install on a device monitored by Skylar One (formerly SL1). There is a Windows agent, an AIX agent, a Solaris agent, and a Linux agent. The agent collects data from the device and pushes that data back to Skylar One.

Similar to a Data Collector or Message Collector, the agent collects data about infrastructure and applications.

You can configure an agent to communicate with either the Message Collector or the Compute Cluster.

Third-Party Software

ScienceLogic does not support users installing third-party software on Skylar One systems or users making unauthorized changes to the configuration of Skylar One. Doing so voids any warranties, express or implied.