CliQr is now part of Cisco Learn More About Cisco

CloudCenter Setup Using Appliances

Overview

Cisco provides two options to install and setup CloudCenter:

  • Installers:  
    • Available for ALL components on all supported clouds.
    • See Installation Approach for additional context on using installers.
  • Appliances: 
    • Component files are provided by Cisco.
    • Specific images modes are tailored for some cloud providers.
    • Available for some components on Amazon, OpenStack, and VMware clouds.
    • This page provides additional details on using appliances

Availability

Major CloudCenter releases include appliances for the following components and cloud providers. Cisco builds these appliances on CentOS 7.x base images.

Cloud

CCM

CCO

AMQP

Monitor

Worker

Amazon

AMI

AMI

AMI

AMI

AMI

OpenStack

QCOW2

QCOW2

QCOW2

QCOW2

QCOW2

VMware

OVA

OVA

OVA

OVA

OVA

You can download these files from software.cisco.com to the /tmp folder. See Installation Overview > Installation Download Details for additional context.

General Appliance Approach

To setup up CloudCenter using appliances, follow this process.

  1.  Prepare Infrastructure

    Prepare Infrastructure

    To prepare infrastructure for the appliance approach, follow this process.

    1. Import Images.

      Cloud

      Details

      Amazon

      Obtain launch permissions for the AWS account by sending and email to the cloudcenter-ami-request mailer list.

      OpenStack

      Import the QCOW2 image file for each component.

      VMware

      Create a folder named CliqrTemplates and import the OVA file for each component.

    2. Launch Instances.
      1. Create instances for each component using the imported/shared appliance images.
      2. Requirements:
        1. One CCM and Monitor is required for each CloudCenter setup.

          Icon

          As a worker image is defined in the CCM, you do not need to launch an instance for this component.

        2. One AMQP and CCO are required for each cloud region.
    3. Setup hostname – For all launched virtual machines, update the hostname. Choose a hostname that matches the Role. For example:

      Example
      Icon

      Changing the hostname after you install and configure a component may cause unknown issues.

    4. Setup the hostname resolution – Once you update the hostname, ensure that the VM host name is resolvable by running the following command
      1. hostname -i
      2. If the VM name is not resolvable, edit the file /etc/hosts and add your VM’s hostname.
        For example:

        Example
    5. Network routing loopback:
      • Refers to deployed CCMs that are running behind the Network Address Translation (NAT).
      • This setup places a restriction on machines from internal networks to ensure that they do not use an external IP to access the CCM.
      • To address this restriction, you must add a line to the CCO and AMQP server's /etc/hosts file and include the internal private IP of the CCM. For example: If the CCM DNS name is ccm.example.com and it is behind a NAT, and the internal private IP address is 192.168.20.5 and its external public IP address is 54.16.20.5, then enter the following line in the local /etc/hosts file:

        Example
        Icon

        When configuring the CCM, the hostname used above (ccm.example.com) must match what you configure as the Public DNS while configuring CCM.

    Create the CloudCenter Descriptor JSON File

    Once you have set up the infrastructure for all the CloudCenter components, create a CloudCenter Descriptor JSON file that lists all the CloudCenter components with their modes and the IP address that correspond to infrastructure elements for each mode and role. This descriptor file is used in Phase 3: Perform Network Compliance Check.

    Icon

    The overall file structure will depend on factors like modes of various components, number of cloud regions, use of conditional/optional components and repos etc. Also, the region names used in the file should be unique, but do not need to match up with any cloud or datacenter names. These strings are merely used to perform network compliance checks and report results.

    This is a sample descriptor files based on a common combination of component modes.

    Descriptor File Sample
  2.  Configure Network Rules

    Configure Network Rules

    Icon

    Effective CloudCenter 4.7.0, you can additionally configure standalone CCM and Database appliances to ensure high availability configuration using appliances. See HA Best Practices for additional details on high availability.

     CCM Network Rules

    CCM Network Rules                                                                                                                                       

     CCM

    CCM Ports

    Port

    Direction

    Remote Source

    Notes

    80

    Ingress (optional)

    0.0.0.0/0 (or appropriate IP address range for user browsers that are allowed to access)

    For HTTP to HTTPS redirection.

    Egress0.0.0.0/0To download installer or appliance packages.

    443      

    Egress0.0.0.0/0To download installer or appliance packages.

    Ingress

    0.0.0.0/0 (or appropriate IP address range for user browsers that are allowed to access)

    For UI/API access.

    22

    Ingress (optional)

    Allowed SSH source IP

    For troubleshooting purposes.

    5671Ingress/Egress (optional)ESB API CommunicationFor two-way communication with the ESB AMQP module in the CCM. This port must be open if you need to establish programmatic access to the AMQP module – only required if you use the ESB functionality.
    15672Ingress/Egress (optional)ESB UI CommunicationFor two-way communication with the ESB AMQP module in the CCM. This port must be open if you need to establish access to the AMQP module from the AMQP UI – only required if you use the ESB functionality.

    8443

     

    Ingress

    • CCO or
    • CCO_LB

    For two-way communication between the CCO and CCM VMs.

    Icon

    Required for all Cloud Regions supported by your CloudCenter deployment.

    Egress

    • CCO or
    • CCO_LB 

    Ingress (optional)

    • MON or
    • MON_PRIMARY and  MON_SECONDARY 

    For two-way communication between the Monitor CM and the CCM VM.

    Egress (Optional)

    • MON or
    • MON_LB 

    Ingress

    • AMQP_IP or
    • AMQP_LB

    For Web SSH/VNC through Guacamole.

     CCM_SA

    CCM_SA Ports                                                                                                                                                 

    Port

    Direction

    Remote Source

    Notes

    80

    Ingress (optional)

    0.0.0.0/0 (or appropriate IP address range for user browsers that are allowed to access)

    For HTTP to HTTPS redirection.

    Egress0.0.0.0/0To download installer or appliance packages.

    443      

    Egress0.0.0.0/0To download installer or appliance packages.

    Ingress

    0.0.0.0/0 (or appropriate IP address range for user browsers that are allowed to access)

    For UI/API access.

    22

    Ingress (optional)

    Allowed SSH source IP

    For troubleshooting purposes.

    5671Ingress/Egress (optional)ESB API CommunicationFor two-way communication with the ESB AMQP module in the CCM. This port must be open if you need to establish programmatic access to the AMQP module – only required if you use the ESB functionality.
    15672Ingress/Egress (optional)ESB UI CommunicationFor two-way communication with the ESB AMQP module in the CCM. This port must be open if you need to establish access to the AMQP module from the AMQP UI – only required if you use the ESB functionality.

    8443

     

    Ingress

    • CCO or 
    • CCO_LB

    For two-way communication between the CCO and CCM VMs.

    Egress

    • CCO or
    • CCO_LB

    Ingress (optional)

    • MON or 
    • MON_PRIMARY & MON_SECONDARY

    For two-way communication between Monitor VM and the CCM VM.

    Egress (Optional)

    • MON or
    • MON_LB

    Ingress

    • AMQP or
    • AMQP_LB

    For Web SSH/VNC through Guacamole.

      5432

    Egress

    MGMTPOSTGRES

    For communication to the database.

     MGMTPOSTGRES

    MGMTPOSTGRES Ports

    Port

    Direction

    Remote Source

    Notes

    80Egress0.0.0.0/0To download installer or appliance packages.
    443Egress0.0.0.0/0To download installer or appliance packages.

    22

    Ingress (Optional)

    Allowed SSH source IP

    For troubleshooting purposes.

    5432  

    Ingress 

    CCM_SA

    For incoming connection from a CCM standalone VM.

     MGMTPOSTGRES_MASTER and MGMTPOSTGRES_SLAVE

    MGMTPOSTGRES_MASTER and MGMTPOSTGRES_SLAVE Ports

    Port

    Direction

    Remote Source

    Notes

    22

    Ingress (Optional)

    Allowed SSH source IP

    For troubleshooting purposes.

    Ingress/EgressMGMTPOSTGRES_MASTER, MGMTPOSTGRES_SLAVEFor static file sync between the MGMTPOSTGRES master and slave VMs.
    80Egress0.0.0.0/0To download installer or appliance packages.
    443Egress0.0.0.0/0To download installer or appliance packages.

    5432

    Ingress 

    CCM_SA_PRIMARY, CCM_SA_SECONDARY

    For incoming connection from the CCM standalone VM.

    Ingress/Egress

    MGMTPOSTGRES_MASTER, MGMTPOSTGRES_SLAVE

    For communication between master and slave database VMs.

    5405

    (UDP)

    Ingress/Egress

    MGMTPOSTGRES_MASTER, MGMTPOSTGRES_SLAVE

    2224

    Ingress/Egress

    MGMTPOSTGRES_MASTER, MGMTPOSTGRES_SLAVE

    For Pacemaker clustering between both database VMs to ensure high availability.

     

     

    3121

    Ingress/Egress

    MGMTPOSTGRES_MASTER, MGMTPOSTGRES_SLAVE

    21064

    Ingress/Egress

    MGMTPOSTGRES_MASTER, MGMTPOSTGRES_SLAVE

     CCM_SA_PRIMARY and CCM_SA_SECONDARY

    CCM_SA_PRIMARY and CCM_SA_SECONDARY Ports

    Port

    Direction

    Remote Source

    Notes

    80Egress0.0.0.0/0To download installer or appliance packages.

    443

     

    Ingress

    CCM_LB

    For incoming connection from the CCM load balancer VM.

    Egress0.0.0.0/0To download installer or appliance packages.

    22

    Ingress (Optional)

    Allowed SSH source IP

    For troubleshooting purposes.

    Ingress/Egress

    • CCM_SA_PRIMARY or
    • CCM_SA_SECONDARY

    For static file sync between the CCM Primary and Secondary VMs.

    8443

     

     

     

     

    Ingress

    CCM_LB

    For incoming connection from CCM load balancer VM.

    Egress

    • CCO or
    • CCO_LB

    For communication to the CCO VMs.

    Egress (Optional)

    • MON or
    • MON_LB

    For communication to Monitor VMs.

    5671Ingress/Egress (optional)ESB API CommunicationFor two-way communication with the ESB AMQP module in the CCM. This port must be open if you need to establish programmatic access to the AMQP module – only required if you use the ESB functionality.
    15672Ingress/Egress (optional)ESB UI CommunicationFor two-way communication with the ESB AMQP module in the CCM. This port must be open if you need to establish access to the AMQP module from the AMQP UI – only required if you use the ESB functionality.

    5703

    Ingress/Egress

    • CCM_SA_PRIMARY or
    • CCM_SA_SECONDARY

    For internal implementation to handle data in HA.

    5432

    Egress

    • MGMTPOSTGRES or
    • MGMTPOSTGRES_VIP

    For communication to the database.

     CCM_LB

    CCM_LB Ports

    Port

    Direction

    Remote Source

    Notes

    22

    Ingress (optional)

    Allowed SSH source IP

    For troubleshooting purposes.

    80

    Ingress (optional)

    0.0.0.0/0 (or appropriate IP address range for user browsers that are allowed to access)

    For HTTP to HTTPS redirection.

    Egress0.0.0.0/0To download installer or appliance packages.

    443      

     

    Egress0.0.0.0/0To download installer or appliance packages.

    Ingress

    0.0.0.0/0 (or appropriate IP address range for user browsers that are allowed to access)

    For UI/API access.

    Egress

    CCM_SA_PRIMARY and CCM_SA_SECONDARY

    For communication with CCM primary and secondary VMs.

    8443

     

    Egress

    CCM_SA_PRIMARY and CCM_SA_SECONDARY

    For communication with CCM primary and secondary VMs.

    Ingress

    • CCO or
    • CCO_LB

    For communication from the CCO VM.

    Ingress (optional)

    • MON or
    • MON_PRIMARY and MON_SECONDARY

    For communication from the Monitor VM.

    Ingress

    • AMQP or
    • AMQP_LB

    For Web SSH/VNC through Guacamole.

     AMQP Network Rules

    AMQP Network Rules                                                                                                                                        

     AMQP

    AMQP Ports

    Port

    Direction

    Remote Source

    Notes

    22

    Ingress (optional)

    Allowed SSH source IP

    For troubleshooting purposes.

    5671

    Ingress

    • CCO or
    • CCO_LB
    • Worker VM IP Range

    For communication from the CCO VM and from launched VMs.

    7789

    Ingress

    Worker VM IP Range

    For SSH/VNC access of launched VMs. Done through reverse proxy for loop back connection.

    7788

    Ingress/Egress

    • AMQP or
    • AMQP_PRIMARY, AMQP_SECONDARY, and AMQP_LB

    For SSH/VNC access of launched VMs. Done through reverse proxy. Done through reverse proxy for loop back connection.

    443

    Ingress

    0.0.0.0/0 (or appropriate IP address range for user browsers that are allowed to access)

    For SSH/VNC and RDP access of launched VMs.

    8443

    Egress

    • CCM or CCM_SA or CCM_LB
    • CCO or CCO_LB

    For SSH/VNC access of launched VMs. Guacamole server on AMQP VM communicates to the CCM and CCO VMs via this port.

     AMQP_PRIMARY and AMQP_SECONDARY

    AMQP_PRIMARY and AMQP_SECONDARY Ports

    Port

    Direction

    Remote Source

    Notes

    22

    Ingress (optional)

    Allowed SSH source IP

    For troubleshooting purposes.

    5671

    Ingress

    • CCO or CCO_LB
    • Worker VM IP Range

    For communication from the CCO VM and from launched VMs

    7789

    Ingress

    Worker VM IP Range

    For SSH/VNC access of launched VMs. Done through reverse proxy for loop back connection.

    7788

    Ingress/Egress

    • AMQP or
    • AMQP_LB

    For SSH/VNC access of launched VMs. Done through reverse proxy for loop back connection.

    443

    Ingress

    0.0.0.0/0 (or appropriate IP address range for user browsers that are allowed to access)

    For SSH/VNC and RDP access of launched VMs.

    8443

    Egress

    • CCM or CCM_SA or CCM_LB
    • CCO or CCO_LB

    For SSH/VNC access of launched VMs. Guacamole server on AMQP communicates to CCM and CCO on this port.

    4369

    Ingress/Egress

    AMQP_PRIMARY and AMQP_SECONDARY

    For communication between AMQP primary and secondary VMs.

    25672

    Ingress/Egress

    AMQP_PRIMARY and AMQP_SECONDARY

    For communication between AMQP primary and secondary VMs.

     AMQP_LB

    AMQP_LB Ports

    Port

    Direction

    Remote Source

    Notes

    22

    Ingress (optional)

    Allowed SSH source IP

    For troubleshooting purposes.

    5671

    Ingress

    • CCO or
    • CCO_PRIMARY, CCO_SECONDARY, CCO_TERTIARY, and CCO_LB
    • Application (Worker) VM IP range

    For communication from the CCO VM and from launched VMs.

    7789

    Ingress

    Worker VM IP Range

    For SSH/VNC access of launched VMs. Done through reverse proxy for loop back connection.

    7788

    Ingress

    • AMQP or
    • AMQP_PRIMARY, AMQP_SECONDARY, and AMQP_LB

    For SSH/VNC access of launched VMs. Done through reverse proxy for loop back connection.

    443

    Ingress

    0.0.0.0/0 (or appropriate IP address range for user browsers that are allowed to access)

    For SSH/VNC access of launched VMs. Done through reverse proxy.

     CCO Network Rules

    CCO Network Rules                                                                                            

     CCO Ports

    CCO Ports                                                                                                        

    Port

    Direction

    Remote Source

    Notes

    8443   

    Ingress/
    Egress

    • CCM or
    • CCM_SA or
    • CCM_SA_PRIMARY and CCM_SA_SECONDARY
    • Monitor

    For two-way communication between the CCO and CCM VMs.

    22

    Ingress (optional)

    Allowed SSH source IP

    For troubleshooting purposes.

    Egress0.0.0.0/0To download installer or appliance packages.
    443Egress0.0.0.0/0To download installer or appliance packages.

    All

    Egress (Conditional)

    Cloud Region EndPoints, Script Sources

    For cloud region endpoint access and for downloading scripts/packages defined in external services.

    2375

    Egress (Conditional)

    • Only for CloudCenter 4.6.x and earlier
    • Not used for CloudCenter 4.7.x and later

    EXT_SCRIPT_EXECUTOR

    For Docker container engine access to execute external scripts.

    2376Egress (Conditional)
    • Only for CloudCenter 4.7.x and later
    • Not used for CloudCenter 4.6.x and earlier
    EXT_SCRIPT_EXECUTORFor Docker container engine access to execute external scripts.

     CCO_PRIMARY/SECONDARY/TERTIARY

    CCO_PRIMARY, SECONDARY, and TERTIARY Ports                                    

    Port

    Direction

    Remote Source

    Notes

    8443   

    Ingress/
    Egress

    • CCO_LB
    • Monitor

    For two-way communication between the CCO and CCM VMs.

    22

    Ingress (optional)

    Allowed SSH source IP

    For troubleshooting purposes.

    80Egress0.0.0.0/0To download installer or appliance packages.
    443Egress0.0.0.0/0To download installer or appliance packages.

    All

    Egress (Conditional)

    Cloud Region EndPoints, Script Sources

    For cloud region endpoint access and for downloading scripts/packages defined in external services.

    2375

    Egress (Conditional)

    • Only for CloudCenter 4.6.x and earlier
    • Not used for CloudCenter 4.7.x and later

    EXT_SCRIPT_EXECUTOR

    For Docker container engine access to execute external scripts.

    2376

    Egress (Conditional)

    • Only for CloudCenter 4.7.x and later
    • Not used for CloudCenter 4.6.x and earlier
    EXT_SCRIPT_EXECUTOR

    For Docker container engine access to execute external scripts.

    5701

    Ingress/Egress

    CCO_PRIMARY
    CCO_SECONDARY
    CCO_TERTIARY

    For internal implementation to handle data in HA.

    27017

    Ingress

    CCO_PRIMARY
    CCO_SECONDARY
    CCO_TERTIARY

    For the MongoDB connection
     CCO_LB

    CCO_LB Ports                                                                                             

    Port

    Direction

    Remote Source

    Notes

    22

    Ingress (optional)

    Allowed SSH source IP

    For troubleshooting purposes.

    80Egress0.0.0.0/0To download installer or appliance packages.
    443Egress0.0.0.0/0To download installer or appliance packages.

    8443

    Ingress

    • CCM or
    • CCM_SA or
    • CCM_PRIMARY, CCM_SECONDARY

    For communication to the CCO from the CCM VMs.

    Egress

    • CCO or
    • CCO_PRIMARY, CCO_SECONDARY,  and CCM_TERTIARY
    • Monitor

    For communication to CCO VMs from the CCO load balancer.

     Monitor Network Rules

    Monitor Network Rules                                                                                                                                      

     MON Ports

    MON Ports

    Port

    Direction

    Remote Source

    Notes

    22

    Ingress (optional)

    Allowed SSH source IP

    For troubleshooting purposes.

    80Egress0.0.0.0./0To download installer or appliance packages.
    443Egress0.0.0.0/0To download installer or appliance packages.
    4560Ingress
    • CCM_IP or
      CCM_PRIMARY_IP and  CCM_SECONDARY_IP
    • CCO_IP or
      CCO_PRIMARY_IP, CCO_SECONDARY_IP, and CCO_TERTIARY_IP
    (Logstash) To collect, process, and push the logs to the CCM and/or CCO.
    8881Ingress
    • CCM_IP or
      CCM_PRIMARY_IP and  CCM_SECONDARY_IP
    • CCO_IP or
      CCO_PRIMARY_IP, CCO_SECONDARY_IP, and CCO_TERTIARY_IP
    (Elasticsearch) To download logs for the CCM and/or CCO.
    8882IngressPublic browser accessTo view the logs in the Kibana console.

    8443

     

    Ingress/ Egress

    • CCM or
    • CCM_SA or
    • CCM_SA_PRIMARY, CCM_SA_SECONDARY, and CCM_LB

    For two-way communication between the CCM and Monitor VMs.

    Egress

    CCO or CCO_LB

    For access to the CCO VM.

     MON_PRIMARY and MON_SECONDARY Ports

    MON_PRIMARY and MON_SECONDARY Ports

    Port

    Direction

    Remote Source

    Notes

    22

    Ingress (optional)

    Allowed SSH source IP

    For troubleshooting purposes.

    80Egress0.0.0.0/0To download installer or appliance packages.
    443Egress0.0.0.0/0To download installer or appliance packages.
    4560Ingress
    • CCM_IP or
      CCM_PRIMARY_IP and  CCM_SECONDARY_IP
    • CCO_IP or
      CCO_PRIMARY_IP, CCO_SECONDARY_IP, and CCO_TERTIARY_IP
    (Logstash)To collect, process, and push the logs to the CCM and/or CCO.
    8881Ingress
    • CCM_IP or
      CCM_PRIMARY_IP and  CCM_SECONDARY_IP
    • CCO_IP or
      CCO_PRIMARY_IP, CCO_SECONDARY_IP, and CCO_TERTIARY_IP
    (Elasticsearch) To download logs for the CCM and/or CCO.
    8882IngressPublic browser accessTo view the logs in the Kibana console.

    8443

     

    Ingress

    MON_LB

    For communication from the Monitor load balancer.

    Egress

    CCO or CCO_LB

    For access to the CCO VM.

     MON_LB Ports

    MON_LB Ports

    Port

    Direction

    Remote Source

    Notes

    22

    Ingress (optional)

    Allowed SSH source IP

    For troubleshooting purposes.

    80Egress0.0.0.0/0To download installer or appliance packages.
    443Egress0.0.0.0/0To download installer or appliance packages.
    4560Ingress
    • CCM_IP or
      CCM_PRIMARY_IP and  CCM_SECONDARY_IP
    • CCO_IP or
      CCO_PRIMARY_IP, CCO_SECONDARY_IP, and CCO_TERTIARY_IP
    (Logstash) To collect, process, and push the logs to the CCM and/or CCO.
    8881Ingress
    • CCM_IP or
      CCM_PRIMARY_IP and  CCM_SECONDARY_IP
    • CCO_IP or
      CCO_PRIMARY_IP, CCO_SECONDARY_IP, and CCO_TERTIARY_IP
    (Elasticsearch) To download logs for the CCM and/or CCO.
    8882IngressPublic browser accessTo view the logs in the Kibana console.

    8443

     

    Ingress

    • CCM or
    • CCM_SA or
    • CCM_SA_PRIMARY and CCM_SA_SECONDARY

    For communication from the CCM VMs.

    Egress

    MON_PRIMARY and MON_SECONDARY

    For access to the Monitor VMs.

  3.  Perform Network Compliance Check

    Perform Network Compliance Check

    You must perform the network compliance check to ensure that all network rules for inter-component communication between CloudCenter component VMs, application VMs and end user access are accurately setup.

    CloudCenter Component VMs

    To perform network compliance checks for CloudCenter components, perform this procedure on each VM launched as part of the 1. Prepare Infrastructure process.

    1. Upload the deployment descriptor JSON file created in 1. Prepare Infrastructure to the /tmp location.
    2. Upload the validator script called validator.py to the /tmp location (available with the CloudCenter appliance files).
    3. Execute the following command from the location /tmp location.

      Command

      Examples:

      • python network_validator.py –-role=CCM --deploymentDetails=deployment.json

      • python network_validator.py –-role=CCO --region=AmazonEast1 --deploymentDetails=deployment.json

      • python network_validator.py –-role=AMQP --region=AmazonEast1 --deploymentDetails=deployment.json

    4. Verify the results to ensure that there are no failures and that all required network rules are setup accurately. In case of failures, update network settings as appropriate and repeat the test.

    Application VMs

    To ensure that application VMs (that are launched as part of application orchestration) can communicate with relevant CloudCenter components and repositories, perform this procedure:

    1. Launch a test VM in every cloud environment intended to be managed by CloudCenter.
    2. Upload the deployment descriptor JSON file to the /tmp location.
    3. Upload the validator script called validator.py to the /tmp location.
    4. Execute the following command from the /tmp location.

      Command

      Example:
      python network_validator.py –-role=AGENT --region=AmazonEast1 --deploymentDetails=deployment.json

    5. Verify the results to ensure that there are no failures and that all required network rules are setup accurately. In case of failures, update network settings as appropriate and repeat the tests

    6. Once network compliance check is successful, terminate the test VMs.
    Client Test

    Some CloudCenter components (CCM, AMQP or GUAC) must be accessible to end users to ensure UI or REST API access. To ensure client access to these components, perform this procedure:

    1. Identify the Linux, Windows (Python Enabled), or MacOSX systems running in networks accessed by end users.
    2. Upload the deployment descriptor file to this client system.
    3. Upload the validator.py to the client system.
    4. Execute the following command from the python script location.

      Command
    5. Verify the results to ensure that there are no failures and that all required network rules are setup accurately. In case of failures, update network settings as appropriate and repeat the test.

    Icon

    Before proceeding to to the next section, ensure that network compliance check is successful.

  4.  Configure Components

    Configure Components

     CCM Wizard Properties

    Configure CCM Wizard Properties

    To configure the CCM wizard properties, follow this procedure.

      1. SSH into the CCM instance as a CentOS user.
      2. Run the following command:

    1. Invoke the CCM wizard.

      CCM Wizard Path
    2. Configure the server properties.

      Write this down for future reference!

      Icon
      Write down the Field details in a printed version of the Your Notes section for later use.

      CCM Properties

      Description

      Mail

      SMTP server details to send mail notifications. If you retain the default settings, the SMTP sever details are not configured.

      • SMTP Host: smtp.gmail.com
      • SMTP Port: Defaults to 465
      • SMTP Auth: Boolean setting
        • True = Authentication is required for the SMTP server.
        • False = Authentication is not required for the SMTP server.

      Mail_User

      Mail authentication and configuration details to send mail notifications. If you retain the default settings, the mail functionality is not be configured and emails are not sent.

      • Mail User: Your email address for the SMTP server
      • Password: The password to log into the SMTP server
      • From User: The email address (no reply) to initiate emails from the CCM server
      • Display Name: The name to be displayed when you initiate emails from the CCM server
      Server_info (Required)

      Public DNS: DNS (or IP address) of the CCM – Used by the CCO VM to communicate with the CCM VM.

      Monitor URL: Monitor VM's complete URL. For example, https://<MON or MON_LB IP address>:8443.

      • Requires HTTPS protocol.
      • Used by the CCM VM to retrieve the health status from the Monitor VM.

      Hazelcast IP: Private IP address of the CCM VM – Used internally by the CloudCenter platform. Required for HA Mode.

      External URL: The CloudCenter External URL for the CCM server. Required for HA Mode.

      Config_App_Logo

      Used by the application profile templates.

      ESB_Info

      Required only if you installed Enterprise Service Bus (ESB), an optional component that is not installed in CloudCenter appliances by default.

      Network

      Use the defaults if you are not making any changes to these settings.

      • Hostname:
      • Interface:
      DB
      (Effective CloudCenter 4.7.0)
      • IP or Hostname: DNS or IP of the Database
        • Local host: Default, does not include the flyway migrate configuration
        • Remote host, includes the flyway migrate configuration – see the last bullet in this row.
      • Authentication credentials for the database (either local or remote).
        • Username:
        • Password:
      •  Flyway Migrate: Optional. Remote Host Configure the CCM to a remote database by providing the IP address of the remote database. When you provide the IP address, you see an additional screen to configure the flyway migrate process.
        • Yes: Flyway migration takes place.
        • No: Only the configuration files are updated.
        Icon

        DB configuration is required for standalone database deployments.

      ELK_Info
      (Effective CloudCenter 4.7.0)
      • ELK Host: Specify the IP address for the ELK host (Monitor VM).
      • Elasticsearch Port: Displays 8881 by default.
      • Logstash Port: Displays 4560 by default.
      • Kibana Port: Displays 8882 by default.
      • ELK User: The default ELK Username = logreader.
      • ELK Password: The default ELK Password is re@d0nly (zero between d and n) (change this password after the initial login – see Download Log File for additional context).
      • Host Identifier: A Unique ID for the server – be sure to prefix the unique identifier with CCM_ for example, CCM_1
      • Host Identifier List: Only applies to environments using the HA mode – provide a list of comma separated unique host identifiers for all ELK/Monitor hosts in a HA setup = for example, CCM_1,CCM_2,myCCM.

        Icon

        In an environment operating in HA mode, if you have two CCM instances with unique IDs configured as CCM_1,CCM_2 in their respective server.properties file, then this property should state CCM_1,CCM_2 in both CCM instances. Each CCM must be aware of the unique ID of the other CCM(s) when in HA mode.

    3. Exit the CCM configuration wizard.

    4. Select Yes, to restart the Tomcat service for the changes to take effect.

    You have successfully installed the CCM instance! You can now proceed to the next step:

    • If you are installing a Health Monitor component – see Health Monitor Installation (Optional)

     AMQP - CCM/CCO Wizard Properties

    AMQP  – Configure CCM/CCO Properties for Guacamole Server

    Dedicated GUAC Setup?

    Icon

    This GUA config wizard step is not required if you have set up a dedicated Guacamole server.

      1. SSH into the GUA instance as a centos user.
      2. Run the following command:

    1. Invoke the GUA wizard.

      GUA Wizard Path
    2. Configure the CCM and CCO (once installed) properties.

      Write this down for future reference!

      Icon
      Write down the Field details in a printed version of the Your Notes section for later use.
    3. Configure the properties for the CCM and CCO (once installed) VMs:

      GroupPossible IP Addresses

      CCM_Info

      CCM Host:

      CCM_IP or  CCM_SA_IP or CCM_LB_IP

      CCO_InfoCCO Host (once installed):
      CCO_IP or  CCO_LB_IP
    4. Verify your changes and Exit the GUA configuration wizard.

    5. Select Yes, to restart the Tomcat service for the changes to take effect.

      Icon

      If you are installing the AMQP instance for the first time, then you may need to wait for a few minutes to ensure that all users are listed. You can verify that all users are listed by running the following commands:

    You have successfully configured the AMQP instance! Proceed to the CCO (Required) section.

    Post-Install Setup

    Icon

    Any change in the hostname may result in a VM bounce/reboot.

    If you change the AMQP server's hostname, the local AMQP database is renamed and you may need to rerun the AMQP configuration.

    Some clouds set the hostname automatically for each new instance or boot and RabbitMQ uses the a pre-set hostname to set the database name. In these cases, you must run the following commands as root to rerun the AMQP configuration:

    You will also need to run these commands again if the node is rebooted, as you may end up with a new hostname and database name.

    If a database user exists and a login is not associated, this user may not be able to log into the AMQP server.

    Ensure that the required users (cliqr and cliqr_worker) are setup in your database. If you have additional users in your database, they will also be displayed when you run the rabbitmqctl command.

    If you do not see these users in your database, run the following commands as root (to recreate the users in the AMQP configuration):

    Reboot the AMQP Server

    Reboot the AMQP server.

    Start the Wizard

    Use the following command to start the guacamole wizard if you need to change settings as required by your deployment. See Per CloudCenter Region Installation (Required) > AMQP  for additional context.

     CCO Wizard Properties

    CCO – Configure CCO Wizard Properties

      1. SSH into the CCO instance as a centos user.
      2. Run the following command:

    1. Invoke the CCO wizard.

      CCO Wizard Path
    2. Configure the server properties.

      Write this down for future reference!

      Icon
      Write down the Field details in a printed version of the Your Notes section for later use.
      GroupNotes

      AgentBundle

      Use the defaults.

      • If you are using the custom bundle, replace cdn.cliqr.com with the custom bundle store IP or DNS
      • If you are using the package store, replace repo.cliqrtech.com with the custom package store IP or DNS

      AMQP_Server

      • AMQP Server IP: AMQP_IP or AMQP_LB_IP
      • AMQP Port: 5671
      NetworkHostname: Configure the Network details for your CCO environment. This is an optional step to configure the Private IP of the VM. You can generally configure this information if the VM does not have preset IP or hostname or if you need to override an existing IP or Hostname.

      Guacamole

       

      • Connection Broker Host: AMQP_IP or AMQP_LB_IP 
      • Connection Broker Port1: 7788
      • Connection Broker Port2: 7789

      Docker

      • Docker Registry URL: Set only if custom docker registry is used.
      • Docker CACert URL: Set only if docker registry uses SSL with custom CA Certificates.

      ELK_Info

      (Effective CloudCenter 4.7.0)

      • ELK Host: Specify the IP address for the ELK/Monitor host.
      • Elasticsearch Port: Displays 8881 by default.
      • Logstash Port: Displays 4560 by default.
      • Host Identifier: The Unique ID for the server – be sure to prefix the unique identifier with CCO_ for example, CCO_Openstack_regionOne or CCO_Amazon_east.
      • Host Identifier List: This field only applies to environments using the HA mode – provide a list of comma separated unique host Identifiers for all ELK/Monitor hosts in a HA setup = for example, CCO1,CCO2,myCCO.

        Icon

        In an environment operating in HA mode, if you have three CCO instances with unique IDs configured as CCO_1,CCO_2,CCO_3 in their respective server.properties file, then this property should state CCO_1,CCO_2,CCO_3 in each CCO instance. Each CCO must be aware of the unique ID of the other CCO(s) when in HA mode.

    3. Verify your changes and Exit the CCO configuration wizard.

    4. Select Yes, to restart the Tomcat service for the changes to take effect.

    You have successfully configured the CCO instance! You can now proceed to the next step:

    • If you are installing a dedicated Docker component – see Dedicated Docker Registry Installation (Optional)
    • If you are not installing a dedicated Docker component – see Setup the Admin Account and proceed with configuring and setting up CloudCenter.

     Monitor - CCM Wizard Properties

    Monitor – Configure Monitor Properties

      1. SSH into the MONITOR instance as a centos user.
      2. Run the following command:

    1. Invoke the wizard.

      Monitor Wizard Path
    2. Configure the properties for the Monitor instance.

      Write this down for future reference!

      Icon

       Write down the Field details in a printed version of the Your Notes section for later use.

      GroupNotes
      CCM_Info
      • Monitor ID – A unique (alphanumeric) identifier used for the health check instance.
      • CCM Hostname/URL (Required)
        • CCM_IP or 
        • CCM_SA_IP or
        • CCM_LB_IP
      • Monitor User – The User ID configured on the CCM server to enable health check for cloud  regions.
        • To perform a health check on all activated cloud regions, set this value as 2 (2 is the CloudCenter’s root administrator’s User ID).
        • To perform a health check on specific cloud regions, create and activate a new user with those specific regions and use that user’s User ID as value for this property. To get the User ID, use the v1 User Management APIs.
      ELK_LoginFor the ELK/Monitor host.
      • ELK User: The default ELK Username = logreader.
      • ELK Password: The default ELK Password is re@d0nly (zero between d and n) (change this password after the initial login – see Download Log File for additional context).
    3. Verify your changes and Exit the Monitor configuration wizard.

    4. Select Yes, to restart the Tomcat service for the changes to take effect.

    You have successfully configured the Monitor instance! You can now proceed to the Per CloudCenter Region Installation section and install the CloudCenter components for each Cloud.

     

Cloud-Specific Appliance Setup

See one of the following options:

 

  • No labels