Getting started with Trento Premium #

SUSE® Linux Enterprise Server for SAP Applications

Publication Date: 01 Jun 2023

Trento Premium is an open cloud native web console that aims to help SAP Basis consultants and administrators to check the configuration, monitor and manage the entire OS stack of their SAP environments, including HA features.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or (at your option) version 1.3; with the Invariant Section being this copyright notice and license. A copy of the license version 1.2 is included in the section entitled “GNU Free Documentation License”.

For SUSE trademarks, see http://www.suse.com/company/legal/. All third-party trademarks are the property of their respective owners. Trademark symbols (®, ™ etc.) denote trademarks of SUSE and its affiliates. Asterisks (*) denote third-party trademarks.

All information found in this book has been compiled with utmost attention to detail. However, this does not guarantee complete accuracy. Neither SUSE LLC, its affiliates, the authors nor the translators shall be held liable for possible errors or the consequences thereof.

Important: Trento is an evolving product

The product continues to be under active development and is available at no extra cost for any SUSE customer with a registered SUSE Linux Enterprise Server for SAP Applications 15 (SP1 or higher). Contact https://www.suse.com/support for further assistance.

1 What is Trento Premium? #

Trento Premium is the extended version of the Trento community project containing additional checks. Apart from their naming, both are comprehensive monitoring solutions consisting of two main components, the Trento Server and the Trento Agent. Both Trento variants provide the following features:

A simplified, reactive web UI targeting SAP admins
Automated discovery of SAP Systems, SAP Instances, and SAP HANA clusters
Configuration validation for SAP HANA Scale-Up Performance-optimized two-node clusters deployed on Azure, AWS, GCP or on-premise bare metal platforms, including KVM and Nutanix
Monitoring of CPU and Memory usage at host level through basic integration with Grafana and Prometheus
Email alerting for critical events in the monitored landscape

The Trento Server is an independent, cloud native, distributed system, designed to run on a Kubernetes cluster. The Trento Server interacts with users via a web front-end.

The Trento Agent is a single background process (trento agent) running on each host of the SAP infrastructure that is monitored.

For both Trento Premium and Trento Community, SUSE collects telemetry data relevant for further product development.

See Figure 1, “Architectural overview” for additional details.

Figure 1: Architectural overview #

2 Product lifecycle and update strategy #

Trento Premium is available at no extra cost for SLES for SAP subscribers. Particularly, Trento's two main components have the following product lifecycles:

Trento Agent

Delivery mechanism: RPM package for SUSE Linux Enterprise Server for SAP Applications 15 SP1 and newer.

Supported runtime: Supports SUSE Linux Enterprise Server for SAP Applications 15 SP1 and newer.

Trento Server

Delivery mechanism: A set of container images from the SUSE registry together with a Helm chart for easy installation.

Kubernetes: The Trento Server runs on any current Cloud Native Computing Foundation (CNCF)-certified Kubernetes distributions based on a x86_64 architecture. Depending on your background and needs, SUSE supports several usage scenarios:

If you already use a CNCF-certified Kubernetes, you can run the Trento Server in it.
If you have no Kubernetes and want enterprise support, SUSE recommends SUSE Rancher with Rancher Kubernetes Engine (RKE) version 1 or 2.
If you do not have Kubernetes enterprise solution and you would like to test Trento, an easy option could be SUSE's K3s project which provides a single node Kubernetes cluster. Note, this is not a recommended solution for a stable Trento production, but a viable way to get started.

3 Requirements #

This section describes requirements for the Trento Server and its Trento Agents.

3.1 Trento Server requirements #

Running all the Trento Server components requires a minimum of 3 GB of RAM, two CPU cores and 64 GB of storage. When using K3s, such storage should be provided under /var/lib/rancher/k3s.

While the Trento Server supports various usage scenarios, depending on the existing infrastructure, it is designed to be cloud native and OS agnostic. As such, the default installation method provisions a minimal, single node, K3S Kubernetes cluster for running its components in Linux containers. The Trento Server can be installed on the following services:

RKE1 (Rancher Kubernetes Engine version 1)
RKE2
any other CNCF-certified Kubernetes running on x86_64 architecture

3.2 Trento Agent requirements #

The resource footprint of the Trento Agent is designed to not impact the performance of the host it runs on.

The Trento Agent component needs to interact with several low-level system components that are part of the SUSE Linux Enterprise Server for SAP Applications distribution.

3.3 Network requirements #

The Trento component running Kubernetes has network access to the SAP Landscape.
Trento Server must be reachable via HTTP (port TCP/80) or via HTTPS (port TCP/443) if SSL is enabled, from any Trento Agent host.
Trento Server must be reachable via Advanced Message Queuing Protocol or AMQP (port TCP/5672), from any Trento Agent host.
Trento Server must be able to reach the Node Exporter in the Trento Agent hosts (port TCP/9100).
The SAP administrator also needs access to Trento Server via HTTP (port TCP/80) or via HTTPS (port TCP/443) if SSL is enabled.

3.4 Installation prerequisites #

Trento Server. Access to SUSE registry for the deployment of Trento Server premium containers.
Trento Agents. A registered SUSE Linux Enterprise Server for SAP Applications distribution.

4 Installing Trento Server #

Important: Expect changes in the installation procedure

The product is under active development. Expect changes in the described installation procedure.

The subsection uses the following placeholders:

TRENTO_SERVER_HOSTNAME: the host name of the Trento Server host.
ADMIN_PASSWORD: the password that the SAP administrator will use to access the web console. It should have at least 8 characters.

4.1 Installing Trento Server on an existing Kubernetes cluster #

Trento Server is delivered as a Helm chart to facilitate the installation process. If you already have a Kubernetes cluster in place and want to use it to run Trento Server, proceed as follows:

Install Helm:

curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash

Install the Trento Server Helm chart using Helm:

HELM_EXPERIMENTAL_OCI=1 helm upgrade \
   --install trento-server oci://registry.suse.com/trento/trento-server \
   --set trento-web.adminUser.password=ADMIN_PASSWORD

Note that the experimental flag is not needed as of Helm version 3.8.0.

To verify that the Trento Server installation was successful, open the URL of the Trento web console (http://TRENTO_SERVER_HOSTNAME) from a workstation located in the SAP administrator's LAN.

4.2 Installing Trento Server on K3s #

If you do not have a Kubernetes cluster or have one but do not want to use it for Trento, you can deploy a small VM (see Section 3.1, “Trento Server requirements” for minimum requirements) and follow steps in Procedure 1, “Manually installing Trento on a Trento Server host” to get Trento Server up and running.

Important: Deploying Trento on K3s

SUSE does not recommend using Trento on K3s for production purposes.

Procedure 1: Manually installing Trento on a Trento Server host #

Install Kubernetes:

Installing as user root

# curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_SELINUX_RPM=true sh

Installing as non-root user:

> curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_SELINUX_RPM=true sh -s - --write-kubeconfig-mode 644

Install Helm as root:

# curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash

Export the KUBECONFIG environment variable for the same user that installed K3s:
```
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
```
With the same user that installed K3s, install the Trento Server Helm chart using Helm:
```
HELM_EXPERIMENTAL_OCI=1 helm upgrade \
   --install trento-server oci://registry.suse.com/trento/trento-server \
   --set trento-web.adminUser.password=ADMIN_PASSWORD
```
Note that the experimental flag is not needed as of Helm version 3.8.0.
Monitor the creation and start-up of the Trento Kubernetes pods and wait until they are all in running status:
```
watch kubectl get pods
```
Log out of the Trento Server host.
To verify that the Trento Server installation was successful, open the URL of the Trento web console (http://TRENTO_SERVER_HOSTNAME) from a workstation located in the SAP administrator's LAN.

4.3 Installing Trento Server on K3s running on SUSE Linux Enterprise Server for SAP Applications 15 #

If you choose to deploy K3s on a VM with a registered SUSE Linux Enterprise Server for SAP Applications 15 distro, you can install the package trento-server-installer and then execute script install-trento-server: it will run Step 2 to Step 5 in Procedure 1, “Manually installing Trento on a Trento Server host” for you automatically.

4.4 Deploying Trento Server on selected nodes #

If you use a multi node Kubernetes cluster, it is possible to deploy Trento Server images on selected nodes by specifying the field nodeSelector in the helm upgrade command, with the following syntax:

HELM_EXPERIMENTAL_OCI=1 helm upgrade \
   --install trento-server oci://registry.suse.com/trento/trento-server \
   --set trento-web.adminUser.password=ADMIN_PASSWORD \
   --set prometheus.server.nodeSelector.LABEL=VALUE \
   --set postgresql.primary.nodeSelector.LABEL=VALUE \
   --set trento-web.nodeSelector.LABEL=VALUE \
   --set trento-runner.nodeSelector.LABEL=VALUE \
   --set grafana.nodeSelector.LABEL=VALUE

4.5 Enabling email alerts #

Email alerting feature notifies the SAP administrator about important changes in the SAP Landscape being monitored/observed by Trento.

Some of the reported events are:

Host heartbeat failed
Cluster health detected critical
Database health detected critical
SAP System health detected critical

This feature is disabled by default. It can be enabled at installation time or anytime at a later stage. In both cases, the procedure is the same and uses the following placeholders:

SMTP_SERVER: The SMTP server designated to send alerting emails.
SMTP_PORT: The port on the SMTP server.
SMTP_USER: User name to access SMTP server.
SMTP_PASSWORD: Password to access SMTP server.
ALERTING_SENDER: Sender email for alerting notifications.
ALERTING_RECIPIENT: Recipient email for alerting notifications.

The command to enable email alerting is the following:

HELM_EXPERIMENTAL_OCI=1 helm upgrade \
   --install trento-server oci://registry.suse.com/trento/trento-server \
   --set trento-web.adminUser.password=ADMIN_PASSWORD \
   --set trento-web.alerting.enabled=true \
   --set trento-web.alerting.smtpServer=SMTP_SERVER \
   --set trento-web.alerting.smtpPort=SMTP_PORT \
   --set trento-web.alerting.smtpUser=SMTP_USER \
   --set trento-web.alerting.smtpPassword=SMTP_PASSWORD \
   --set trento-web.alerting.sender=ALERTING_SENDER \
   --set trento-web.alerting.recipient=ALERTING_RECIPIENT

4.6 Enabling SSL #

Ingress may be used to provide SSL termination for the web component of Trento Server. This would allow to encrypt the communication from the agent to the server, which is already secured by the corresponding API key. It would also allow HTTPS access to the web console with trusted certificates.

Configuration must be done in the tls section of the values.yaml file of the chart of the Trento Server web component.

For details on the required Ingress setup and configuration, refer to: https://kubernetes.io/docs/concepts/services-networking/ingress/. Particularly, refer to section https://kubernetes.io/docs/concepts/services-networking/ingress/#tls for details on the secret format in the YAML configuration file.

Additional steps are required on the Agent side.

5 Installing Trento Agents #

Important: Expect changes in the installation procedure

The product is under active development. Expect changes in the described installation procedure.

Before you can install a Trento Agent, retrieve the API key of your Trento Server. Proceed as follows:

Open the URL of the Trento web console (http://TRENTO_SERVER_HOSTNAME). It prompts you for a user name and password:
Enter the credentials for the admin user (established when installing Trento Server).
Click Login. As this is the first time you access the console, you will be prompted to accept the license agreement. Click Accept to continue. Otherwise, you cannot use Trento.
Once inside the console, go to Settings:
Click the Get your key now! button.
Write down the API key.

To install the Trento Agent on an SAP host and register it with the Trento Server, repeat the steps in Procedure 2, “Installing Trento Agents”:

Procedure 2: Installing Trento Agents #

Install the package:

> sudo zypper ref
> sudo zypper install trento-agent

Open the configuration file /etc/trento/agent.yml and uncomment (use #) the entries for facts-service-url, server-url and api-key. Update the values appropriately:
- facts-service-url: the address of the AMQP service shared with the checks engine, where fact gathering requests are received. The right syntax is amqp://trento:trento@TRENTO_SERVER_HOSTNAME:5672.
- server-url: URL for the Trento Server (http://TRENTO_SERVER_HOSTNAME)
- api-key: the API key retrieved from the Web console
If SSL termination has been enabled on the server side (refer to Section 4.6, “Enabling SSL”), you can encrypt the communication from the agent to the server as follows:
- Provide an HTTPS URL instead of an HTTP one.
- Import the certificate from the CA that has issued your Trento Server SSL certificate into the Trento Agent host as follows:
  Copy the CA certificate in PEM format to /etc/pki/trust/anchors/. If your CA certificate is in CRT format, convert it to PEM using the openssl command as follows:
  openssl x509 -in mycert.crt -out mycert.pem -outform PEM
  Run the update-ca-certificates command.

Start the Trento Agent:

> sudo systemctl enable --now trento-agent

Check the status of the Trento Agent:

> sudo systemctl status trento-agent
● trento-agent.service - Trento Agent service
     Loaded: loaded (/usr/lib/systemd/system/trento-agent.service; enabled; vendor preset: disabled)
     Active: active (running) since Wed 2021-11-24 17:37:46 UTC; 4s ago
   Main PID: 22055 (trento)
      Tasks: 10
     CGroup: /system.slice/trento-agent.service
             ├─22055 /usr/bin/trento agent start --consul-config-dir=/srv/consul/consul.d
             └─22220 /usr/bin/ruby.ruby2.5 /usr/sbin/SUSEConnect -s

[...]

Repeat this procedure in all SAP hosts that you want to monitor.

6 Performing configuration checks #

One of Trento's main features is to provide checks for the HANA scale-up performance optimized two-node clusters in your SAP Landscape. To run these checks, proceed as follows:

Procedure 3: Performing configuration checks #

Log in to Trento
In the left panel, click Cluster.
In the list, search for an SAP HANA cluster.
Click the respective cluster name in the Name column. The Details view opens.
Figure 2: Pacemaker cluster details #
Click the Settings button to change the cluster settings of the respective cluster. For checks to be executed, a checks selection must be made. Select the checks to be executed and click the button Select Checks for Execution. See Figure 3, “Pacemaker Cluster Settings—Checks Selection”:
Figure 3: Pacemaker Cluster Settings—Checks Selection #
At this moment, you can either wait for Trento to execute the selected checks or trigger an execution immediately by clicking the button that has appeared in the Checks Selection tab.
Investigate the result in the Checks Results view. Each row in this view shows you a check ID, a short description of the check and the check execution result. See Figure 4, “Check results for a cluster”:
Figure 4: Check results for a cluster #

The result of a check execution can be passing, warning or critical:
- Passing means that the checked configuration meets the recommendation.
- Warning means that the recommendation is not met but the configuration is not critical for the proper running of the cluster.
- Critical means that either the execution itself errored (for example, a timeout) or the recommendation is not met and is critical for the well-being of the cluster.
Use the filter to reduce the list to only show, for example, critical results.
Click the corresponding row to open the Details view of this check. This shows you an abstract and how to remedy the problem. The References section contains links to the documentation of the different vendors to provide more context when necessary. Close the view with the Esc key or click outside of the view.

Once a check selection for a given cluster has been made, Trento executes them automatically every five minutes, and results are updated accordingly. A check execution result icon spinning means that an execution is running.

7 Using Trento web console #

When you access the Trento web console for the first time, it asks to accept the license. Click Accept to continue.

After you have accepted the license, Trento can be used. The left sidebar in the Trento web console contains the following entries:

Dashboard. Determine at a glance the health status of your SAP environment.
Hosts. Overview of all registered hosts running the Trento Agent.
Clusters. Overview of all discovered Pacemaker clusters.
SAP Systems. Overview of all discovered SAP Systems; identified by the corresponding system IDs.
HANA Databases. Overview of all discovered SAP HANA databases; identified by the corresponding system IDs.
Checks catalog. Overview of the catalog of configuration checks that Trento may perform for the different cluster components (Pacemaker, Corosync, SBD, etc.) in any of the supported platforms: Azure, AWS, GCP, or on-premise bare metal (default).
Settings. Lets you retrieve the API key for this particular installation, which is required for the Trento Agent configuration.
About. Shows the Trento flavor, the current server version, a link to the GitHub repository of the Trento web component, and the number of registered SUSE Linux Enterprise Server for SAP Applications subscriptions that has been discovered.

7.1 Getting the global health state #

The dashboard allows you to determine at a glance the health status of your SAP environment. It is the home page of the Trento web console, and you can go back to it any time by clicking on Dashboard in the left sidebar.

The health status of a registered SAP system is the compound of its health status at four different layers, which are a reflection of the SAP architecture:

Hosts: it reflects the heartbeat of the Trento Agent.
Pacemaker Clusters: the status here is based on the running status of the cluster and the results of the configuration checks.
Database: it collects the status of the HANA instances as returned by sapcontrol.
SAP instances: it summarizes the status of the ABAP instances as returned by sapcontrol.

The dashboard groups systems in three different health boxes (see Figure 5, “Dashboard with the global health state”):

Figure 5: Dashboard with the global health state #

The three different health states #

Passing: It shows the number of systems with all layers in passing (green) status.
Warning: It shows the number of systems with at least one layer in warning (yellow) status and the rest in passing (green) status.
Critical: It shows the number of systems with at least one layer in critical (red) status.

The health boxes in the dashboard are clickable. By clicking on one particular box, you filter the dashboard by systems with the corresponding health status. In large SAP environments, this feature facilitates the SAP administrator knowing which systems are in a given status.

The icons representing the health summary of a particular layer contain links to the views in the Trento console that can help determine where an issue is coming from:

Hosts health icon: Link to the Hosts overview, filtered by SID equal to the SAPSID and the DBSID of the corresponding SAP system.
Cluster health icon: Link to the corresponding Pacemaker Cluster Details view.
Database health icon: Link to the corresponding HANA Database Details view.
SAP Instances health icon: Link to the corresponding SAP System Details view.

A grey status is returned when either a component does not exist, or it is stopped (as returned by sapcontrol), or its status is unknown (for instance, if a command to determine the status fails).

Grey statuses are not yet counted in the calculation of the global health status.

7.2 Viewing the status #

Getting to know the status of a system is an important task for every administrator. The status allows you to see if some of your systems need to be examined further.

The following subsection gives you an overview of specific parts of your SAP Landscape to show their state. Each status site shows you an overview of the health states (see details in The three different health states).

7.2.1 Viewing the status of hosts #

To display the lists of registered hosts and their details, proceed as follows:

Log in to the Trento web console.
Click the Hosts entry in the left sidebar to show a summary of the state for all hosts (see Figure 6, “Hosts entry”).
Figure 6: Hosts entry #
To investigate the specific host details, click the host name in the respective column to open the corresponding Host details view. If the list is too big, reduce the list by providing filters.
Clicking on a host name opens the corresponding Host details view. This view provides the following:
Host details view #
- Hosts details section: it shows the status of both the Trento Agent and the Node Exporter and provides the host name, the cluster name (when applicable) and the Trento Agent version.
- Monitoring dashboard: it shows the CPU and Memory usage for the specific hosts.
- Provider details section: when applicable, it shows the name of the cloud provider, the name of the virtual machine, the name of the resource group it belongs to, the location, the size of the virtual machine, and other information.
- SAP instances section: when applicable, it lists the ID, SID, type, features, and instance number of any SAP instance running on the host (SAP NetWeaver or SAP HANA).
- SUSE subscription details section: it lists the different components or modules that are part of the subscription, and for each one of them, it provides the architecture, the version and type, the registration and subscription status as well as the start and end dates of the subscription.

7.2.2 Viewing the Pacemaker cluster status #

To display a list of all available Pacemaker clusters and their details, proceed as follows:

Log in to the Trento web console.
Click the Clusters entry in the left sidebar to show a summary of the state for all Pacemaker clusters (see Figure 7, “Pacemaker clusters”).
Figure 7: Pacemaker clusters #
To investigate the specific Pacemaker cluster details, click the cluster name in the respective column to open the corresponding Pacemaker cluster details view. If the list is too big, reduce the list by providing filters.
This view provides the following:
Pacemaker cluster details view #
- The Settings, Show Results, and Start Execution buttons. These buttons are used to enable or disable checks and to start them. If you want to perform specific checks, proceed with Step 5 of Procedure 3, “Performing configuration checks”.
- The cloud provider, the cluster type, HANA log, SID (when applicable), SAPHanaSR health state, HANA secondary sync state, fencing type, when the CIB was last written, and HANA log operation mode.
- Check Result section: with a summary of the health of the clusters based on the runtime status and the selected configuration checks for each one of them (passed, warning and critical).
- Stopped resources section: with a summary of resources which have been stopped on the cluster.
- Pacemaker Site details section: with a summary of NBG and WDF. Both list the host name, their role, the IP and virtual IP address. If you click the Details, you can view the attributes of the site and their resources. Close this view with the Esc key.
- SBD/Fencing section: with a status and the SBD device.

7.2.3 Viewing the SAP Systems status #

To display a list of all available SAP Systems and their details, proceed as follows:

Log in to the Trento web console.
To investigate the specific SAP Systems details, click the SAP Systems entry in the left sidebar to show a summary of the state for all SAP Systems (see Figure 8, “SAP Systems”).
Figure 8: SAP Systems #
Decide which part you want to examine. You can view the details of the SID column of an entry, or you go with Attached RDBMS to see the details of the database. If the list is too big, reduce the list by providing filters.
If you click on an entry in the SID column, the SAP System Details view opens. This view provides the following:
SAP System details #
- The Name and Type of this SAP System.
- Layout section: for each instance, virtual host name, instance number, features (processes), HTTP and HTTPS ports, start priority, and SAPControl status.
- Hosts section: with the host name, the IP address, the cloud provider (when applicable), the cluster name (when applicable), and the Trento Agent version for each listed host. When you click the host name, it takes you to the corresponding Host details view.
Figure 9: SAP System Details #

7.2.4 Viewing the SAP HANA database status #

To display a list of all available SAP HANA databases and their details, proceed as follows:

Log in to the Trento web console.
Click the HANA databases entry in the left sidebar to show a summary of the state for all SAP HANA databases (see Figure 10, “HANA databases”).
Figure 10: HANA databases #
To investigate the specific SAP HANA database details, click the respective name in the SID column to open the corresponding HANA Database details view. If the list is too big, reduce the list by providing filters.
Clicking on one of the SIDs opens the HANA Databases detail view. This view provides the following:
HANA Database details view #
- The Name and Type of this SAP System.
- Layout section: lists all related SAP HANA instances with their corresponding virtual host name, instance number, features (roles), HTTP/HTTPS ports, start priorities, and SAPControl status.
- Hosts section: lists the hosts where all related instances are running. For each host, it provides the host name, the local IP address(es), the cloud provider (when applicable), the cluster name (when applicable), the system ID, and the Trento Agent version.
  Clicking on a host name takes you to the corresponding Host details view.
Figure 11: HANA Database details #

7.3 Managing tags #

Tags are a means to label specific objects with a purpose, location, owner, or any other property you like. Such objects can be hosts, clusters, databases, or SAP systems. Tags make it easier to distinguish and show all these different objects, making your lists more readable and searchable. You can use any text you like to create your tags except blank spaces and special characters other than + - = . , _ : and @.

The following subsection shows how you can add, remove, and filter objects based on your tags.

7.3.1 Adding tags to hosts, clusters, databases, and SAP Systems #

To add one or more tags to your objects, do the following:

Log in to Trento.
In the Trento dashboard, go to the overview corresponding to the object for which you want to create tags. For example, the Hosts overview.
In the Hosts overview, search for the host you want to add a tag to.
In the Tags column, click the Add Tag entry.
Enter the respective tag and finish with Enter.
Repeat this procedure to assign as many tags as you want. It can be on the same or on a different host.

After you have finished the above procedure, the changed host contains one or more tags.

The same principle applies to other objects in Trento, be it Clusters, SAP Systems, or HANA Databases.

7.3.2 Removing tags #

If you want to remove existing tags, click the respective part in the dashboard:

Log in to Trento.
In the Trento dashboard, go to the overview corresponding to the object for which you want to remove tags. For example, the Hosts overview.
In the Hosts overview, search for the host you want to remove a tag from.
In the Tags column, click the × icon to remove the tag.
Repeat this procedure to remove as many tags as you want. It can be on the same or on a different host.

7.3.3 Filter tags #

With tags, you can show only those objects you are interested in. For example, if you have created a drbd tag for some hosts, you can show only those hosts that have this drbd tag assigned.

In the Trento dashboard, go to the respective overview you are interested in.
Make sure you have already assigned some tags. If not, refer to Section 7.3.1, “Adding tags to hosts, clusters, databases, and SAP Systems”.
In the second row, click the last drop-down list with the name Filter tags. The drop-down list opens and shows you all of your defined tags.
Select the tag you want to filter from the drop-down list. It is possible to select more than one tag.

After you have finished the above procedure, Trento shows all respective hosts that contain one or more of your selected tags.

To remove the filter, click the × icon from the same drop-down list.

8 Updating Trento Server #

To update the Trento Server, do the following:

Ensure the Trento Server is running.
Ensure that credentials for Kubernetes are set up correctly. For example, if you installed K3s, export the KUBECONFIG environment variable for the same user that performed the installation:
```
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
```

With the same user, start the update of the Trento Server running the following command:

HELM_EXPERIMENTAL_OCI=1 helm upgrade \
   --install trento-server oci://registry.suse.com/trento/trento-server \
   --set trento-web.adminUser.password=ADMIN_PASSWORD \
   --set rabbitmq.auth.erlangCookie=$(openssl rand -hex 16)

Note that the experimental flag is not needed as of Helm version 3.8.0.

If email alerting is enabled in the environment, then the update command should include the corresponding options:

HELM_EXPERIMENTAL_OCI=1 helm upgrade \
   --install trento-server oci://registry.suse.com/trento/trento-server \
   --set trento-web.adminUser.password=ADMIN_PASSWORD \
   --set rabbitmq.auth.erlangCookie=$(openssl rand -hex 16) \
   --set trento-web.alerting.enabled=true \
   --set trento-web.alerting.smtpServer=SMTP_SERVER \
   --set trento-web.alerting.smtpPort=SMTP_PORT \
   --set trento-web.alerting.smtpUser=SMTP_USER \
   --set trento-web.alerting.smtpPassword=SMTP_PASSWORD \
   --set trento-web.alerting.recipient=ALERTING_RECIPIENT

Watch the Trento Server processes until they are all in ready/running status:
```
watch kubectl get pods
```
Open the Trento web console URL http://TRENTO_SERVER_HOSTNAME.
To check the new version, hover the mouse pointer over the info button in the lower-left corner.

9 Updating a Trento Agent #

To update the Trento Agent, do the following:

Log in to the Trento Agent host.
Stop the Trento Agent:
```
> sudo systemctl stop trento-agent
```

Install the package:

> sudo zypper ref
> sudo zypper install trento-agent

Copy file /etc/trento/agent.yaml.rpmnew onto /etc/trento/agent.yaml and ensure that entries facts-service-url, server-url, and api-key are maintained properly in the latter:
- facts-service-url: the address of the AMQP service shared with the checks engine where fact gathering requests are received. The right syntax is amqp://trento:trento@TRENTO_SERVER_HOSTNAME:5672.
- server-url: HTTP URL for the Trento Server (http://TRENTO_SERVER_HOSTNAME)
- api-key: the API key retrieved from the Web console
Restart the Trento Agent:
```
> sudo systemctl restart trento-agent
```

Check the status of the Trento Agent:

> sudo systemctl status trento-agent
● trento-agent.service - Trento Agent service
     Loaded: loaded (/usr/lib/systemd/system/trento-agent.service; enabled; vendor preset: disabled)
     Active: active (running) since Wed 2021-11-24 17:37:46 UTC; 4s ago
   Main PID: 22055 (trento)
      Tasks: 10
     CGroup: /system.slice/trento-agent.service
             ├─22055 /usr/bin/trento agent start --consul-config-dir=/srv/consul/consul.d
             └─22220 /usr/bin/ruby.ruby2.5 /usr/sbin/SUSEConnect -s

[...]

Check the version on the Trento web console (URL http://TRENTO_SERVER_HOSTNAME).
Repeat this procedure in all Trento Agent hosts.

10 Uninstalling Trento Server #

To uninstall Trento Server, perform the following steps:

Ensure that credentials for Kubernetes are set up correctly. For example, if you installed K3s, set the KUBECONFIG environment variable for the user that performed the installation:
```
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
```
With the same user, run the following command:
```
helm uninstall trento-server
```

11 Uninstalling a Trento Agent #

To uninstall a Trento Agent, perform the following steps:

Log in to the Trento Agent host.
Stop the Trento Agent:
```
> sudo systemctl stop trento-agent
```
Remove the package:
```
> sudo zypper remove trento-agent
```

12 Reporting a Problem #

Any SUSE customer, with a registered SUSE Linux Enterprise Server for SAP Applications 15 (SP1 or higher) distribution, experiencing an issue with Trento Premium, can report the problem in the SUSE Customer Center under SUSE Linux Enterprise Server for SAP Applications 15 and component trento.

When opening a support case for Trento, provide the following information, which can be retrieved as explained in section Section 13, “Problem Analysis”:

The output of the Trento support plugin.
Your scenario dump.

For issues with a particular Trento Agent, or a component discovered by a particular Trento Agent, also provide the following:

The status of the Trento Agent.
The journal of the Trento Agent.
The output of the command supportconfig in the Trento Agent host. See https://documentation.suse.com/sles/html/SLES-all/cha-adm-support.html#sec-admsupport-cli for information on how to run this command from command line.

13 Problem Analysis #

This section covers some common problems and how to analyze them.

13.1 Trento Server #

To analyze issues within the application, we have two tools at our disposal. They both help us collect information/data that might be useful when troubleshooting/analyzing the issue.

13.1.1 Trento Support Plugin #

The Trento Support Plugin automates the collection of relevant runtime information. To use it, proceed as follows:

Install the following packages:
```
# zypper install jq python3-yq
```

Download the Trento Support Plugin script:

# wget https://raw.githubusercontent.com/trento-project/helm-charts/main/scripts/trento-support.sh

Make the script executable:
```
# chmod +x trento-support.sh
```

Set the Kubernetes configuration file and execute the script:

# KUBECONFIG=/etc/rancher/k3s/k3s.yaml ./trento-support.sh --output file-tgz --collect all

Send the generated archive file to support for analysis.

13.1.2 Scenario dump #

The scenario dump is a dump of the Trento database. It helps the core team to recreate a mock environment with the same status as the customer's. To generate the dump, proceed as follows:

Download the latest version of the dump script:

> wget https://raw.githubusercontent.com/trento-project/web/main/hack/dump_scenario_from_k8.sh

Make the script executable:
```
> chmod +x dump_scenario_from_k8.sh
```
Set the environment variable KUBECONFIG appropriately.

Generate the dump:

> ./dump_scenario_from_k8.sh -n SCENARIO_NAME -p PATH

Go to /scenarios/, package all the JSON files and send them to support for analysis.

13.2 Trento Agent #

The first source to analyze issues with the Trento Agent is the Trento Agent status, which can be retrieved as follows:

> sudo systemctl status trento-agent

If further analysis is required, it is convenient to activate debug log level for the agent. A detailed log can be then retrieved from the journal:

Add parameter log-level with value debug to the /etc/trento/agent.yaml configuration file.
```
> sudo vi /etc/trento/agent.yaml
```
Add the following entry:
```
log-level: debug
```
Restart the agent:
```
> sudo systemctl restart trento-agent
```
Retrieve the log from the journal:
```
> sudo journalctl -u trento-agent
```

13.3 Platform #

13.3.1 Platform-independent #

Set environment variable KUBECONFIG appropriately. When working with K3s:
```
> export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
```

List pods running in Kubernetes cluster and their status. Trento Server currently consists of six pods:

> kubectl get pods
trento-server-grafana-*
trento-server-prometheus-server-*
trento-server-postgresql-0
trento-server-web-*
trento-server-wanda-*
trento-server-rabbitmq-0

Retrieve details about one particular pod:
```
> kubectl describe pod POD_NAME
```
Retrieve the log of one particular pod:
```
> kubectl logs POD_NAME
```
Follow the log of one particular pod:
```
> kubectl logs POD_NAME --follow
```

14 More information #

Homepage: https://www.trento-project.io/
Trento project: https://github.com/trento-project/trento