Deploy SolarWinds Orion Platform products to Amazon Web Services

This guide is intended for new installations in Amazon Web Services in a virtual private cloud (VPC). It does not cover migrating products to the cloud. The information outlined in this guide is applicable for all Orion Platform products that support cloud deployments.

To reduce the number of places you have to configure your ports, SolarWinds recommends all cloud instances be in the same availability zone and in the same VPC. SolarWinds recommend using availability zones closest to your monitored devices.

AWS Deployment types

Your main Orion server and your Orion database server should be hosted at the same location, either both servers are on-premise or both are in the cloud. Hosting the main Orion server and database servers separately is not recommended due to connectivity concerns. Regardless of deployment location, it is important the main Orion server and Orion database are hosted on different servers.

SolarWinds is not responsible for fees incurred when deploying SolarWinds products to the cloud.

Cloud (main Orion server and database in the cloud)

SolarWinds recommends this deployment when your monitored environment resides mostly in the cloud, and you have a good understanding of how much computer capacity you require to monitor your environment.

Hybrid (Additional Polling Engines in the cloud; main Orion server and database on-premise)

Use this deployment type when the majority of your monitored network is on-premise or if your hybrid environment is geographically diverse and use different availability zones.

You can also deploy agents to your nodes in the cloud to reduce the amount of data transferred within the EC2 instance and from the EC2 instance to your main Orion server.

You will need to create a virtual private network tunnel between the Additional Polling Engine (APE) in the Amazon EC2 instance and your main Orion and Orion database servers.

Hybrid (Main Orion server and database in the cloud; Additional Polling Engine on-premise)

This deployment is recommended when your monitored environment includes a significant number of on-premise devices or if you are migrating your infrastructure to cloud.

Cloud instance requirements

These requirements use NPM licensing as a base for small, medium, large, and extra large deployments in Amazon EC2.

Requirement

Small (SL100, SL250, SL500)

Medium (SL2000)

Large (SLX)

X-Large
Orion server

m4.large
Recommended: m4.xlarge

m4.2xlarge

m5d.2xlarge

m5.4xlarge

Orion database on Amazon RDS

db.r4.xlarge db.r4.2xlarge db.r4.4xlarge db.r4.8xlarge

SolarWinds Orion database server

r4.xlarge

r4.xlarge

r5d.2xlarge

r5d.4xlarge
Additional polling engine Only relevant for environments that monitor over 12,000 elements.

m5.xlarge

NTA Flow Storage Database N/A r3.xlarge

r5d.4xlarge

r5d.4xlarge

Prepare Orion Platform for installation

This checklist helps you prepare for Orion Platform product installations.

Review release notes

Review product release notes and available documentation in our Success Center.

The VMAN appliance is not supported in cloud deployments.

Review system requirements

Ensure your cloud instance has the required hardware and software specifications for your installed products. Certain products may require more or additional resources than the base cloud requirements.

If you install multiple products, a good rule of thumb is to add one CPU core per additional product.

Product requirements include:

For all port requirements, see Port Requirements for all SolarWinds products.

Determine your deployment type

Which components are you hosting in the cloud? Keep in mind the Amazon's pricing model and your estimated usage.

If you intend to set up SolarWinds High Availability now or in the future, review the Enable High Availability section before setting up your cloud instances. The virtual private cloud (VPC) and port requirements are different and may be difficult to change in the future.

If you intend to deploy agents, review the Deploy Agents in the cloud section. Agents have additional port requirements.

Review licenses and gather keys Review your product licenses and determine if you need to make any changes. You can download license keys for your new Orion Platform products through your Customer Portal. Verify any license upgrades and requirements with your SolarWinds account manager or contact SolarWinds.
Gather credentials Make sure you have all account credentials, such as your SQL database credentials, your SolarWinds Customer Portal account, your AWS credentials, and Windows local admin server credentials.
Schedule the installation

Set up the maintenance window, preferably during off-peak hours. Depending on the number of products, size of database(s), and size of environment, you may require multiple hours to complete your installation.

Notify your company Send a message to your company of the upgrade schedule and maintenance window. If you need additional help, contact and allocate specific staff to be available.

Prepare the environment

Depending on your licensed Orion Platform products, you may need to prepare multiple servers and configure ports in your firewall before installation.

Prepare the cloud network (optional) SolarWinds recommends using a public DNS hostname and a public IPv4 address.
Create your VPC Create the VPC that will contain your SolarWinds Orion environment.
Create security group and open ports
  1. Define the security group for your Orion environment. All SolarWinds Orion components installed in the cloud, such as your main Orion server, Orion database, and APE, must be part of the same security group. 
  2. Define ports in the security group.
  3. Modify port rules for the ports used by your SolarWinds products.

For your server ports and firewall, open ports according to the port and feature requirements. Orion uses these ports to send and receive data, issue management commands, and additional actions depending on the features. For example, SolarWinds High Availability has additional port requirements beyond product needs.

For more information, see Amazon's help.

If you set a public IP address, you may want to use stricter security settings, including strong passwords.

Prepare the servers

Prepare server instances as needed for your Orion Platform products and deployment:

Any server instance in the cloud must be part of the same security group.

  • Orion server: based on your product deployment size and system requirements.
  • Orion SQL server: based on your product deployment size and system requirements.
  • Primary and Secondary servers for SolarWinds High Availability: review the HA requirements.
  • Additional Polling Engine servers: see the SolarWinds Scalability Guidelines.
  • Additional web server: see the SolarWinds Scalability Guidelines.
  • Additional database server: Some products have additional needs. For example:
    • NTA 4.4 requires an instance of SQL Server 2016 SP1 or later for a Flow Storage Database. The Flow Storage Database can either be co-located with your Orion database on a single SQL server, or can be installed on a dedicated server. The deployment method is dependent on the size of your environment.

      NTA 4.3 requires a dedicated server for the Flow Storage Database with FastBit.

    • Products with integration components, like DPA, require a separate database.
Run all Windows updates

Before installation, check for and run all Microsoft Windows Updates on all servers. If a Windows update automatically launches during installation, your system may restart if required by the update. The installation may not complete if your system is waiting to restart.

Check for antivirus software

Determine if any antivirus software is installed on the server or servers where you plan to install. To ensure the installation goes smoothly, exclude the SolarWinds directory. For example, on Windows Server 2012 R2, exclude C:\ProgramData\SolarWinds\. For a full list of antivirus exclusions, see Files and directories to exclude from antivirus scanning.

SolarWinds assumes that C:\ is the default volume.

Verify connectivity

Ensure that you can connect to your nodes from your cloud instance and vice versa. Polling Engines and Additional Web Servers must be able to connect to the database server.

Gotchas

  • Carefully review the port requirements for your products. Incorrect ports can cause network communication and polling issues. See the Port requirements for all SolarWinds products for details.
  • Review your DNS settings or your hosts file to ensure that you can successfully resolve hosts names, including LDAP servers for user authentication, in your environment.

Installation instructions

Follow these instructions every time you run the SolarWinds Orion Installer. You can run the installer multiple times as needed to upgrade and install Orion Platform products. As you install products in an existing Orion Platform environment, you may also have options to upgrade products.

What you should know:

  • If you have products out of maintenance, the Orion Installer will provide the latest possible upgrades for your products. Information and a link will display warning you of the issues that can occur. Having even one product out of maintenance can restrict the upgrade options for products currently under maintenance. For example, if you have IPAM out of maintenance and want the latest NPM upgrade, you may not be able to upgrade until IPAM is also upgraded due to compatibility.

    Recommendation: Renew. SolarWinds recommends renewing you maintenance to receive the latest upgrades and installs for all products.

  • The Orion Installer will alert you to warning or critical level requirements issues during the System Check.

    Recommendation: Verify product requirements before you get started. View the checklist at the beginning of this guide for links to help.

1. Create an Amazon EC2 instance with SQL (optional)

Follow these steps if you are hosting your Orion database server in the cloud.

  1. Sign in to your Amazon EC2 console and launch an instance according to your recommended deployment size.
  2. Choose your instance type.
  3. Select the Security Group that contains all of your Orion servers.

The SQL server must use the same timezone as your main Orion server.

2. Create an Amazon EC2 instance

  1. Sign in to your Amazon EC2 console and launch an instance according to your recommended deployment size.
  2. Choose your instance type.
  3. Select the Security Group that contains all of your Orion servers.

Use this instance for your Orion servers in the cloud.

3. Run the installer and select products to install

  1. Save and run the installer.exe on the server dedicated to your main Orion server.
  2. A welcome screen displays a list of products to install. The installer walks you through upgrading and installing in one process.
  3. Select the product(s) you want to install using the SolarWinds Orion Installer.
  4. (Optional) Select to send usage metrics to help SolarWinds improve products. SolarWinds only receives data collected during the installation and upgrade process.
  5. Click Next.

4. Create the NTA database (optional)

Follow this step if you are hosting your NTA Flow Storage database in the cloud.

  1. Sign in to your Amazon EC2 console and launch an instance according to your recommended deployment size.
  2. Choose your instance type.
  3. Select the Security Group that will contain all of your Orion servers.
  4. Run the NTA database installer.

If you are not hosting your NTA Flow Storage database in the cloud, run the NTA database installer on a physical server. Install the NTA Flow Storage database and the Orion database on separate SQL server instances.

5. Review the System Check

A series of system checks run per product to verify if your server meets recommended system requirements. These checks include:

  • Hardware resources, including RAM, hard drive space, and number of CPUs.
  • Software installed, including the Operating System version, .NET, and other required tools.
  • Ports for data access and tasks.
  • Product-specific checks for configurations and additional requirements.

If your environment does not meet specifications, the installer provides:

  • Warning message: does not block the installation. Details provide recommended actions and best practices to update your environment for better performance.
  • Critical issue: blocks the installation until resolved. Details provide required updates for your environment to support the products. After addressing the issues, run the installer again.

For more information, select Click for more details. Select Save Install Report to save a list of issues to resolve. You can also select Copy the issue to clipboard to paste the details in a text file.

The following is an example of a report.

6. Review the EULA agreement

The EULA is displayed for you to review and accept. If you agree with the license agreement, click the accept option and click Next.

7. Monitor the installation progress

Products begin installing with messages for the progress. The installer displays any issues, halting the installation to allow you to review and fix. The installer may run multiple product installations prior to running the Configuration wizard. Installations requiring the Configuration wizard open and walks you through the installation steps.

You can run the SolarWinds Orion Installer again to check for updates.

If a reboot is required as part of the installation, the installer will prompt you. You cannot continue the installation until you have restarted the computer.

8. Complete the Configuration wizard

When the installation completes, the Configuration wizard opens. Depending on your product, the wizard may include additional options and screens.

  1. In the welcome dialog box, click Next.
  2. If prompted to stop services, click Yes.
  3. If you performed a Standard installation with an existing SQL database, select one of the following for authentication:
    • Authenticate as currently logged in user: pass through authentication to the SQL server using the account currently logged in for installing the Orion product.
    • Switch user: provide separate SQL credentials.

    Unless you have joined your on-premise and cloud domains, you must use a dedicated SQL Server account. Windows authentication may not work as expected in the cloud.

     

  4. In the Database Settings dialog box, create a new database in your SQL server.

    SolarWinds recommends that your main Orion server and your SQL server are both hosted on-premise or in the cloud to prevent alerting loss or other undesirable behaviors in case of network connectivity issues.

  5. In the Database Account dialog box, create an account or use an existing account that the polling engine and Orion Web Console use to access the database. The account must be a SQL account.

    We do not support creating a new SQL account through the Configuration wizard when the database is in the cloud.


  6. In the Website Settings dialog box, complete selections for your installation:

    If you select Skip website binding, the Configuration wizard does not make changes within the website configuration in your IIS. This option blocks IP address, port, and SSL certificate options.

    1. Select All Unassigned unless your environment requires a specific IP address for the Orion Web Console. The Port is 80 by default.
    2. Specify the Port and the Website Root Directory where the system installs the Web Console files.

      If you specify any port other than 80, include that port in the URL used to access the Web Console.

    3. To configure SSL, click Enable HTTPS and select your SSL certificate.

      You must install your SSL certificate on the server before running the Configuration Wizard. You can install the certificate and run the Configuration Wizard again.
      If a certificate is not available, select the option to Generate Self-Signed Certificate. The Configuration Wizard automatically generates a self-signed certificate issued to the hostname or FQDN and adds it to the trusted certificate store.

  7. If prompted to create a directory or website, click Yes.
  8. Review the list of services to install, and click Next.
  9. Click Yes if prompted to disable the SNMP Trap Service and enable the SolarWinds Trap Service.
  10. In the Completing the Orion Configuration Wizard dialog box, click Next.
  11. When completed, click Finish to launch the Orion Web Console.

    Click Start > All Programs > SolarWinds > Orion Web Console

    or

    Open a web browser on your Orion server and enter http://ipAddress or http://hostname, where ipAddress is the IP address of your server and hostname is the host name of your server.

    SolarWinds recommends using a public DNS name or IPv4 address.

  12. Log in with user name admin and leave the password field blank.

    For security purposes, SolarWinds recommends that you change the password to your admin account.

Deploy Orion agents in the cloud

If you are deploying Orion agents from the cloud to on-premise devices, follow the manual deployment steps. Otherwise, complete the steps below to deploy agents in the cloud.

1. Review agent requirements

SolarWinds Orion agent requirements.

2. Update security groups ports

Update ports based on the agent communication type.

Agent-initiated communication

  • The monitored device must be able to reach the Orion server using the IP address.
  • Port 17778 must be open on the Orion server or APE.
  • Open port 17791 on the monitored device if it runs on Windows 2008 R2.

Server-initiated communication

  • The Orion server must be able to reach the monitored device using the IP address.
  • Port 17790 must be open on the monitored device.
  • Open port 22 on Linux-based devices to install the agent.
  • Open ports 135 and 445 on Windows devices to install the agent.

3. Manually deploy an agent on Amazon Web Services (Optional)

You can manually deploy agents to a virtual machine using Remote Desktop Connection in two ways.

Deploy through the command prompt

  1. Click Settings > All Settings in the menu bar.
  2. Under Product Specific Settings, click Agent Settings > Download Agent Software.
  3. Click Windows, and click Next.
  4. Click Mass Deploy to Multiple Machines, and click Next.
  5. Download the MSI and MST files.
  6. Run a command prompt as administrator from the context menu.
  7. Enter the following command:

    msiexec /i "SolarWinds-Agent.msi" TRANSFORMS="SolarWinds-Agent.mst"

Deploy the agent using the interactive wizard

  1. Click Settings > All Settings in the menu bar.
  2. Under Product Specific Settings, click Agent Settings > Download Agent Software.
  3. Click Windows, and click Next.
  4. Click Install Manually, and click Next.
  5. Click Download MSI.
  6. Copy the MSI file to the client machine, and run it.
  7. In the Installation wizard, select Agent Initiated Communication or Orion Server Initiated Communication.
  8. Enter the Orion server IP address or hostname, and the SolarWinds Orion administrator account credentials.
  9. Optional: For Server-initiated communication (passive), in the Orion Web Console:
    1. Click Settings > All Settings.
    2. Under Node & Group Management, click Manage Agents > Add Agent.
    3. Click Connect to a previously installed agent > click Next.
    4. Enter the name, IP address, and port number for the agent and click Server-initiated communication.

4. Automatically deploy an agent to established instances on Amazon Web Services (Optional)

  1. Click Settings > All Settings in the menu bar.
  2. Under Product Specific Settings, click Agent Settings > Download Agent Software.
  3. Click Windows, and click Next.
  4. Click Mass Deploy to Multiple Machines, and click Next.
  5. Download the MSI and MST files.
  6. Log in to your Amazon Web Services S3 account.
  7. Create a bucket and upload the MSI and MST files. http://docs.aws.amazon.com/AmazonS3/latest/gsg/CreatingABucket.html

    Disclaimer: Please note, any content posted herein is provided as a suggestion or recommendation to you for your internal use. This is not part of the SolarWinds software or documentation that you purchased from SolarWinds, and the information set forth herein may come from third parties. Your organization should internally review and assess to what extent, if any, such custom scripts or recommendations will be incorporated into your environment. You elect to use third party content at your own risk, and you will be solely responsible for the incorporation of the same, if any.

  8. Create a PowerShell script to run on each virtual machine when it is launched for the first time, downloading and executing the MST and MSI files on each virtual machine where you want to install the agent.
  9. Log in to your Amazon Web Services account.

    You can perform the following steps through the API or AWS command line interface.

  10. Create an instance, and paste your PowerShell script under Advanced Details in the User Data text box. Select the As Text option.
  11. For instances that are already created, take the following steps:
    1. Stop the instance where you want to deploy the agent.
    2. Right-click the instance and click Instance Settings > View/Change User Data.
    3. Paste your PowerShell script in the text box as Plain Text.
  12. Optional: For Server-initiated communication (passive), in the Orion Web Console:
    1. Click Settings > All Settings.
    2. Under Node & Group Management > Manage Agents > Select Add Agent.
    3. Click Connect to a previously installed agent > Click Next.
    4. Enter the name, IP address, secret, and port number for the agent and click Server-initiated communication.

Install an Additional Polling Engine or additional web server

If you have Additional Polling Engines (APE) or an additional web servers (AWS), the final installation screen reminds you of those installations. SolarWinds recommends using the Scalability Engine Installer.

1. Create an EC2 instance for your APE or SolarWinds AWS

  1. Sign in to your Amazon EC2 console and launch an instance according to your recommended deployment size.
  2. Choose your instance type.
  3. Select the Security Group that will contain all of your Orion servers.

2. Ensure your APE or SolarWinds AWS can communicate with your main Orion server

If the DNS does not resolve the host names in Amazon's AWS, update your hosts file.

  1. On your main Orion server, add your APE or SolarWinds AWS information to your hosts file.
  2. On your APE or SolarWinds AWS, add your main Orion server to your hosts file.

See Unable to resolve primary Orion server name for detailed troubleshooting instructions.

3. Install APE and SolarWinds AWS

  1. Log in to the cloud instance for your Additional Polling Engine.
  2. Download this installer through the Orion Web Console.
    • For the APE installer, click Settings > All Settings > Polling Engines.
    • For the AWS installer, click Settings > All Settings > Web Console Settings.
  3. Run the installer on your APE or AWS.
  4. Repeat installing on all additional polling engines and web servers in your environment.

Enable High Availability

  1. Create an Amazon Virtual Private Cloud.

    AWS does not support the use of a virtual IP address. As a result, Orion High Availability cannot be deployed in AWS if both members of the same HA pool also reside in the same subnet. Each member of an HA pool must be deployed into a different subnet. A virtual hostname (using, for example, Amazon's Route 53 or Amazon's ELB) can be used to direct users to active member of the HA pool. See Amazon's help for more information.

  2. Create or update security groups.
    1. Open port 5671 (TCP) on the primary and standby servers.

    2. Open ports 4369 and 25672 (TCP) on the main Orion server and its standby server. These ports are not required when protecting additional polling engines.
  3. Create a primary server.
  4. Create a secondary server.
    SolarWinds recommends that your standby server has similar specifications as the primary server.
  5. Download and install secondary server hardware.
  6. Create your HA pool.

    Do not use a Virtual IP (VIP) address when enabling High Availability in the cloud. Instead, you must use a virtual hostname.

  7. Activate your HA pool licenses.

Troubleshooting

If you receive errors, try the following:

  • If you cannot connect to the main Orion server from your APE or SolarWinds AWS, check that the hosts file includes the main Orion server.
  • If you experience issues and are not on the latest product versions, SolarWinds recommends completing a full upgrade. Use the Orion Installer to create the upgrade path. Many of these updates solve issues you may experience part way through your upgrade.
  • Check our Success Center for troubleshooting. SolarWinds recommends searching the name of the product, the version number, any error codes or messages displayed, and the general issue you found.
  • Check your Customer Portal for any new hotfixes.
  • If you receive (500) internal server error after an upgrade, use the Orion permission checker to make sure your Group Policy is not locked. See this article for full details.
  • If your views do not load when first opening the console, run the Configuration wizard again.

If an issue occurs you need additional help with, contact Support. SolarWinds recommends gathering diagnostics, a screenshot of the issue, and any error codes you receive. Attach and add this information to your ticket. You may also want to gather additional diagnostics on your additional polling engines and web servers.