CloudCenter 4.8 has reached End of Life (EOL) as of November 14, 2018. See End of Support Notices for additional context.

Migrate CCO from Non-HA to HA Mode

Overview

Be sure to review Upgrade Overview before starting this procedure!

This section provides details on upgrading your CCO in HA mode.

Prerequisites

Be aware that the CCO servers will be offline during the upgrade process. Schedule some down time for your enterprise before starting this process.

Verify these requirements before you begin the upgrade process:

  • Review the information provided in the Upgrade Overview section and validate the following requirements for the release to which you are upgrading:

    • Is an upgrade path available?
    • Is the core_upgrade.bin file required?
  • See High Availability Best Practices for HA considerations.
  • Backup your database and applications before you begin this process. See HA Mode Backup and Recovery for additional context.
  • For each CCO instance that must be upgraded, verify the following prerequisites:

    • Ensure that a version file (/usr/local/osmosix/etc/version) exists in both CCOs to be upgraded.

    • Verify that the version file contains the correct version number (for example, if your current CloudCenter release version is 4.7.2, ensure that the corresponding version value is 4.7.2).

    • See the corresponding release notes for release-specific information on the CloudCenter version to which you are upgrading. For example, the CloudCenter 4.8.0 Release Notes.

  • The upgrade procedure in this section assumes the following setup:
    • The MongoDB data is retained on the CCO_PRIMARY server – this is the initiating server.
    • The MongoDB data is deleted on the CCO_SECONDARY and CCO_TERTIARY – be sure to backup and delete the CloudCenter database (called cliqr) on these two servers.
      • The assumed path for this upgrade procedure is /var/lib/mongo
      • The mongodump directory is created as a dump sub-directory in  the specified directory: /var/lib/mongo/dump

      • To locate the path for your setup, see your /etc/mongod.conf file
    • The configuration files on the CCO_TERTIARY server must reflect the corresponding values for your deployment.

Download package files:

See Virtual Appliance Overview to understand the required components.

See Virtual Appliance Process to understand the process.

See Phase 4 Overview  to understand the various types of software download files.

  1. SSH into the VM instance designated for this component by using the key pair that you used to launch the VM.

    Along with the key pair, you may need to use your login credentials for sudo or root access based on your environment.

  2. Download the following required files for this component from software.cisco.com:

    • cco-installer.jar 
    • cco-response.xml 
    • core_upgrade.bin

Upgrading CCO from HA to HA Mode

See CCO HA Upgrade for details.

Upgrading from Non-HA to HA Mode

If you are upgrading a non-HA CCO to a CCO HA scenario, follow this process.

  1.  Install another Standalone CCO VM

    CCO (Required)                                                                                                                                       

     CCO NON-HA

    CCO NON-HA                                                                       

    This component is required for each cloud region (public cloud, private cloud, or datacenter).

    Proxy Settings

    If you need a proxy server to connect to the internet, be sure to configure the Proxy setting for the Tomcat service on the CCM and CCO servers.

    To connect to the Internet using a proxy server, follow this process:

    1. Modify your proxy environment to reflect your proxy settings.
    2. In the /usr/local/tomcat/bin/setenv.sh file, the CloudCenter platform requires you to add the following parameters to the existing JAVA_OPTS environment variable:

      REQUIRED for HTTP – Add the following parameters to the JAVA_OPTS environment variable
      -Dhttp.proxyHost=<proxy_hostname> -Dhttp.proxyPort=<port_number>

      or

      REQUIRED for HTTPS – Add the following parameters to the JAVA_OPTS environment variable
      -Dhttps.proxyHost=<proxy_hostname> -Dhttps.proxyPort=<port_number> 
      Sample /usr/local/tomcat/bin/setenv.sh with added parameters in JAVA_OPTS
      export LD_LIBRARY_PATH=/usr/local/apr/lib
      export CATALINA_PID=$CATALINA_HOME/catalina.pid
      export JPDA_ADDRESS=8000
      export JAVA_OPTS="-Djava.awt.headless=true -Dfile.encoding=UTF-8 -server -Xms1024m -Xmx2048m -XX:NewSize=512m -XX:MaxNewSize=512m -XX:PermSize=512m -Dhttp.proxyHost=proxy.cisco.com -Dhttp.proxyPort=80"
      export CATALINA_OUT=/dev/null
    3. Additional parameters may be required if the CCM or CCO servers need to reach network resources, bypassing the proxy.

      -Dhttp.nonProxyHosts=<bypass_hostname>
      OPTIONAL – Sample /usr/local/tomcat/bin/setenv.sh bypassing the proxy
      export LD_LIBRARY_PATH=/usr/local/apr/lib
      export CATALINA_PID=$CATALINA_HOME/catalina.pid
      export JPDA_ADDRESS=8000
      export JAVA_OPTS="-Djava.awt.headless=true -Dfile.encoding=UTF-8 -server -Xms1024m -Xmx2048m -XX:NewSize=512m -XX:MaxNewSize=512m -XX:PermSize=512m -Dhttp.proxyHost=proxy.cisco.com -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts=10.1.1.1"
      export CATALINA_OUT=/dev/null
    4. Restart the Tomcat service.

      /etc/init.d/tomcat stop
      /etc/init.d/tomcat start
    5. Verify that the proxy settings are in effect by issuing the ps aux | grep java command.

      Output of the ps aux | grep java command
      cliqrus+ 25106 0.0 45.3 4368868 929000 ? Sl Mar02 54:15 /usr/lib/jvm/java-8-sun/bin/java -Djava.util.logging.config.file=/usr/local/tomcatgua/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.awt.headless=true -Dfile.encoding=UTF-8 -server -Xms1024m -Xmx2048m -XX:NewSize=512m -XX:MaxNewSize=512m -XX:PermSize=512m -XX:MaxPermSize=512m -Djav.endorsed.dirs=/usr/local/tomcatgua/endorsed -classpath /usr/local/tomcatgua/bin/bootstrap.jar:/usr/local/tomcatgua/bin/tomcat-juli.jar -Dcatalina.base=/usr/local/tomcatgua -Dcatalina.home=/usr/local/tomcatgua -Djava.io.tmpdir=/usr/local/tomcatgua/temp -Dhttp.proxyHost=proxy.cisco.com -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts=10.1.1.1 org.apache.catalina.startup.Bootstrap start

      Ensure that line -Dhttp.proxyHost=proxy.cisco.com -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts=10.1.1.1 is present in the output.

    The /tmp Alternative

    You can download installation files to a directory of your choice. The procedure provided in the CloudCenter documents, recommend using the /tmp folder as the download folder. In some cases, you may not want to use /tmp folder as the temp location as this directory may not allow files to be executed in your environment.

    To install CloudCenter on systems where /tmp is set to nosuid or noexec, issue the following command before downloading the component files:

    export TEMP_DIR=<any_directory_with_exec_permission>

    The /tmp alternative is available for the CCM, CCO, and AMQP components.

    Purpose

    1.  CCO - Run Core and Appliance Installers

      CCO – Run Core and Appliance Installers

      1. Download package files:

        See Installer Overview to understand the required components.

        See Phase 4 Overview  to understand the various types of software download files.

        1. SSH into the VM instance designated for this component by using the key pair that you used to launch the VM.

        2. Download the following required files for this component from software.cisco.com to the /tmp folder on that VM:

          • core_installer.bin
          • cco-installer.jar
          • cco-response.xml
      2. Run the core installer to setup core system components using the following commands:

        sudo -i
        cd /tmp
        chmod 755 core_installer.bin
        
        #Set the following only if a local package store is setup export CUSTOM_REPO=<http://local_package_store ip>
        
        ./core_installer.bin <ostype> <cloudtype> cco

        For example:

        ./core_installer.bin centos7 amazon cco
        

        Syntax:

        <ostype>= centos6, centos7, rhel6, rhel7

        <cloudtype>= amazon, azureclassic, azurerm, azurepack, google, opsource, openstack, softlayer, vmware, or vcd (run the ./core_installer.bin help command for a complete list)

      3. Remove the core_installer.bin file.

        rm core_installer.bin
      4. Log off and log back in as the root user to ensure JAVA Home is set.

        exit
        sudo -i
      5. Change to the /tmp directory.

        cd /tmp


      6. Run the appliance installer to setup the CCO. 

        java -jar cco-installer.jar cco-response.xml
      7. Reboot the CCO VM.

    2.  CCO - Configure CCO Properties

      Configure CCO Wizard Properties

      This component is required for each cloud region (public cloud, private cloud, or datacenter).

      1. Invoke the CCO wizard as a root user (see Virtual Appliance Process > Cloud-Specific Setup Details for a sample setup).

        CCO Wizard Path
        /usr/local/cliqr/bin/cco_config_wizard.sh
      2. Configure the server properties.

        Write this down for future reference!

        Write down the Field details in a printed version of the Installation Approach > Your Notes section for later use.
        Wizard MenuFieldNotes

        Agent Bundle Parameters

        Linux Bundle URLThe Linux URL for the Management Agent bundle – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
        Windows Bundle URLThe Windows URL for the Management Agent bundle –  Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
        Bootstrap js URL

        Required for Dynamic Bootstrapping information – Use the default or replace cdn.cliqr.com with the local repository IP or DNS.

        This field refers to three package store URLs:

        • The CloudCenter installer package: http://${s3Bucket}/${imageBootstrapperPath}/bundle/cliqrInstaller.zip

        • The core installer package: http://${s3Bucket}/${imageBootstrapperPath}/bundle/corePkg.tar.gz

        • The JSON package: http://${s3Bucket}/${imageBootstrapperPath}/bundle/simplejson.tar.gz

        Bootstrap py URLRequired for Dynamic Bootstrapping information called by Linux files– Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
        Bootstrap Linux URLRequired for Dynamic Bootstrapping information for Linux files– Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
        Bootstrap win URLRequired for Dynamic Bootstrapping information for Windows files– Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
        Linux Upgrade URLThe Linux URL for the Management Agent upgrade scripts – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
        Windows Upgrade URLThe Windows URL for the Management Agent upgrade scripts  – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
        Node Metadata URLThe Metadata (.jar file) URL for the Management Agent VM – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
        Custom Repo URLThe CloudCenter custom artifacts repository URL – Use the default or replace repo.cliqrtech.com with the custom package store IP or DNS.
        Service URL

        The URL that points to the out-of-box services – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.

        Action URLThis URL should point to a VM location where you can download scripts (the HTTP URL must be accessible from this VM) when you perform a Service Lifecycle Action or a VM Action.
        AgentLite Linux URLThe location where the Linux-based agent-lite-linux-bundle.tar.gz resides. This URL is required to Install AgentLite on a Linux VM (see VM Management > Install Agent Manually for additional context).
        AgentLite Windows URLThe location where the Windows-based agent-lite-windows-bundle.zip resides. This URL is required to Install AgentLite on a Windows VM (see VM Management > Install Agent Manually for additional context).
        External Service URLThe path/URL to the external service bundle – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.

        AMQP_Server

        AMQP Server IP

        AMQP_IP or AMQP_LB_IP

        AMQP Port5671
        NetworkHostnameConfigure the Network details for your CCO environment. This is an optional step to configure the Private IP of the VM. You can generally configure this information if the VM does not have preset IP or hostname or if you need to override an existing IP or Hostname.

        Guacamole

        Connection Broker Hos

        AMQP_IP or AMQP_LB_IP 

        Connection Broker Port7788
        Connection Broker Port27789

        Docker

        Docker Registry URL

        Set only if custom Docker registry is used.

        Docker CACert URL

        Set only if docker registry uses SSL with custom CA Certificates.

        See Certificate Authentication > Dedicated Components for additional context.

        ELK_Info

        ELK HostSpecify the IP address for the ELK/Monitor host.
        Elasticsearch PortDisplays 8881 by default.
        Logstash PortDisplays 4560 by default.
        Host Identifier The Unique ID for the server – be sure to prefix the unique identifier with CCO_ for example, CCO_Openstack_regionOne or CCO_Amazon_east.
        Host Identifier List 
        This field only applies to environments using the HA mode – provide a list of comma separated unique host Identifiers for all ELK/Monitor hosts in a HA setup = for example, CCO1,CCO2,myCCO.


        In an environment operating in HA mode, if you have three CCO instances with unique IDs configured as CCO_1,CCO_2,CCO_3 in their respective server.properties file, then this property should state CCO_1,CCO_2,CCO_3 in each CCO instance. Each CCO must be aware of the unique ID of the other CCO(s) when in HA mode.

        External_Script_ExecutorDocker Server IPThe default IP is 127.0.0.1.
        Enter the IP address of a dedicated Docker server, if applicable.
        Docker Server PortDefaults to 2376
        Docker Container Timeout

        Defaults to 10m (minutes)

        This field was moved to the External_Script_Executor screen in CloudCenter 4.8.1. In earlier releases, this field was part of the Docker screen (listed above).

        Config_CertsCerts Zip PathProvide the path for the certs.zip file. The default path is /tmp/certs.zip.

        Config_Duration

        (Only available in CloudCenter 4.8.1 and later releases)

        Bootstrap Wait TimeDefaults to 15 minutes
        Max Bootstrap Wait TimeDefaults to 3600 seconds
        Change the default value if this event takes a longer time to complete. The settings range is 3,600 to 2,000,000 seconds.
        Node Heartbeat TimeDefaults to 180000 milliseconds
        Change the default value if this event takes a longer time to complete. The settings range is 180,000 to 2,000,000 milliseconds.
        Node Cleanup TimeoutDefaults to 300 seconds
        Change the default value if this event takes a longer time to complete. The settings range is 300 to 2,000,000 seconds.
      3. Verify your changes and Exit the CCO configuration wizard.

      4. Select Yes, to restart the Tomcat service for the changes to take effect.

      You have successfully configured the CCO instance! You can now proceed to the next step:

      • If you are configuring CCO HA – see CCO_LB to complete the HA configuration.
      • If you are installing a dedicated Docker component – see Dedicated Docker Registry Installation (Optional).
      • If you are not installing a dedicated Docker component – see Configure the Admin Account and proceed with configuring and setting up CloudCenter.

     CCO HA

    Install CCO HA Using Installer                                                                                 

    This component is required for each cloud region (public cloud, private cloud, or datacenter).

    Proxy Settings

    If you need a proxy server to connect to the internet, be sure to configure the Proxy setting for the Tomcat service on the CCM and CCO servers.

    To connect to the Internet using a proxy server, follow this process:

    1. Modify your proxy environment to reflect your proxy settings.
    2. In the /usr/local/tomcat/bin/setenv.sh file, the CloudCenter platform requires you to add the following parameters to the existing JAVA_OPTS environment variable:

      REQUIRED for HTTP – Add the following parameters to the JAVA_OPTS environment variable
      -Dhttp.proxyHost=<proxy_hostname> -Dhttp.proxyPort=<port_number>

      or

      REQUIRED for HTTPS – Add the following parameters to the JAVA_OPTS environment variable
      -Dhttps.proxyHost=<proxy_hostname> -Dhttps.proxyPort=<port_number> 
      Sample /usr/local/tomcat/bin/setenv.sh with added parameters in JAVA_OPTS
      export LD_LIBRARY_PATH=/usr/local/apr/lib
      export CATALINA_PID=$CATALINA_HOME/catalina.pid
      export JPDA_ADDRESS=8000
      export JAVA_OPTS="-Djava.awt.headless=true -Dfile.encoding=UTF-8 -server -Xms1024m -Xmx2048m -XX:NewSize=512m -XX:MaxNewSize=512m -XX:PermSize=512m -Dhttp.proxyHost=proxy.cisco.com -Dhttp.proxyPort=80"
      export CATALINA_OUT=/dev/null
    3. Additional parameters may be required if the CCM or CCO servers need to reach network resources, bypassing the proxy.

      -Dhttp.nonProxyHosts=<bypass_hostname>
      OPTIONAL – Sample /usr/local/tomcat/bin/setenv.sh bypassing the proxy
      export LD_LIBRARY_PATH=/usr/local/apr/lib
      export CATALINA_PID=$CATALINA_HOME/catalina.pid
      export JPDA_ADDRESS=8000
      export JAVA_OPTS="-Djava.awt.headless=true -Dfile.encoding=UTF-8 -server -Xms1024m -Xmx2048m -XX:NewSize=512m -XX:MaxNewSize=512m -XX:PermSize=512m -Dhttp.proxyHost=proxy.cisco.com -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts=10.1.1.1"
      export CATALINA_OUT=/dev/null
    4. Restart the Tomcat service.

      /etc/init.d/tomcat stop
      /etc/init.d/tomcat start
    5. Verify that the proxy settings are in effect by issuing the ps aux | grep java command.

      Output of the ps aux | grep java command
      cliqrus+ 25106 0.0 45.3 4368868 929000 ? Sl Mar02 54:15 /usr/lib/jvm/java-8-sun/bin/java -Djava.util.logging.config.file=/usr/local/tomcatgua/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.awt.headless=true -Dfile.encoding=UTF-8 -server -Xms1024m -Xmx2048m -XX:NewSize=512m -XX:MaxNewSize=512m -XX:PermSize=512m -XX:MaxPermSize=512m -Djav.endorsed.dirs=/usr/local/tomcatgua/endorsed -classpath /usr/local/tomcatgua/bin/bootstrap.jar:/usr/local/tomcatgua/bin/tomcat-juli.jar -Dcatalina.base=/usr/local/tomcatgua -Dcatalina.home=/usr/local/tomcatgua -Djava.io.tmpdir=/usr/local/tomcatgua/temp -Dhttp.proxyHost=proxy.cisco.com -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts=10.1.1.1 org.apache.catalina.startup.Bootstrap start

      Ensure that line -Dhttp.proxyHost=proxy.cisco.com -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts=10.1.1.1 is present in the output.

    The /tmp Alternative

    You can download installation files to a directory of your choice. The procedure provided in the CloudCenter documents, recommend using the /tmp folder as the download folder. In some cases, you may not want to use /tmp folder as the temp location as this directory may not allow files to be executed in your environment.

    To install CloudCenter on systems where /tmp is set to nosuid or noexec, issue the following command before downloading the component files:

    export TEMP_DIR=<any_directory_with_exec_permission>

    The /tmp alternative is available for the CCM, CCO, and AMQP components.

    Purpose

    1.  CCO HA - Run Core Installer and Setup SSH Communication

      CCO HA – Run Core Installer and Setup SSH Communication

      To run the core installer and setup SSH communication for CCO_PRIMARY, CCO_SECONDARY, and CCO_TERTIARY, follow this procedure.

      1. Download package files:

        See Installer Overview to understand the required components.

        See Phase 4 Overview  to understand the various types of software download files.

        1. SSH into the VM instance designated for this component by using the key pair that you used to launch the VM.

        2. Download the following required files for this component from software.cisco.com to the /tmp folder on that VM:

        • core_installer.bin
        • cco-installer.jar
        • cco-response.xml
      2. Run the core installer to setup core system components using the following commands:

        sudo -i
        cd /tmp
        chmod 755 core_installer.bin
        
        #Set the following only if a local package store is setup 
        export CUSTOM_REPO=<http://local_package_store ip>
        
        ./core_installer.bin <ostype> <cloudtype> cco
        

        For example:

        ./core_installer.bin centos7 amazon cco 
        

        Syntax:

        <ostype>= centos6, centos7, rhel6, rhel7

        <cloudtype>= amazon, openstack, vmware (run the ./core_installer.bin help command for a complete list)

      3. Remove the core_installer.bin file.

        rm core_installer.bin 
        
      4. Perform Steps 1 to 4 (Steps a to d) on the CCO_SECONDARY instance.
      5. Perform Steps 1 to 4 (Steps a to d) on the CCO_TERTIARY instance.
      6. Exchange the SSH keys between the CCO_PRIMARY, CCO_SECONDARY, and CCO_TERTIARY instances.

        You do not need to repeat Step 7 for the CCO_SECONDARY and CCO_TERTIARY instances as the same SSH key is used for all three instances.

         

        1. On the CCO_PRIMARY instance, execute the following to generate a new SSH key. 

          sudo -i
          ssh-keygen -t rsa
          cd ~/.ssh
          cat id_rsa.pub >> authorized_keys
        2. Copy the id_rsa files (~/.ssh/id_rsa and ~/.ssh/id_rsa.pub) from CCO_PRIMARY to the same location on CCO_SECONDARY and CCO_TERTIARY. On CCO_SECONDARY and CCO_TERTIARY, if the .ssh directory does not exist, create it using the following commands before copying the files.

          sudo -i
          mkdir -p ~/.ssh
          chmod 700 ~/.ssh
        3. On the CCO_SECONDARY and CCO_TERTIARY, execute the following to add a new SSH key.

          sudo -i
          chmod 400 ~/.ssh/id_rsa*
          cat id_rsa.pub >> authorized_keys
        4. Verify mutual SSH access between the CCO_PRIMARY, CCO_SECONDARY, and CCO_TERTIARY by running the following command on each VM.

          sudo -i 
          ssh root@<CCO_PRIMARY/CCO_SECONDARY/CCO_TERTIARY>

          You have now set up SSH on all three CCO instances.

      7. Run the appliance installer to setup the CCO on the CCO_PRIMARY, CCO_SECONDARY, and CCO_TERTIARY by running the following command on each VM.

        cd /tmp
        java -jar cco-installer.jar cco-response.xml

         

      8. Reboot the CCO_PRIMARY, CCO_SECONDARY, and CCO_TERTIARY VMs.

    2.  CCO_PRIMARY - Configure CCO Properties

      CCO_PRIMARY – Configure CCO Properties

      You can configure the information for all three CCO servers by providing the following details ONLY in the CCO_PRIMARY wizard.

      To ensure that all three CCOs communicate with each other, you must configure the following HA-specific information in the CCO_PRIMARY wizard.

      Wizard MenuFieldNotes

      Configure_HA
      CCO HA Info – Specify the following details in the primary CCO server.

      Primary Node IP

      Enter the IP address of the Primary CCO instance.

      Secondary Node IPEnter the IP address of the Secondary CCO instance.
      Tertiary Node IPEnter the IP address of the Tertiary CCO instance

      In addition to the HA_specific information mentioned above, you must also configure the generic information in the CCO_PRIMARY wizard.

      Configure CCO Wizard Properties

      This component is required for each cloud region (public cloud, private cloud, or datacenter).

      1. Invoke the CCO wizard as a root user (see Virtual Appliance Process > Cloud-Specific Setup Details for a sample setup).

        CCO Wizard Path
        /usr/local/cliqr/bin/cco_config_wizard.sh
      2. Configure the server properties.

        Write this down for future reference!

        Write down the Field details in a printed version of the Installation Approach > Your Notes section for later use.
        Wizard MenuFieldNotes

        Agent Bundle Parameters

        Linux Bundle URLThe Linux URL for the Management Agent bundle – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
        Windows Bundle URLThe Windows URL for the Management Agent bundle –  Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
        Bootstrap js URL

        Required for Dynamic Bootstrapping information – Use the default or replace cdn.cliqr.com with the local repository IP or DNS.

        This field refers to three package store URLs:

        • The CloudCenter installer package: http://${s3Bucket}/${imageBootstrapperPath}/bundle/cliqrInstaller.zip

        • The core installer package: http://${s3Bucket}/${imageBootstrapperPath}/bundle/corePkg.tar.gz

        • The JSON package: http://${s3Bucket}/${imageBootstrapperPath}/bundle/simplejson.tar.gz

        Bootstrap py URLRequired for Dynamic Bootstrapping information called by Linux files– Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
        Bootstrap Linux URLRequired for Dynamic Bootstrapping information for Linux files– Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
        Bootstrap win URLRequired for Dynamic Bootstrapping information for Windows files– Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
        Linux Upgrade URLThe Linux URL for the Management Agent upgrade scripts – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
        Windows Upgrade URLThe Windows URL for the Management Agent upgrade scripts  – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
        Node Metadata URLThe Metadata (.jar file) URL for the Management Agent VM – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
        Custom Repo URLThe CloudCenter custom artifacts repository URL – Use the default or replace repo.cliqrtech.com with the custom package store IP or DNS.
        Service URL

        The URL that points to the out-of-box services – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.

        Action URLThis URL should point to a VM location where you can download scripts (the HTTP URL must be accessible from this VM) when you perform a Service Lifecycle Action or a VM Action.
        AgentLite Linux URLThe location where the Linux-based agent-lite-linux-bundle.tar.gz resides. This URL is required to Install AgentLite on a Linux VM (see VM Management > Install Agent Manually for additional context).
        AgentLite Windows URLThe location where the Windows-based agent-lite-windows-bundle.zip resides. This URL is required to Install AgentLite on a Windows VM (see VM Management > Install Agent Manually for additional context).
        External Service URLThe path/URL to the external service bundle – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.

        AMQP_Server

        AMQP Server IP

        AMQP_IP or AMQP_LB_IP

        AMQP Port5671
        NetworkHostnameConfigure the Network details for your CCO environment. This is an optional step to configure the Private IP of the VM. You can generally configure this information if the VM does not have preset IP or hostname or if you need to override an existing IP or Hostname.

        Guacamole

        Connection Broker Hos

        AMQP_IP or AMQP_LB_IP 

        Connection Broker Port7788
        Connection Broker Port27789

        Docker

        Docker Registry URL

        Set only if custom Docker registry is used.

        Docker CACert URL

        Set only if docker registry uses SSL with custom CA Certificates.

        See Certificate Authentication > Dedicated Components for additional context.

        ELK_Info

        ELK HostSpecify the IP address for the ELK/Monitor host.
        Elasticsearch PortDisplays 8881 by default.
        Logstash PortDisplays 4560 by default.
        Host Identifier The Unique ID for the server – be sure to prefix the unique identifier with CCO_ for example, CCO_Openstack_regionOne or CCO_Amazon_east.
        Host Identifier List 
        This field only applies to environments using the HA mode – provide a list of comma separated unique host Identifiers for all ELK/Monitor hosts in a HA setup = for example, CCO1,CCO2,myCCO.


        In an environment operating in HA mode, if you have three CCO instances with unique IDs configured as CCO_1,CCO_2,CCO_3 in their respective server.properties file, then this property should state CCO_1,CCO_2,CCO_3 in each CCO instance. Each CCO must be aware of the unique ID of the other CCO(s) when in HA mode.

        External_Script_ExecutorDocker Server IPThe default IP is 127.0.0.1.
        Enter the IP address of a dedicated Docker server, if applicable.
        Docker Server PortDefaults to 2376
        Docker Container Timeout

        Defaults to 10m (minutes)

        This field was moved to the External_Script_Executor screen in CloudCenter 4.8.1. In earlier releases, this field was part of the Docker screen (listed above).

        Config_CertsCerts Zip PathProvide the path for the certs.zip file. The default path is /tmp/certs.zip.

        Config_Duration

        (Only available in CloudCenter 4.8.1 and later releases)

        Bootstrap Wait TimeDefaults to 15 minutes
        Max Bootstrap Wait TimeDefaults to 3600 seconds
        Change the default value if this event takes a longer time to complete. The settings range is 3,600 to 2,000,000 seconds.
        Node Heartbeat TimeDefaults to 180000 milliseconds
        Change the default value if this event takes a longer time to complete. The settings range is 180,000 to 2,000,000 milliseconds.
        Node Cleanup TimeoutDefaults to 300 seconds
        Change the default value if this event takes a longer time to complete. The settings range is 300 to 2,000,000 seconds.
      3. Verify your changes and Exit the CCO configuration wizard.

      4. Select Yes, to restart the Tomcat service for the changes to take effect.

      You have successfully configured the CCO instance! You can now proceed to the next step:

      • If you are configuring CCO HA – see CCO_LB to complete the HA configuration.
      • If you are installing a dedicated Docker component – see Dedicated Docker Registry Installation (Optional).
      • If you are not installing a dedicated Docker component – see Configure the Admin Account and proceed with configuring and setting up CloudCenter.

    3.  CCO_LB

      CCO_LB

      Load balancing can be done through HAProxy, NGiNX, Apache2, or a cloud that is natively available to services, like AWS Elastic Load Balancer (ELB). To configure the load balancer service and ensure CCO load balancing, be sure to listen on port 8443 and balance the request at 8443 on both the CCO_PRIMARY and CCO_SECONDARY servers.

      See CCO Firewall Rules > CCO_LB Ports for the complete list of ports that need to be open for your deployment.

      If you configure a load balancer for any CloudCenter component, be aware that the firewalId is enabled by default and you must explicitly disable it to ensure that the CloudCenter component(s) can communicate with the load balancer. See Firewall Rules Overview for additional context.

      The following load balancing configuration was performed on CentOS7.x VM with HAProxy for the CCO VM.

      1. SSH into the VM instance using the key pair that you used to launch the CCO VM.
      2. Install HAProxy as the root user.

        yum install -y haproxy
        
      3. Modify HAProxy config file as follows.

        vi /etc/haproxy/haproxy.cfg        
                                                 
        # listen on 8443 with SSL certs and loadbalance
        frontend httpsalt-in
            mode tcp
            log global
            bind *:8443
            default_backend ccos
        
        backend ccos
            mode tcp
            balance roundrobin
            option ssl-hello-chk
            server  cco1 <CCO_PRIMARY_IP>:8443
            server  cco2 <CCO_SECONDARY_IP>:8443 
            server  cco3 <CCO_TERTIARY_IP>:8443 
      4. Start the HAProxy service and check the status to ensure that it is active


        systemctl start haproxy
        systemctl status haproxy 
        
      5. Optionally, to view the HAProxy stats use the following configuration to access the HAProxy from a web browser. These stats allow you to view the status of the nodes from a web browser and allows admins to drain/stop nodes without accessing the VMs directly.

        https://myCCO_LB_IP/haproxy_stats:9000

        listen stats 0.0.0.0:9000 #Listen on all IP's on port 9000
         mode http
         balance
         timeout client 5000
         timeout connect 4000
         timeout server 30000
        
        #This is the virtual URL to access the stats page
         stats uri /haproxy_stats
        
        #Authentication realm. This can be set to anything. Escape space characters with a backslash.
         stats realm HAProxy\ Statistics
        
        #The user/pass you want to use. Change this password!
         stats auth admin:<password>
        
        #This allows you to take down and bring up back end servers.
         #This will produce an error on older versions of HAProxy.
         stats admin if TRUE

  2.  CCO PRIMARY – Configure HA Properties

    CCO_PRIMARY – Configure CCO Properties

    You can configure the information for all three CCO servers by providing the following details ONLY in the CCO_PRIMARY wizard.

    To ensure that all three CCOs communicate with each other, you must configure the following HA-specific information in the CCO_PRIMARY wizard.

    Wizard MenuFieldNotes

    Configure_HA
    CCO HA Info – Specify the following details in the primary CCO server.

    Primary Node IP

    Enter the IP address of the Primary CCO instance.

    Secondary Node IPEnter the IP address of the Secondary CCO instance.
    Tertiary Node IPEnter the IP address of the Tertiary CCO instance

    In addition to the HA_specific information mentioned above, you must also configure the generic information in the CCO_PRIMARY wizard.

    Configure CCO Wizard Properties

    This component is required for each cloud region (public cloud, private cloud, or datacenter).

    1. Invoke the CCO wizard as a root user (see Virtual Appliance Process > Cloud-Specific Setup Details for a sample setup).

      CCO Wizard Path
      /usr/local/cliqr/bin/cco_config_wizard.sh
    2. Configure the server properties.

      Write this down for future reference!

      Write down the Field details in a printed version of the Installation Approach > Your Notes section for later use.
      Wizard MenuFieldNotes

      Agent Bundle Parameters

      Linux Bundle URLThe Linux URL for the Management Agent bundle – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Windows Bundle URLThe Windows URL for the Management Agent bundle –  Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Bootstrap js URL

      Required for Dynamic Bootstrapping information – Use the default or replace cdn.cliqr.com with the local repository IP or DNS.

      This field refers to three package store URLs:

      • The CloudCenter installer package: http://${s3Bucket}/${imageBootstrapperPath}/bundle/cliqrInstaller.zip

      • The core installer package: http://${s3Bucket}/${imageBootstrapperPath}/bundle/corePkg.tar.gz

      • The JSON package: http://${s3Bucket}/${imageBootstrapperPath}/bundle/simplejson.tar.gz

      Bootstrap py URLRequired for Dynamic Bootstrapping information called by Linux files– Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Bootstrap Linux URLRequired for Dynamic Bootstrapping information for Linux files– Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Bootstrap win URLRequired for Dynamic Bootstrapping information for Windows files– Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Linux Upgrade URLThe Linux URL for the Management Agent upgrade scripts – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Windows Upgrade URLThe Windows URL for the Management Agent upgrade scripts  – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Node Metadata URLThe Metadata (.jar file) URL for the Management Agent VM – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.
      Custom Repo URLThe CloudCenter custom artifacts repository URL – Use the default or replace repo.cliqrtech.com with the custom package store IP or DNS.
      Service URL

      The URL that points to the out-of-box services – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.

      Action URLThis URL should point to a VM location where you can download scripts (the HTTP URL must be accessible from this VM) when you perform a Service Lifecycle Action or a VM Action.
      AgentLite Linux URLThe location where the Linux-based agent-lite-linux-bundle.tar.gz resides. This URL is required to Install AgentLite on a Linux VM (see VM Management > Install Agent Manually for additional context).
      AgentLite Windows URLThe location where the Windows-based agent-lite-windows-bundle.zip resides. This URL is required to Install AgentLite on a Windows VM (see VM Management > Install Agent Manually for additional context).
      External Service URLThe path/URL to the external service bundle – Use the default or replace cdn.cliqr.com with the custom bundle store IP or DNS.

      AMQP_Server

      AMQP Server IP

      AMQP_IP or AMQP_LB_IP

      AMQP Port5671
      NetworkHostnameConfigure the Network details for your CCO environment. This is an optional step to configure the Private IP of the VM. You can generally configure this information if the VM does not have preset IP or hostname or if you need to override an existing IP or Hostname.

      Guacamole

      Connection Broker Hos

      AMQP_IP or AMQP_LB_IP 

      Connection Broker Port7788
      Connection Broker Port27789

      Docker

      Docker Registry URL

      Set only if custom Docker registry is used.

      Docker CACert URL

      Set only if docker registry uses SSL with custom CA Certificates.

      See Certificate Authentication > Dedicated Components for additional context.

      ELK_Info

      ELK HostSpecify the IP address for the ELK/Monitor host.
      Elasticsearch PortDisplays 8881 by default.
      Logstash PortDisplays 4560 by default.
      Host Identifier The Unique ID for the server – be sure to prefix the unique identifier with CCO_ for example, CCO_Openstack_regionOne or CCO_Amazon_east.
      Host Identifier List 
      This field only applies to environments using the HA mode – provide a list of comma separated unique host Identifiers for all ELK/Monitor hosts in a HA setup = for example, CCO1,CCO2,myCCO.


      In an environment operating in HA mode, if you have three CCO instances with unique IDs configured as CCO_1,CCO_2,CCO_3 in their respective server.properties file, then this property should state CCO_1,CCO_2,CCO_3 in each CCO instance. Each CCO must be aware of the unique ID of the other CCO(s) when in HA mode.

      External_Script_ExecutorDocker Server IPThe default IP is 127.0.0.1.
      Enter the IP address of a dedicated Docker server, if applicable.
      Docker Server PortDefaults to 2376
      Docker Container Timeout

      Defaults to 10m (minutes)

      This field was moved to the External_Script_Executor screen in CloudCenter 4.8.1. In earlier releases, this field was part of the Docker screen (listed above).

      Config_CertsCerts Zip PathProvide the path for the certs.zip file. The default path is /tmp/certs.zip.

      Config_Duration

      (Only available in CloudCenter 4.8.1 and later releases)

      Bootstrap Wait TimeDefaults to 15 minutes
      Max Bootstrap Wait TimeDefaults to 3600 seconds
      Change the default value if this event takes a longer time to complete. The settings range is 3,600 to 2,000,000 seconds.
      Node Heartbeat TimeDefaults to 180000 milliseconds
      Change the default value if this event takes a longer time to complete. The settings range is 180,000 to 2,000,000 milliseconds.
      Node Cleanup TimeoutDefaults to 300 seconds
      Change the default value if this event takes a longer time to complete. The settings range is 300 to 2,000,000 seconds.
    3. Verify your changes and Exit the CCO configuration wizard.

    4. Select Yes, to restart the Tomcat service for the changes to take effect.

    You have successfully configured the CCO instance! You can now proceed to the next step:

    • If you are configuring CCO HA – see CCO_LB to complete the HA configuration.
    • If you are installing a dedicated Docker component – see Dedicated Docker Registry Installation (Optional).
    • If you are not installing a dedicated Docker component – see Configure the Admin Account and proceed with configuring and setting up CloudCenter.

  3.  CCO SECONDARY and TERTIARY – Configure ELK Properties

    CCO_SECONDARY and CCO_TERTIARY – Configure ELK Properties

    1. Invoke the CCO wizard as a root user (see Virtual Appliance Process > Cloud-Specific Setup Details for a sample setup).

      CCO Wizard Path
      /usr/local/cliqr/bin/cco_config_wizard.sh
    2. Configure the properties for the ELK Information:

      Wizard MenuFieldNotes

      ELK_Info

      ELK Host

      The IP address for the ELK/Monitor host. 

      Elasticsearch PortDisplays 8881 by default.
      Logstash PortDisplays 4560 by default.
      Host IdentifierA Unique ID for the server – be sure to prefix the unique identifier with CCO_ for example, CCO_Openstack_regionOne or CCO_Amazon_east.
      Host Identifier List

      Only applies to environments using the HA mode – provide a list of comma separated unique host Identifiers for all ELK/Monitor hosts in a HA setup = for example, CCO1,CCO2,myCCO.

      In an environment operating in HA mode, if you have three CCO instances with unique IDs configured as CCO_1,CCO_2,CCO_3 in their respective server.properties file, then this property should state CCO_1,CCO_2,CCO_3 in each CCO instances. Each CCO must be aware of the unique ID of the other CCO(s) when in HA mode.

    3. Verify your changes and Exit the CCO configuration wizard.

    You have successfully configured the CCO! You can now proceed to the next step.

  4.  Update the CCO_LB Configuration

    CCO_LB

    Load balancing can be done through HAProxy, NGiNX, Apache2, or a cloud that is natively available to services, like AWS Elastic Load Balancer (ELB). To configure the load balancer service and ensure CCO load balancing, be sure to listen on port 8443 and balance the request at 8443 on both the CCO_PRIMARY and CCO_SECONDARY servers.

    See CCO Firewall Rules > CCO_LB Ports for the complete list of ports that need to be open for your deployment.

    If you configure a load balancer for any CloudCenter component, be aware that the firewalId is enabled by default and you must explicitly disable it to ensure that the CloudCenter component(s) can communicate with the load balancer. See Firewall Rules Overview for additional context.

    The following load balancing configuration was performed on CentOS7.x VM with HAProxy for the CCO VM.

    1. SSH into the VM instance using the key pair that you used to launch the CCO VM.
    2. Install HAProxy as the root user.

      yum install -y haproxy
      
    3. Modify HAProxy config file as follows.

      vi /etc/haproxy/haproxy.cfg        
                                               
      # listen on 8443 with SSL certs and loadbalance
      frontend httpsalt-in
          mode tcp
          log global
          bind *:8443
          default_backend ccos
      
      backend ccos
          mode tcp
          balance roundrobin
          option ssl-hello-chk
          server  cco1 <CCO_PRIMARY_IP>:8443
          server  cco2 <CCO_SECONDARY_IP>:8443 
          server  cco3 <CCO_TERTIARY_IP>:8443 
    4. Start the HAProxy service and check the status to ensure that it is active


      systemctl start haproxy
      systemctl status haproxy 
      
    5. Optionally, to view the HAProxy stats use the following configuration to access the HAProxy from a web browser. These stats allow you to view the status of the nodes from a web browser and allows admins to drain/stop nodes without accessing the VMs directly.

      https://myCCO_LB_IP/haproxy_stats:9000

      listen stats 0.0.0.0:9000 #Listen on all IP's on port 9000
       mode http
       balance
       timeout client 5000
       timeout connect 4000
       timeout server 30000
      
      #This is the virtual URL to access the stats page
       stats uri /haproxy_stats
      
      #Authentication realm. This can be set to anything. Escape space characters with a backslash.
       stats realm HAProxy\ Statistics
      
      #The user/pass you want to use. Change this password!
       stats auth admin:<password>
      
      #This allows you to take down and bring up back end servers.
       #This will produce an error on older versions of HAProxy.
       stats admin if TRUE

  5. Upgrade the AMQP instances – See AMQP Upgrade  for additional context.
  • No labels
© 2017-2019 Cisco Systems, Inc. All rights reserved