Versions Compared

Old Version 5

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3
Info

Make sure that the mentioned prerequisites are available for the demo deployment (for more information see Prerequisites) and also that the common configurations are configured (for more information see Common IaaS Configurations).

Table of Contents

...

Using the public Stratos 2.0 setup on Amazon EC2

We provide a pre-configured Elastic Compute Cloud (EC2) image that is publicly accessible through the EC2 and have made available the following public EC2 images (AMIs) that you can use, in order  to setup and run Stratos 2.0 in Amazon EC2 with minimum start-up time. 

EC2 ImageAsia Pacific (Singapore) RegionUS East - 1 (N. Virginia) Region

Stratos 2.0

ami-c3ca8491

ami-dfb8cfb6

PHP Cartridge

ami-57cf8105

ami-c5b6c1ac

MySQL Cartridge

ami-4bcf8119

ami-7bb4c312
Tomcat

ami-23b5fb71

ami-09b5c260

WSO2 Carbon Cartridge

ami-0da7e95f

ami-63b6c10a

Please see the Quick Start GuideNEW for information on how to use the pre-configured image to run Stratos 2.0.

Info

A Puppet Master and Puppet Agent is pre-configured with the Stratos 2 Amazon EC2 demo setup. As a result when using the public Stratos 2.0 setup on Amazon EC2, you will not need to setup a Puppet Master, Puppet Agent and Stratos 2 as mentioned in the following sections.

Installing Stratos2 in Amazon EC2 using the Puppet based deployment methodology

We provide a Puppet based deployment mechanism to deploy Stratos 2

...

using Amazon EC2. Puppet

...

 is an IT automation software that helps system administrators to manage infrastructure throughout its life cycle. For more information on Puppet go

...

to https://puppetlabs.com/. You need to access the EC2 environment, by creating an Amazon AWS account

...

for EC2 IaaS.

Info

Make sure that the mentioned prerequisites are available for the demo deployment (for more information see Prerequisites) and also that the common configurations are configured (for more information see Common IaaS Configurations).

The users can follow the steps given below to install Stratos2 in Amazon EC2 using this Puppet based deployment methodology

...

:

  1. Setting up Puppet master (with nginx and mongrel)
  2. Setting up Puppet agent
  3. Setting up Stratos2

Setting up Puppet master (with nginx and mongrel)

  • Install Puppet master packages ( puppetmaster 2.7 , mongrel, nginx)

    Code Block
    apt-get install puppetmaster mongrel nginx


  • The following commands are used to stop puppetmaster and nginx

    Code Block
    /etc/init.d/puppetmaster stop
/etc/init.d/nginx stop


  • Apply the following ch anges  to the respective configuration files.

    /etc/default/puppetmaster  

    Code Block
    DAEMON_OPTS="--ssl_client_header=HTTP_X_SSL_SUBJECT"
SERVERTYPE=mongrel
PUPPETMASTERS=5
PORT=18140


    /etc/pupet/puppet.conf

    Code Block
    [main]
logdir=/var/log/puppet
vardir=/var/lib/puppet
ssldir=/var/lib/puppet/ssl
rundir=/var/run/puppet
factpath=$vardir/lib/facter
templatedir=/etc/puppet/templates/
modulepath=/etc/puppet/modules/
report=false

[stratos2]
modulepath=/mnt/puppet/stratos2/modules/
templatedir=/mnt/puppet/stratos2/templates/
manifest=/mnt/puppet/stratos2/manifests/site.pp
manifestdir=/mnt/puppet/stratos2/manifests/
report=false

[master]
node_name = facter


    /etc/puppet/autosign.conf

    Code Block
    *.wso2.com


    /etc/puppet/auth.conf

    Code Block
    path ~ ^/catalog/([^/]+)$
method find
allow $1
allow star.s2.wso2.com    

path ~ ^/node/([^/]+)$
method find
allow $1

path /certificate_revocation_list/ca
method find
allow *

path /report
method save
allow *

path /file
allow *

path /file_metadata
auth any
method find
allow *

path /certificate/ca
auth no
method find
allow *

path /certificate/
auth no
method find
allow *

path /certificate_request
auth no
method find, save
allow *

path /
environment stratos2
allow *

path /
auth any


    /etc/puppet/fileserver.conf

    Code Block
    [files]
  path /etc/puppet/
  allow *

[plugins]
  allow *

[stratos2]
 path /mnt/puppet/stratos2/
 allow *

     

  • Configurations for Nginx is as follows:
    /etc/nginx/nginx.conf

    Code Block
    user www-data;
worker_processes 5;

error_log /var/log/nginx/error-puppet.log;
pid /var/run/nginx.pid;

events {
       worker_connections  1024;
}

http {
       default_type  application/octet-stream;

sendfile       on;
tcp_nopush     on;

keepalive_timeout  120;
tcp_nodelay        on;

upstream puppetmaster {
   server 127.0.0.1:18140;
   server 127.0.0.1:18141;
   server 127.0.0.1:18142;
   server 127.0.0.1:18143;
   server 127.0.0.1:18144;
}

server {
listen                  8140;
ssl                     on;

ssl_certificate         /var/lib/puppet/ssl/certs/s2demo.s2.wso2.com.pem;
ssl_certificate_key  /var/lib/puppet/ssl/private_keys/s2demo.s2.wso2.com.pem;
ssl_client_certificate  /var/lib/puppet/ssl/ca/ca_crt.pem;
ssl_crl                 /var/lib/puppet/ssl/ca/ca_crl.pem;

ssl_ciphers             SSLv2:-LOW:-EXPORT:RC4+RSA;
ssl_session_cache       shared:SSL:8m;
ssl_session_timeout     5m;
ssl_verify_client       optional;
rewrite_log             on;
client_max_body_size        50m;
root                    /var/empty;
access_log              /var/log/nginx/access.log;

location / {
     proxy_pass          http://puppetmaster;
proxy_redirect      off;
proxy_set_header    Host             $host;
proxy_set_header    X-Real-IP        $remote_addr;
proxy_set_header    X-Forwarded-For  $proxy_add_x_forwarded_for;
proxy_set_header    X-Client-Verify  $ssl_client_verify;
proxy_set_header    X-SSL-Subject    $ssl_client_s_dn;
proxy_set_header    X-SSL-Issuer     $ssl_client_i_dn;
                       proxy_read_timeout  120;
               }
       }
}

     

  • Set the server host name to s2demo.s2.wso2.com and add the host entry to /etc/hosts accordingly.
    If you want to change the domain name make sure to change the nginx ssl settings.

    Code Block
    hostname s2demo.s2.wso2.com
hostname > /etc/hostname


  • Start the Puppet master.

    Code Block
    /etc/init.d/puppetmaster start
/etc/init.d/nginx start

 

Anchor
PuppetAgent
PuppetAgent

Excerpt

Setting up Puppet agent

  1. Install packages.

    Code Block
    $apt-get install puppet

     

  2. Generate the keys in the server (Puppet master)

    Code Block
    $puppet cert --generate star.s2.wso2.com

    Copy the generated key in /var/lib/puppet/ssl/private_keys/star.s2.wso2.com.pem to clients (Puppet agent) /var/lib/puppet/ssl/private_keys/  

    Copy the generated key in /var/lib/puppet/ssl/ca/signed/star.s2.wso2.com.pem to clients /var/lib/puppet/ssl/certs/

       

  3. Change the /etc/puppet/puppet.conf as follows:

    Code Block
    [main]
logdir=/var/log/puppet
vardir=/var/lib/puppet
ssldir=/var/lib/puppet/ssl
rundir=/var/run/puppet
factpath=$vardir/lib/facter
templatedir=$confdir/templates
server=s2demo.s2.wso2.com
waitforcert=60
report=false

[master]
environment=stratos2
modulepath=/etc/puppet/$environment/modules
templatedir=/etc/puppet/$environment/templates
manifest=/etc/puppet/$environment/manifests/site.pp
manifestdir=/etc/puppet/$environment/manifests/

[agent]
environment=stratos2
certname = star.s2.wso2.com
node_name = facter
node_name_fact = fqdn

   
Setting up Stratos2

  1. Create a folder path for Stratos2 Puppet manifests.

    Code Block
    $ mkdir -p /mnt/puppet/stratos2
     
  2.   Extract the Puppet master files (manifests,modules,templates) to  /mnt/puppet/stratos2   
  3. Change the hosts template file in /mnt/puppet/stratos2/templates/hosts.erb
            
          
Public Stratos 2.0 Setup on Amazon EC2
...
  1.