Install Control Panel Server

Before You Begin

  • Review Get Started Guide to ensure that your environment is ready for the installation.
  • Use a corresponding option of the Control Panel installer in case MySQL is already installed and configured.
  • The installer output is redirected to ./onapp-cp-install.log
  • All the installer critical errors are written to /var/log/messages
  • If you want to reinstall an existing Control Panel, see Control Panel Migration Guide for instructions.
  • If you plan to deploy Accelerator, refer to the RabbitMQ Configuration for Accelerator document for more details.
  • We provide a pre-built OVA template to install your OnApp CP on another virtualization environment (like VMware, Hyper-V, etc) if you prefer. It is required to have 4 virtual CPU(s) processor, 16384MB of memory, VMXNET 3 network adapter and 250GB hard disk drive (thin-provisioned). Please contact your service provider to learn how to upload this template and create server instances from it. 
  • If you need to install other components, for example, OnApp Database Server, RabbitMQ Server, or Redis Server, see OnApp Installation Components for instructions. You can also migrate an OnApp database from MySQL to MariaDB, Percona Server, or Percona Cluster.
  • MariaDB new version 10.4 has been using to serve OnApp’s database since version 6.3 Edge 1. It is default for CentOS 7.x fresh installs.
  • CentOS 6 reached End of Life and is no longer supported. 
  • The support status of Xen changes to End of Support in OnApp 6.5. We will no longer develop features or provide full support for Xen compute resources in OnApp clouds.
  • To test the upgrade, you may first simulate the upgrade process on the test environment. For the instructions, refer to the Configuring Control Panel Environment for Simulation Purposes page. 
  • Disable SELinux before the installation.

See also: 

Get Started Guide

Upgrade Guide

To install the Control Panel server, run the following procedure:

  1. Update your server:

    # yum update

  2. Download the OnApp YUM repository file:

    # rpm -Uvh http://rpm.repo.onapp.com/repo/onapp-repo-7.0.noarch.rpm

  3. Install the OnApp Control Panel installer package:

    # yum install onapp-cp-install

  4. (Optional) You can set custom configuration options for Control Panel. It is important to set custom values before the installer script runs.

    Edit the /onapp/onapp-cp.conf file to set custom values for Control Panel:

    #Template server URL

    TEMPLATE_SERVER_URL='http://templates-manager.onapp.com'

    # IPs (separated with coma) list for the SNMP to trap. This is the list of Control Panel IP addresses on which the traps sent from the compute resources are processed.

    SNMP_TRAP_IPS=""

    # OnApp Control Panel custom version

    ONAPP_VERSION=""

    # OnApp MySQL/MariaDB connection data (database.yml)

    ONAPP_CONN_WAIT_TIMEOUT=15
ONAPP_CONN_POOL=30
ONAPP_CONN_RECONNECT='true'
ONAPP_CONN_ENCODING='utf8'

    # MySQL/MariaDB server configuration data (in case of local server)

    MYSQL_WAIT_TIMEOUT=604800
MYSQL_MAX_CONNECTIONS=500
MYSQL_LIMITNOFILE=8192

    Use MariaDB instead of MySQL as OnApp database server (Deprecated parameter. If you set any values for this parameter, they will not take effect)

    WITH_MARIADB=0

    # Configure the database server relative amount of available RAM

    TUNE_DB_SERVER=1

    # The number of C data structures that can be allocated before triggering the garbage collector. It defaults to 8 million. Only change this value if you understand what it does.

    RUBY_GC_MALLOC_LIMIT=16000000

    # sysctl.conf net.core.somaxconn value

    NET_CORE_SOMAXCONN=2048

    # The root of OnApp database dump directory (on the Control Panel box)

    ONAPP_DB_DUMP_ROOT=""

    # Remote server's (to store database dumps) IP, user, path, openssh connection options and number of dumps to keep

    DB_DUMP_SERVER=""
DB_DUMP_USER="root"
DB_DUMP_SERVER_ROOT="/onapp/backups"
DB_DUMP_SERVER_SSH_OPT="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o PasswordAuthentication=no"
KEEP_DUMPS=168
DB_DUMP_CRON='40 * * * *'

    Enable monit - tool for managing and monitoring Unix systems

    ENABLE_MONIT=1

    DEPRECATED: If enabled (the 1 value is set) - install (if local box) and configures RabbitMQ Server (messaging system) for the vCloud support. (Deprecated parameter. If you set any values for this parameter, they will not take effect)

    ENABLE_RABBITMQ=1

    # Rotate transactions' log files created more than TRANS_LOGS_ROTATE_TIME day(s) ago

    TRANS_LOGS_ROTATE_TIME=30

    # Maximum allowed for uploading file size in bytes, from 0 (meaning unlimited) to 2147483647 (2GB). Default is 0.

    MAX_UPLOAD_SIZE=0

    # Timeout before ping Redis Server to check if it is started. Default is 10 sec.

    REDIS_PING_TIMEOUT=10

    # OnApp Control Panel SSL certificates (please do not change if you aren't familar with SSL certificates)
    # * The data below to generate self-signed PEM-encoded X.509 certificate

    SSL_CERT_COUNTRY_NAME="UK"
SSL_CERT_ORGANIZATION_NAME='OnApp Limited'
SSL_CERT_ORGANIZATION_ALUNITNAME='OnApp Cloud'
SSL_CERT_COMMON_NAME="`hostname --fqdn 2>/dev/null`"

    #   SSLCertificateFile, SSLCertificateKeyFile Apache directives' values
    #   ssl_certificate, ssl_certificate_key Nginx directives' values

    SSLCERTIFICATEFILE="/etc/pki/tls/certs/ca.crt"
SSLCERTIFICATECSRFILE="/etc/pki/tls/private/ca.csr"
SSLCERTIFICATEKEYFILE="/etc/pki/tls/private/ca.key"

    # * PEM-encoded CA Certificate (if custom one exists)
    #   SSLCACertificateFile, SSLCertificateChainFile Apache directives' values
    #   ssl_client_certificate Nginx directives' values

    SSLCACERTIFICATEFILE=""
SSLCERTIFICATECHAINFILE=""

    #   SSLCipherSuite, SSLProtocol Apache directives' values
    #   ssl_ciphers, ssl_protocols Nginx directives' values

    SSLCIPHERSUITE=""
SSLPROTOCOL=""
    # vi /onapp/onapp-cp.conf

    For successful installation you need to accept the EULA.

  5. Run the Control Panel installe

        For CentOS 7:

# /onapp/onapp-cp-install/onapp-cp-install.sh -i SNMP_TRAP_IPS


# /onapp/onapp-cp-install/onapp-cp-install.sh -h
Usage: /onapp/onapp-cp-install/onapp-cp-install.sh [-c CONFIG_FILE] [--mariadb | --mariadb-custom | --community | --percona | --percona-cluster] [-m MYSQL_HOST] [--mysql-port=MYSQL_PORT] [--mysql-sock[=MYSQL_SOCK] [-p MYSQL_PASSWD] [-d MYSQL_DB] [-u MYSQL_USER] [-U ADMIN_LOGIN] [-P ADMIN_PASSWD] [-F ADMIN_FIRSTNAME] [-L ADMIN_LASTNAME] [-E ADMIN_EMAIL] [-v ONAPP_VERSION] [-i SNMP_TRAP_IPS] [--redis-host=REDIS_HOST] [--redis-bind[=REDIS_BIND] [--redis-passwd[=REDIS_PASSWD] [--redis-port=REDIS_PORT] [--redis-sock[=REDIS_SOCK] [--rbthost RBT_HOST] [--vcdlogin VCD_LOGIN] [--vcdpasswd VCD_PASSWD] [--vcdvhost VCD_VHOST] [--rbtlogin RBT_LOGIN] [--rbtpasswd RBT_PASSWD] [-a] [-y] [-D] [-t] [--noservices] [--ha-install] [--rake=RAKE_TASKS] [--quick|--quick-update[=SERVICE] [--accept-eula] [-w] [-h]

    Database server options:
                           Default database SQL server is MySQL Server.

                           Please use one of the following option to install LOCALLY:
                           --mariadb         : MariaDB Server
			   --mariadb-custom  : MariaDB Server (custom for CentOS 7.x only)
                           --community       : MySQL Community Server
                           --percona         : Percona Server
                           --percona-cluster : Percona Cluster

                           -m MYSQL_HOST   : MySQL host. Default is 'localhost'
                           --mysql-port=MYSQL_PORT    : TCP port where MySQL Server serves connections.
                                                       Default values is 3306 for the local installation
                           --mysql-sock[=MYSQL_SOCK] : Unix socket on which MySQL Server serves connections.
                                                       Default values is /var/lib/mysql/mysql.sock. Used if local server only
                                                       The socket is unset if the option's argument isn't specified.
                           -p MYSQL_PASSWD : MySQL password. Random is generated if is not set or specified.
                           -d MYSQL_DB     : OnApp MySQL database name. Default is 'onapp'
                           -u MYSQL_USER   : MySQL user. Default is 'root'


    Redis Server options:

                           --redis-host=REDIS_HOST : IP address/FQDN where Redis Server runs. It is used by Control Panel to connect to Redis Server.
                                                     The Redis Server will be installed and configured on the current box if localhost/127.0.0.1 or box's public IP address (listed in SNMP_TRAP_IPS) is specified.
                                                     Default value is 127.0.0.1.
                                                     If local Redis, it will serve as well on the unix socket 'PORT' (if --redis-sock without argument isn't specified)
                           --redis-bind[=REDIS_BIND] : The IP address for Redis Server to serve connections (to listen)
                                                       The option isn't mandatory.

                           --redis-port=REDIS_PORT : Redis Server listen port.
                                                     Defaults are:
                                                       0 - if local server
                                                       6379 - if remote server
                           --redis-passwd[=REDIS_PASSWD] : Redis Server password to authentificate.
                                                           Random password is generated if the option's argument isn't specified.
                                                           By default no password is used for local Redis.
                           --redis-sock[=REDIS_SOCK] : Path to the Redis Server's socket. Used if local server only.
                                                     Default is /var/run/redis/redis.sock
                                                     The socket is unset if the option's argument isn't specified.


    Options to manage OnApp Control Panel administrator account:
                                                Please note, that these options are for NEW INSTALL only and not for upgrade

                           -P ADMIN_PASSWD    : CP administrator password
                           -F ADMIN_FIRSTNAME : CP administrator first name
                           -L ADMIN_LASTNAME  : CP administrator last name
                           -E ADMIN_EMAIL     : CP administrator e-mail


     RabbitMQ Server and vCloud options:

                           --rbthost   RBT_HOST   : IP address/FQDN where RabbitMQ Server runs.
                                                    The RabbitMQ will be installed and configured on the current box if localhost/127.0.0.1 or box's public IP address (enlisted in SNMP_TRAP_IPS)
                                                    Default values is 127.0.0.1.

                              VCD_*      : Options are usefull if vCloud/RabbitMQ are already installed and configured.

                           --vcdlogin  VCD_LOGIN  : RabbitMQ/vCloud user. Default value is 'rbtvcd'.
                           --vcdpasswd VCD_PASSWD : RabbitMQ/vCloud user password. The random password is generated if isn't specified.
                           --vcdvhost  VCD_VHOST  : RabbitMQ/vCloud vhost. Default value is '/'

                              RBT_*         : Options are used to configure RabbitMQ manager account. If local RabbitMQ server.

                           --rbtlogin  RBT_LOGIN  : RabbitMQ manager login. The default value is 'rbtmgr'.
                           --rbtpasswd RBT_PASSWD : RabbitMQ manager password. The random password is generated if isn't specified.


     General options:

                           --ha-install : Proceed with Control Panel and Hight Availability components installation
			                  RHEL/CentOS 7.x is supported only!

                           --rake RAKE_TASKS : List of OnApp Control Panel rake tasks (separated with space) to run at the very end of install or upgrade

                           -v ONAPP_VERSION : Install custom OnApp CP version

                           -i SNMP_TRAP_IPS : IP addresses separated with coma for snmp to trap

                           -y : Update OS packages (except of OnApp provided) on the box with 'yum update'.

                           -a : Do not be interactive. Process with automatic installation.
                                Please note, this will continue OnApp Control Panel install/upgrade even there is transaction currently running.

                           -t : Add to the database and download Base Templates. For new installs only.

                           --noservices : Do not start OnApp services: monit, onapp and httpd
                                          Please note, crond and all OnApp's cron tasks remain running. They could be disabled by stopping crond service manually for your own risk.

                           -D : Do not make database dump, and make sure it is disabled in the cron and not running at the moment

                           -w : Do not disable iptables service.
                                Is applicable on fresh installs only.

                           --quick|--quick-update[=SERVICE] : Procceed with quick update procedure. 
                                                 This will skip update and configure for services, like: system packages, MySQL database, Redis Server, RabbitMQ Server, Monit service
                                                 Set the SERVICE parameter (space separated list of statements) to define services, which update is needed.
                                                 Possible reserved statements are:
                                                     rpms - for 'system packages' upgrade;
                                                     mysql - for MySQL databse upgrade ond configuring;
                                                     redis - for ERedis Server upgrade and configuring;
                                                     rabbitmq - for RabbitMQ Server upgrade and configuring;
                                                     monit - for Monit upgrade and configuring.

			   --accept-eula : Automatically accept OnApp's End User License Agreement
			                   (DEPRICATED)

                           -c CONFIG_FILE   : Custom installer configuration file. Otherwise, preinstalled one is used.

                           -h : print this info

Where:
 Database server options:Default database SQL server is MySQL Server. Please use one of the following option to install LOCALLY.
--mariadbMariaDB Server
--communityMySQL Community Server
--perconaPercona Server
--percona-clusterPercona Cluster
MYSQL_*Options are useful if MySQL is already installed and configured.
-m MYSQL_HOSTMySQL host. Default is 'localhost'
--mysql-port=MYSQL_PORTTCP port where MySQL Server serves connections. Default values is 3306 for the local installation
 --mysql-sock[=MYSQL_SOCK]Unix socket on which MySQL Server serves connections. Default values is /var/lib/mysql/mysql.sock.
Used if local server only. The socket is unset if the option's argument isn't specified.
-p MYSQL_PASSWDMySQL password. Random is generated if is not set or specified.
-d MYSQL_DBOnApp MySQL database name. Default is 'onapp'.
-u MYSQL_USERMySQL user. Default is 'root'.
Redis Server options:
REDIS_*Options are useful if Redis Server is already installed and configured.
--redis-host=REDIS_HOST


IP address/FQDN where Redis Server runs. It is used by Control Panel to connect to Redis Server.
The Redis Server will be installed and configured on the current box if localhost/127.0.0.1 or box's
public IP address (listed in SNMP_TRAP_IPS) is specified. Default value is 127.0.0.1.
If local Redis, it will serve as well on the unix socket 'PORT' (if --redis-sock without argument isn't specified).
--redis-bind[=REDIS_BIND]The IP address for Redis Server to serve connections (to listen). The option isn't mandatory.
--redis-port=REDIS_PORTRedis Server listen port.
Defaults are:
0 - if local server
6379 - if remote server
--redis-passwd[=REDIS_PASSWD]Redis Server password to authentificate.
Random password is generated if the option's argument isn't specified.
By default no password is used for local Redis.
--redis-sock[=REDIS_SOCK]Path to the Redis Server's socket. Used if local server only. Default is /var/run/redis/redis.sock.
The socket is unset if the option's argument isn't specified.
 Options to manage the OnApp Control Panel administrator account:
ADMIN_*Options are used to configure OnApp Control Panel administrator data.
Please note that these options are for NEW INSTALL only and not for upgrade

-P ADMIN_PASSWD

CP administrator password
-F ADMIN_FIRSTNAMECP administrator first name
-L ADMIN_LASTNAMECP administrator last name
-E ADMIN_EMAILCP administrator e-mail
RabbitMQ Server and vCloud options:
  --rbthost   RBT_HOST  IP address/FQDN where RabbitMQ Server runs. The RabbitMQ will be installed and configured on the current box
if localhost/127.0.0.1 or box's public IP address (enlisted in SNMP_TRAP_IPS) Default value is 127.0.0.1.
VCD_*Options are usefull if vCloud/RabbitMQ are already installed and configured.
--vcdlogin  VCD_LOGINRabbitMQ/vCloud user. Default value is 'rbtvcd'.
--vcdpasswd VCD_PASSWDRabbitMQ/vCloud user password. The random password is generated if isn't specified.
--vcdvhost  VCD_VHOSTRabbitMQ/vCloud vhost. Default value is '/'
RBT_*  Options are used to configure RabbitMQ manager account. If local RabbitMQ server.
--rbtlogin  RBT_LOGIN RabbitMQ manager login. The default value is 'rbtmgr'.
--rbtpasswd RBT_PASSWDRabbitMQ manager password. The random password is generated if isn't specified.
General options:
--rake RAKE_TASKSList of OnApp Control Panel rake tasks (separated with space) to run at the very end of install or upgrade.
-v ONAPP_VERSIONInstall custom OnApp CP version. Please note that if there were significant changes in packages between the version you want to install and the current OnApp version, the installation might be unsuccessful.
-i SNMP_TRAP_IPSIP addresses separated with coma for snmp to trap
-yUpdate OS packages (except of OnApp provided) on the box with 'yum update'.
-aIs not interactive. Process with automatic installation. Please note, this will continue OnApp Control Panel
install/upgrade even if there is transaction currently running.
-tAdd to the database and download Base Templates. For new installs only. If this option is not used, then only the following mandatory
System Templates will be added by default during fresh install: OnApp CDN Appliance; Load Balancer Virtual Appliance; Application Server Appliance.
--noservices

Do not start OnApp services: monit, onapp and httpd
Please note, crond and all OnApp's cron tasks remain running. They could be disabled by stopping crond service manually for your own risk.

-DDo not make database dump, and make sure it is disabled in the cron and not running at the moment.
-w

Do not disable the iptables service. It is applicable on fresh installs only.

--quick|--quick-update[=SERVICE] Procceed with quick update procedure. This will skip update and configuration for services, such as system packages,
MySQL database, Redis Server, RabbitMQ Server, and Monit service. Set the SERVICE parameter (space separated list of statements)
to define services, which need to be updated. Possible reserved statements are:                  
rpms - for 'system packages' upgrade;
mysql - for MySQL databse upgrade ond configuring;
redis - for ERedis Server upgrade and configuring;
rabbitmq - for RabbitMQ Server upgrade and configuring;
monit - for Monit upgrade and configuring.
--accept-eulaAutomatically accept OnApp's End User License Agreement.
-c CONFIG_FILECustom installer configuration file. Otherwise, preinstalled one is used.
-hPrint this info

Perform the steps from six to nine (6-9) only if you are going to use CloudBoot and/or OnApp Storage.

   6. Install CloudBoot dependencies:
       Install CloudBoot default ramdisk:

# yum install onapp-ramdisk-centos7-default

Depending on a compute resource type, you should install onapp-ramdisk-DISTRO-FLAVOR package(s) where:

DISTRO: centos7
FLAVOR: kvm

Depending on the need compute resource type(s), install only the corresponding package(s):

# yum install onapp-ramdisk-centos7-kvm


   7. Run the following utility to configure and customize ramdisks:

# /onapp/onapp-store-install/onapp-store-install.sh


   8. Install an OnApp license to activate your Control Panel. Enter a valid license key via the OnApp UI. Your default OnApp credentials are admin/changeme. You can change a password via the Control Panel > Users menu.

After you enter a license key, it may take up to 15 minutes to activate the key.


   9. Restart the OnApp service:

# service onapp restart

Perform the following step (10) only if you plan to deploy Accelerator.


   10. If you plan to configure an Accelerator, run the following command:

  • For all compute resources:

    cd /onapp/interface
# rake hypervisor:messaging:configure

For certain compute resources only:

cd /onapp/interface
# rake hypervisor:messaging:configure['11.0.50.111 11.0.50.112']

To perform the configuration for a number of compute resources, separate their IP addresses with a space.

The command above runs on compute resources that are online. If some compute resources are offline, you should run the command again when they are online. The rabbitmq_host parameter in the on_app.yml file should contain the real IP address of a server with RabbitMQ installed. The rabbitmq_host parameter should not be set to 'localhost' or '127.0.0.1'. The server with RabbitMQ installed should be available from the compute resources. For information on manual configuration for Accelerator, refer to RabbitMQ Configuration for Accelerator.

Perform the steps from 11 to 13 if there are compute resources added in the cloud.

    11. Generate SSH keys that OnApp requires for you to access various elements of the cloud. The script provided generates and transfers keys as necessary. The script needs to be run on your Control Panel server. It overwrites any keys that   already exist, so if you have custom keys already installed, you need to add them again after running the script. You need to provide your login details to various servers during the script execution. Please follow the onscreen instructions.         

   12. If you install a new compute resource, connect to your Control Panel server via SSH, download, and run the script:

# wget http://downloads.repo.onapp.com/install-all-keys.sh
# /bin/sh install-all-keys.sh

Note that the script is applicable only if you configure your first compute resources in the cloud. If you already have some existing compute resources and install new ones, the script sets new SSH keys to all the compute resources, both new and existing.


   13. If you add additional compute resources to an existing cloud, update the authorized_keys file by running the following script on the Control Panel server:

# ssh-copy-id -i /home/onapp/.ssh/id_rsa.pub root@HV_HOST_IP

Perform the following step (14) if you do not plan to install a dedicated backup server.

   14. Mount the locations for templates and backups. If you do not have a dedicated backup server, you must mount your template and backup repositories to compute resources. If your template and backup repositories are located on the Control Panel server, you can mount them as follows:
        Add the repositories to /etc/exports on the Control Panel server and then restart the NFS service:

# /onapp/templates 192.168.10.0/24(rw,no_root_squash)
# /onapp/backups 192.168.10.0/24(rw,no_root_squash)

15. After you installed the Control Panel server, configure your Cloud Settings

After the configuration is completed, Control Panel will be available in both http and https protocols. For security reasons, we recommend either closing port 80 or opening port 443. This port is used for secure web browser communication. Data transferred across such connections are highly resistant to interception. Moreover, the identity of the remotely connected server can be verified with significant confidence. 

If you use a time zone with 30-minute or 45-minute offsets, you need to modify the configuration file /etc/crontab and change the startup time (rake vm:generate_hourly_stats) from 0th minute to 30th or 45th minute, depending on a time zone.

In the script, you should replace
0 * * * * onapp cd /onapp/interface; RAILS_ENV=production rake vm:generate_hourly_stats
with
30 * * * * onapp cd /onapp/interface; RAILS_ENV=production rake vm:generate_hourly_stats