Single Node Unified Ports installation
Pre-requisites
This section will provide the list of packages provided by VerdiumID and details regarding the installation procedure.
Requirements for VeridiumID
The following list of packages must be installed from official repositories in order to be able to use VeridiumID, the following command can be run as root:
yum -y install apr-devel openssl-devel libstdc++-devel curl unzip wget zlib zlib-devel nc openssh-clients perl rsync libtalloc perl-DBI
On RHEL make sure subscription is activated
sudo subscription-manager repos --enable=rhel-7-server-rpms --enable=rhel-7-server-extras-rpms --enable=rhel-7-server-optional-rpms
The following requirements must be available on all nodes:
VeridiumID requires OpenJDK 8 latest release (tested with version 322) and rng-tools to provide entropy to the system.
yum -y install java-1.8.0-openjdk
yum -y install rng-tools
systemctl enable rngd
systemctl start rngd
Disable IPv6 on all nodes
sysctl -w net.ipv6.conf.all.disable_ipv6=1
sysctl -w net.ipv6.conf.default.disable_ipv6=1
Add veridiumid user to sudoers
add the following line to /etc/sudoers
veridiumid ALL=(ALL) NOPASSWD: ALL
Ensure that the Ansible node has SSH access to all other nodes using SSH keys and using the veridiumid user (the veridiumid user is created by packages installed at 2.2.1)
This must be done after installing the layout packages!
VeridiumID nodes must have SELinux disabled or permissive during the deployment
sudo su \ setenforce 0
Please add the following rule, for logging for haproxy (as root):
chcon -R -t httpd_sys_rw_content_t /vid-app/dyn/logs/haproxy
Also, you have to run the following command in order to permit rsyslog logging (as root):
semanage permissive -a syslogd_t
The following ports must be accessible between hosts:
From the outside towards the Webapp nodes: 443, 8544, 8944, 9444, 9987, 11443, 11433, 11434 (8844 is not used anymore)
From Ansible nodes towards all other nodes: 22
From Webapp nodes towards other Webapp nodes: 8080, 8543, 8843, 8943, 9090, 9443, 9986, 11442, 11432, 1812 (UDP), 1813 (UDP)
From Webapp nodes towards Persistance nodes: 2181, 9042, 9092, 9095
From Persistance nodes towards other Persistance nodes: 2181, 2888, 3888, 7001, 7199, 9042, 9092, 9095