Table of Contents | ||||
---|---|---|---|---|
|
Install devo-ua-manager on Ubuntu18 - Prerequisites
- Ensure the host can connect to public URLs on the Internet.
- Ensure that the user that will run Ansible command can run
sudo
command without prompt. - Run the following line in an SSH session where you did not previously run any sudo command:
Code Block |
---|
sudo ls |
- If the previous command still asks for password, you can use the next command to avoid it:
Code Block |
---|
sudo /bin/bash -c "echo \"$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL\" >> /etc/sudoers " |
- Ensure you can access the host through SSH
...
- using its main service IP address. It should be also possible to open an SSH connection from the same host using that IP address
...
- .
...
Check if python3 is installed with following command:
python3 --version
If the previous command return errors, you can install python3 with next command:
...
- Download the Devo UAM software, copy it to your home folder and extract it using:
Code Block |
---|
cd $HOME
tar -zxvf devo-ua-deployer.tgz |
- Download the Devo domain certs:
- Connect to your Devo domain web interface
- Access to Administration -> Credentials in the left pane
- Select X.509 certificates in the upper menu
- Select your certificate, download them and rename them as:
- Click on CHAIN CA in the upper right corner ->
chain.crt
- Click on certificate on the certificate row ->
domain.crt
- Click on private key on the certificate row ->
domain.key
- Copy the files to
$HOME/devo-ua-deployer/domain-certs
Install devo-ua-manager on Ubuntu 18 - Procedure
Check that user configured can run
sudo
command without prompt.Run the following line in an SSH session where you did not previously run any sudo command:
Code Block sudo ls
If the previous command still asks for password, you can use the next command to avoid it:
Code Block sudo /bin/bash -c "echo \"$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL\" >> /etc/sudoers "
Check python3 is installed with following command:
Code Block python3 --version
If the previous command return errors, you can install python3 with next command:
Code Block sudo apt-get install python3
Install Ansible from official repository
Code Block sudo apt-add-repository ppa:ansible/ansible sudo apt update sudo apt install ansible
Change the working directory to the path where the installation package was extracted:
Code Block cd $HOME/devo-ua-deployer
Install the Ansible playbooks' dependencies:
Code Block ansible-galaxy install -r playbooks/roles/requirements.yaml
Edit the
inventories/
py3py2-1host-example.yaml
file.Set the following properties under
all.hosts.devo-ua-manager
yaml section:ansible_host
: Devo Universal Agent Manager IP. Agents and web interface will use this IP.ansible_user
: User that will run Devo UAM. Same as the user that has been configured previously in sudoersansible
_ssh_password
: User SSH Password that runs Devo UAM User (ansible_user) Password
And the following properties under
all.vars
yaml section:duam_relay_entrypoint : tcp://FQDN_CENTRAL_RELAY:443
. WhereFQDN_CENTRAL_RELAY
is the FQDN of your central Devo relay. To know what is the which entrypoint corresponding corresponds to the used domain, follow the next steps (to send the data via a Devo Relay instead of sending it directly to Devo see the appendix below):Access to Devo Web Interface with your credentials.
Go to Administration -> Relays in the left pane
Copy the field Address of the central relay.
Create docker/user/config.json file with valid empty JSON body:
Code Block echo '{}' > docker/user/config.json
Run Ansible playbook:
py3Code Block ansible-playbook -i inventories/
py2-1host-example.yaml playbooks/devo-universal-agent.yaml
Now you can connect to server app using https://DUAM_IP:8080, where DUAM_IP
is the Devo Universal Agent Manager IP. (default passwords are saved in duam_admin_passwd
property in inventory file)
The endpoints (please refer to Universal Agent Deployment) should be automatically detected and listed as an active host. If the website was already opened before adding the host, a page refresh is required.This is an example screenshot:
UA Manager services:
To check the status port 8080:
Code Block systemctl status devo-ua-manager
To check the status port 8081:
Code Block systemctl status nginx
Appendix - Send data to a relay instead of Devo
When configuring the parameter duam_relay_entrypoint
in the inventory file, input the IP and port of the desired relay (in the below example, the relay is located in 192.168.43.147 and uses the port 13000).
Add the parameters with blank value as in the snippet below:
Code Block |
---|
all: |
...
vars: ... |
...
duam_relay_entrypoint: tcp://192.168.43.147:13000 |
...
...
duam_devo_key: "" |
...
duam_devo_cert: "" |
...
duam_devo_chain: "" ... |