{"type":"doc","content":[{"type":"heading","attrs":{"level":2},"content":[{"text":"Solution Prerequisites","type":"text"}]},{"type":"extension","attrs":{"layout":"default","extensionType":"com.atlassian.confluence.macro.core","extensionKey":"include","parameters":{"macroParams":{"":{"value":"Compatibility Guide"}},"macroMetadata":{"macroId":{"value":"3aeb59036ba146c910883ad3230b75745b00ce091c9848c7b68906b5f291a57e"},"schemaVersion":{"value":"1"},"title":"Include Page"}},"localId":"0d4a0b43-c20e-461a-b9b5-8abdaf346128"}},{"type":"paragraph"},{"type":"heading","attrs":{"level":2},"content":[{"text":"Installation Steps","type":"text"}]},{"type":"paragraph","content":[{"text":"The Internet should be available on the machine where the application is being installed and connections on ","type":"text"},{"text":"port 9242 should be allowed in the network firewall","type":"text","marks":[{"type":"strong"}]},{"text":" to carry out the installation steps. All the commands start with a # indicating that root user privileges are required to execute these commands. Trailing # is not a part of the command.","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Allow ports in the firewall","type":"text"}]},{"type":"paragraph","content":[{"text":"For internal communication of the docker swarm, you'll need to allow communication (both inbound and outbound) on the ports: 8083/tcp,8084/tcp , 8085/tcp, 8086/tcp, 8087/tcp, 8844/tcp, 8834/tcp, 8443/tcp and 443/tcp.","type":"text"}]},{"type":"paragraph","content":[{"text":"To start the firewall on CentOS (if it isn't started already), execute the following commands. You'll have to execute these commands on all the cluster machines.: ","type":"text"}]},{"type":"codeBlock","content":[{"text":"systemctl enable firewalld\nsystemctl start firewalld","type":"text"}]},{"type":"paragraph","content":[{"text":"To allow the ports on CentOS firewall, you can execute the following commands. You'll have to execute these commands on all the cluster machines.","type":"text"}]},{"type":"codeBlock","content":[{"text":"firewall-cmd --add-port=8083/tcp --permanent\nfirewall-cmd --add-port=8084/tcp --permanent\nfirewall-cmd --add-port=8085/tcp --permanent\nfirewall-cmd --add-port=8086/tcp --permanent\nfirewall-cmd --add-port=8087/tcp --permanent\nfirewall-cmd --add-port=8844/tcp --permanent\nfirewall-cmd --add-port=8834/tcp --permanent\nfirewall-cmd --add-port=8443/tcp --permanent\nfirewall-cmd --add-port=443/tcp --permanent\nfirewall-cmd --reload","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Configure Log Rotation","type":"text"}]},{"type":"paragraph","content":[{"text":"Add the following lines in ","type":"text"},{"text":"/etc/docker/daemon.json","type":"text","marks":[{"type":"code"}]},{"text":" file (create the file if not there already) and restart the docker daemon using ","type":"text"},{"text":"systemctl restart docker. ","type":"text","marks":[{"type":"code"}]},{"text":"Perform this step on all the machines in the cluster in case of HA deployment.","type":"text"}]},{"type":"codeBlock","attrs":{"language":"json"},"content":[{"text":"{\n \"log-driver\": \"json-file\",\n \"log-opts\": {\n \"max-size\": \"50m\",\n \"max-file\": \"3\"\n }\n}\n","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Creating Databases","type":"text"}]},{"type":"paragraph","content":[{"text":"Create a database for UMM and Supervisor Tools services in the MSSQL server with suitable names and follow the application installation steps.","type":"text","marks":[{"type":"annotation","attrs":{"annotationType":"inlineComment","id":"736f0c3c-2ae6-4898-9bf7-0e5c37d37833"}}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Installing Application","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Download the deployment script ","type":"text","marks":[{"type":"textColor","attrs":{"color":"#172b4d"}}]},{"type":"mediaInline","attrs":{"id":"2d3d3f6a-1d00-43d4-8c48-b237ccfba622","collection":"contentId-3145958"}},{"text":".","type":"text","marks":[{"type":"annotation","attrs":{"annotationType":"inlineComment","id":"88a36988-d89d-4ce8-a6de-b952246ff824"}},{"type":"textColor","attrs":{"color":"#172b4d"}}]},{"text":" This script will:","type":"text","marks":[{"type":"textColor","attrs":{"color":"#172b4d"}}]}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"delete the supervisor-tools-deployment directory in the present working directory if it exists.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"clone the supervisor-tools-deployment repository from GitLab in the present working directory.","type":"text"}]}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"To execute the script, give it the execute permissions and execute it. ","type":"text"}]},{"type":"codeBlock","content":[{"text":"chmod +x supervisor-tools-deployment.sh\n./supervisor-tools-deployment.sh","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"For UCCE customers only, execute the following command","type":"text"}]},{"type":"codeBlock","content":[{"text":" rm /root/supervisor-tools-deployment/docker/config/umm/permissions/tam.json","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"For UCCX customers only, uncomment the lines 71 - 81 from file ","type":"text"},{"text":"/root/supervisor-tools-deployment/docker/docker-compose.yml","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"It should looks like","type":"text"}]},{"type":"codeBlock","attrs":{"language":"json"},"content":[{"text":"tam:\nimage: gitlab.expertflow.com:9242/supervisor-tools/team-administration:13.2.1\nports:\n- \"8082:8080\"\nenv_file:\n- ${PWD}/docker/environment-variables/environment-variables.env\nrestart: always\nvolumes:\n- ${PWD}/docker/trustStore:/usr/local/trustStore\nnetworks:\n- st","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Update environment variables in the following files inside ","type":"text"},{"text":"/supervisor-tools-deployment/docker/environment_variables","type":"text","marks":[{"type":"code"}]},{"text":" folder.","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Update ","type":"text"},{"text":"UMM environment variables","type":"text","marks":[{"type":"link","attrs":{"href":"/wiki/spaces/STS/pages/61342065"}}]},{"text":" in the ","type":"text"},{"text":"umm-environment-variables.env","type":"text","marks":[{"type":"code"}]},{"text":" file.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Update ","type":"text"},{"text":"Supervisor Tools Environment variables","type":"text","marks":[{"type":"link","attrs":{"href":"/wiki/spaces/STS/pages/57344140"}}]},{"text":" in the ","type":"text"},{"text":"environment-variables.env","type":"text","marks":[{"type":"code"}]},{"text":". See also, ","type":"text"},{"text":"Caller Lists Environment Variables","type":"text","marks":[{"type":"link","attrs":{"href":"/wiki/spaces/STS/pages/57344123"}}]},{"text":" to specify variables of the Caller Lists microservice.","type":"text"}]}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Get domain/CA signed SSL certificates for SupervisorTools FQDN/CN and place the files in ","type":"text"},{"text":"/root/supervisor-tools-deployment/docker/certificates","type":"text","marks":[{"type":"code"}]},{"text":" folder. The file names should be ","type":"text"},{"text":"server.crt","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"server.key","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Copy the supervisor-tools-deployment directory to the second machine for HA. Execute below command ","type":"text"}]},{"type":"codeBlock","content":[{"text":"scp -r supervisor-tools-deployment root@machine-ip:~/","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Go to the second machine and update the environment variables where necessary.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Execute the following commands inside /root/supervisor-tools-deployment directory on both machines.","type":"text"}]},{"type":"codeBlock","content":[{"text":"chmod 755 install.sh\n./install.sh","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Run the following command to ensure that all the components are up and running. The screenshot below shows a sample response for a standalone non-HA deployment. ","type":"text"}]},{"type":"codeBlock","content":[{"text":"docker ps","type":"text"}]},{"type":"paragraph"},{"type":"mediaSingle","attrs":{"layout":"align-start"},"content":[{"type":"media","attrs":{"width":1280,"id":"3f616193-dd1a-4e3b-a59c-622cb758a92d","collection":"contentId-3145958","type":"file","height":285}}]},{"type":"paragraph","content":[{"text":" ","type":"text"}]}]}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Note","type":"text","marks":[{"type":"strong"}]},{"text":": All machines and virtual IP should be on the same subnet for HA testing.","type":"text"}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Virtual IP configuration","type":"text"}]},{"type":"paragraph","content":[{"text":"Repeat the following steps for all the machines in the HA cluster.","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Download ","type":"text"},{"text":"keepalived.sh","type":"text","marks":[{"type":"link","attrs":{"href":"https://docs.expertflow.com/__attachments/15204924/keepalived.sh?inst-v=e3308798-09ee-43c9-b379-afb1699a55be"}}]},{"text":" script and place it in ","type":"text"},{"text":"/root","type":"text","marks":[{"type":"code"}]},{"text":" the directory.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Give execute permission and execute the script: ","type":"text"}]},{"type":"codeBlock","content":[{"text":"chmod +x keepalived.sh\n./keepalived.sh","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Configure keep.env file inside ","type":"text"},{"text":"/root/keep-alived","type":"text","marks":[{"type":"code"}]},{"text":" folder","type":"text"}]},{"type":"paragraph","content":[{"type":"inlineExtension","attrs":{"extensionType":"com.atlassian.confluence.migration","extensionKey":"__confluenceADFMigrationUnsupportedContentInternalExtension__","text":"","parameters":{"cxhtml":"

Name	Description
`KEEPALIVED_UNICAST_PEERS`	Pear machine IP. `192.168.1.80`
`KEEPALIVED_VIRTUAL_IPS`	Virtual IP of the cluster. It should be available in the LAN. For example: 192.168.1.245
`KEEPALIVED_PRIORITY`	Priority of the node. Instance with lower number will have a higher priority. It can take any value from 1-255.
`KEEPALIVED_INTERFACE`	Name of the network interface with which your machine is connected to the network. On CentOS, `ifconfig` or `ip addr sh` will show all the network interfaces and assigned addresses.
`CLEARANCE_TIMEOUT`	Corresponds to the initial startup time of the application in seconds which is being monitored by keepalived. A nominal value of 60-120 is good enough
`KEEPALIVED_ROUTER_ID`	Do not change this value.
`SCRIPT_VAR`	This script is continuously polled after 2 seconds. Keepalived relinquishes control if this shell script returns a non-zero response. It could be either umm or any backend microservice API. `pidof dockerd && wget -O index.html http://localhost:7575/`

","block-inline":true,"nestedContent":{"type":"doc","content":[{"type":"table","attrs":{"layout":"full-width"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[224.0]},"content":[{"type":"paragraph","content":[{"text":"Name","type":"text"}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[1075.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[224.0]},"content":[{"type":"paragraph","content":[{"text":"KEEPALIVED_UNICAST_PEERS","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[1075.0]},"content":[{"type":"paragraph","content":[{"text":"Pear machine IP. ","type":"text"},{"text":"192.168.1.80","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[224.0]},"content":[{"type":"paragraph","content":[{"text":"KEEPALIVED_VIRTUAL_IPS","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[1075.0]},"content":[{"type":"paragraph","content":[{"text":"Virtual IP of the cluster. It should be available in the LAN. For example: 192.168.1.245","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[224.0]},"content":[{"type":"paragraph","content":[{"text":"KEEPALIVED_PRIORITY","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[1075.0]},"content":[{"type":"paragraph","content":[{"text":"Priority of the node. Instance with lower number will have a higher priority. It can take any value from 1-255. ","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[224.0]},"content":[{"type":"paragraph","content":[{"text":"KEEPALIVED_INTERFACE","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[1075.0]},"content":[{"type":"paragraph","content":[{"text":"Name of the network interface with which your machine is connected to the network. On CentOS,","type":"text"},{"text":" ","type":"text"},{"text":"ifconfig","type":"text","marks":[{"type":"code"}]},{"text":" ","type":"text"},{"text":"or","type":"text"},{"text":" ","type":"text"},{"text":"ip addr sh","type":"text","marks":[{"type":"code"}]},{"text":" ","type":"text"},{"text":"will show all the network interfaces and assigned addresses. ","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[224.0]},"content":[{"type":"paragraph","content":[{"text":"CLEARANCE_TIMEOUT","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[1075.0]},"content":[{"type":"paragraph","content":[{"text":"Corresponds to the initial startup time of the application in seconds which is being monitored by keepalived. A nominal value of 60-120 is good enough","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[224.0]},"content":[{"type":"paragraph","content":[{"text":"KEEPALIVED_ROUTER_ID","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[1075.0]},"content":[{"type":"paragraph","content":[{"text":"Do not change this value.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[224.0]},"content":[{"type":"paragraph","content":[{"text":"SCRIPT_VAR","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[1075.0]},"content":[{"type":"paragraph","content":[{"text":"This script is continuously polled after 2 seconds. Keepalived relinquishes control if this shell script returns a non-zero response. It could be either umm or any backend microservice API.","type":"text"}]},{"type":"paragraph","content":[{"text":"pidof dockerd && wget -O index.html","type":"text","marks":[{"type":"code"}]},{"text":" ","type":"text","marks":[{"type":"code"}]},{"text":"http://localhost:7575/","type":"text","marks":[{"type":"code"}]}]}]}]}]}],"version":1},"reason":"A table in list item can't be created or edited in the new editor."}}}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":" Update the SERVER_URL in ","type":"text"},{"text":"/supervisor-tools-deployment/docker/environment_variables","type":"text","marks":[{"type":"code"}]},{"text":" to hold Virtual IP for front-end.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Give the execute permission and execute the script on both machine.","type":"text"}]},{"type":"codeBlock","content":[{"text":"chmod +x keep-command.sh\n./keep-command.sh","type":"text"}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Finesse Gadget Deployment","type":"text"}]},{"type":"extension","attrs":{"layout":"default","extensionType":"com.atlassian.confluence.macro.core","extensionKey":"include","parameters":{"macroParams":{"":{"value":"Finesse Gadget Deployment Guide"}},"macroMetadata":{"macroId":{"value":"a2031e0fd5ce5a22f8c6985a2f653697"},"schemaVersion":{"value":"1"},"title":"Include Page"}},"localId":"899c24f2-4282-4a60-87a5-677a5935219b"}},{"type":"heading","attrs":{"level":2},"content":[{"text":"SMBv2 Commands: ","type":"text"}]},{"type":"paragraph","content":[{"text":"Following are the commands to enable and disable SMBv1 and SMBv2 on the SMB server component.","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Detect if SMB1 enabled","type":"text"},{"type":"hardBreak"},{"text":"Get-SmbServerConfiguration | Select EnableSMB1Protocol","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Enable SMB1","type":"text"},{"type":"hardBreak"},{"text":"Set-SmbServerConfiguration -EnableSMB1Protocol $true","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Disable SMB1","type":"text"},{"type":"hardBreak"},{"text":"Set-SmbServerConfiguration -EnableSMB1Protocol $false","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Detect if SMB2 enabled","type":"text"},{"type":"hardBreak"},{"text":"Get-SmbServerConfiguration | Select EnableSMB2Protocol","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Enable SMB2","type":"text"},{"type":"hardBreak"},{"text":"Set-SmbServerConfiguration -EnableSMB2Protocol $true","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Disable SMB2","type":"text"},{"type":"hardBreak"},{"text":"Set-SmbServerConfiguration -EnableSMB2Protocol $false","type":"text","marks":[{"type":"code"}]},{"type":"hardBreak"}]}]}]},{"type":"paragraph","content":[{"text":"For more info you can check:","type":"text"},{"type":"inlineCard","attrs":{"url":"https://learn.microsoft.com/en-us/windows-server/storage/file-server/troubleshoot/detect-enable-and-disable-smbv1-v2-v3?tabs=server"}},{"text":" ","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Adding License","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Browse to http:///umm in your browser (FQDN will be the domain name assigned to the IP/VIP). ","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on the red warning icon on right, paste the license in the field and click save. ","type":"text"},{"type":"hardBreak"},{"type":"hardBreak"}]}]}]}],"version":1}

Browser not supported