No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FusionAccess V100R006C20 on FusionCloud 6.3.x Software Installation Guide 11 (LiteAD)

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Installing Cascaded ITA/GaussDB/HDC/WI/vAG/vLB/AUS/LiteAD

Installing Cascaded ITA/GaussDB/HDC/WI/vAG/vLB/AUS/LiteAD

Recording Tenant Data

Scenarios

This task instructs software installation engineers to record tenant data to generate the tenant information file that is used for FusionAccess automated deployment.

Prerequisites
  • You have obtained the zone and project information that needs to be managed by the desktop, including tenant names, regions, project names, and username and password of the VDC administrator or operator.
  • You have obtained the password for account gandalf and password for account root of the license server.
Procedure
  1. Use PuTTY to log in to the license server as account gandalf.
  2. Run the following command switch to user root.

    su root

  3. Run the following command to disable user logout upon system timeout:

    TMOUT=0

  4. Run the following command to copy a copy from the default user template and start editing.

    cp /opt/fusionaccess_deploy/users/default_user.yml /opt/fusionaccess_deploy/users/Tenant information file name

    The recommended file name format is Tenant name_STD_RegionID_ProjectName.yml. If the tenant name is Tenant_vdc_test, and the region ID is sa-fb-1 and project name is FusionAccess, run the following command:

    cp /opt/fusionaccess_deploy/users/default_user.yml /opt/fusionaccess_deploy/users/Tenant_vdc_test_STD_sa-fb-1_FusionAccess.yml

  5. Use the vi command to modify the parameters of the base_info part in the newly created template file by referring to Table 5-4 as needed. After the modification is complete, save the settings and exit.

    Table 5-4 Tenant template parameters

    Parameter

    Configuration Description

    Example

    iam

    user_name

    Username of the VDC administrator or VDC operator. This parameter can be found in Personal Settings in your icon in the upper-right corner of the page.

    test

    tenant_name

    Tenant name

    Tenant_vdc_test

    project_name

    Project. The tenant needs to manage the area and project information of the desktop.

    • FusionCloud 6.3.0:

      STD_RegionID_ProjectName

      For example, if the Region ID is sa-fb-1 and the project name is FusionAccess, set STD_sa-fb-1_FusionAccess.

    • FusionCloud 6.3.1 or later:

      Project name

    • FusionCloud 6.3.0:

      STD_sa-fb-1_FusionAccess

    • FusionCloud 6.3.1 or later:

      FusionAccess

    vpc_info

    vpc_name

    VPC name.

    Use the actual value set in Configuring the VPC or the actual name of the existing VPC.

    vpc-VDI

    desktop_subnet_name

    Name of the service subnet.

    Use the actual value set in Configuring the VPC or the actual name of the existing VPC.

    subnet-Desktop

    manager_subnet_name

    Name of the management subnet.

    Use the actual value set in Configuring the VPC or the actual name of the management subnet in the existing VPC.

    subnet-Manager

    ecs_info

    availabiity_zone_id

    AZ ID specified when you create the infrastructure VM.

    Obtain the AZ ID as follows:

    1. Log in to Service OM page.
      1. Log in to the ManageOne OM plane using a browser.
      2. In the navigation bar on ManageOne, choose O&M Maps. The O&M Maps page is displayed.
      3. In the Quick Links navigation bar on the right of the O&M Maps page, click Service OM. The Service OM page is displayed.
    2. Choose Management and Deployment > CCS > Cloud System Parameters and click Availability Zone.
    3. Find default name:ID corresponding to the AZ, which is the ID of the AZ.

    az1.dc1

    eip_info

    external_network

    External network name.

    Perform the following steps to get an available value of this parameter, and then set the parameter as needed.

    1. Use a VDC administrator or VDC operator to the ManageOne operation plane.
    2. Choose Network > Elastic IP Address and click Apply for EIP.
    3. Select the corresponding AZ. You can find names of all available external networks from the External Network drop-down list.

    external_relay_network

    access_type

    Desktop access method.

    The Internet access mode means that the desktop is accessed through the ELB, and the private line access to the desktop mode means that the desktop is directly connected to the desktop through a VPN or a dedicated line.

    • 0: Both Internet access and private line access are allowed.
    • 1: The private line access is supported only.

    0

    domain_info

    domain_type

    Domain type. 1 indicates LiteAD.

    1

    domain_name

    User domain name

    test.vdesktop.com

    domain_user

    Domain administrator

    vdsadmin

    domain_user_pwd

    Ciphertext of the domain administrator password. It is set to the corresponding ciphertext of Cloud12#$ in the configuration file by default.

    For details about the encryption method, see Encrypting Passwords.

    -

    license_type

    License type. It is set to 0 by default.

    • 0: number of users
    • 1: number of concurrences

    0

Performing an Automated Installation

Scenarios

This task instructs software installation engineers to use the AutoInstall tool for automated installation of FusionAccess after writing the tenant data.

Prerequisites
  • You have obtained the password for account gandalf and password for account root of the license server.
  • You have obtained the VDC administrator or VDC operator user name and password of the Project where FusionAccess is to be installed.
  • You have obtained the file name of the corresponding tenant information file (for example, Tenant_vdc_test_sa-fb-1_FusionAccess.yml).
Procedure
  1. Open PuTTY, select Connection, and change Seconds between keepalives (0 to turn off) to 60.

    During remote login, ensure that the SSH session is in the persistent connection state. Otherwise, the automatic installation process will be interrupted.

  2. Log in to the license server as account gandalf and run the following command and enter the password for user root to switch to user root.

    su root

  3. Run the following command to disable user logout upon system timeout:

    TMOUT=0

  4. Run the following command to import environment variables.

    source /root/.bashrc

  5. Run the following command and enter the password for the VDC administrator or VDC operator of the Project where FusionAccess is to be installed to start an automated installation.

    autoinstall file name of the tenant information file

    Use the file name of the tenant information file Tenant_vdc_test_sa-fb-1_FusionAccess.yml as an example. Run the following command:

    autoinstall Tenant_vdc_test_sa-fb-1_FusionAccess.yml

    Waite for about 30 minutes. When the value of Installation Result in the command output is Success, the automated installation is successful.

    NOTE:

    If the message "[ERROR] error occur, error message: HTTPSConnectionPool(host='compute.az0.dc0.domainname.com', port=443)…" is displayed, run the following command to restart the network services, and perform Step 5 again:

    service network restart

  6. View and record the IP address, floating IP address, user desktop login address of each FusionAccess management node, and the FusionAccess management page address, as shown in Figure 5-1.

    Figure 5-1 Parameters

  7. Check ELB connectivity.

    If Internet access is enabled, you need to use a VDC administrator or VDC operator to ManageOne operation plane and add the rules of the IP address segment of the ELB downstream network plane (obtain the value of elb_down_start_addr~elb_down_end_addr from Information Collection) to the 9443, 8443, and 8448 ports in the sg-Manager security group and the created virtual firewall. The rules that need to be added are described in Table 5-5 and Table 5-6.

    Access Internet Access Address on the Internet. If the access fails, contact the O&M personnel.
    Table 5-5 Add inbound rules for the virtual firewall

    Action

    Protocol

    Source Address

    Source Port Range

    Destination Address

    Destination Port Range

    Allowed

    TCP

    IP address segment of the ELB downstream network plane

    0

    IP address of FA-MGR-01 and FA-MGR-02

    8448

    Allowed

    TCP

    IP address segment of the ELB downstream network plane

    0

    IP addresses of FA-MGR-01 and FA-MGR-02

    8443

    Allowed

    TCP

    IP address segment of the ELB downstream network plane

    0

    IP addresses of FA-MGR-01 and FA-MGR-02

    9443

    Table 5-6 Add inbound rules for the sg-Manager security group

    Protocol

    Port Range/ICMP Type

    Source Address

    TCP

    8448

    IP address segment of the ELB downstream network plane

    TCP

    8443

    IP address segment of the ELB downstream network plane

    TCP

    9443

    IP address segment of the ELB downstream network plane

Translation
Download
Updated: 2019-07-01

Document ID: EDOC1100026752

Views: 29254

Downloads: 39

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next