Generate template file
|
| |
|
1 |
Create the template file.
-
Log in as the root user on the WS-NOC MnCMain VM.
-
Open a console window.
-
Enter the following:
# install_dir/setup/ws.sh -configJsonToTemplate FileName=/DEPOT/wavesuite_installation_config.cfg ConfigJson=/install_dir/config/bench/configuration.json ↵
The following template file is created:
/DEPOT/wavesuite_installation_config.cfg
|
2 |
Configure the template file.
Note: See the WaveSuite Installation/Migration Guide for template file configuration information.
-
Open the /DEPOT/wavesuite_installation_config.cfg file using a plain-text editor such as vi.
-
Verify that the following sections are correctly imported:
-
"REMOTEAUTHENTICATION"
-
"EXTERNAL-NSP-NOC"
-
"EXTERNAL-NSP-DRC"
-
Edit the file to enable the WS-SE and WS-HA components, as required.
-
Save and close the file.
|
3 |
Enter the following to update the central configuration:
# ws.sh -updateConfig depot=/DEPOT/ FileName=wavesuite_installation_config.cfg ↵
|
Deploy WS-SE / WS-HA
|
| |
|
4 |
Enter the following:
# /install_dir/setup/install.sh depot=/DEPOT FileName=/DEPOT/wavesuite_installation_config.cfg ↵
The configured WS-SE and WS-HA components are deployed.
|
5 |
If you are not installing the WS-SE, go to
Step 16.
|
Create required user in NSP for WS-SE access
|
| |
|
6 |
Sign in to the NSP as the admin user.
|
7 |
Open NSP Users and Security.
|
8 |
Create the following NSP user account:
wsseusr
|
9 |
Record the password that you assign to the wsseusr user.
|
Update password vault
|
| |
|
10 |
Perform
Step 11 to
Step 15 on each site in the WS-NOC deployment.
|
11 |
Add the new wsseusr password.
-
Log in as the root user on the WS-NOC MnCMain VM.
-
Open a console window.
-
Enter the following:
# cp /mcp/app/common/func.lib /mcp/app/common/func.lib.org ↵
-
Enter the following:
# sed -i -e 's/echo "nfmt_password.*/echo "nfmt_password: password">>$wsseNewPassFile/g' /mcp/app/common/func ↵
where password is the wsseusr password recorded in
Step 9
-
Enter the following:
# /mcp/setup/wsse.sh -upgrade skipinspect=Permissive depot=/DEPOT wsseip=WSSE_IP -ha ↵
where WSSE_IP is the WS-SE VM IP address
|
12 |
Update the WS-NOC nspOS configuration.
-
Open the following file with a plain-text editor such as vi:
/mcp/config/nspos-oauth2-proxy/go.conf
-
Locate the line that begins with the following:
"exclusion_urls" :
-
Edit the line to read as shown below by inserting the following before the closing bracket:
, “configurationParameters”
The line now reads as follows:
"exclusion_urls" : [ "/internal/sso-shared-common/v1/systemSetting", "/navigate-to-login", "/GroupManager/api/group/supervision/internal/migration/migrationFromNfmp", "/nfmp-app/noClientFound", "/favicon.ico", "/error_page.vm", "/.well-known/host-meta", "configurationParameters"]
-
Save and close the file.
-
Enter the following to restart the nspos-oauth2-proxy container:
# ws restart containerName=nspos-oauth2-proxy ↵
|
13 |
Enter the following to close the console window.
# exit ↵
|
14 |
Update the password in the etcd database.
-
Log in as the root user on the WS-SE VM.
-
Enter the following:
# docker exec wsse-etcd bash -c 'source /wscp/lib/vault_wscp.rc && EtcdSetValue /wavesuite/wsse/security/nfmtPassword password' ↵
where password is the wsseusr password recorded in
Step 9
-
Enter the following:
# systemctl restart wsse ↵
The WS-SE restarts, and the new password is put into effect.
|
15 |
Verify that the password is correctly set on the WS-SE.
-
Log in as the root user on the WS-SE VM.
-
Enter the following:
# /mcp/app/common/.getVaultPassword ↵
The WS-SE vault password is displayed.
-
Record the password for use in a subsequent step.
-
Enter the following:
# /opt/wavesuite/cp/R.r.0/bin/update_vault.sh -v ↵
The script prompts you to enter the WS-SE vault password.
-
Enter the vault password obtained in
Step 15 substep
3.
A password is displayed.
-
Verify that the password matches the nfmt_password value in
Step 9.
|
16 |
Close the open console windows.
End of steps |