forked from pivotal-cf/docs-pcf-install
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathcloudform-om-config.html.md.erb
188 lines (124 loc) · 8.08 KB
/
cloudform-om-config.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
---
title: Configuring Ops Manager Director on AWS
owner: Ops Manager
---
<strong><%= modified_date %></strong>
This topic describes how to configure the Ops Manager Director after deploying
the CloudFormation template for [Pivotal Cloud Foundry®](https://network.pivotal.io/products/pivotal-cf) (PCF) on Amazon Web Services (AWS).
Use this topic when [Installing Pivotal Cloud Foundry® Using AWS CloudFormation](./cloudform.html).
Before beginning this procedure, ensure that you have successfully completed all
steps in the [Deploying the CloudFormation Template for PCF on AWS](./cloudform-template.html) and the [Launching an Ops Manager Director Instance on AWS CloudFormation](./cloudform-om-deploy.html) topics.
After you complete this procedure, follow the instructions in the [Deploying Elastic Runtime on AWS CloudFormation](./cloudform-er-config.html) topic.
## <a id='outputs'></a>Step 1: Open the Outputs Tab in AWS Stacks ##
<%= partial 'aws_stacks_view_outputs' %>
## <a id='access-om'></a>Step 2: Access Ops Manager ##
1. In the AWS Console, navigate to the EC2 Dashboard.
1. Record the **Public IP** of your Ops Manager EC2 instance.
<%= image_tag("cloudform/deployed.png") %>
1. When Ops Manager boots for the first time, you must choose one of the following:
* <strong>[Use an Identity Provider](#idp)</strong>: If you use an Identity Provider, an external identity server maintains your user database.
* <strong>[Internal Authentication](#internal)</strong>: If you use Internal Authentication, PCF maintains your user database.
<%= image_tag("select-authentication.png") %>
### <a id='idp'></a>Use an Identity Provider ###
1. When redirected to the **Use an Identity Provider** page, you must:
* Retrieve the metadata URL from your Identity Provider and copy it into the **Use an Identity Provider** area.
* Create a passphrase. The passphrase you entered is a shared secret to encrypt Ops Manager data at rest.
* Read the **End User License Agreement**, and select the checkbox to accept the terms.
* Click **Setup Authentication**.
<%= image_tag("meta-url.png") %>
1. Your Identity Provider login page appears. Enter your username and password. Click **Login**.
### <a id='internal'></a>Internal Authentication ###
1. When redirected to the **Internal Authentication** page, you must:
* Enter a **Username** and **Admin password**.
* Enter a **Decryption passphrase**. This passphrase encrypts the Ops Manager datastore, and is not recoverable if forgotten.
* Read the **End User License Agreement**, and select the checkbox to accept the terms.
<%= image_tag("om-login.png") %>
1. Log in to Ops Manager with the Admin username and password you created on the initial setup page.
<%= image_tag("cf-login.png") %>
## <a id='aws-config'></a>Step 3: AWS Config Page ##
1. Click the **Ops Manager Director** tile.
<%= image_tag("cloudform/om-tile.png") %>
1. Select **AWS Config** to open the **AWS Management Console Config** page.
1. Complete the **AWS Management Console Config** page with information from the
[**Outputs**](#outputs) tab for your stack in the AWS Console:
<%= image_tag("cloudform/aws-config.png") %>
* **Access Key ID**: Use the value of **PcfIamUserAccessKey**.
* **AWS Secret Key**: Use the value of **PcfIamUserSecretAccessKey**.
* **VPC ID**: Use the value of **PcfVpc**.
* **Security Group Name**: Open the AWS EC2 Dashboard and click **Security
Groups**. Select the security group with the **Description** `PCF VMs
Security Group`. Copy the **Group ID** into the Ops Manager **Security
Group Name** field.
</p>
* **Key Pair Name**: Use the value of **PcfKeyPairName**.
* **SSH Private Key**: Open your pre-existing AWS key pair `.pem` file in a
text editor. Copy the contents of the `.pem` file and paste into the
**SSH Private Key** field.
* **Region**: Select the region where you deployed Ops Manager.
* **Encrypt EBS Volumes**: Select this checkbox to enable full encryption on persistent disks of all BOSH-deployed VMs except the Ops Manager VM and Director VM. See [Configuring Amazon EBS Encryption for PCF on AWS](cloudform-om-ebs-config.html) for details on using EBS encryption.
1. Click **Save**.
## <a id='director-config'></a>Step 4: Director Config Page ##
1. Select **Director Config** to open the **Director Config** page.
<%= image_tag("cloudform/director-config.png") %>
1. Enter at least two of the following NTP servers in the **NTP Servers (comma delimited)** field, separated by a comma:
* 0.amazon.pool.ntp.org
* 1.amazon.pool.ntp.org
* 2.amazon.pool.ntp.org
* 3.amazon.pool.ntp.org
1. Select the **Enable VM Resurrector Plugin** checkbox to enable the Ops
Manager Resurrector functionality and increase Elastic Runtime availability.
1. For **Blobstore Location**, select the **S3 Compatible Blobstore** option.
1. For **S3 Endpoint**:
1. In a browser, reference the [**Amazon Simple Storage Service (Amazon S3) table** ](http://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region), and find the region for your AWS account.
1. Prepend `https://` to the **Endpoint** for your region, and copy it into
the Ops Manager **S3 Endpoint** field. For example, in the **us-west-2** region, enter `https://s3-us-west-2.amazonaws.com` into the field.
1. Complete the **Director Config** page with information from the **Outputs**
tab in the AWS Console:
* **Bucket Name**: Use the value of **PcfOpsManagerS3Bucket**.
* **Access Key ID**: Use the value of **PcfIamUserAccessKey**.
* **AWS Secret Key**: Use the value of **PcfIamUserSecretAccessKey**.
* **Database Location**: Select the **External MySQL Database** option.
* **Host**: Use the value of **PcfRdsAddress**.
* **Port**: Use the value of **PcfRdsPort**.
* **Username**: Use the value of **PcfRdsUsername**.
* **Password**: Use the value of **PcfRdsPassword**.
* **Database**: Use the value of **PcfRdsDBName**.
* **Max Threads**:
1. Click **Save**.
## <a id='az'></a>Step 5: Availability Zones Pages ##
1. Select **Create Availability Zones**.
<%= image_tag("cloudform/create-az.png") %>
1. Enter the value of **PcfPrivateSubnetAvailabilityZone** from the **Outputs**
tab in the AWS Console. Click **Save**.
1. Select **Assign Availability Zones**.
1. Select the Availability Zone that you created in **Create Availability Zones**.
<%= image_tag("cloudform/assign-az.png") %>
1. Click **Save**.
## <a id='network'></a>Step 6: Network Pages ##
1. Select **Create Networks**.
<%= image_tag("cloudform/create-networks.png") %>
1. In the **Name** field, enter a name for your PCF Network.
1. In the **VPC Subnet ID** field, use the value of **PcfPrivateSubnetId** from
the **Outputs** tab in the AWS Console.
1. Complete the **Create Networks** page with the following information:
* **Subnet (CIDR Range)**: Enter `10.0.16.0/20`
* **Excluded IP Ranges**: Enter `10.0.16.1-10.0.16.9`
* **DNS**: Enter `10.0.0.2`
* **Gateway**: Enter `10.0.16.1`
1. Click **Save**.
1. If the following ICMP error message appears, you can ignore the warning. Dismiss the warning, and move on to the next step.
<%= image_tag("cloudform/config-error.png") %>
1. Select **Assign Networks** and assign the Director to the network that you
created in the **Create Networks** step.
<%= image_tag("cloudform/assign-networks.png") %>
1. Click **Save**.
## <a id='complete'></a>Step 7: Complete the Ops Manager Director Installation ##
1. Click the **Installation Dashboard** link to return to the Installation
Dashboard.
1. Click **Apply Changes**. If the following ICMP error message appears, click
**Ignore errors and start the install**.
<%= image_tag("cloudform/install-error.png") %>
1. Ops Manager Director installs. This may take a few moments. The image shows the **Changes Applied** window
that displays when the installation process successfully completes.
<%= image_tag("cloudform/ops-manager-complete.png") %>
1. After you complete this procedure, follow the instructions in the [Deploying Elastic Runtime on AWS CloudFormation](./cloudform-er-config.html) topic.