Available on the Open Source plans.
In order to faciliate to use our products the following informations are useful:
-
When you are using a single server for effecting all operations the default configuration suffices.
-
When you are in a position to use separate servers to run MegamVertice or encounter failures while running, the following configurations are to be changed.
The following are the main components which are to be changed:
- Console (UI - Nilavu)
- API - gateway
- Omni scheduler - vertice
Changing components
The main options to change are in the following files:
- Change details for the UI /var/lib/megam/nilavu.conf
- Change SSL certificate to enable HTTPS /etc/nginx/sites-available/default
- Change details for the API /var/lib/megam/verticegateway/gateway.conf
- Change details for the Omni scheduler /var/lib/megam/vertice/vertice.conf
Go to
$ cd /var/lib/megam
Configure /var/lib/megam/nilavu.conf
/var/lib/megam/site_settings.yaml file is self explanatory, tweak as you wish.
/var/lib/megam/nilavu.conf
## api host that the UI will connect to
http_api = http://localhost:9000/v2
## log streamer that the UI will connect to.
## we need to turn on https, in such case replace it as wss
log_server = ws://localhost:7777/logs
## shell is a host that the nilavu will connect to for container shell prombt
shell_server = ws://localhost:7777
### vnc server that the UI will connect to.
## we need to turn on https, in such case replace it as wss
vnc_server = ws://localhost:8000
## we need to turn on https, in such case replace it as https
google_js_uri = http://www.google.com/jsapi?ext.js
Configure /etc/nginx/sites-available/default
- Replace your server_name.
- uncomment SSL certificate to point your own SSL certificate.
## change server_name to point your server_name
server_name console.megam.io;
## To enable HTTPS - uncomment ssl certificate to point your own certificate.
ssl_certificate /etc/nginx/certs/console.megam.io.cer;
ssl_certificate_key /etc/nginx/private/console.megam.io.key;
Configure /var/lib/megam/verticegateway/gateway.conf
# We use cassandra as the db layer
# ~~~~~
# Cassandra
# ~~~~~~~~~
cassandra.host = "localhost"
cassandra.keyspace = "vertice"
# DON'T Change these
cassandra.username = "vertadmin"
cassandra.password = "vertadmin"
cassandra.use_ssl = false
# We use NSQ as the messaging layer
# ~~~~~
# Replace localhost to NSQD ipaddress
nsq.url="http://localhost:4151"
# Don't change the nsq.topic names.
nsq.topic.vms="vms"
nsq.topic.containers="containers"
# send messages to NSQ.
nsq.events.muted = false
# don't send events to NSQ if the email id is tour@megam.io
nsq.events.muted_emails = ["tour@megam.io"]
Configure /var/lib/megam/vertice/vertice.conf
### Welcome to the vertice configuration file.
###
### [meta]
###
### Controls how vertice connects to scylla, nsq
[meta]
api = "http://localhost:9000/v2" #"Point Gateway ipaddress"
master_user = "info@megam.io"
master_key = "abcdefghijklmnopqrstuvwxyz,." #"Replace master_key"
nsqd = ["localhost:4150"] #"Point NSQD ipaddress"
Import Vertice Keyspace
- Download following cql files
wget https://raw.githubusercontent.com/megamsys/verticegateway/1.5.2/db/base.cql
wget https://raw.githubusercontent.com/megamsys/verticegateway/1.5.2/db/1.5.cql
wget https://raw.githubusercontent.com/megamsys/verticegateway/1.5.2/db/1.5.1.cql
wget https://raw.githubusercontent.com/megamsys/verticegateway/1.5.2/db/1.5.2.cql
wget https://raw.githubusercontent.com/megamsys/verticegateway/1.5.2/db/ee.cql
- Update base.cql file in cassandra
cqlsh -f base.cql
Enable password-auth in cassandra
Open the file /etc/cassandra/cassandra.yaml in your favourite EDITOR.
Lets use nano
$ nano /etc/cassandra/cassandra.yaml
-
Change authenticator “AllowAllAuthenticator” to “PasswordAuthenticator”.
-
Change authorizer “AllowAllAuthorizer” to “CassandraAuthorizer”
# - AllowAllAuthenticator performs no checks - set it to disable authentication.
# - PasswordAuthenticator relies on username/password pairs to authenticate
# users. It keeps usernames and hashed passwords in system_auth.credentials table.
# Please increase system_auth keyspace replication factor if you use this authenticator.
# If using PasswordAuthenticator, CassandraRoleManager must also be used (see below)
authenticator: PasswordAuthenticator
# - AllowAllAuthorizer allows any action to any user - set it to disable authorization.
# - CassandraAuthorizer stores permissions in system_auth.permissions table. Please
# increase system_auth keyspace replication factor if you use this authorizer.
authorizer: CassandraAuthorizer
Restart the cassandra (in all operating systems)
$ service cassandra restart
- Upgrade cql file using cassandra credentials
cqlsh -u vertadmin -p vertadmin -f 1.5.cql
cqlsh -u vertadmin -p vertadmin -f 1.5.1.cql
cqlsh -u vertadmin -p vertadmin -f 1.5.2.cql
cqlsh -u vertadmin -p vertadmin -f ee.cql