VDCF - Virtual Datacenter Control Framework for the Solaris TM Operating System



Similar documents
VDCF - Virtual Datacenter Control Framework for the Solaris TM Operating System

SuperLumin Nemesis. Administration Guide. February 2011

Spam Marshall SpamWall Step-by-Step Installation Guide for Exchange 5.5

F-SECURE MESSAGING SECURITY GATEWAY

deploying meteor with meteor up

FUJITSU Cloud IaaS Trusted Public S5 Setup and Configure yum Software Package Manager with CentOS 5.X/6.X VMs

IBM WEBSPHERE LOAD BALANCING SUPPORT FOR EMC DOCUMENTUM WDK/WEBTOP IN A CLUSTERED ENVIRONMENT

AlienVault. Unified Security Management 5.x Configuring a VPN Environment

Installing and Configuring vcloud Connector

Syncplicity On-Premise Storage Connector

How To Install An Org Vm Server On A Virtual Box On An Ubuntu (Orchestra) On A Windows Box On A Microsoft Zephyrus (Orroster) 2.5 (Orner)

Using WhatsUp IP Address Manager 1.0

PROXY SETUP WITH IIS USING URL REWRITE, APPLICATION REQUEST ROUTING AND WEB FARM FRAMEWORK OR APACHE HTTP SERVER FOR EMC DOCUMENTUM EROOM

Deployment for Network Proxy in Simpana Environment

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

Required Ports and Protocols. Communication Direction Protocol and Port Purpose Enterprise Controller Port 443, then Port Port 8005

VMware Identity Manager Connector Installation and Configuration

Other documents in this series are available at: servernotes.wazmac.com

1 Basic Configuration of Cisco 2600 Router. Basic Configuration Cisco 2600 Router

TECHNICAL NOTE SETTING UP A STRM UPDATE SERVER. Configuring your Update Server

Create a virtual machine at your assigned virtual server. Use the following specs

This document explains how to enable the SIP option and adjust the levels for the connected radio(s) using the below network example:

NetSpective Global Proxy Configuration Guide

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

Managing the SSL Certificate for the ESRS HTTPS Listener Service Technical Notes P/N REV A01 January 14, 2011

DMZ Secure Proxy Environment setup for IP Forwarding

Apple Remote Desktop Focus on Task Server

LOCKSS on LINUX. CentOS6 Installation Manual 08/22/2013

F-Secure Messaging Security Gateway. Deployment Guide

Integrating SAP BusinessObjects with Hadoop. Using a multi-node Hadoop Cluster

DS License Server. Installation and Configuration Guide. 3DEXPERIENCE R2014x

EMC AVAMAR BACKUP CLIENTS

SOA Software API Gateway Appliance 7.1.x Administration Guide

Appendix D: Configuring Firewalls and Network Address Translation

Acronis Backup & Recovery 11.5 Quick Start Guide

Configuring IBM HTTP Server as a Reverse Proxy Server for SAS 9.3 Web Applications Deployed on IBM WebSphere Application Server

Secure Web Appliance. Reverse Proxy

Semantic based Web Application Firewall (SWAF - V 1.6)

This How To guide will take you through configuring Network Load Balancing and deploying MOSS 2007 in SharePoint Farm.

MIGRATING TO AVALANCHE 5.0 WITH MS SQL SERVER

Ahsay Replication Server v5.5. Administrator s Guide. Ahsay TM Online Backup - Development Department

Biznet GIO Cloud Connecting VM via Windows Remote Desktop

Apache and Virtual Hosts Exercises

Oracle Enterprise Manager Ops Center. Ports and Protocols. Ports and Protocols 12c Release 3 ( )

Load Balancing McAfee Web Gateway. Deployment Guide

Configuring Apache HTTP Server as a Reverse Proxy Server for SAS 9.3 Web Applications Deployed on Oracle WebLogic Server

24x7 Scheduler Multi-platform Edition 5.2

Deploying the BIG-IP System with Oracle E-Business Suite 11i

Cloud.com CloudStack Community Edition 2.1 Beta Installation Guide

INSTALLING KAAZING WEBSOCKET GATEWAY - HTML5 EDITION ON AN AMAZON EC2 CLOUD SERVER

DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access

Monitoring Oracle Enterprise Performance Management System Release Deployments from Oracle Enterprise Manager 12c

Installing and Configuring vcloud Connector

Load Balancing Trend Micro InterScan Web Gateway

DEPLOYMENT OF I M INTOUCH (IIT) IN TYPICAL NETWORK ENVIRONMENTS. Single Computer running I m InTouch with a DSL or Cable Modem Internet Connection

Apache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide. Revised February 28, :32 pm Pacific

Virtual Managment Appliance Setup Guide

HP Device Manager 4.6

Guardian Digital WebTool Firewall HOWTO. by Pete O Hara

How to Configure an Initial Installation of the VMware ESXi Hypervisor

Contents Set up Cassandra Cluster using Datastax Community Edition on Amazon EC2 Installing OpsCenter on Amazon AMI References Contact

How To Set Up A Network Map In Linux On A Ubuntu 2.5 (Amd64) On A Raspberry Mobi) On An Ubuntu (Amd66) On Ubuntu 4.5 On A Windows Box

Immersion Day. Creating an Elastic Load Balancer. Rev

Spectrum Technology Platform Version Tutorial: Load Balancing Spectrum Spatial Services. Contents:

Configuring Business Monitor for Event Consumption from WebSphere MQ

TECHNICAL NOTE. Technical Note P/N REV 03. EMC NetWorker Simplifying firewall port requirements with NSR tunnel Release 8.

Step By Step Guide: Demonstrate DirectAccess in a Test Lab

Web Application Firewall

Ciphermail Gateway Separate Front-end and Back-end Configuration Guide

Application Discovery Manager User s Guide vcenter Application Discovery Manager 6.2.1

EMC Avamar. Backup Clients User Guide. Version REV 02

Quick Start for Network Agent. 5-Step Quick Start. What is Network Agent?

Setting Up SSL on IIS6 for MEGA Advisor

EQUELLA. Clustering Configuration Guide. Version 6.0

Enterprise Deployment of the EMC Documentum WDK Application

Configuring Apache HTTP Server as a Reverse Proxy Server for SAS 9.2 Web Applications Deployed on BEA WebLogic Server 9.2

This section is intended to provide sample configurations and script examples common to long-term operation of a Jive SBS installation.

Integrating CoroSoft Datacenter Automation Suite with F5 Networks BIG-IP

User Guide. Version 3.2. Copyright Snow Software AB. All rights reserved.

Unifying Information Security. Implementing TLS on the CLEARSWIFT SECURE Gateway

Virtual Web Appliance Setup Guide

How to deploy console cable to connect WIAS-3200N and PC, to reset setting or check status via console

DS License Server V6R2013x

Installing and Configuring vcenter Multi-Hypervisor Manager

CYAN Secure Web Microsoft ISA Server Deployment Guide

Comodo MyDLP Software Version 2.0. Installation Guide Guide Version Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013

Copyright 2014 Oracle and/or its affiliates. All rights reserved.

OnCommand Performance Manager 1.1

Pexip Infinity Reverse Proxy Deployment Guide

AVG Business SSO Connecting to Active Directory

LOCKSS on LINUX. Installation Manual and the OpenBSD Transition 02/17/2011

Deployment Guide Oracle Siebel CRM

ZENworks 11 Support Pack 4 Management Zone Settings Reference. May 2016

Configuring Remote HANA System Connection for SAP Cloud for Analytics via Apache HTTP Server as Reverse Proxy

AVG 8.5 Anti-Virus Network Edition

ewon-vpn - User Guide Virtual Private Network by ewons

Load Balancing Clearswift Secure Web Gateway

SolarWinds Log & Event Manager

Transcription:

VDCF - Virtual Datacenter Control Framework for the Solaris TM Operating System VDCF Proxy Version 5.5 17. April 2015 Copyright 2005-2015 JomaSoft GmbH All rights reserved. support@jomasoft.ch VDCF - Proxy 5.5 1 / 11

Table of Contents 1 Introduction... 3 1.1 Overview... 4 1.2 VDCF Proxy... 4 1.2.1 Components... 4 1.2.2 Requirements... 4 2 Installation and Configuration...5 2.1 Installation... 5 2.1.1 Installing VDCF Client Package...5 2.1.2 Installing Apache Reverse Proxy...5 2.1.3 Installing Socks Proxy...5 2.2 Configuration... 6 2.2.1 Configure VDCF...6 2.2.2 Configure Apache Reverse Proxy...6 2.2.3 Configure Dante SOCKS Server 1.4...8 3 Usage... 9 3.1 Node Discover... 9 4 Appendixes... 10 4.1 Firewall Rules... 10 support@jomasoft.ch VDCF - Proxy 5.5 2 / 11

1 Introduction This documentation describes the Proxy features of the Virtual Datacenter Control Framework (VDCF) for the Solaris Operating System and explains how to use this features. See these other documents for further information: VDCF Release Notes for details about the new release VDCF Quick Reference for a short command overview VDCF Installation Solaris 10 for VDCF installation on Solaris 10 VDCF Installation Solaris 11 for VDCF installation on Solaris 11 VDCF Base Administration Guide VDCF vserver Administration Guide VDCF LDom Administration Guide VDCF Resource Management VDCF Monitoring for information about VDCF base usage for information about VDCF vserver usage for information about VDCF LDom usage for information about VDCF Resource Management for information about VDCF Monitoring (HW, Resource, OS) These and all other VDCF documents can be found at: http://www.jomasoft.ch/products/vdcf/docs/ support@jomasoft.ch VDCF - Proxy 5.5 3 / 11

1.1 Overview VDCF Proxy is a feature which allows to use VDCF in different networks without setting up more than one VDCF Management Server and opening multiple ports to all VDCF clients on the firewalls. With VDCF Proxies you have just one entry point to and from the additional network. As per design all OS instances (Console, Node, GDom, vserver) on the same physical node are behind the same proxy. This means the VDCF management Server does use always the same proxy to connect to each of them. This includes the ILOM connection as well. You have to define the proxy only once during discover of the node. All other instances on the same node will inherit this proxy configuration. You can have different networks connected behind the proxy, but OS instances must be able to connect back all to the same IP address which is defined in the proxy configuration file. 1.2 VDCF Proxy 1.2.1 Components VDCF Proxies are based on Socks (V5) and Apache (V2.2) reverse proxy technology. Basically it does only forward traffic to and from VDCF clients to the management server. This makes the proxy very slim and not resource hungry. If you like you may enable or disable caching in the reverse Proxy. By default IPS repository content is cached. 1.2.2 Requirements A VDCF Proxy can run on any Solaris 11 System (Global zone or Non-Global Zone). support@jomasoft.ch VDCF - Proxy 5.5 4 / 11

2 Installation and Configuration 2.1 Installation 2.1.1 Installing VDCF Client Package A VDCF Proxy requires to have the JSvdcf-client package installed including ssh keys from the VDCF management server: Use the URL which is configured on the VDCF Management Server: user@vdcf% vdcfadm -c show_config grep FLASH_WEBSERVER_URL FLASH_WEBSERVER_URL http://192.168.0.2:80 Setup on the VDCF Proxy: root@proxy: $ mkdir /etc/vdcfbuild root@proxy: $ export FLASH_WEBSERVER_URL=http://192.168.0.2:80 root@proxy: $ echo "$FLASH_WEBSERVER_URL" >/etc/vdcfbuild/.mngt_url root@proxy: $ yes pkgadd -d $FLASH_WEBSERVER_URL/pkg/`uname -p`/jsvdcf-client.pkg all To allow ssh communication between VDCF and the Proxy, the ssh key must be deployed using a VDCF client tool. Execute as root on the Proxy: root@proxy: $ /opt/jomasoft/vdcf/client/sbin/update_key -u $FLASH_WEBSERVER_URL Obtaining public key... done. SSH Key updated successfully. 2.1.2 Installing Apache Reverse Proxy root@proxy: $ pkg install apache-22 2.1.3 Installing Socks Proxy Install your preferred Socks Proxy Software. For users of the Dante free SOCKS server 1.4, VDCF includes a tool to generate the required configuration file (Chapter 2.2.3). The Dante SOCKS server is available from https://www.inet.no/dante/ support@jomasoft.ch VDCF - Proxy 5.5 5 / 11

2.2 Configuration 2.2.1 Configure VDCF To enable Proxy usage in VDCF, you have to create the main configuration file, where you define all proxies available to the management server. Add each proxy on a new line in the proxy.cfg file: user@vdcf: $ vi /var/opt/jomasoft/vdcf/conf/proxy.cfg # VDCF Proxy Configuration # ProxyName,SocksIP,WebIP PROXY1,192.168.20.85,192.168.30.85 ProxyName: Defines just a name, which must be given, when using a proxy SocksIP: IP address to which the VDCF management server connects on the proxy WebIP: IP address where VDCF clients connect to when communicating back to the management server To disable proxy functionality, just remove or rename this file. 2.2.2 Configure Apache Reverse Proxy To configure the Apache reverse proxy, there is a configuration tool: root@proxy:~# /opt/jomasoft/vdcf/client/rexec/setup_proxy USAGE: cmdusage [ -hmpcutjien ] The following options are supported: -h issue this message -m apache setup apache reverse proxy [ -p <proxy port> ] port to use for reverse proxy, default is 8888 [ -j <jomasoft repo port> ] port jomasoft repo is listening on, default is 8281 [ -c <webcache dir> ] webcache dir: directory to be used for proxy cache files default is /export/webcache -- or -- -m socks setup socks proxy -i <int_ip> Internal IP (traffic comes in from the VDCF mngt server) -e <ext_ip1>,<ext_ip2>,... List of external IPs (traffic goes out to the VDCF clients) [ -n <netmask> ] Netmask of mngt IP in CIDR format, default is 24 [ -p <socks port> ] port to use, default is 1080 -- or -- -m proxypass add/update additional proxypass definition -u <uri-string> uri to map, i.e. /ips-g0076-mngt-8283/ /ips-g0076-mngt-80/s11u2/ -t <target-url> url to forward request to, i.e. http://192.168.20.76:8283 http://192.168.20.76/s11u2 support@jomasoft.ch VDCF - Proxy 5.5 6 / 11

To create the initial default configuration execute the following command: root@proxy:~# /opt/jomasoft/vdcf/client/rexec/setup_proxy -m apache INFO: Testing connection to http://192.168.0.2:80/pkg/admin INFO: Testing connection to http://192.168.0.2:8281/versions/0/ INFO: Generating Apache config... INFO: Testing Apache config... INFO: Enabling network/http:apache22... INFO: State of network/http:apache22: STATE STIME FMRI online 17:33:37 svc:/network/http:apache22 INFO: Apache config finished This command creates two apache config files and enables the apache server: /etc/apache2/2.2/conf.d/vdcf_proxy.conf /etc/apache2/2.2/conf.d/vdcf_repo_urls base config file (virt. hosts, caching, etc.) URL mappings for repositories The default port of the reverse proxy is 8888. You can change it if required. For AI installation we need a second virt. Host with port 5555. That port can't be changed. As second step, you have to tell the proxy, where the IPS repositories are located. For every IPS repository used to setup systems with VDCF you have to add the mapping to the reverse proxy: root@proxy:~# /opt/jomasoft/vdcf/client/rexec/setup_proxy -m proxypass -u /ips-g0076-mngt-8282/ -t http://192.168.20.76:8282 INFO: Testing connection to http://192.168.20.76:8282/versions/0/ INFO: Adding proxypass for /ips-g0076-mngt-8282/ INFO: Testing Apache config... INFO: Restarting network/http:apache22... INFO: State of network/http:apache22: STATE STIME FMRI online 17:41:34 svc:/network/http:apache22 INFO: Apache config changed It's important to know, that the URL-Pattern has to be defined using this rule: /ips-<repo-hostname>-<repo-port>/<repo-uri> i.e. Repo-Server used in VDCF build: URL-Pattern to define in Proxy: http://g0076-mngt/s11u2 /ips-g0076-mngt-80/s11u2 support@jomasoft.ch VDCF - Proxy 5.5 7 / 11

2.2.3 Configure Dante SOCKS Server 1.4 If you are using the Dante SOCKS Server Version 1.4, you can use the same configuration tool to configure the socks Proxy. You need to give all incoming (internal) and outgoing (external) IP addresses on the command line. Define the IP addresses according the overview picture. The internal address is where the VDCF Management Server is connecting the Proxy. External IP addresses are where the traffic is coming out from the VDCF Proxy to the VDCF clients. This will configure 20.85 as IP for incoming connections from VDCF management server. 20.85 and 30.85 can be used to connect from the Proxy to the VDCF client systems behind the Proxy. root@proxy:~# /opt/jomasoft/vdcf/client/rexec/setup_proxy -m socks -i 192.168.20.85 -e 192.168.20.85,192.168.30.85 INFO: Testing connection to http://192.168.0.2:80/pkg/admin INFO: Generating Sockd config... INFO: Testing Sockd config... INFO: Socks proxy configured support@jomasoft.ch VDCF - Proxy 5.5 8 / 11

3 Usage 3.1 Node Discover To define a proxy for a system, you have to give the proxy name from the config file to the discover command: nodecfg -c discover hostname=192.168.20.55 name=server1 proxy=proxy1 The proxy will be assigned to this node, when adding it to VDCF. Also the console will get the same proxy assigned, when configured for this node. Same applies to all GDoms and vservers, which will be created on this node. They all get the same proxy as the node. support@jomasoft.ch VDCF - Proxy 5.5 9 / 11

4 Appendixes 4.1 Firewall Rules In the picture you can see the connections from and to the VDCF Proxy. If your system environment contains firewalls you may have to define firewall rules. These rules are required for a correct execution of VDCF: a) Firewall rules between Management Server and VDCF Proxy VDCF Management Server Direction VDCF Proxy Comment ssh (port 22) Required for Remote Command Execution Socks (port 1080) Single Port for all traffic to the clients behind the proxy WebServer (port 80) Web server port (can be changed, see VDCF Installation Guide) JomaSoft IPS repository (port 8281) Solaris AI service (port 5555) Solaris 11 only JomaSoft Repository is only used at installation time. Solaris 11 only Used at installation time support@jomasoft.ch VDCF - Proxy 5.5 10 / 11

b) Firewall rules between VDCF Clients behind the Proxy and VDCF Proxy VDCF Proxy Direction VDCF Client Comment ssh (port 22) Required for Remote Command Execution icmp ping Check for availability (optional) WebServer (port 5555) Reverse Proxy Port for Mapping to VDCF IPS repository (port 8888) c) Other Firewall rules Solaris 11 only Reverse Proxy Port for Mapping to IPS IPS repository server Direction VDCF Proxy Comment Solaris IPS repositories (Repo server port) Solaris 11 only Solaris Repositories are used for installation and upgrade. You may have multiple repositories on the VDCF management server or on another Solaris system. support@jomasoft.ch VDCF - Proxy 5.5 11 / 11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information