User Tools

Site Tools


maintenance:general:ova_installation_guide_centos6

VM installation guide - Centos6

This installation guide installs NetYCE version 7.x based on a Centos 6 on your Hypervisor. The OVA can be used for VirtualBox or VMware or the VDI could be extracted to used it with other hypervisors as well.

This is by far the easiest installation method, as everything is already prepared.

Hypervisor choices

Virtualbox

The received OVA file can be imported directly.

VMware

Over time the VMware OVA import requirements have become ever stricter. When we create our downloadable Genesis OVA image much care is taken to be compatible with the many VMware products and versions.

However, should importing the NetYCE_genesis.ova image cause errors, a conversion tool to resolve the issue can be found at the VMware support site.

Using your VMware account, the OVFtool van be downloaded from https://code.vmware.com/web/tool/4.4.0/ovf

The OVFtool is available for Windows, Mac and Linux and comes with an installer. The use of this CLI tool is straightforward to create a VMware compatible OVA image from our NetYCE_genesis.ova:

$ /Applications/VMware\ OVF\ Tool/ovftool NetYCE_genesis.ova VMware_genesis.ova
Opening OVA source: NetYCE_genesis.ova
The manifest validates
Opening OVA target: VMware_genesis.ova
Writing OVA package: VMware_genesis.ova
Transfer Completed
Completed successfully

The resulting VMware_genesis.ova should now be compatible with your VMware product.

KVM/Qemu

Convert the vmdk file to qcow2:

tar xvf NetYCE_genesis.ova
qemu-img convert -O qcow2 Genesis-disk001.vmdk Genesis-disk001.qcow2

Hyper-V

Convert the vmdk file to vhd:

tar xvf NetYCE_genesis.ova
VBoxManage clonemedium disk Genesis-disk001.vmdk Genesis-disk001.vhd --format vhd

VM instantiation

At this point it is possible to assign one or multiple network interfaces. By default a single interface is provided. Depending on your setup requirements another interface might be desired to separate internal and external traffic.

Make sure all your desired interfaces are assigned within your hyper-visor.

CLI accounts

If for some reason you need to log in explicitly, you may do so using either the:

  • root account
    • password: NetYCE01
  • yce account
    • password: NetYCE01
    • sudo command: sudo -i

Interface setup

During the boot process and most probably during the initial boot, the system will automatically reboot one time to set up the network interfaces. (The ck_eth.pl script takes care of this.)

Once the VM is started it will automatically sign-in as the root user. Feel free to cancel the 5 second timer for the net_setup.pl or press CTRL+C.

Setting up the network

Log in using the root account.

This time follow the net_setup. If you missed it you may execute it manually net_setup.pl

Unless you have changed the settings in the hypervisor, these defaults apply:

  • Eth0, the interface used for the YCE application.
    • This is enabled for DHCP

During the questions, make sure to set up the following at least:

  • Set the root password
  • Set the yce user password
  • Set the hostname/domain
  • Set up the network interface(s)
  • Set up NTP (if possbile, see caveats)

If you made a mistake during these steps you can always back out (ctrl+c) and start the process again using net_setup.pl or /opt/yce/system/net_setup.pl. More information on net_setup.pl

  • reboot

Setting up YCE

Log into the system (local or via ssh) using the yce user and the password you've set.

By default the system is reachable using its IP address and HTTP.

If you wish to enable SSL, the script mk_ssl_cert.pl needs to be run. This script helps you to configure a 'certificate signing request' or can set up a 'self-signed certificate'.

To enable this and to make other modifications, like making NetYCE DNS resolvabel, the script yce_setup.pl or /opt/yce/system/yce_setup.pl is used.

The questions will be about the application set up, which will include:

  • usage of SSL?
  • DNS resolvable?

Especially the DNS/IP based access is important. (It is either DNS or IP based, not both at the same time)

If this installation is a test VM it is usually easier to set it up based on IP access. If this is a production/lab installation a DNS setup will probably be desired.

The other defaults are usually good.

Access

You may now access the NetYCE application using your favorite browser using either the FQDN or the assigned IP address.

The username and password are:

  • user: NetYCE
  • password: NetYCE01

Q&A

Q I'm logged in the GUI but can't see the grids.
A You are trying to use the FQDN while the application is set to using the IP address or the other way around. Run yce_setup.pl and set DNS resolved to either yes/no, depending on your environment.

Q After logging in nothing is shown at all.
A Make sure you are allowed to access the NetYCE system using either TCP port 80/443 and port 8080. See: YCE Connection matrix

Q Where do I find the latest patches and licenses?
A Patches and licenses

Q Can't access the GUI, showing {{ version }}
A Make sure you've run 'net_setup.pl' as root, 'yce_setup.pl' as 'yce'-user.

  1. verify all processes are running using 'go ps'
  2. if mysql is not running, execute: mysql_repair.sh as 'yce'-user
  3. execute 'go up' for the remaining processes
  4. Make sure all necessary ports are reachable, connection matrix

Q Could not connect to backend
A Have you ran 'yce_setup.pl' as 'yce'-user and are you connecting using the chosen method. Either ip based or name (dns) based?

  1. verify all processes are running using 'go ps'
  2. execute 'cat /opt/yce/etc/yce_setup.xml | grep urlbase' to verify if it is expecting ip-based or name-based connections.
    1. <httpd mode="root" proto="http" ssl_hardening="none" type="apache" urlbase="ip" />
    2. <httpd mode="root" proto="http" ssl_hardening="none" type="apache" urlbase="name" />
  3. Make sure all necessary ports are reachable, connection matrix

Caveats

NTP / time sync

For every setup it is important to make sure you time is in sync. This is normally not an issue, when using NetYCE as a dedicated VM with NTP installed. Though if you choose to install NetYCE on your laptop without NTP and it happens to sleep for more than 24 hours, the time gets outdated.

Solutions to address this:

  • reboot the VM
  • VirtualBox; install guest additions for your hypervisor:
    • Make sure to enable a cdrom hardware in your hypervisor for this VM, so the guest additions can be mounted
  • VMware; Enable 'time sync'
LDAP: couldn't connect to LDAP server
maintenance/general/ova_installation_guide_centos6.txt · Last modified: 2021/02/11 09:10 by bdorlandt