Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

An A DPOD External Self-service Console (“DPOD External Self-Service”) is an instance of DPOD All-In-One appliance installation that is deployed externally to a network, provides users with a Console UI only, and does not store any transactional data of its own. In lieu of storing data, this instance communicates with an internal a DPOD Internal Console (“DPOD Internal Console”).

A typical use for an the DPOD External Self-Service Console is to proxy the DPOD Console UI to a less secured network (e.g. a DMZ) without placing DPOD's internal Data Base data in that area.

Security note: In the current version of DPOD External Self-Service Console, the connection to the internal data base theDPOD Internal Console is not protected using authentication mechanism. Consider this when planning your deployment and use additional security measures to protect network access to the internal data baseconsole.

Installation Preparation

...

Network Requirements

  1. Ensure you have an IP for the DPOD external External Self-service console Service Console (including DNS, Default default GW, subnet mask and other network configuration).
  2. Ensure you have an NTP server available and obtain the NTP server IP address.
  3. Ensure the ports detailed below are opened during or after install:

From

To

Ports (Defaults)

Protocol

Usage

FROM DPOD External Self-Service  Service Console 

NTP Server

123

NTP

Sync time between DPOD instances

FROM DPOD External Self-Service  Service Console

Organizational mail server

25

SMTP

Send reports by email

NTP Server

DPOD External Self-Service  Service Console  

123

NTP

Sync time

FROM Users IPs         

DPOD External Self-Service  Service Console  

80 ,443

HTTP/s

Work with DPOD Service Center Console

FROM Admins IPs         

DPOD External Self-Service  Service Console  

22

TCP

SSH

FROM DPOD External Self-Service  Service Console  

DPOD Internal Console  

9302

TCP

Connection to elastic Search Node

Hardware Requirements

...

  • Disk 1 (for OS): 40GB
  • Disk 2 (for product installation): 40GB
  • Disk 3 (Date): minimum 5GB

...

DPOD External Self-Service Console should have a Low load configuration architecture as detailed in Hardware and Software Requirements with the following exceptions:

  1. The Data disk can be as small as 5 GB (instead of 100 GB)
  2. (Optional) You may add a second network interface to separate DPOD's External Self Service Console access

...

  1. to the DPOD Internal Console from the UI interface.

...

...

DPOD External Self-Service Console Post Installation Tasks

After installing DPOD on the External Self-Service Console machine, follow the steps below:

  1. Stop DPOD components 

  2. Ensure all components are down

  3. Disable all DPOD services except Derby, UI and Reports:
    1. Edit (with using vi) the file /etc/sysconfig/MonTier and find  ,change the following line starting with:

      Code Block
      SERVICES_FIRST_GROUP="MonTier-Derby MonTier-es-raw-trans-Node-1"

      and remove all components except for MonTier-Derby:

      Code Block
      SERVICES_FIRST_GROUP="MonTier-Derby"


    2. Comment out the following lines:

      Code Block
      SERVICES_SECOND_GROUP="MonTier-es-raw-trans-Node ..."
      SERVICES_THIRD_GROUP="MonTier-HK-ESRetention" ...
      SERVICES_FORTH_GROUP="MonTier-AggAgent- ..."
      SERVICES_FIFTH_GROUP="MonTier-BalancerAgent ..."
      SERVICES_SIXTH_GROUP="MonTier-WsmAgent-1 ..."


    3. Change Change the following line:

      Code Block
      SERVICES_SEVENTH_GROUP="MonTier-UI MonTier-Reports MonTier-HK-WsmKeepalive MonTier-HK-SyslogKeepalive"

      to and remove all components except MonTier-UI and  and MonTier-Reports:

      Code Block
      SERVICES_SEVENTH_GROUP="MonTier-UI MonTier-Reports"


  4. Change DPOD's Elastic Search Elasticsearch alias entry in /etc/hosts to direct to the internal console:

    Code Block
    vi /etc/hosts

    Change the line that directs montier-es and montier-es-http to point to the internal Console IP Address  to direct to DPOD Internal Console (1.1.1.1 in the example below):

    Code Block
    1.1.1.1     montier-es
    1.1.1.1     montier-es-http


  5. Start configuration database service

    Code Block
    start_services.sh -o derby
    ij


  6. Update the SystemParameter SQL table:

    Code Block
    UPDATE SystemParameter
    SET value='false'
    WHERE name='agents.management.enabled'; 

    Update the SystemParameter SQL table:

    Code Block
    
    
    UPDATE SystemParameter
    SET value='false'
    WHERE name = 'system.internal_self_service.is_internal';


  7. If f you wish to let the external self service users access the DevOps Services Portal, change the following system parameters in the external self service console
    (you can do that from Manage → Customize → System Parameters after the web console starts):
      a. Internal
      1. Internal Self Service Address
      - enter
      1. : Enter the address of the internal self service portal.
      b. Internal
      1. Internal Self Service Webserver Port
      -
      1. : (defaults to 443)
      the
      1. The webserver port for the internal self service portal - change this value only if advised.

    DPOD Internal Console Post Installation Tasks

    Connect to the DPOD Internal Console server and alter the configuration to let it accept communication from the DPODExternal DPOD External Self-Service consoleConsole.

    1. Stop DPOD components

    2. Ensure all components are down :

    3. Change DPOD ElasticSearch alias entry in /etc/hosts to  to bind to external IP address

      Code Block
      vi /etc/hosts

      and change these lines

      Code Block
      127.0.0.1   montier-es
      127.0.0.1   montier-es-http

      to DPOD's internal console IP address (e.g. the external IP address (1.1.1.1 in the example below):

      Code Block
      1.1.1.1     montier-es
      1.1.1.1     montier-es-http


    4. Start DPOD components

    5. Ensure all components are up and running

      Code Block
      app_status.sh
      
      #Output Example:
      MonTier-AppAdmin (pid 17836) is running...
      MonTier-Derby (pid 17940) is running...
      MonTier-es-raw-trans-Node-1 (pid 18125) is running...
      MonTier-es-raw-trans-Node-2 (pid 21122) is running...
      MonTier-es-raw-trans-Node-3 (pid 21103) is running...
      MonTier-es-raw-trans-Node-4 (pid 21120) is running...
      MonTier-SyslogAgent-1 (pid 27350) is running...
      MonTier-SyslogAgent-2 (pid 27286) is running...
      MonTier-SyslogAgent-3 (pid 27177) is running...
      MonTier-SyslogAgent-4 (pid 27075) is running...
      MonTier-WsmAgent-1 (pid 27002) is running...
      MonTier-WsmAgent-2 (pid 26921) is running...
      MonTier-WsmAgent-3 (pid 26881) is running...
      MonTier-WsmAgent-4 (pid 26773) is running...
      MonTier-HK-ESRetention (pid 24012) is running...
      MonTier-HK-WdpDeviceResources (pid 27590) is running...
      MonTier-HK-WdpServiceResources (pid 27447) is running...
      MonTier-HK-SyslogKeepalive (pid 1976) is running...
      MonTier-HK-WsmKeepalive (pid 1932) is running...
      MonTier-UI (pid 1635) is running...
      MonTier-Reports (pid 1830) is running...
      MonTier-AgentNode (pid 1736) is running...