Versions Compared

Version Old Version 20 New Version 21
Changes made by

Milton Suen

Kyle Miller (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

...

Info

Info

Creating a user group/user/password applies when PAM authentication is used. Create a user group via standard Linux user administration commands.

  1. Create a user group

    Code Block
    groupadd clusteradmins
    .
  2. Add a new user.
     Code Block
    languagebash
    adduser dcadmin -g clusteradmins -p datacore 
passwd dcadmin 
  3. Update CentOS and install EPEL.
     Code Block
    languagebash
    yum -y update
yum -y install epel-release
  4. Install NTP server and verify NTP starts on the system boot.
     Code Block
    languagebash
    yum -y install chrony 
systemctl enable chronyd 
systemctl start chronyd 
  5. Install Java 8 JDK.
     Code Block
    yum -y install java-1.8.0-openjdk
    .
  6. Configure the firewall to allow Swarm Gateway.
     Code Block
    vi /usr/lib/firewalld/services/swarm_gateway.xml
    .
     Code Block
    languagexml
    <?xml version="1.0" encoding="utf-8"?> 
<service> 
  <short>SwarmGateway</short> 
  <description>Gateway server, which is based on http traffic.</description> 
  <port protocol="tcp" port="80"/> 
  <port protocol="tcp" port="91"/> 
  <port protocol="tcp" port="8090"/> 
  <port protocol="tcp" port="9100"/> 
</service> 
  7. Restart the firewall service.
  8. Add Swarm Gateway firewall rule (permanent) via 
     Code Block
    firewall-cmd --permanent --add-service swarm_gateway command
    .
  9. Reload the firewall service .
     Code Block
    firewall-cmd --reload
    .
  10. Unzip the Swarm 14.0 bundle package to .
     Code Block
    cd /root/datacore
unzip Swarm-v14.0-Update2-20220209.zip
  11. Get the latest gateway and UI RPMs from the downloaded Swarm bundle.
     Code Block
    languagebash
    ll ~/datacore/Gateway/ 
total 57352
-rw-r--r--. 1 root root 58718208 Dec 16 22:37 caringo-gateway-7.8.0-1.noarch.rpm 
-rw-r--r--. 1 root root      395 Dec 16 22:37 README.txt 
-rw-r--r--. 1 root root     1927 Oct  2 04:17 RPM-GPG-KEY

ll ~/datacore/UI/ 
total 21616 
-rw-r--r--. 1 root root  2835590 Oct  2 04:17 caringo-gateway-webui-7.5.0-1.noarch.rpm 
-rw-r--r--. 1 root root 19286001 Dec 16 22:37 caringo-storage-webui-3.4.0-1.noarch.rpm 
-rw-r--r--. 1 root root      359 Dec 16 22:37 README.txt 
-rw-r--r--. 1 root root     1927 Oct  2 04:17 RPM-GPG-KEY 
  12. Install Swarm RPM public key included with the distribution bundle using .
     Code Block
    rpm --import RPM-GPG-KEY
    .
  13. Install Cloud Gateway components components.
     Code Block
    yum -y install caringo-gateway-7.8.0-1.noarch.rpm
    .
  14. Complete the IDSYS document for PAM user authentication.
     Code Block
    vi /etc/caringo/cloudgateway/idsys.json
     Code Block
    languagejson
    {"pam": { 
  "name" : "idsys-pam", 
  "description": "PAM identity management configuration", 
  "cookieName": "token", 
  "tokenPath":  "/.TOKEN/", 
  "tokenAdmin": "dcadmin@"
}} 
  15. Complete policy document for the access control.
     Code Block
    vi /etc/caringo/cloudgateway/policy.json
    .
     Code Block
    languagejson
    { 
  "Id": "Root policy -- grant admins full access to everything", 

  "Statement": [ 
    { "Sid": "Grant admins full access", 
      "Resource": "*", 
      "Principal": { 
        "user": ["dcadmin@"], 
        "group": ["clusteradmins@"] 
      }, 
      "Action": [ "*" ], 
      "Effect": "Allow" 
    } 
  ] 
} 
  16. Install Gateway WebUI WebUI.
     Code Block
    yum -y install caringo-gateway-webui-7.5.0-1.noarch.rpm
    .
  17. Edit the Cloud Gateway configure file.
     Code Block
    vi /etc/caringo/cloudgateway/gateway.cfg
    .
    1. Set adminDomain for the administrative domain name to be created. It is recommended to always set a unique name for each Swarm cluster to prevent replication collision between Source and Target Swarm Cluster when using replication feeds. Set a unique name for each Swarm cluster to prevent replication collision.
    2. Set hosts for the storage cluster nodes (IP address of storage nodes).
    3. Set indexerHosts to Elasticsearch Servers (IP address of Elasticsearch nodes).
    4. Enable S3.
    5. EnableCluster Admin on the gateway server to allow usage of the Swarm Storage UI.
    6. Set Management Port to 91. The admin user and password must be the same as configured in SCS.
      1. Set managementUser to the same value as admin.username
      2. Set managementPassword to the same value as admin.password
         Code Block
        languagebash
        # Following are only needed when enabling cluster_admin 
managementPort = 91 
managementUser = dcadmin 
managementPassword = datacore 
    7. Enable metering.
...
The Gateway must be initialized to guarantee a proper runtime environment once the configuration is complete. This guarantees the administrative domain exists within the storage cluster and also secures all plaintext passwords entered into the configuration files.
  1. Verify Gateway is not running.Use 
     Code Block
    systemctl stop
     cloudgateway to verify the Gateway is not runningRun 
     cloudgateway
  2. Perform the initialization of the environment.
     Code Block
    /opt/caringo/cloudgateway/bin/initgateway
     to perform the initialization of the environment.
  3. Start Cloud gateway and verify that the gateway service is running on the system boot once initialization has successfully completed.
     Code Block
    languagebash
    systemctl start cloudgateway 
systemctl enable cloudgateway 
...