Installation
Get the latest docs
You are looking at documentation for an older release. Not what you want? Go to the current release documentation.Installation script
The same installation script is used in all of the installation methods.
This is either a bash
script on Linux or a powershell
script on Windows.
The script is agent-specific, and a separate script is rendered from a
template for each agent during the install
workflow.
The script downloads the agent package from the manager (over port 53333),
extracts it on the agent host, creates a daemon and starts it.
Installation methods
There are several methods by which the installation script is distributed to the agent host and executed.
remote
- The installation script is pushed to the agent host, and executed remotely using SSH on Linux hosts and WinRM on Windows hosts. This is the default and simplest way for systems that allow SSH/WinRM access. A pre-requisite for remote installation is:- For Linux, an SSH server must be running on the agent host, and the SSH port (22 by default) must be open for incoming connections.
- For Windows, WinRM must be enabled, and the WinRM port (5985 by
default) must be open for incoming connections. To enable WinRM,
the following commands must be executed on the host (e.g. in
userdata
).
winrm quickconfig -q winrm set winrm/config @{MaxTimeoutms="1800000"} winrm set winrm/config/winrs @{MaxMemoryPerShellMB="300";MaxShellsPerUser="2147483647"} winrm set winrm/config/service @{AllowUnencrypted="true";MaxConcurrentOperationsPerUser="4294967295"} winrm set winrm/config/service/auth @{Basic="true"} netsh advfirewall firewall add rule name="WinRM 5985" protocol=TCP dir=in localport=5985 action=allow
Note
- The commands above are provided in a syntax that is suitable for
invocation from a command-prompt window. If using userdata (or an
equivalent feature), it might be necessary to adjust the commands to
accommodate its requirements (for example: if these commands are to be
run within a batch file, each line must be prefixed with
call
). - The commands are very permisive and must adjusted according to
your requirements. These settings provide unencrypted WinRM access to
the machine. From MSDN:
AllowUnencrypted
- Enables the client computer to request unencrypted traffic.
init_script
- For systems that don’t have SSH/WinRM access, userdata (e.g. cloud-init) may be used. In this method, an install script is rendered, and a temporary link pointing to it is created. This link is then embedded in a separatedownload script
, which is injected into the agent host’s userdata. When the host is booted for the first time, the download script is executed. It downloads the installation script from the temporary link and executes it. To use theinit_script
method, the IaaS provider and Cloudify plugin need to support userdata. Currently, the Openstack, AWS, GCP and Azure plugins support this installation method. In addition, the image in use must already have Python 2.7.x installed and available through the system’sPATH
.plugin
- For systems that have neither SSH/WinRM access, nor the ability to inject a script into userdata, theplugin
installation method allows implementing a custom way to download and execute the installation script. In this method, a temporary download link for the installation script is created and made available to the plugin using thectx
. It is upt to the plugin developer then to implement a custom method for downloading and executing the installation script on the agent’s host.provided
- For systems that require the agent to be embedded in the image, users can use theprovided
method. In this mode, it is up to the user to make sure the agent is already installed on the image. During theinstall
workflow, a configuration script will be rendered and a temporary link to it will created and made available via Cloudify’s logs (reading the logs is the only way to retrieve the temporary link). This script is similar to the installation script, except that it doesn’t download or install the agent package, but only configures and starts the agent daemon. This script needs to be downloaded and executed manually for every agent.none
- In some cases, the user cannot or prefers not to install an agent on Cloudify-managed VMs. This might be due to a security restriction, or because a VM is a pre-configured closed appliance that the user cannot access or modify. This has the following implications:- It will not be possible to use plugins that assume execution on the agent’s
VM, meaning plugins that are configured with
executor=host_agent
. This includes Docker, Chef and Puppet plugins, among others. To work around this you must run bash or Python scripts using the Fabric plugin (for example, invoke the Puppet client from a script instead of using the Puppet plugin). - It will not be possible to install a Diamond monitoring agent using the Diamond plugin because this plugin requires an agent to run. However, you can install your own monitoring agent using a cloud-init / the Fabric plugin.
- It will not be possible to use plugins that assume execution on the agent’s
VM, meaning plugins that are configured with
Specifying the Installation Method
To specify the installation method that will be used, set the install_method
property in the compute node agent_config
property. For example:
node_templates:
my_vm:
type: cloudify.nodes.Compute
properties:
agent_config:
# one of none, remote, init_script, provided, plugin
install_method: remote