To install the Control Panel server, run the following procedure:
Update your server:
Download the OnApp YUM repository file:
Install the OnApp Control Panel installer package:
(Optional) You can set custom configuration options for Control Panel. It is important to set custom values before the installer script runs.The full list of custom configuration options for Control Panel.
/onapp/onapp-cp.conffile to set custom values for Control Panel:
#Template server URL
# IPs (separated with coma) list for the SNMP to trap. This is the list of Control Panel IP addresses on which the traps sent from the compute resources are processed.
# OnApp Control Panel custom version
# OnApp MySQL/MariaDB connection data (database.yml)
# MySQL/MariaDB server configuration data (in case of local server)
# Use MariaDB instead of MySQL as OnApp database server (Deprecated parameter. If you set any values for this parameter, they will not take effect)
# Configure the database server relative amount of available RAM
# The number of C data structures that can be allocated before triggering the garbage collector. It defaults to 8 million. Only change this value if you understand what it does.
# sysctl.conf net.core.somaxconn value
# The root of OnApp database dump directory (on the Control Panel box)
# Remote server's (to store database dumps) IP, user, path, openssh connection options and number of dumps to keep
# DEPRECATED: If enabled (the 1 value is set) - install (if local box) and configures RabbitMQ Server (messaging system) for the vCloud support. (Deprecated parameter. If you set any values for this parameter, they will not take effect)
# Rotate transactions' log files created more than TRANS_LOGS_ROTATE_TIME day(s) ago
# Maximum allowed for uploading file size in bytes, from 0 (meaning unlimited) to 2147483647 (2GB). Default is 0.
# Timeout before ping Redis Server to check if it is started. Default is 10 sec.
# OnApp Control Panel SSL certificates (please do not change if you aren't familar with SSL certificates)
# * The data below to generate self-signed PEM-encoded X.509 certificate
# SSLCertificateFile, SSLCertificateKeyFile Apache directives' values
# ssl_certificate, ssl_certificate_key Nginx directives' values
# * PEM-encoded CA Certificate (if custom one exists)
# SSLCACertificateFile, SSLCertificateChainFile Apache directives' values
# ssl_client_certificate Nginx directives' values
# SSLCipherSuite, SSLProtocol Apache directives' values
# ssl_ciphers, ssl_protocols Nginx directives' values
For successful installation you need to accept the EULA.
Before installing the OnApp Control Panel package, apply the following changes to the /onapp/onapp-cp.conf file to avoid the RC4 Cipher Suite (CVE-2015-2808) vulnerability.
Run the Control Panel installer:The full list of installer options for Control Panel.
Where: Database server options: Default database SQL server is MySQL Server. Please use one of the following option to install LOCALLY. --mariadb MariaDB Server --community MySQL Community Server --percona Percona Server --percona-cluster Percona Cluster MYSQL_* Options are useful if MySQL is already installed and configured. -m MYSQL_HOST MySQL host. Default is 'localhost' --mysql-port=MYSQL_PORT TCP port where MySQL Server serves connections. Default values is 3306 for the local installation --mysql-sock[=MYSQL_SOCK] Unix socket on which MySQL Server serves connections. Default values is /var/lib/mysql/mysql.sock.
Used if local server only. The socket is unset if the option's argument isn't specified.
-p MYSQL_PASSWD MySQL password. Random is generated if is not set or specified. -d MYSQL_DB OnApp MySQL database name. Default is 'onapp'. -u MYSQL_USER MySQL user. Default is 'root'. Redis Server options: REDIS_* Options are useful if Redis Server is already installed and configured. --redis-host=REDIS_HOST IP address/FQDN where Redis Server runs. It is used by Control Panel to connect to Redis Server.
The Redis Server will be installed and configured on the current box if localhost/127.0.0.1 or box's
public IP address (listed in SNMP_TRAP_IPS) is specified. Default value is 127.0.0.1.
If local Redis, it will serve as well on the unix socket 'PORT' (if --redis-sock without argument isn't specified).
--redis-bind[=REDIS_BIND] The IP address for Redis Server to serve connections (to listen). The option isn't mandatory. --redis-port=REDIS_PORT Redis Server listen port.
0 - if local server
6379 - if remote server
--redis-passwd[=REDIS_PASSWD] Redis Server password to authentificate.
Random password is generated if the option's argument isn't specified.
By default no password is used for local Redis.
--redis-sock[=REDIS_SOCK] Path to the Redis Server's socket. Used if local server only. Default is /var/run/redis/redis.sock.
The socket is unset if the option's argument isn't specified.
Options to manage the OnApp Control Panel administrator account: ADMIN_* Options are used to configure OnApp Control Panel administrator data.
Please note that these options are for NEW INSTALL only and not for upgrade
CP administrator password -F ADMIN_FIRSTNAME CP administrator first name -L ADMIN_LASTNAME CP administrator last name -E ADMIN_EMAIL CP administrator e-mail RabbitMQ Server and vCloud options: --rbthost RBT_HOST IP address/FQDN where RabbitMQ Server runs. The RabbitMQ will be installed and configured on the current box
if localhost/127.0.0.1 or box's public IP address (enlisted in SNMP_TRAP_IPS) Default value is 127.0.0.1.
VCD_* Options are usefull if vCloud/RabbitMQ are already installed and configured. --vcdlogin VCD_LOGIN RabbitMQ/vCloud user. Default value is 'rbtvcd'. --vcdpasswd VCD_PASSWD RabbitMQ/vCloud user password. The random password is generated if isn't specified. --vcdvhost VCD_VHOST RabbitMQ/vCloud vhost. Default value is '/' RBT_* Options are used to configure RabbitMQ manager account. If local RabbitMQ server. --rbtlogin RBT_LOGIN RabbitMQ manager login. The default value is 'rbtmgr'. --rbtpasswd RBT_PASSWD RabbitMQ manager password. The random password is generated if isn't specified. General options: --rake RAKE_TASKS List of OnApp Control Panel rake tasks (separated with space) to run at the very end of install or upgrade. -v ONAPP_VERSION Install custom OnApp CP version -i SNMP_TRAP_IPS IP addresses separated with coma for snmp to trap -y Update OS packages (except of OnApp provided) on the box with 'yum update'. -a Is not interactive. Process with automatic installation. Please note, this will continue OnApp Control Panel
install/upgrade even if there is transaction currently running.
-t Add to the database and download Base Templates. For new installs only. If this option is not used, then only the following mandatory
System Templates will be added by default during fresh install: OnApp CDN Appliance; Load Balancer Virtual Appliance; Application Server Appliance.
Do not start OnApp services: monit, onapp and httpd
Please note, crond and all OnApp's cron tasks remain running. They could be disabled by stopping crond service manually for your own risk.
-D Do not make database dump, and make sure it is disabled in the cron and not running at the moment. -w
Do not disable the iptables service. It is applicable on fresh installs only.
--quick|--quick-update[=SERVICE] Procceed with quick update procedure. This will skip update and configuration for services, such as system packages,
MySQL database, Redis Server, RabbitMQ Server, and Monit service. Set the SERVICE parameter (space separated list of statements)
to define services, which need to be updated. Possible reserved statements are:
rpms - for 'system packages' upgrade;
mysql - for MySQL databse upgrade ond configuring;
redis - for ERedis Server upgrade and configuring;
rabbitmq - for RabbitMQ Server upgrade and configuring;
monit - for Monit upgrade and configuring.
--accept-eula Automatically accept OnApp's End User License Agreement. -c CONFIG_FILE Custom installer configuration file. Otherwise, preinstalled one is used. -h Print this info
Install CloudBoot dependencies:
Depending on a compute resource type, you should install
It is required to install yum install onapp-ramdisk-centos7-default together with onappstore packages.
It is recommended to install all the following packages:
Any of the
ramdiskpackages install the following packages automatically:
Run the following utility to configure and customize ramdisks:
Install an OnApp license to activate your Control Panel. Enter a valid license key via the OnApp UI. Your default OnApp credentials are admin/changeme. You can change a password via the Control Panel > Users menu.
Restart the OnApp service:
If you plan to configure an Accelerator, run the following command:
For all compute resources:
For certain compute resources only:
To perform the configuration for a number of compute resources, separate their IP addresses with a space.
The command above runs on compute resources that are online. If some compute resources are offline, you should run the command again when they are online. The rabbitmq_host parameter in the on_app.yml file should contain the real IP address of a server with RabbitMQ installed. The rabbitmq_host parameter should not be set to 'localhost' or '127.0.0.1'. The server with RabbitMQ installed should be available from the compute resources. For information on manual configuration for Accelerator, refer to RabbitMQ Configuration for Accelerator.
Generate SSH keys that OnApp requires for you to access various elements of the cloud. The script provided generates and transfers keys as necessary. The script needs to be run on your Control Panel server. It overwrites any keys that already exist so if you have custom keys already installed, you need to add them again after running the script. You need to provide your login details to various servers during the script execution. Please follow the onscreen instructions.
If you install a new cloud instance, connect to your Control Panel server via SSH, download, and run the script:
Note that the script is applicable only if you configure your first compute resources in the cloud. If you already have some existing compute resources and install new ones, the script sets new SSH keys to all the compute resources, both new and existing.
If you add additional compute resources to an existing cloud, update the
authorized_keysfile by running the following script on the Control Panel server:
- Mount the locations for templates and backups. If you do not have a dedicated backup server, you must mount your template and backup repositories to compute resources. If your template and backup repositories are located on the Control Panel server, you can mount them as follows:
Add the repositories to
/etc/exportson the Control Panel server and then restart the NFS service:
After you installed the Control Panel server, configure your Cloud Settings.
After the cofiguration is completed, Control Panel will be available in both http and https protocols. For security reasons, we recommend either closing port 80 or opening port 443. This port is used for secure web browser communication. Data transferred across such connections are highly resistant to interception. Moreover, the identity of the remotely connected server can be verified with significant confidence.