Versions Compared

Version Old Version 34 New Version 35
Changes made by

Anjali Tyagi

Anjali Tyagi

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updated as per CLOUD-3939
Table of Contents
minLevel1
maxLevel2
outlinefalse
typelist
printablefalse

...

For more information about Swarm Gateway, its concepts, and operations, seeSwarm Content Gateway.

Prerequisites

...

Info

Info

Creating a user group/user/password applies when PAM authentication is used. Create a user group via standard Linux user administration commands.

  1. Create a user group.

    Code Block
    groupadd clusteradmins

  2. Add a new user.

    Code Block
    languagebash
    adduser admin -g clusteradmins -p datacore
passwd admin

  3. Update CentOS and install EPEL.

    Code Block
    languagebash
    yum -y update
yum -y install epel-release

  4. Install NTP server and verify NTP starts on system boot.

    Code Block
    languagebash
    yum -y install chrony
systemctl enable chronyd
systemctl start chronyd

    Install openjdk 1-8.

    Code Block
    yum -y install java-1.8.0-openjdk

  5. Configure the firewall to allow Swarm Gateway.

    Code Block
    vi /etc/firewalld/services/swarm_gateway.xml
    Code Block
    languagexml
    <?xml version="1.0" encoding="utf-8"?>
<service>
  <short>SwarmGateway</short>
  <description>Gateway server, which is based on http traffic.</description>
  <port protocol="tcp" port="80"/>
  <port protocol="tcp" port="91"/>
  <port protocol="tcp" port="8090"/>
  <port protocol="tcp" port="9095"/>
  <port protocol="tcp" port="9100"/>
</service>

  6. Restart the firewall service.

  7. Add Swarm Gateway firewall rule (permanent)

    Code Block
    firewall-cmd --permanent --add-service swarm_gateway

  8. Reload the firewall service.

    Code Block
    firewall-cmd --reload

  9. Unzip the Swarm bundle package.

    Code Block
    cd /root/datacore
unzip Swarm-{bundle version here}.zip

  10. Get the latest gateway and UI RPMs from the downloaded Swarm bundle.

    Code Block
    languagebash
    ll ~/datacore/Gateway/
-rw-r--r--. 1 root root 58718208 Dec 16 22:37 caringo-gateway-{version here}.noarch.rpm 
-rw-r--r--. 1 root root      395 Dec 16 22:37 README.txt 
-rw-r--r--. 1 root root     1927 Oct  2 04:17 RPM-GPG-KEY

ll ~/datacore/UI/ 
-rw-r--r--. 1 root root  2835590 Oct  2 04:17 caringo-gateway-webui-{version here}.noarch.rpm 
-rw-r--r--. 1 root root 19286001 Dec 16 22:37 caringo-storage-webui-{version here}.noarch.rpm 
-rw-r--r--. 1 root root      359 Dec 16 22:37 README.txt 
-rw-r--r--. 1 root root     1927 Oct  2 04:17 RPM-GPG-KEY 

  11. Install Swarm RPM public key included with the distribution bundle.

    Code Block
    rpm --import RPM-GPG-KEY

  12. Install Cloud Gateway components.

    Code Block
    yum -y install caringo-gateway-{version here}.noarch.rpm

  13. Complete the IDSYS document for PAM user authentication.

    Code Block
    vi /etc/caringo/cloudgateway/idsys.json
    Code Block
    languagejson
    {"pam": { 
  "name" : "idsys-pam", 
  "description": "PAM identity management configuration", 
  "cookieName": "token", 
  "tokenPath":  "/.TOKEN/", 
  "tokenAdmin": "admin@"
}} 

  14. Complete policy document for access control.

    Code Block
    vi /etc/caringo/cloudgateway/policy.json
    Code Block
    languagejson
    { 
  "Id": "Root policy -- grant admins full access to everything", 

  "Statement": [ 
    { "Sid": "Grant admins full access", 
      "Resource": "*", 
      "Principal": { 
        "user": ["admin@"], 
        "group": ["clusteradmins@"] 
      }, 
      "Action": [ "*" ], 
      "Effect": "Allow" 
    } 
  ] 
} 

  15. Install Gateway WebUI.

    Code Block
    yum -y install caringo-gateway-webui-{version here}.noarch.rpm

  16. Edit the Cloud Gateway configure file.

    Code Block
    vi /etc/caringo/cloudgateway/gateway.cfg

    1. Set adminDomain for the administrative domain name to be created. It is recommended to always set a unique name for each Swarm cluster to prevent replication collision between the Source and Target Swarm Cluster when using replication feeds. Set a unique name for each Swarm cluster to prevent replication collision.

    2. Set hosts for the storage cluster nodes (IP address of storage nodes).

    3. Set indexerHosts to Elasticsearch Servers (IP address of Elasticsearch nodes).

    4. Enable S3.

    5. EnableCluster Admin on the gateway server to allow usage of the Swarm Storage UI.

    6. Set Management Port to 91. The admin user and password must be the same as configured in SCS.

      1. Set managementUser to the same value as admin.username

      2. Set managementPassword to the same value as admin.password

        Code Block
        languagebash
        # Following are only needed when enabling cluster_admin
managementPort = 91 
managementUser = admin 
managementPassword = datacore 

    7. Enable metering.

...