CliQr is now part of Cisco Learn More About Cisco

Per Cloud Region Installation (Required)                                    

  •  AMQP (Required)

    Install AMQP Using Appliance                                                                                                            

     AMQP NON-HA

    AMQP NON-HA

    Icon

    This component is required for each cloud region (public cloud, private cloud, or datacenter).

    Dedicated Gucamole Setup

    Icon

    This GUA config wizard step is not required if you have set up a Dedicated Guacamole Server (Optional) server – A self-signed Guacamole certificate is provided out-of-box for Appliance installations.

    AMQP – Configure CCM/CCO Properties for Guacamole Server
    Icon

    Configure the following gua_config_wizard.sh procedure on both the AMQP PRIMARY server and the AMQP SECONDARY server.

      1. SSH into the GUA instance as a centos user.
      2. Run the following command:

    1. Invoke the GUA wizard.

      GUA Wizard Path
    2. Configure the CCM and CCO (once installed) properties.

      Write this down for future reference!

      Icon
      Write down the Field details in a printed version of the Installation Approach > Your Notes section for later use.
    3. Configure the properties for the CCM and CCO (once installed) VMs:

      Wizard MenuFieldPossible IP Addresses

      CCM_Info

      CCM Host

      CCM_IP or  CCM_SA_IP or CCM_LB_IP

      CCO_InfoCCO Host (once installed)
      CCO_IP or  CCO_LB_IP
      Config_CertsCerts Zip PathProvide the path for the certs.zip file. The default path is /tmp/certs.zip.
    4. Verify your changes and Exit the GUA configuration wizard.

    5. Select Yes, to restart the Tomcat service for the changes to take effect.

      Icon

      If you are installing the AMQP instance for the first time, then you may need to wait for a few minutes to ensure that all users are listed. You can verify that all users are listed by running the following commands:

      Reboot AMQP

      Reboot AMQP VM

      Icon

      If you change the AMQP server's host name, the local AMQP database is renamed and you must reboot the AMQP VM.

      • To reboot the AMQP VM, run the following commands as root:

      • If you reboot the VM, be aware of the following details:
        • You may end up with a new host name and database name after the reboot.

        • Some clouds set the host name automatically for each new instance or reboot – RabbitMQ uses a preset host name to set the database name.

        • If a database user exists and a login is not associated, this user may not be able to log into the AMQP server.

          • Ensure that the required users (cliqr and cliqr_worker) are setup in your database. If you have additional users in your database, they will also be displayed when you run the rabbitmqctl command.

          • If you do not see these users in your database, run the following commands as root (to recreate the users in the AMQP configuration):

    You have successfully configured the AMQP instance! Proceed to the CCO (Required) section.

     AMQP HA

    Install AMQP HA Using Appliances

     

    AMQP_PRIMARY/SECONDARY – Exchange AMQP SSH Keys

    To exchange the SSH keys between the AMQP_PRIMARY and AMQP_SECONDARY servers, follow this procedure.

    1. On the AMQP_PRIMARY, execute the following (as root)  to generate a new SSH key. 

    2. Copy the id_rsa files (~/.ssh/id_rsa and ~/.ssh/id_rsa.pub) from AMQP_PRIMARY to the same location on the AMQP_SECONDARY (as root). On the AMQP_SECONDARY, if the .ssh directory does not exist, create it using the following commands before copying the files!

    3. On the AMQP_SECONDARY, execute the following (as root) to add a new SSH key.

    4. Verify mutual SSH access between the AMQP_PRIMARY and AMQP_SECONDARY by running the following command on each VM.

      You have now set up SSH on both AMQP instances.

       

    Icon

    This component is required for each cloud region (public cloud, private cloud, or datacenter).

    Dedicated Gucamole Setup

    Icon

    This GUA config wizard step is not required if you have set up a Dedicated Guacamole Server (Optional) server – A self-signed Guacamole certificate is provided out-of-box for Appliance installations.

    AMQP – Configure CCM/CCO Properties for Guacamole Server
    Icon

    Configure the following gua_config_wizard.sh procedure on both the AMQP PRIMARY server and the AMQP SECONDARY server.

      1. SSH into the GUA instance as a centos user.
      2. Run the following command:

    1. Invoke the GUA wizard.

      GUA Wizard Path
    2. Configure the CCM and CCO (once installed) properties.

      Write this down for future reference!

      Icon
      Write down the Field details in a printed version of the Installation Approach > Your Notes section for later use.
    3. Configure the properties for the CCM and CCO (once installed) VMs:

      Wizard MenuFieldPossible IP Addresses

      CCM_Info

      CCM Host

      CCM_IP or  CCM_SA_IP or CCM_LB_IP

      CCO_InfoCCO Host (once installed)
      CCO_IP or  CCO_LB_IP
      Config_CertsCerts Zip PathProvide the path for the certs.zip file. The default path is /tmp/certs.zip.
    4. Verify your changes and Exit the GUA configuration wizard.

    5. Select Yes, to restart the Tomcat service for the changes to take effect.

      Icon

      If you are installing the AMQP instance for the first time, then you may need to wait for a few minutes to ensure that all users are listed. You can verify that all users are listed by running the following commands:

      Reboot AMQP

      Reboot AMQP VM

      Icon

      If you change the AMQP server's host name, the local AMQP database is renamed and you must reboot the AMQP VM.

      • To reboot the AMQP VM, run the following commands as root:

      • If you reboot the VM, be aware of the following details:
        • You may end up with a new host name and database name after the reboot.

        • Some clouds set the host name automatically for each new instance or reboot – RabbitMQ uses a preset host name to set the database name.

        • If a database user exists and a login is not associated, this user may not be able to log into the AMQP server.

          • Ensure that the required users (cliqr and cliqr_worker) are setup in your database. If you have additional users in your database, they will also be displayed when you run the rabbitmqctl command.

          • If you do not see these users in your database, run the following commands as root (to recreate the users in the AMQP configuration):

    You have successfully configured the AMQP instance! Proceed to the CCO (Required) section.

    AMQP_PRIMARY – Configure High Availability Properties
    Icon

    Configure the following rabbit_config_wizard.sh procedure on only the AMQP PRIMARY server.

      1. SSH into the AMQP instance as a centos user.
      2. Run the following command:

    1. Invoke the AMQP wizard.

      GUA Wizard Path
    2. Configure the CCM and CCO (once installed) properties.

      Write this down for future reference!

      Icon
      Write down the Field details in a printed version of the Installation Approach > Your Notes section for later use.
    3. Configure the properties for the CCM and CCO (once installed) VMs:

      Wizard MenuFieldPossible IP Addresses

      Configure_HA

      Primary Node IP

      The IP address of the AMQP_PRIMARY instance.

      Primary Hostname

      The hostname of the  AMQP_PRIMARY instance.

      Secondary Node IP

      The IP address of the  AMQP_SECONDARY instance.

      Secondary Hostname

      The hostname of the  AMQP_PRIMARY instance.

    4. Verify your changes and Exit the AMQP configuration wizard.

    5. Select Yes, to restart the Tomcat service for the changes to take effect.

    AMQP_LB

    The AMQP load balancing can be done through HAProxy, NGiNX, Apache2, or a cloud that is natively available to services, like AWS Elastic Load Balancer (ELB). To configure the load balancer service and ensure AMQP load balancing, be sure to listen on port 5671 and balance the request at 443 on both the AMQP_PRIMARY and AMQP_SECONDARY servers.

    Icon

    See AMQP Firewall Rules > AMQP_LB Ports for the complete list of ports that need to be open for your deployment.

    Icon

    If you configure a load balancer for any CloudCenter component, be aware that the firewalId is enabled by default and you must explicitly disable it to ensure that the CloudCenter component(s) can communicate with the load balancer. See Firewall Rules Overview for additional context.

    The following load balancing configuration was performed on CentOS7.x VM with HAProxy for the AMQP VM.

    1. SSH into the VM instance using the key pair that you used to launch the VM.
    2. Install HAProxy as the root user.

    3. Modify HAProxy config file as below

    4. To bind to 5671 port you must disable SELinux – run the following command to disable SELinux.

    5. Start the HAProxy service and check the status, it should be active

       

    You have successfully configured the AMQP instance! Proceed to the CCO (Required) section.

     

     

  •  CCO (Required)

    Install CCO Using Appliance (Required)                                                                                                           

     CCO NON-HA

    Configure CCO Wizard Properties

    Icon

    This component is required for each cloud region (public cloud, private cloud, or datacenter).

      1. SSH into the CCO instance as a centos user.
      2. Run the following command:

    • Invoke the CCO wizard.

      CCO Wizard Path

       

      Configure the server properties.

      Write this down for future reference!

      Icon
      Write down the Field details in a printed version of the Installation Approach > Your Notes section for later use.
      Wizard MenuFieldNotes

      Agent Bundle Parameters

      Linux Bundle URLThe Linux URL for the Management Agent bundle – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Windows Bundle URLThe Windows URL for the Management Agent bundle –  Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Bootstrap js URL

      Required for Dynamic Bootstrapping information – Use the default or replace cdn.cliqr.com with the local repository IP or DNS.

      This field refers to three package store URLs:

      • The CloudCenter installer package: http://${s3Bucket}/${imageBootstrapperPath}/bundle/cliqrInstaller.zip

      • The core installer package: http://${s3Bucket}/${imageBootstrapperPath}/bundle/corePkg.tar.gz

      • The JSON package: http://${s3Bucket}/${imageBootstrapperPath}/bundle/simplejson.tar.gz

      Bootstrap py URLRequired for Dynamic Bootstrapping information called by Linux files– Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Bootstrap Linux URLRequired for Dynamic Bootstrapping information for Linux files– Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Bootstrap win URLRequired for Dynamic Bootstrapping information for Windows files– Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Linux Upgrade URLThe Linux URL for the Management Agent upgrade scripts – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Windows Upgrade URLThe Windows URL for the Management Agent upgrade scripts  – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Node Metadata URLThe Metadata (.jar file) URL for the Management Agent VM – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Custom Repo URLThe CloudCenter custom artifacts repository URL – Use the default or replace repo.cliqrtech.com with the custom package store IP or DNS.
      Service URL

      The URL that points to the out-of-box services – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.

      Action URLThis URL should point to a VM location where you can download scripts (the HTTP URL must be accessible from this VM) when you perform a Service Lifecycle Action or a VM Action.
      AgentLite Linux URLThe location where the Linux-based agent-lite-linux-bundle.tar.gz resides. This URL is required to Install AgentLite on a Linux VM (see VM Management > Install Agent Manually for additional context).
      AgentLite Windows URLThe location where the Windows-based agent-lite-windows-bundle.zip resides. This URL is required to Install AgentLite on a Windows VM (see VM Management > Install Agent Manually for additional context).
      External Service URLThe path/URL to the external service bundle – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.

      AMQP_Server

      AMQP Server IP

      AMQP_IP or AMQP_LB_IP

      AMQP Port5671
      NetworkHostnameConfigure the Network details for your CCO environment. This is an optional step to configure the Private IP of the VM. You can generally configure this information if the VM does not have preset IP or hostname or if you need to override an existing IP or Hostname.

      Guacamole

      Connection Broker Hos

      AMQP_IP or AMQP_LB_IP 

      Connection Broker Port7788
      Connection Broker Port27789

      Docker

      Docker Registry URL

      Set only if custom Docker registry is used.

      Docker CACert URL

      Set only if docker registry uses SSL with custom CA Certificates.

      See Certificate Authentication > Dedicated Components for additional context.

      ELK_Info

      ELK HostSpecify the IP address for the ELK/Monitor host.
      Elasticsearch PortDisplays 8881 by default.
      Logstash PortDisplays 4560 by default.
      Host Identifier The Unique ID for the server – be sure to prefix the unique identifier with CCO_ for example, CCO_Openstack_regionOne or CCO_Amazon_east.
      Host Identifier List This field only applies to environments using the HA mode – provide a list of comma separated unique host Identifiers for all ELK/Monitor hosts in a HA setup = for example, CCO1,CCO2,myCCO.

       

      Icon

      In an environment operating in HA mode, if you have three CCO instances with unique IDs configured as CCO_1,CCO_2,CCO_3 in their respective server.properties file, then this property should state CCO_1,CCO_2,CCO_3 in each CCO instance. Each CCO must be aware of the unique ID of the other CCO(s) when in HA mode.

      External_Script_ExecutorDocker Server IPThe default IP is 127.0.0.1.
      Enter the IP address of a dedicated Docker server, if applicable.
      Docker Server PortDefaults to 2376
      Config_CertsCerts Zip PathProvide the path for the certs.zip file. The default path is /tmp/certs.zip.
    1. Verify your changes and Exit the CCO configuration wizard.

    2. Select Yes, to restart the Tomcat service for the changes to take effect.

    You have successfully configured the CCO instance! You can now proceed to the next step:

    • If you are configuring CCO HA – see CCO_LB to complete the HA configuration.
    • If you are installing a dedicated Docker component – see Dedicated Docker Registry Installation (Optional).
    • If you are not installing a dedicated Docker component – see Configure the Admin Account and proceed with configuring and setting up CloudCenter.

     CCO HA

    Install CCO HA Using Appliance

    Exchange CCO SSH Keys

    To exchange the SSH keys between the CCO_PRIMARY, CCO_SECONDARY, and CCO_TERTIARY instances, follow this procedure.

    1. On the CCO_PRIMARY instance, execute the following to generate a new SSH key.

       

      sudo -i
      ssh-keygen -t rsa
      cd ~/.ssh
      cat id_rsa.pub >> authorized_keys
    2. Copy the id_rsa files (~/.ssh/id_rsa and ~/.ssh/id_rsa.pub) from CCO_PRIMARY to the same location on CCO_SECONDARY and CCO_TERTIARY. On CCO_SECONDARY and CCO_TERTIARY, if the .ssh directory does not exist, create it using the following commands before copying the files.

       

      sudo -i
      mkdir -p ~/.ssh
      chmod 700 ~/.ssh
    3. On the CCO_SECONDARY and CCO_TERTIARY, execute the following to add a new SSH key.

       

      sudo -i
      chmod 400 ~/.ssh/id_rsa*
      cat id_rsa.pub >> authorized_keys
    4. Verify mutual SSH access between the CCO_PRIMARY, CCO_SECONDARY, and CCO_TERTIARY by running the following command on each VM.

       

      sudo -i
      ssh root@<CCO_PRIMARY/CCO_SECONDARY/CCO_TERTIARY>

      You have now set up SSH on all three CCO instances.

    CCO_PRIMARY – Configure CCO Properties

    Icon

    You can configure the information for all three CCO servers by providing the following details ONLY in the CCO_PRIMARY wizard.

    To ensure that all three CCOs communicate with each other, you must configure the following HA-specific information in the CCO_PRIMARY wizard.

    Wizard MenuFieldNotes

    Configure_HA
    CCO HA Info – Specify the following details in the primary CCO server.

    Primary Node IP

    Enter the IP address of the Primary CCO instance.

    Secondary Node IPEnter the IP address of the Secondary CCO instance.
    Tertiary Node IPEnter the IP address of the Tertiary CCO instance

    In addition to the HA_specific information mentioned above, you must also configure the generic information in the CCO_PRIMARY wizard.

    Configure CCO Wizard Properties

    Icon

    This component is required for each cloud region (public cloud, private cloud, or datacenter).

      1. SSH into the CCO instance as a centos user.
      2. Run the following command:

    • Invoke the CCO wizard.

      CCO Wizard Path

       

      Configure the server properties.

      Write this down for future reference!

      Icon
      Write down the Field details in a printed version of the Installation Approach > Your Notes section for later use.
      Wizard MenuFieldNotes

      Agent Bundle Parameters

      Linux Bundle URLThe Linux URL for the Management Agent bundle – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Windows Bundle URLThe Windows URL for the Management Agent bundle –  Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Bootstrap js URL

      Required for Dynamic Bootstrapping information – Use the default or replace cdn.cliqr.com with the local repository IP or DNS.

      This field refers to three package store URLs:

      • The CloudCenter installer package: http://${s3Bucket}/${imageBootstrapperPath}/bundle/cliqrInstaller.zip

      • The core installer package: http://${s3Bucket}/${imageBootstrapperPath}/bundle/corePkg.tar.gz

      • The JSON package: http://${s3Bucket}/${imageBootstrapperPath}/bundle/simplejson.tar.gz

      Bootstrap py URLRequired for Dynamic Bootstrapping information called by Linux files– Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Bootstrap Linux URLRequired for Dynamic Bootstrapping information for Linux files– Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Bootstrap win URLRequired for Dynamic Bootstrapping information for Windows files– Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Linux Upgrade URLThe Linux URL for the Management Agent upgrade scripts – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Windows Upgrade URLThe Windows URL for the Management Agent upgrade scripts  – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Node Metadata URLThe Metadata (.jar file) URL for the Management Agent VM – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Custom Repo URLThe CloudCenter custom artifacts repository URL – Use the default or replace repo.cliqrtech.com with the custom package store IP or DNS.
      Service URL

      The URL that points to the out-of-box services – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.

      Action URLThis URL should point to a VM location where you can download scripts (the HTTP URL must be accessible from this VM) when you perform a Service Lifecycle Action or a VM Action.
      AgentLite Linux URLThe location where the Linux-based agent-lite-linux-bundle.tar.gz resides. This URL is required to Install AgentLite on a Linux VM (see VM Management > Install Agent Manually for additional context).
      AgentLite Windows URLThe location where the Windows-based agent-lite-windows-bundle.zip resides. This URL is required to Install AgentLite on a Windows VM (see VM Management > Install Agent Manually for additional context).
      External Service URLThe path/URL to the external service bundle – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.

      AMQP_Server

      AMQP Server IP

      AMQP_IP or AMQP_LB_IP

      AMQP Port5671
      NetworkHostnameConfigure the Network details for your CCO environment. This is an optional step to configure the Private IP of the VM. You can generally configure this information if the VM does not have preset IP or hostname or if you need to override an existing IP or Hostname.

      Guacamole

      Connection Broker Hos

      AMQP_IP or AMQP_LB_IP 

      Connection Broker Port7788
      Connection Broker Port27789

      Docker

      Docker Registry URL

      Set only if custom Docker registry is used.

      Docker CACert URL

      Set only if docker registry uses SSL with custom CA Certificates.

      See Certificate Authentication > Dedicated Components for additional context.

      ELK_Info

      ELK HostSpecify the IP address for the ELK/Monitor host.
      Elasticsearch PortDisplays 8881 by default.
      Logstash PortDisplays 4560 by default.
      Host Identifier The Unique ID for the server – be sure to prefix the unique identifier with CCO_ for example, CCO_Openstack_regionOne or CCO_Amazon_east.
      Host Identifier List This field only applies to environments using the HA mode – provide a list of comma separated unique host Identifiers for all ELK/Monitor hosts in a HA setup = for example, CCO1,CCO2,myCCO.

       

      Icon

      In an environment operating in HA mode, if you have three CCO instances with unique IDs configured as CCO_1,CCO_2,CCO_3 in their respective server.properties file, then this property should state CCO_1,CCO_2,CCO_3 in each CCO instance. Each CCO must be aware of the unique ID of the other CCO(s) when in HA mode.

      External_Script_ExecutorDocker Server IPThe default IP is 127.0.0.1.
      Enter the IP address of a dedicated Docker server, if applicable.
      Docker Server PortDefaults to 2376
      Config_CertsCerts Zip PathProvide the path for the certs.zip file. The default path is /tmp/certs.zip.
    1. Verify your changes and Exit the CCO configuration wizard.

    2. Select Yes, to restart the Tomcat service for the changes to take effect.

    You have successfully configured the CCO instance! You can now proceed to the next step:

    • If you are configuring CCO HA – see CCO_LB to complete the HA configuration.
    • If you are installing a dedicated Docker component – see Dedicated Docker Registry Installation (Optional).
    • If you are not installing a dedicated Docker component – see Configure the Admin Account and proceed with configuring and setting up CloudCenter.

    CCO_LB

    Load balancing can be done through HAProxy, NGiNX, Apache2, or a cloud that is natively available to services, like AWS Elastic Load Balancer (ELB). To configure the load balancer service and ensure CCO load balancing, be sure to listen on port 8443 and balance the request at 8443 on both the CCO_PRIMARY and CCO_SECONDARY servers.

    Icon

    See CCO Firewall Rules > CCO_LB Ports for the complete list of ports that need to be open for your deployment.

    Icon

    If you configure a load balancer for any CloudCenter component, be aware that the firewalId is enabled by default and you must explicitly disable it to ensure that the CloudCenter component(s) can communicate with the load balancer. See Firewall Rules Overview for additional context.

    The following load balancing configuration was performed on CentOS7.x VM with HAProxy for the CCO VM.

    1. SSH into the VM instance using the key pair that you used to launch the CCO VM.
    2. Install HAProxy as the root user.

    3. Modify HAProxy config file as follows.

    4. Start the HAProxy service and check the status to ensure that it is active

       

  • No labels