forked from pivotal-cf/docs-pcf-install
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpcf-aws-manual-er-config.html.md.erb
242 lines (145 loc) · 11.5 KB
/
pcf-aws-manual-er-config.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
---
title: Configuring Elastic Runtime for AWS
owner: Ops Manager
---
This topic describes how to configure the Pivotal Elastic Runtime components
that you need to run <a
href="https://network.pivotal.io/productsf/pivotal-cf">Pivotal Cloud Foundry</a>
(PCF) on Amazon Web Services (AWS).
***<p class="tip">CAUTION: Pivotal strongly recommends installing Pivotal Cloud Foundry using AWS CloudFormation, as described in [Installing Pivotal Cloud Foundry® on AWS](./cloudform.html), rather than configuring AWS manually as documented here.</p>***
## <a id='prerequisites'></a>Prerequisites ##
Before following this procedure, complete all of the steps in the [Configuring Ops Manager Director for AWS](./pcf-aws-manual-om-config.html) topics.
## <a id='om-add'></a>Step 1: Add Elastic Runtime to Ops Manager ##
1. Navigate to the Pivotal Cloud Foundry Operations Manager Installation
Dashboard.
1. Click the Pivotal Network link on the left to add Elastic Runtime to Ops
Manager.
For more information, refer to the [Adding and Deleting Products](./add-delete.html) topic.
1. Click the Elastic Runtime tile in the Installation Dashboard.
<%= image_tag("images/er-tile.png") %>
## <a id='az-networks'></a>Step 2: Assign Availability Zones and Networks ##
1. Select **Assign AZs and Networks**. These are the Availability Zones that you [create](../customizing/vsphere-config.html#create-az) when configuring Ops Manager Director.
1. Select an Availability Zone under **Place singleton jobs**. Ops Manager runs any job with a single instance in this Availability Zone.
1. Select one or more Availability Zones under **Balance other jobs**. Ops Manager balances instances of jobs with more than one instance across the Availability Zones that you specify.
1. Select the network that you created in the [Networks Pages](./pcf-aws-manual-om-config.html#pcfaws-om-networks) section of the _Configuring Ops Manager Director for AWS_ topic.
<%= image_tag("cloudform/er-az.png") %>
1. Click **Save**.
<p class="note"><strong>Note</strong>: When you save this form, a verification error displays because the PCF security group blocks ICMP. You can ignore this error.</p>
<%= image_tag("pcfaws/er-network-error.png") %>
## <a id='er-domain-config'></a>Step 3: Configure Domains ##
1. Select **Domains**.
<%= image_tag("er17-config-domains.png") %>
1. Enter the system and application domains.
* The **System Domain** defines your target when you push apps to Elastic
Runtime.
* The **Apps Domain** defines where Elastic Runtime should serve your apps.
<p class="note"><b>Note</b>: Pivotal recommends that you use the same domain name but different subdomain names for your system and app domains. Doing so allows you to use a single wildcard certificate for the domain while preventing apps from creating routes that overlap with system routes. For example, name your system domain <code>system.EXAMPLE.com</code> and your apps domain <code>apps.EXAMPLE.com</code>.</p>
<p class="note"><strong>Note</strong>: You configured wildcard DNS records
for these domains in an earlier step.</p>
1. Click **Save**.
## <a id="networking"></a>Step 4: Configure Networking ##
<%= partial 'networking-cloudform' %>
## <a id='db-config'></a>Step 5: Configure System Databases ##
<p class="note"><b>Note</b>: If you are performing an upgrade, do not modify your existing internal database configuration or you may lose data. You must migrate your existing data first before changing the configuration. See <a href="upgrading-pcf.html">Upgrading Ops Manager</a> for additional upgrade information.</p>
1. Select **Databases**.
<%= image_tag("./cloudform/sys-db.png") %>
1. If you want to use internal databases for your deployment, select **Internal Databases - MySQL**. If you want to use the external RDS instance for your Elastic Runtime databases, select **External Databases** and complete the following procedure to create the databases that Elastic Runtime requires. If you require help, contact [Pivotal Support](http://support.pivotal.io).
* Add your key pair to your ssh profile so that you can access the machine.
<pre class="terminal">$ ssh-add pcf.pem</pre>
* SSH into your Ops Manager VM using its IP address and the username `ubuntu`. You can find the IP address for the Ops Manager VM on the AWS EC2 console.
<pre class="terminal">ssh ubuntu@OPS_MANAGER\_IP</pre>
* Log into your RDS instance through the MySQL client, using the hostname from the RDS console and the username that you created the RDS instance with. This command prompts you to enter the password for your RDS user:
<pre class="terminal">mysql -h RDS-HOSTNAME -u RDS-USERNAME -p</pre>
* Create databases for each of the six Cloud Foundry components that require a database. From the MySQL client, run `CREATE database DB-NAME` for each of the following: `uaa`, `ccdb`, `console`, `notifications`, `autoscale`, `app_usage_service`.
* Exit the MySQL client and close your connection to the Ops Manager VM.
* In the **Databases** section of the Elastic Runtime tile, enter your **Hostname DNS Name**, **TCP Port** (`3306`), **Username**, and **Password**.
* Click **Save**.
## <a id='internal-mysql'></a> Step 6 (Optional) Configure Internal MySQL ##
<%= partial 'mysql_proxy_config' %>
## <a id='application-containers-config'></a>Step 7: Configure Application Containers ##
<%= partial 'application_container_config' %>
## <a id='er-appdevctrl-config'></a>Step 8: Configure Application Developer Controls ##
1. Select **Application Developer Controls**.
<%= image_tag("er17-config-appdevctrl.png") %>
1. Enter your intended maximum file upload size.
1. Enter your default RAM memory allocation per app.
1. Enter your default total RAM memory (RAM) quota per Org. You can change this in the CLI.
1. Enter your maximum and default disk quotas per app.
1. Enter your default service instances quota per Org. You can change this in the CLI.
1. Click **Save**.
## <a id='app-security'></a>Step 9: Review Application Security Group ##
<%= partial 'application_security_group' %>
## <a id='er-auth-config'></a>Step 10: Configure Authentication and Enterprise SSO ##
<%= partial 'authsso_config' %>
## <a id='file-store-config'></a>Step 11: Configure File Storage ##
1. Select **File Storage Config**.
1. To use the PCF internal filestore, select **Internal** and click **Save**.
1. To use an external S3-compatible filestore for your Elastic
Runtime file storage, select **External S3-Compatible Filestore** and complete the following procedure:
<%= image_tag("cloudform/external_filestore_config.png") %>
1. Enter the **URL Endpoint** for your filestore. If you manually configured Amazon Web Services for PCF, this is the value that you entered into the Director config page in [Configuring Ops Manager Director for AWS](./pcf-aws-manual-om-config.html#pcfaws-om-dirconfig#pcfaws-om-dirconfig).
1. Enter the **Bucket Name**. If you manually configured Amazon Web Services for PCF, this is the name that you chose.
1. Enter your **Access Key** and **Secret Key**. If you are using Amazon Web Services, retrieve your key information with the IAM credentials that you generated.
1. For **S3 Signature Version** and **Region**, keep the default **V2 Signature** values unless your S3 filestore is in Germany or China. These regions require a **V4 Signature**.
1. Enter a **Buildpacks Bucket Name**.
1. Enter a **Droplets Bucket Name**.
1. Enter a **Packages Bucket Name**.
1. Enter a **Resources Bucket Name**.
1. Click **Save**.
## <a id='config-sys-logging'></a>Step 12: (Optional) Configure System Logging ##
If you are forwarding logging messages to an external Reliable Event Logging Protocol (RELP) server, complete the following steps:
1. Select **System Logging**.
<%= image_tag("cloudform/sys-logging.png") %>
1. Enter the IP address of your syslog server in **External Syslog Aggregator Hostname** and its port in **External Syslog Aggregator Port**. The default port for a syslog server is 514.
<p class="note"><strong>Note</strong>: The host must be reachable from the Elastic Runtime network, accept TCP connections, and use the RELP protocol. Ensure your syslog server listens on external interfaces.</p>
1. Select an **External Syslog Network Protocol** to use when forwarding logs.
1. For the **Syslog Drain Buffer Size**, enter the number of messages the Doppler server can hold from Metron agents before the server starts to drop them. See the [Loggregator Guide for Cloud Foundry Operators](../loggregator/log-ops-guide.html) topic for more details.
1. Click **Save**.
## <a id='lb'></a>Step 13: Finalize the Load Balancer Setup ##
<%= partial 'configure_aws_elb' %>
## <a id='customize-apps-man'></a>Step 14: (Optional) Customize Apps Manager##
<%= partial 'custombranding' %>
## <a id='smtp'></a>Step 15: (Optional) Configure Email Notifications ##
Elastic Runtime uses SMTP to send invitations and confirmations to Apps Manager
users.
You must complete the **Email Notifications** page if you want to enable end-user
self-registration and the [Notifications with UI](#notifications)
feature.
<p class="note"><strong>Note</strong>: If you do not configure the SMTP settings using this form, the administrator must create orgs and users using the cf CLI tool. See <a href="../adminguide/cli-user-management.html">Creating and Managing Users with the cf CLI</a> for more information.</p>
1. Select **Email Notifications**.
1. Enter your reply-to and SMTP email information
1. Verify your authentication requirements with your email administrator and use
the **SMTP Authentication Mechanism** drop-down menu to select `None`, `Plain`,
or `CRAMMD5`.
If you have no SMTP authentication requirements, select `None`.
1. Click **Save**.
<%= image_tag("cloudform/smtp.png") %>
## <a id='ccdb-key'></a>Step 16: (Optional) Add CCDB Restore Key##
<%= partial 'restore_ccdb_key' %>
## <a id='config-smoke-test'></a>Step 17: Configure Smoke Tests ##
<%= partial '_smoketests' %>
## <a id='experimental'></a>Step 18: (Optional) Enable Experimental Features
<%= partial 'experimental-features' %>
## <a id='errands'></a>Step 19: Configure Errands ##
<%= partial 'errands' %>
## <a id='disable-resources'></a>Step 20: (Optional) Disable Unused Resources ##
<%= partial 'disable_resources' %>
## <a id='config-elb'></a>Step 21: Configure Router to Elastic Load Balancer ##
1. In the **Elastic Runtime** tile, click **Resource Config**.
1. In the **ELB Name** field of the **Router** row, enter the name of your load balancer. You may configure multiple load balancers by entering the names separated by commas.
1. In the **ELB Name** field of the **Diego Brain** row, enter the name of your SSH load balancer. You may configure multiple load balancers by entering the names separated by commas.
1. Click **Save**.
<%= image_tag("pcfaws/er-aws-resource-config.png") %>
## <a id='complete'></a>Step 22: Complete the Elastic Runtime Installation ##
1. Click the **Installation Dashboard** link to return to the Installation
Dashboard.
1. Click **Apply Changes** to begin your installation of Elastic Runtime.
<br /><br />
If an ICMP error message appears, click **Ignore errors and start the
install**.
<%= image_tag("pcfaws/er-install-error.png") %>
The install process generally requires a minimum of 90 minutes to complete.
The image shows the **Changes Applied** window that displays when the
installation process successfully completes.
<%= image_tag("aws/vpc-step16.png") %>
[Return to the Installing Pivotal Cloud Foundry Guide](../installing/index.html)