Cloud Control Panel (CCP) Installation Guide



Similar documents
IIS, FTP Server and Windows

Cloud Control Panel (CCP) Billing User Guide

Unifying Information Security. Implementing TLS on the CLEARSWIFT SECURE Gateway

Customer Tips. Xerox Network Scanning HTTP/HTTPS Configuration using Microsoft IIS. for the user. Purpose. Background

F-Secure Messaging Security Gateway. Deployment Guide

PaperClip. em4 Cloud Client. Manual Setup Guide

Introduction to Mobile Access Gateway Installation

Scan to Quick Setup Guide

Using Internet or Windows Explorer to Upload Your Site


NAS 109 Using NAS with Linux

CASHNet Secure File Transfer Instructions

Clearswift Information Governance


SmartFiler Backup Appliance User Guide 2.0

Fasthosts Internet Parallels Plesk 10 Manual

Avalanche Remote Control User Guide. Version 4.1.3

Installing and Configuring vcenter Support Assistant

Installing and Configuring vcloud Connector

WHM Administrator s Guide

QuickStart Guide for Mobile Device Management

Backup & Restore Guide

SevOne NMS Download Installation and Implementation Guide

Virtual Appliance Setup Guide

Plesk 11 Manual. Fasthosts Customer Support

CTERA Portal Datacenter Edition

Web Application Firewall

QuickStart Guide for Mobile Device Management. Version 8.6

Windows Azure Pack Installation and Initial Configuration

Getting Started With Your Virtual Dedicated Server. Getting Started Guide

QUICK START GUIDE. Cisco C170 Security Appliance

Tutorial: Using HortonWorks Sandbox 2.3 on Amazon Web Services

Install and Configure Oracle Outlook Connector

EMC Data Domain Management Center

ECA IIS Instructions. January 2005

1. Open the preferences screen by opening the Mail menu and selecting Preferences...

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

CLOUD INFRASTRUCTURE VIRTUAL SERVER (SHARED) USER GUIDE

White Paper. Installation and Configuration of Fabasoft Folio IMAP Service. Fabasoft Folio 2015 Update Rollup 3

Cox Managed CPE Services. RADIUS Authentication for AnyConnect VPN Version 1.3 [Draft]

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates

How to configure your Desktop Computer and Mobile Devices post migrating to Microsoft Office 365

Install and configure SSH server

RBackup Server Installation and Setup Instructions and Worksheet. Read and comply with Installation Prerequisites (In this document)

VMware vcenter Support Assistant 5.1.1

MobileStatus Server Installation and Configuration Guide

VMware vcenter Log Insight Getting Started Guide

How To Set Up A Backupassist For An Raspberry Netbook With A Data Host On A Nsync Server On A Usb 2 (Qnap) On A Netbook (Qnet) On An Usb 2 On A Cdnap (

Administrator Guide. v 11

QuickStart Guide for Managing Mobile Devices. Version 9.2

SOA Software API Gateway Appliance 7.1.x Administration Guide

F-Secure Internet Gatekeeper Virtual Appliance

DreamFactory on Microsoft SQL Azure

Testing and Restoring the Nasuni Filer in a Disaster Recovery Scenario

Sophos UTM Software Appliance

Zend Server Amazon AMI Quick Start Guide

WebSpy Vantage Ultimate 2.2 Web Module Administrators Guide

Quick Start Guide. Sendio System Protection Appliance. Sendio 5.0

NeoMail Guide. Neotel (Pty) Ltd

HGC SUPERHUB HOSTED EXCHANGE

Preparing for GO!Enterprise MDM On-Demand Service

BlackBerry Enterprise Service 10. Version: Configuration Guide


etoken Enterprise For: SSL SSL with etoken

Getting Started With Your Virtual Dedicated Server. Getting Started Guide

Tips for getting started! with! Virtual Data Center!

Sophos Mobile Control Installation guide. Product version: 3.5

Sophos Mobile Control Installation guide

CycleServer Grid Engine Support Install Guide. version 1.25

SmartFiler Backup Appliance User Guide 2.1

Parallels Plesk Panel 11 for your Linux server

Using Microsoft Expression Web to Upload Your Site

Configuring Devices for Use with Cisco Configuration Professional (CCP) 2.5

NSi Mobile Installation Guide. Version 6.2

Converting Prospects to Purchasers.

MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # )

TSM for Windows Installation Instructions: Download the latest TSM Client Using the following link:

Parallels Plesk Panel User Guide

42goISP Documentation

USER CONFERENCE 2011 SAN FRANCISCO APRIL Running MarkLogic in the Cloud DEVELOPER LOUNGE LAB

Bitrix Site Manager ASP.NET. Installation Guide

Exchange Outlook Profile/POP/IMAP/SMTP Setup Guide

Jim2 ebusiness Framework Installation Notes

Getting Started Guide. Getting Started With Your Dedicated Server. Setting up and hosting a domain on your Linux Dedicated Server using Plesk 8.0.

Protected Trust Setup Guide for Brother MFC Devices

Livezilla How to Install on Shared Hosting By: Jon Manning

Copyright 2013, 3CX Ltd.

Dashboard Admin Guide

Acano solution. Virtualized Deployment R1.1 Installation Guide. Acano. February B

DVS-100 Installation Guide

Protected Trust Journaling Guide. Privacy Security Compliance

Installing The SysAidTM Server Locally

SafeCom Smart Printing Administrator s Quick Guide

Sophos Mobile Control Installation guide. Product version: 3

VMware Identity Manager Connector Installation and Configuration

Testing and Restoring the Nasuni Filer in a Disaster Recovery Scenario

How to Pop to Outlook

Secure Web Service - Hybrid. Policy Server Setup. Release Manual Version 1.01

Sentral servers provide a wide range of services to school networks.

SSH and Basic Commands

Transcription:

Cloud Control Panel (CCP) Installation Guide Version 3.2.0: 17.05.12 Copyright 2012 DNS Europe Ltd. All rights reserved. Cloud Control Panel (CCP) Installation Guide v3.2.0

Table of Contents Table of Contents 2 Introduction 3 Audience 3 Prerequisites 3 Purpose 3 Application Description 4 Minimum Requirements 4 Installation 5 1. Assign each component an IP address, host name and other appliance-based properties 5 2. Start the Application 6 3. Exchange SSH keys for the web user with the grid controller 6 4. Configure CCP scripts 7 5. Copy licenses 8 6. Configure the CCP to access external SMTP server 8 7. Configuring SSH keys (option) 9 8. Firewall considerations 9 9. Attempt to log into the control panel 10 2

Introduction Welcome to the DNS Europe Cloud Control Panel (CCP) Installation Guide Audience CCP administrators who are responsible for installing, configuring and maintaining the CCP. An intermediate competency with Linux operating systems is required, as is an understanding of core Internet technologies like DNS and TCP/IP. Prerequisites Before attempting to use this manual, please ensure you have received your Welcome Mail containing the access details to your Private Cloud and your CCP license file. All DNS Europe private Clouds are provisioned with a copy of the CCP by default. If you are installing the CCP on your own Private Cloud, please ensure the CCP Application is present on your Private Cloud. Instructions for importing the CCP application to your Private Cloud are in your Welcome Mail. You will also need the following information & resources: 4 free public IP addresses for use with the four components of the CCP application A valid hostname configured for each of the 4 IP addresses (e.g. oracle.mydomain. com) Browser pop-ups disabled for your private cloud hostname or IP address of your Private Cloud Root access to your Private Cloud controller. By default, AppLogic 3tshell is the default login for customers. If you do not have root access, contact your grid maintainers Admin access to your Backbone Fabric Controller (BFC) Purpose The purpose of this document is to guide you through the initial installation of the CCP application and two example Cloud Server templates. Once the CCP application is running and the templates are installed, you will use the CCP Admin Guide to further configure it. 3

Application Description Figure 1. The architecture of the CCP application There are four components that comprise the CCP application (ccp-xe_v3-2-0): COREAS - The engine of the application that handles queuing, scheduling and command execution EUAS - The end-user control panel interface ADAS - The administrator control panel interface ORAS - The Oracle database server that powers the application Besides those four, there are additional components that have the following functions: INEU, which is input gateway to end-user control panel interface INAD, which is input gateway to administrator control panel interface NFS, which is a storage component that holds licenses, ssh keys etc NETGW, which is an output gateway for some components of the application, for their exit to Internet FTP, which is intended to give administrators a standard way to access their control panel for the purpose of uploading license, ssh keys, logos etc Minimum Requirements Please ensure you have the following free resources available on your private cloud: 1.6 CPU core 3GB RAM 50GB storage 4

Installation 1. Assign each component an IP address, host name and other appliance-based properties 1. Open the AppLogic GUI 2. Right click on the application called ccp-xe_v3-2-0 3. Under the Application menu item, select Configure 4. Select the Security tab and add your username to the Owner and Permissions fields 5. Click OK 6. Click on the application called ccp-xe_v3-2-0 7. Select the Property Values tab For ineu_ip_addr enter a free, public IP address you want to assign to the INEU component. This is the IP address that you will use to access end-user control panel For inad_ip_addr enter a free, public IP address you want to assign to the INAD component. This is the IP address that you will use to access the Administrator s control panel. Do not use this IP address for any other purpose For netgw_ip_addr enter a free, public IP address you want to assign to the NETGW component. This is the IP address that you will use to access content on the Internet. Do not use this IP address for any other purpose For ftp_ip_address enter one of your free, public IP address you want to assign to the FTP component. Do not use this IP address for any other purpose For ftp_password enter an FTP password to be used by the FTP component. The username is administrator For netmask, gateway, dns1 and dns2 enter the appropriate network parameters for your specific grid. You should see these values on your grid dashboard For api_allow enter IP address or networks that you want to explicitly allow to access the API functions (comma separated list of IP addresses or networks). By default (0.0.0.0/0), API functions are accessible from any IP address. In cts_allow, enter IP addresses of the external grid controllers that you want to allow to access to the COREAS component. This allows you to use your metering API. If you leave the default of 0.0.0.0/0, then any external grid controller 5

can access the CCP, as long as it has network access over port 8082 to the INA component. For admin_allow enter IP addresses or networks that you wan to explicitely allow to connect to the Administrator Control Panel and ADAS component (comma separated list of IP addresses or networks). If you leave the default of 0.0.0.0/0, then everybody can access the administrator inteface of the CCP. This however would be a serious security risk. Click OK 8. Save your settings and exit 2. Start the Application You are now ready to start the application. 1. Open the AppLogic GUI 2. Right click on the application ccp-xe_v3-2-0 and select Start 3. Exchange SSH keys for the web user with the grid controller Now we will configure the grid controller and CCP to communicate by installing the required encryption keys. 1. Open the AppLogic GUI 2. Click on the application ccp-xe_v3-2-0 3. Right click on the component COREAS 4. Select Login 5. This will pop up a shell prompt window 6. Issue the following commands: Type su - web and press enter Verify that you are in /home/web folder by typing pwd Type ssh-keygen and press enter 4 times without typing anything (leave all the values at default) Copy your generated private and public keys (id_rsa, id_rsa.pub) to /mnt/coreas by typing: cp /home/web/.ssh/id_rsa /home/web/.ssh/id_rsa.pub /mnt/coreas. This will save the necessary files for future CP updates 7. Save the content of the file /home/web/.ssh/id_rsa.pub to a text file on your computer. The file should be named id_rsa.pub. 6

Log into the BFC web interface and: Click on Grids in the left navigation menu Select the desired Grid and click on the Grid Actions drop menu on the right, select Manage SSH Keys Tick Add SSH Kyes In the SSH Key File browse for the file id_rsa.pub from the location where you saved it on your computer. Click the push keys button and wait for 30 seconds The CCP components and the Grid controller have now exchanged keys and can communicate with each other. You must issue following commands, to complete the certificate exchange process: Right click to the component COREAS and select Login Type su - web and press enter Type ssh root@your_controller_ip 3t app list If you receive question Are you sure you want to continue connecting (yes/ no)? type Yes and press Enter. Copy known_hosts file by typing cp /home/web/.ssh/known_hosts /mnt/coreas. You should see a list of all applications from your Private Cloud. 4. Configure CCP scripts We now need to modify several scripts with unique information about your Private Cloud. These scripts are part of AppLogic and should be modified with great care. 1. Login to your Grid controller from Putty or Linux by issuing ssh root@controller_ip 2. DO NOT GO TO 3tshell 3. Edit the file: /usr/local/applogic/scripts/nfy/nfy_app_state_changed.sh and add the following line after # *** things to do prior on an application state change should be added here ***, before # exit : MYARGS= gridname=<name_of_grid>&appname=$name&old_status=$old_ state&new_status=$new_state /usr/bin/curl --insecure --connect-timeout 2 https://adas_public_ ip:8082/system/scripts/update_status.php?$myargs 1>/dev/null 2>/ dev/null 4. Edit the file: /usr/local/applogic/scripts/nfy/nfy_comp_state_changed.sh and add the following line after # *** things to do prior on an application state change should be added here ***, before # exit : 7

MYARGS= gridname=<name_of_grid>&appname=$app&compname=$comp&srvname =$srv&old_status=$old_state&new_status=$new_state /usr/bin/curl --insecure --connect-timeout 2 https://adas_public_ ip:8082/system/scripts/comp_update_status.php?$myargs 1>/dev/null 2>/dev/null NOTE: adas_public_ip is the public IP address that you have given to your INAD component, and which you will use to access the administrators control panel. If you have set-up your DNS zone properly with this IP address, you can use the hostname instead of an IP address. NOTE: <NAME_OF_GRID> should be replaced with correct name of the Grid that is imported in CCP. 5. Copy licenses Now you will need to copy the CCP license (ccp-license.txt), received with your welcome mail, to the appropriate locations. 1. Use an FTP client to the FTP component, using the IP address you have previously given it. Use administrator as a username and the password you used in the application properties setup dialog 2. Upload your license file to the /licenses folder Your licences have now been installed. 6. Configure the CCP to access external SMTP server In order to enable sending of notification emails from the CCP application you must configure certain SMTP mail server parameters which are located in a configuration file. To access the configuration file, login via FTP to your CCP application, change directory to: /coreas/ and open configccp.ini in your preferred text editor. The debug section of the ini file should contain your mail server settings: [debug] send_debug_emails = false smtp_server = smtp.example.com smtp_server_port = 25 smtp_secure_type = smtp_server_auth = off ;true false set to true if you want to allow sending of the debug emails to the Dnseurope development team ;SMTP server host ;set the SMTP port for the server ;empty ssl tls ;off on 8

smtp_username = smtp_password = ;smtp account username if smtp_server_auth is on ;smtp account password if smtp_server_auth is on smtp_from_email = notification@example.com 7. Configuring SSH keys (option) For secure access to both administrative panels (end-user and administrator, EUAS/ ADAS) through a web browser, you need a secure channel for communication. This is why two SSL certificates are needed, one for each of the components. They should be regular Apache/mod_ssl type, with key size of 2048 bytes, and should be PEM encoded. You should obtain them from a valid Certificate Authority (CA), or you can create a selfsigned certificates for a test environment. Either way, you have to create a valid certificate-signing request, which will hold the correct data for both of administrative panels, most important being the full hostname for these components, for example euas.mydomain.com and adas.mydomain.com. If you acquire the certificates from a CA or you self-sign them, and they are two separate files, like cert.key and cert.crt, you can convert them to one PEM encoded certificate by simply appending one to another. The CCP requires that the key for EUAS is named EUAS.pem, and for ADAS is named ADAS.pem. Finally, when they are in proper format and have proper names, you simply upload them to the FTP component and put them in the /sslkeys folder. For test purposes, DNSE will leave a pair of certificates already present so that you can test the control panel, but you should replace them with your own as soon as you start using the CCP in a production environment. 8. Firewall considerations We strongly recommend that you configure your external firewall rules to restrict access with the following rule-set: INAD should be accessible on ports 80 and 443 (http/https) for admin panel access, on port 8000 for access to ADAS component, and on port 8082 for access to COREAS component If you do not plan to use external access through our API to ADAS or COREAS, you may leave ports 8000 and/or 8082 closed on your firewall INEU should be available for all customers on port 80 and 443 (http/https) 9

9. Attempt to log into the control panel 1. Navigate to the following URL: https://<adas_public_ip> 2. Attempt to log in using the default username and password (username : admin / password : admin123 ) If you have successfully installed the CCP, you should be presented with the Dashboard page. You may now proceed to configure your CCP with the Admin User Guide. If you are unable to log in for any reason, review your steps, then contact support@dnsurope.net 10

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information