Installing Cloudify Manager Cluster

Get the latest docs.

You are looking at documentation for an older release. Not what you want? Use the version selector on the top banner or click here.

Cloudify Cluster Architecture

Cloudify_Cluster

Required certificates

Some of the components require signed certificates, in addition to the CA certificate.

Example of creating cert and key for host myhost with 1.1.1.2 IP address:

Configuration file:

[req]
distinguished_name = req_distinguished_name
x509_extensions = v3_ext
[ req_distinguished_name ]
commonName = _common_name # ignored, _default is used instead
commonName_default = myhost
[ v3_ext ]
basicConstraints=CA:false
authorityKeyIdentifier=keyid:true
subjectKeyIdentifier=hash
subjectAltName=DNS:myhost,DNS:127.0.0.1,DNS:1.1.1.2,DNS:localhost,IP:127.0.0.1,IP:1.1.1.2

Generating cert and key using CA cert and key and a configuration file:

sudo openssl req -newkey rsa:2048 -nodes -batch -sha256 -config conffile -out myhost.crt.csr -keyout myhost.key
sudo openssl x509 -days 3650 -sha256 -req -in myhost.crt.csr -out myhost.crt -extensions v3_ext -extfile conffile -CA ca.crt -CAkey ca.key -CAcreateserial

Installing components

The following sections describe how to install and configure Cloudify cluster main coponents:

[PostgresSQL DB] (/install_maintain/installation/installing-cluster/)
[RabbitMQ Server] (/install_maintain/installation/installing-cluster/)
[Cloudify Manager Worker] (/install_maintain/installation/installing-cluster/)

After installation, update the CLI profile by running:

cfy cluster update-profile

PostgresSQL DB

Configure the following settings in /etc/cloudify/config.yaml:


postgresql_server:
  enable_remote_connections: true
  ssl_enabled: true
  postgres_password: "<select a password>"

  # Optional, make Postgres server verify client certificate
  ssl_client_verification: false
  # Optional, accept SSL connections only
  ssl_only_connections: false

ssl_inputs:
  postgresql_server_cert_path: "<path to server crt file>"
  postgresql_server_key_path: "<path to server key file>"
  postgresql_ca_cert_path: "<path to CA crt file>"


services_to_install:
# keep only database_service in the list of services to install
- database_service
#- queue_service
#- manager_service

Execute:

cfy_manager install [--private-ip <PRIVATE_IP>] [--public-ip <PUBLIC_IP>] [-v]

RabbitMQ Server

You can install between 1 and 3 (recommended) RabbitMQ instances. Note that Reverse DNS lookup must be available in your network for the RabbitMQ nodes.

Installing a RabbitMQ Cluster

Configure the following settings in /etc/cloudify/config.yaml:


rabbitmq:
  ca_path: "<path to the CA crt file>"
  cert_path: "<path to the host's crt file>"
  key_path: "<path to the hosts's key file>"
  nodename: "<the hostname>"

  # Generate a random string, for example: 7f3e952a-10b4-4e6b-8322-420ae768ab3f
  # use the same cookie in all RabbitMQ instances' installations
  erlang_cookie: "<generate a random string>"

  # List all known RabbitMQ instances,
  # for each instance, provide the default IP address
  # and list all other networks
  cluster_members:
    <hostname1>:
      default: "<host1 IP>"
      <additional network name>: "<additional network IP>"
    <hostname2>:
      default: "<host2 IP>"

  # On first RabbitMQ instance, leave empty
  # on other RabbitMQ instances, enter the first hostname
  join_cluster: "<host1>"


services_to_install:
# keep only queue_service in the list of services to install
#- database_service
- queue_service
#- manager_service

Execute:

cfy_manager install [--private-ip <PRIVATE_IP>] [--public-ip <PUBLIC_IP>] [-v]

Adding RabbitMQ instances to a Cloudify Cluster

Add the new host to /etc/hosts on all existing nodes.

On a manager worker cluster node, execute:

cfy cluster brokers add <new broker name> <new broker address>

Removing RabbitMQ instances from a Cloudify Cluster

On a RabbitMQ cluster node, execute:

cfy_manager brokers-remove -r <name of node to remove>

On a manager worker cluster node, execute:

cfy cluster brokers remove <broker name>

Verify RabbitMQ Cluster

On a RabbitMQ cluster node, execute:

cfy_manager brokers-list

On a manager worker cluster node, execute:

cfy cluster brokers list

Cloudify Manager Worker

You can install between 1 and 10 (at least 3 recommended) manager instances.

Configure the following settings in /etc/cloudify/config.yaml:


manager:

  # Must be set when installing the first node of a cluster.
  # Must not use when joining a cluster.
  cloudify_license_path: "<path to license file>"

  security:
    # Password for the admin user
    # must be the same on all cluster nodes
    admin_password: "<admin user password>"

rabbitmq:
  ca_path: "<path to the CA crt file>"

  # List all known RabbitMQ instances,
  # for each instance, provide the default IP address
  # and list all other networks
  cluster_members:
    <hostname1>:
      default: "<host1 IP>"
      <additional network name>: "<additional network IP>"
    <hostname2>:
      default: "<host2 IP>"

postgresql_client:
  host: "<DB host IP>"
  ssl_enabled: true

  # Optional, make Postgres server verify client certificate
  # use only if set during PostgreSQL server installation
  ssl_client_verification: false

  # Enter same password used in postgres_password when installing the PostgreSQL server
  postgres_password: "<postgresql password>"


ssl_inputs:

  # Optional, required if using ssl_client_verification
  postgresql_client_cert_path: ''
  postgresql_client_key_path: ''

  postgresql_ca_cert_path: "<path to CA crt file>"


services_to_install:
# keep only manager_service in the list of services to install
#- database_service
#- queue_service
- manager_service

Execute:

cfy_manager install [--private-ip <PRIVATE_IP>] [--public-ip <PUBLIC_IP>] [-v]

Removing a manager worker node from a cluster

On a manager worker cluster node, execute:

cfy cluster remove <host name of node to remove>