Installation
System Requirements
Processor with hugepages support and SSE 4.2 (at least four cores). At least 16 GB of RAM. At least 1TB of free disk space.
Recommended distributions:
- Debian 10+
- Ubuntu LTS
Installation Procedure
Collector is distributed as Docker images stored on our server. To access them, contact us
You need access from the target machine to the distribution repositories.
Run commands as root
.
Configure Hugepages
Collector requires configured hugepages (large memory pages).
Example of allocating 512 pages × 2 MB:
sysctl -w vm.nr_hugepages=512
Example of setting up the allocation on system boot:
echo 'vm.nr_hugepages = 512' > /etc/sysctl.d/hugepages.conf
Configure Clock Synchronization via the Same NTP Server as for MITIGATOR
The system clocks must be synchronized in order that Collector and MITIGITOR could interoperate correctly. In case of out of sync, such kind of errors may come up:
TsUntil should be in range [1, 1698650171], actual value: 1698650278
Install Docker and Docker Compose
Install Docker from the distributive repositories:
apt install -y docker.io
apt-get install -y docker-engine
dnf install -y docker-ce
Once installed, you need to start and enable Docker service:
systemctl enable --now docker
Install Docker Compose from the official repository and make the binary executable:
curl -L "https://github.com/docker/compose/releases/download/v2.28.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/bin/docker-compose \
&& chmod +x /usr/bin/docker-compose
Install Docker Compose from the official repository and make the binary executable:
Create the Working Directory and Download docker-compose.yml File
mkdir -p /srv/collector && cd /srv/collector
wget https://docs.mitigator.ru/collector/v24.10/dist/docker-compose.yml
Configure the Environment
Create .env
file in /srv/collector
directory with following content:
VERSION=vXX.XX.X
COMPOSE_FILE=docker-compose.yml:docker-compose.vpn.yml
COLLECTOR_HOST_ADDRESS=X.X.X.X
COLLECTOR_VPN_ADDRESS=X.X.X.X
Set VERSION
to a specific Collector version.
Set COLLECTOR_HOST_ADDRESS
to a specific host IP address.
Configure Collector according to Settings.
Login to Docker.mitigator.ru
docker login docker.mitigator.ru
Set up Interaction with MITIGATOR via VPN
In order to interact Collector with MITIGATOR, you need to configure VPN as for all MITIGATOR instances within the cluster.
Install GeoIP Databases
Collector uses GeoLite2
databases in CSV format.
Place the Country and ASN database files in /srv/collector/geolite2
directory:
Process files with the following command:
find geolite2 -name '*.csv' -exec sed -e "s|,\('[^,]\+\)|,\"\1\"|g" -i {} \;
If GeoIP database is added to an already working Collector installation,
remove geolite2
directory with all of its content before deploying the files.
After deploying, restart ClickHouse as follows:docker-compose rm -sf clickhouse && docker-compose up -d clickhouse
Ensure connectivity to the license server
To interact with the license server, the system requires constant connectivity with ls.mitigator.ru via TCP on port 443. Breaking the connection will, after a while, put Collector into drop mode for all incoming flow.
Run Collector
While running Collector using Docker Compose v2, you can see the following warnings, they should be ignored.
WARN[0000] /srv/collector/docker-compose.yml: `version` is obsolete
...
docker-compose up -d
After a month of continuous operation, configure the system according to the DB reduction instruction.