Post cfxDimensions VM Installation

Step 1: Login into Platform VM using any SSH client (ex: putty). Default username is 'macaw'

Run the following commands on the Platform VM.

sudo firewall-cmd --permanent --add-port=8080/tcp
sudo firewall-cmd reload

Step 2: Verify that NTP time is in sync on all of the cfxDimensions Platform, Service, cLambda & DB/Data nodes.

Note: On RHEL/CentOS 7.6 or above, please refer /etc/ntp.conf file. On RHEL/CentOS 8.3 or above, pleae refer /etc/chrony.conf file

To manually sync VM's time with NTP server.

RHEL / CentOS 8.3 or above:

sudo systemctl stop chronyd
sudo chronyd -q 'server <ntp-server-ip> iburst'
sudo systemctl start chronyd

Timezone settings: Below are some of the useful commands to view / change / set Timezone on cfxDimensions VMs.

sudo tzselect

sudo timedatectl

sudo timedatectl set-timezone Europe/London

HTTP Proxy Settings:

CloudFabrix cfxDimensions platform is built on micro services architecture ontop of underlying Docker Container infrastructure. cfxDimensions platform and AIOps application service's container images are hosted on secure Docker registry running on AWS cloud.

Note: Internet access is needed only during initial deployment and upgrades (when needed).

If there is a HTTP proxy server is deployed to control the internet access, apply the below HTTP proxy settings on all cfxDimensions Platform, Service, cLambda and DB/Data nodes.

Step 1: On cfxDimensions Platform, Service, cLambda and DB/Data nodes, edit /etc/environment file and define HTTP Proxy server settings as shown below.

http_proxy="http://<username>:<password>@10.95.142.10:3128"
https_proxy="http://<username>:<password>@10.95.142.10:3128"
no_proxy="localhost,127.0.0.1,10.95.192.201,10.95.192.202,10.95.192.203,10.95.192.204,*.rhel.pool.ntp.org,*.us.pool.ntp.org"
HTTP_PROXY="http://<username>:<password>@10.95.142.10:3128"
HTTPS_PROXY="http://<username>:<password>@10.95.142.10:3128"
NO_PROXY="localhost,127.0.0.1,10.95.192.201,10.95.192.202,10.95.192.203,10.95.192.204,*.rhel.pool.ntp.org,*.us.pool.ntp.org"
export http_proxy https_proxy no_proxy HTTP_PROXY HTTPS_PROXY NO_PROXY

Note: IP Address details are given for a reference only. They need to be replaced with appropriate HTTP Proxy server IP and port applicable to your environment.

Note: For no_proxy and NO_PROXY environment variables, please include loopback and IP addresses of all Platform, Service, cLambda and DB/Data nodes. This will ensure to avoid internal CloudFabrix AIOps application traffic going through HTTP proxy server.

Additionally, include any target applications or devices IP address or DNS names where it doesn't require to go through HTTP Proxy server.

Step 2: Configure Docker Daemon with HTTP Proxy sever settings.

sudo mkdir -p /etc/systemd/system/docker.service.d
cd /etc/systemd/system/docker.service.d

Create a file called 'http-proxy.conf' under above directory and add the HTTP Proxy configuration lines as shown below.

vi http-proxy.conf

[Service]
Environment="HTTP_PROXY=http://<username>:<password>@10.95.142.10:3128"
Environment="HTTPS_PROXY=http://<username>:<password>@10.95.142.10:3128"
Environment="NO_PROXY=localhost,127.0.0.1,10.95.192.201,10.95.192.202,10.95.192.203,10.95.192.204,*.rhel.pool.ntp.org,*.us.pool.ntp.org"

If there is an username and password required for HTTP Proxy server authentication, and if the username has any special characters like "\" (ex: username\domain), it need to be entered in HTTP encoded format. This is applicable only for Docker daemon. Please follow the below instructions.

If the username is john\acme.com : The HTTP encoded value is john%5Cacme.com and the HTTP Proxy configuration looks like below.

[Service]
Environment="HTTP_PROXY=http://john%5Cacme.com:password@10.95.142.10:3128"
Environment="HTTPS_PROXY=http://john%5Cacme.com:password@10.95.142.10:3128"
Environment="NO_PROXY=localhost,127.0.0.1,10.95.192.201,10.95.192.202,10.95.192.203,10.95.192.204,*.rhel.pool.ntp.org,*.us.pool.ntp.org"

Step 3: Restart the Platform, Service, cLambda & DB/Data node VMs to apply the HTTP Porxy server settings.

Whitelist URLs of CloudFabrix external repositories: (Internet outbound access)

Below list of URLs to be whitelisted (for outbound access only) when CloudFabrix dimentions platform is deployed in a restricted environment to access platform and application software images during the platform setup, configuration and for on going updates.

PreviouscfxDimenions on VMware vSphere NextSSL Certificates Installation

Last updated 3 years ago

http_proxy="http://<username>:<password>@10.95.142.10:3128" https_proxy="http://<username>:<password>@10.95.142.10:3128" no_proxy="localhost,127.0.0.1,10.95.192.201,10.95.192.202,10.95.192.203,10.95.192.204,*.rhel.pool.ntp.org,*.us.pool.ntp.org" HTTP_PROXY="http://<username>:<password>@10.95.142.10:3128" HTTPS_PROXY="http://<username>:<password>@10.95.142.10:3128" NO_PROXY="localhost,127.0.0.1,10.95.192.201,10.95.192.202,10.95.192.203,10.95.192.204,*.rhel.pool.ntp.org,*.us.pool.ntp.org" export http_proxy https_proxy no_proxy HTTP_PROXY HTTPS_PROXY NO_PROXY

[Service] Environment="HTTP_PROXY=http://<username>:<password>@10.95.142.10:3128" Environment="HTTPS_PROXY=http://<username>:<password>@10.95.142.10:3128" Environment="NO_PROXY=localhost,127.0.0.1,10.95.192.201,10.95.192.202,10.95.192.203,10.95.192.204,*.rhel.pool.ntp.org,*.us.pool.ntp.org"

[Service] Environment="HTTP_PROXY=http://john%5Cacme.com:password@10.95.142.10:3128" Environment="HTTPS_PROXY=http://john%5Cacme.com:password@10.95.142.10:3128" Environment="NO_PROXY=localhost,127.0.0.1,10.95.192.201,10.95.192.202,10.95.192.203,10.95.192.204,*.rhel.pool.ntp.org,*.us.pool.ntp.org"