Installing and Configuring Cloudify Manager
A Cloudify Manager is a compute host that runs the Cloudify Management service. For version 4.3 and higher, you can install a single RPM file that installs Cloudify Manager with all of its dependencies. The Cloudify Manager RPM file is self-contained and does not require an internet connection during installation.
- Make sure that your environment meets the prerequisites before you install Cloudify Manager.
- To get started with Cloudify in Amazon AWS, OpenStack or Docker, use a Cloudify Manager image.
The installation process installs all of the components that Cloudify depends on. You can run the install command again after the initial installation to reinstall and reconfigure the components. The configure command lets you reconfigure the components without reinstallation. When you install or configure the Cloudify Manager, you can specify the private IP address, public IP address and administrator password as command options, or specify these and other configuration settings in the config.yaml file.
You can install the Cloudify CLI on a separate host to manage your Cloudify Manager remotely.
Installing Cloudify Manager
The Cloudify Manager is installed from an RPM file. The installation can be customized with command-line flags and the config.yaml file. The Cloudify Manager installation FAQ includes more information about troubleshooting and advanced scenarios.
- If you specify the private and public IP addresses and the administrator password in the config.yaml file, do not specify them in the command options.
- If you do not specify an administrator password in the command-line or the config.yaml file, the installation process generates a random password and shows it as output when the installation is complete.
- If you use
-v
for the cfy_manager command, you can see additional debugging logs located at:/var/log/cloudify/manager/cfy_manager.log
We recommend that you do not skip validations or sanity checks, and that you review the security recommendations.
To install Cloudify Manager:
- Download the Cloudify Manager RPM file.
- Copy the RPM file to your target host.
From the terminal of your target host, run:
sudo yum install <RPM file path>
For example:
sudo yum install /home/centos/cloudify-manager-install-4.3.1ga.x86_64.rpm
Configure the Cloudify Manager networks in the config.yaml file.
Review the configuration settings in the
config.yaml
file and make any necessary changes.To install Cloudify Manager, run:
cfy_manager install [--private-ip <PRIVATE_IP>] [--public-ip <PUBLIC_IP>] [--admin-password <password>] [-v]
Other Installation Actions
Validating the Installation
When the installation process is complete, you can use cfy status
to make sure that all of the Cloudify services are running.
Cloudify Premium customers can access the Cloudify Console at:
- By default:
http://<manager_public_address>
- If you enable SSL in the config.yaml file:
https://<manager_public_address>
An example output:
$ cfy status
...
Retrieving manager services status... [ip=127.0.0.1]
Services:
+--------------------------------+---------+
| service | status |
+--------------------------------+---------+
| InfluxDB | running |
| Celery Management | running |
| Logstash | running |
| RabbitMQ | running |
| AMQP InfluxDB | running |
| PostgreSQL | running |
| Manager Rest-Service | running |
| Cloudify Stage | running |
| Webserver | running |
| Riemann | running |
| Webserver | running |
+--------------------------------+---------+
...
Configuring the Manager Settings
After you install Cloudify Manager, you can change the settings used by the installation without reinstalling the Cloudify components. The configure command accepts the same CLI inputs as the install command, and it reads the same config.yaml file for additional settings.
- If you specify the private and public IP addresses and the administrator password in the config.yaml file, do not specify them in the command options.
- If you do not specify an administrator password in the command options or the config.yaml file, the installation process generates a random password and shows it as output when the installation is complete.
- If you use
-v
for the cfy_manager command, you can see additional debugging logs located at:/var/log/cloudify/manager/cfy_manager.log
To change the Cloudify Manager installation settings:
- Edit the config.yaml file.
- To configure Cloudify Manager, run:
cfy_manager install [--private-ip <PRIVATE_IP>] [--public-ip <PUBLIC_IP>] [--admin-password <password>] [-v]
Additional Cloudify Manager Settings
In addition to the command line options, the /etc/cloudify/config.yaml
(View in GitHub) contains more advanced configuration settings, including:
- Administrator password (
admin_password
) - Private and public IP addresses (
private_ip
;public_ip
) - External REST communications over HTTPS (
ssl_enabled
) - Local path replacement for remote resources with a URL (
import_resolver
) - Multi-network management (
networks
) - LDAP connection information (
ldap
) - SSL communication settings (
ssl_inputs
)
The /etc/cloudify/config.yaml
file can be validated at any time using the cfy_manager validate
command. This performs the same checks that cfy_manager install
does.
Multi-Network Management
Cloudify Manager uses Cloudify Agents to execute tasks and collect information about the resources that it manages. Before you install your Cloudify Manager, you must specify the Cloudify Manager IP addresses or DNS names that your agents will use to communicate with it.
- You must specify the Cloudify Manager networks before you install the Cloudify Manager.
- You cannot configure multi-network management on Cloudify Manager images.
- Cloudify Examples require that the externally-routable network is called
external
. - If no manager network interface is specified in the blueprint, the agent connects to the
default
interface, which is configured with theprivate_ip
flag during the RPM installation process.
The Cloudify Manager networks are configured in the agent:networks
section of the /etc/cloudify/config.yaml
file, for example:
agent:
networks:
default: <privately_routable_ip>
external: <externally_routable_ip>
broker_port: 5671
min_workers: 2
max_workers: 5
You must specify the name of the Cloudify Manager network for each agent that deployed in your blueprint with this syntax:
host:
type: cloudify.nodes.Compute
properties:
agent_config:
network: external
install_method: remote
user: { get_input: username }
key: { get_secret: agent_key_private }
port: 22
ip: { get_input: host_ip }
Security Recommendations
For security considerations, we recommend that you:
- Specify an administrator password according to your security policy
- Set SSL in the config.yaml file to
enabled
- Set gunicorn to bind to localhost
To set gunicorn to listen on localhost only:
- Edit the
/usr/lib/systemd/system/cloudify-restservice.service
file. - Find this line:
-b 0.0.0.0:${REST_PORT} \
- Replace the line with:
-b localhost:${REST_PORT} \
- To restart the dependent services, run:
sudo systemctl daemon-reload sudo systemctl restart cloudify-restservice
- Edit the
Emptying the Cloudify Manager Database
Emptying the Cloudify Manager database erases Cloudify data and is irreversible.
During both installation and configuration of Cloudify Manager, you can use the --clean-db
option to empty all of the data from the Cloudify Manager database. The initial installation does not require the --clean-db
flag.
Uninstalling Cloudify Manager
Uninstalling the Cloudify Manager erases all Cloudify data and is irreversible.
To uninstall the Cloudify Manager, run:
sudo cfy_manager remove -f
To remove all of the files that the installation process extracted, run:
sudo yum remove cloudify-manager-install
Next Steps
After Cloudify Manager is installed, you can configure your Cloudify Manager for your environment, including:
- Upload plugins to add functionality to Cloudify Manager
- To use Cloudify with LDAP users, setup the LDAP connection.
Build the secrets store for your tenants.
The secrets store lets you store data variables that you do not want to expose in plain text in Cloudify, such as login credentials for a platform.