This section contains information on how to edit Yubico, CloudBoot, OnApp Storage and other application settings.
To edit system configuration, do the following:
Go to your Control Panel > Admin > Settings menu, and click the Configuration icon.
Click the System tab to change the following application settings:
If you change any settings here and save, the Control Panel server will restart OnApp services.
On this page:
- Key - the key for your OnApp installation.
- Enable isolated license - move this slider to the right to enable the usage of an Isolated License on your CP.
File Upload Configuration
- Max upload size - the maximum file size in bytes for ISOs that can be uploaded to boot a VS.
- TOTP login - enabling this feature will force TOTP users to log into the cloud only with their third-party credentials and disable the possibility for them to log with OnApp login and password.
Disable plain password usage for API access - move the slider to the right to restrict the use of plain password and login for API access.
We strongly recommend you disable plain password usage for API access for security reasons.
Force SAML login - enabling this feature will force SAML users to log into the cloud only with their third-party credentials and disable the possibility for them to log with OnApp login and password.
By setting up the Use Yubico login option for your cloud, you give your customers the ability to log into OnApp by entering their credentials and using a Yubikey.
- Use Yubico login - move the slider to the right to enable logging in using a Yubikey
- Yubico client ID - enter your Yubico client ID
- Yubico secret key - enter your Yubico secret key
You can retrieve your Yubico client ID and secret key at https://upgrade.yubico.com/getapikey/.
Requests before marked as failed - determines how many times the Control Panel server will attempt to contact a compute resource before failover is initiated. For the Integrated Storage, we recommend increasing this parameter to 30, so that the storage platform has enough time to mark the Compute resources accordingly and allow the VSs to start up after a failed Compute resource. In integrated storage statuses of backend, nodes are marked as inactive approximately in 3 minutes after a backend node has stopped reporting its status. Integrated storage is a distributed system and it takes some time to sync/converge metadata across nodes.
The time before the CP initiates failover may differ depending on the number of compute resources and their load.
Ping hosted virtual servers before initiating failover - enable this feature for the VSs to ping the compute resource on which they reside to make sure it is offline before migrating to another compute resource.
VS Console Ports*
These are the ports used to remotely connect to virtual servers using the integrated VNC console.
Set the port range using the First port and Last port fields.
- Support help email - the email to which requests are sent from the Help form at Control Panel
- System host - enter a server IP or URL. Email alerts link to transaction logs for alert events, and those logs are opened from the server configured here.
- Application name – here you may change the application name, which is displayed at the welcome screen.
- Block Size (MB) - the block size in MB for disks which is used when migrating disks to another data store. This parameter also regulates the block size during backup creation. The default value is 8 MB.
Config comment - this text is added by OnApp to system configuration files and is stored at etc/resolv.conf, etc/network/interfaces and etc/hosts files.
Enable super admin permissions - move this slider to the right to activate a super admin feature that will help to restrict a user to create roles, assign users to roles and log in to CP as users with permissions exceeding her or his own permissions.
Note that the corresponding role does not appear in the list of roles at the Dashboard > Roles and is not assigned to any user. For more information on how to create and manage this role, refer to Create and Manage Super Admin Roles.
- Show IP address selection for new VS – move this slider to the right to enable IP address assignment during VS creation.
- Transaction approvals - move the slider to the right to enable approvals.
- Number of simultaneous transactions - the number of transaction runners which the daemon will execute at the same time.
- Zombie transaction time - set the duration in minutes after which the transaction running longer than the indicated time will be marked as zombie.
- System alert reminder period - the duration in minutes for the system to email alerts to admin if the failover resources are not enough. The default value is 60.
- Enable wrong activated logical volume alerts - move the slider to the right to enable system alerts.
- Wrong activated logical volume minutes - specify the alert emails frequency in minutes.
- Timeout Before Shutting Down VSs (30-600 sec) - specify the VS shutdown period within the given range. This parameter indicates the time during which OnApp will try to shut down a VS gracefully; after the selected period the VS will be shutdown forcefully. This will allow refusing the shutdown if the VS is booting and retry every 30 seconds till it is registered.
- IP address reservation time - specify the duration in seconds during which the IP address will be reserved for a user and unavailable for other users. The default value is 60.
- Max number of IP addresses which can be assigned to user simultaneously - specify the maximum number of IP addresses that can be assigned to user simultaneously. The default value is 256.
Allow VS password encryption – move this slider to the right to enable root password encryption for virtual servers.
For more information on the VS password encryption, refer to the FAQ.
- Allow VMware Compute resource password encryption – move this slider to the right to enable root password encryption for VMware Compute resources.
Use HTML 5 VNC console - move this slider to the right to enable the use of HTML 5 VNC console. VNP ports from the CP server are not required if the HTML 5 console is enabled.
It is only possible to use HTML 5 console if the Control Panel server is based on CentOS 6 or CentOS 7.
- Max network interface port speed - maximum NIC port speed in MB for the appliance network
- Allow users connect to AWS - move this slider to the right to enable AWS for the cloud
Enable CloudBoot - move this slider to the right to enable/disable the PXE boot system on the cloud
- Enable InfiniBand boot - move the slider to enable InfiniBand mode
Static Config target - the IP of NFS server that contains virtual server image templates
CP server Cloudboot target - the IP of Control Panel server
CloudBoot Domain Name Servers - IP of domain name servers
Enable OnApp Storage - move this slider to the right to enable/disable the OnApp storage on the cloud. This option is unavailable if Enable CloudBoot option is switched off.
Use Local Read Path, Use unicast, and Enforce datastore redundancy across HVs options are unavailable if Enable OnApp storage option is switched off.
- Use Local Read Path - move this slider to the right to minimize the network throughput dependency for read-heavy workloads. When the Use Local Read Path feature is enabled, reads go over the local software bridge to a local replica of the data rather than traverse a physical NIC + switch.
Use unicast - switch from multicast to unicast mode. Instead of CP server setting a multicast 'channel' and restarting all Compute resource control stacks that are added to the zone, the CP server now maintains the list of unicast hosts. This is the list of IDs of all hosts in the same zone separated with a comma. CP server updates the unicast hosts list for all Compute resources whenever any member is added or deleted from the set. This parameter is stored in the onappstore.conffile, and the CP server explicitly copies the /.rw/onappstore.conf to /onappstore/onappstore.conf on all Compute resources whenever a change is made.
Please, be aware this is a beta option. We suggest switching to unicast mode only in case you are not able to use multicast. Also, if at least one Virtual Server is running - unicast cannot be turned on.
When the unicast mode is enabled, compute resources must be kept online to maintain full coherency of the database. In the event when a compute resource is offline but still enabled in the Control Panel, any subsequent reboots of other nodes will cause a delay in a convergence of the Integrated Storage database across the nodes that have been rebooted. To avoid this scenario, either:
- Ensure that all compute resources in the unicast group are active and booted (recommended)
- Remove compute resources from the Control Panel if they are inactive for an extended period of time
- Ensure that all compute resources in the unicast group are active and booted (recommended)
Enforce datastore redundancy across HVs - when the slider is enabled, it will be possible to create IS data stores only with the disks that are replicated between different compute resources (in one compute zone). In this case, disks will be created only when there are at least two compute resources in the cloud. If this option is disabled, it will be possible to create data stores with disks that are replicated on hard drives of the same compute resource. In this case, if the compute resource crashes, no failover for disks is possible.
OnApp Storage HealthChecks
- Content distribution within Compute Resource threshold ratio - specify the percentage ratio of the average free space for all nodes in the compute resource. The default value is 5%. You will receive a warning in the storage health check if the free space on one of the compute resource's nodes will be smaller by the indicated value as compared to the other nodes on the compute resource.
- Content distribution across Compute Resources threshold ratio - specify the percentage ratio of the average free space for all compute resources within one compute zone. The default value is 5%. You will receive a warning in the storage health check if the free space on one of the compute resources in the zone will be smaller by the indicated value as compared to the other resources in the compute zone.
- Node capacity uniformity within DataStores threshold ratio - specify the value (%) by which the size of a node in a data store can differ from the average node size in this data store. The default value is 5%. If this value is exceeded, you will receive a warning in the storage health check.
- Enable DRaaS - enable DRaaS locally on your Control Panel
- Disable billing - move this slider to the right to disable prices display. All prices-related pages and fields will be hidden including but not limited to:
- Rate Cards in the Buckets menu
- Virtual Servers (all types of the servers)
- User Profile
- User Group
Also, all price-related statistics will not be calculated at the VS overview details page and at the User Profile page.
It is possible to disable billing only if there are no compute zones that are added to Federation or any compute zones subscribed from the Federation on your OnApp CP.
- Time of instant statistics storage (days) - the number of days the instant statistics from Compute resource will be stored. Starting with OnApp version 5.0, the default value for new installations is 1. For the clouds that have been upgraded from OnApp version 4.3, the default value is 10.
- Enable hourly statistics archiving - move the slider to the right to switch on archiving for hourly statistics. If enabled, hourly statistics will be converted into monthly and stored as an archive for all the period that exceeds the time specified in the Time of hourly statistics storage (months) parameter below.
Time of hourly statistics storage (months) - this parameter configures how long you want the detailed hourly statistics to be stored in a database before being converted into monthly statistics. For example, if you set that parameter to 10, the hourly statistics will be stored for the current month and the 10 previous months. And everything older than 10 months will be sent to archive (that is converted into monthly statistics). If this parameter is set as 1, then you can view the detailed hourly statistics for both the current and the previous month.
- Period to store IP reports (months) - the number of months the reports on IP address usage are stored. The statistics older than this period are cleaned. By default, the statistics are stored for six months.
Enable logs cleaning - this parameter enables logs cleaning after the time period, specified in the Period to store logs (days) parameter below.
- Period to store logs (days) - this parameter configures how many days you want logs to be kept in a database before deletion.
Custom Tools In Recovery Images
URL for custom tools - specify the full URL to the tools file packed with GNU Tar + Gzip, like http://domain.com/file.tgz. These tools will be copied to a recovery VS after rebooting in recovery mode. The users will then be able to unpack and use these tools as they wish to.
If the recovery image file is too large, the virtual servers may fail to start up in the recovery mode. We highly recommend you to test the custom recovery image on the virtual server with minimum RAM size before using it.
SNMP Trap Settings
Snmptrap addresses - a set of IPv4 management network IP(s) from the CP server separated by a comma. These IP addresses will be used for communication between Control Panel and Compute resources.
Snmptrap port - port used for snmptrap. This must be greater than 1024.
We recommend that you do not change the default value.
In case you change the port value on your OnApp CP - the corresponding change of the port VM_STATUS_SNMP_PORT should be made for all Compute resources in /etc/onapp.conf file.
OnApp Dashboard API
- Access Token - enter the Access token that is displayed in your OnApp Dashboard for your user account details. This token is used to synchronize locations between OnApp CP and OnApp Dashboard.
Allow Control Panel to Send Crash Reports
- Allow to collect errors - move the slider to enable Control Panel to collect, aggregate, encrypt and send crash reports. If you enable this feature, the error list from your Control Panel will be sent to OnApp in a form of an encrypted API call. By default, this option is disabled.
3. Click the Save Configuration button to finish.