Install connector in other environments
Install a connector in an OpenStack environment/KVM environment
Install an Enterprise Application Access (EAA) connector in an OpenStack or KVM environment.
Prerequisite:
Admin rights to access OpenStack services such as Glances, Horizons, and others.
-
In Connector Package select OpenStack/KVM.
-
Extract the image file you downloaded in the previous steps to a known location.
-
Transfer the downloaded connector image file to the OpenStack Glances server.
-
Log in to an SSH session on the Glances server.
-
Enter the command to convert the downloaded image file format to the
Qcow2
image format:
qemu-img convert -f raw -O qcow2 image.img image.qcow2
Install a connector in a Microsoft Hyper-V environment
Prerequisite:
Make sure your Microsoft Hyper-V environment is setup with sufficient compute and storage resources.
The connector footprint is as follows:
Required | Recommended |
---|---|
Processors | Intel-VT or AMD-V with hardware virtualization enabled four cores |
Memory (RAM) | 8 GB |
Storage | 16 GB |
Network | 1 vNIC. 1 GB/s, static IP address or dynamic IP assigned from DHCP server, DNS |
If you access browser based applications, configure connector with 4 vCPUs, 8 GB RAM and 40 GB storage space at a minimum.
-
Open your Microsoft Hyper-V management console and import the downloaded
.vhd
file into your Hyper-V environment. -
In Microsoft Hyper-V Manager, create a new VM. A wizard opens to guide you through the process.
-
Specify a name for the connector VM.
-
Select the appropriate settings for Generation (Generation 1 for connector).
-
Configure the memory for the connector (8 GB).
-
Select the NIC for the connector to communicate with the internal network, which should have a route to the Internet and be able to communicate with the EAA service.
-
Specify the location where you downloaded and saved the
.vhd
file. -
Verify the configuration in Summary and click Finish.
-
Start your connector VM.
-
Return to EAA Management Portal and verify that the connector shows the private and public IP addresses assigned to it.
-
Click Click here to approve. Wait while the EAA service verifies the connector.
Connector runs on Microsoft Hyper-V server.
Install a connector in Amazon Web Services
Create an EAA connector Amazon Machine Image (AMI) in your Amazon Web Services (AWS) environment.
The connector does not receive traffic from outside but it may need to connect to EAA cloud instances for configuration and other data. Make sure the security group associated with the connector is set up with the following policy:
-
Outgoing traffic: Allow all.
-
Incoming traffic: Deny all.
-
Log in to EAA Management Portal.
-
In the EAA Management Portal navigation menu, select Connectors.
-
Select your connector for AWS. It's package type should be: Amazon AWS EC2/VPC.
-
Download the CloudFormation template.
-
Log in to your AWS console and select AWS services menu > AWS CloudFormation > CREATE STACK.
-
Under Create Template, select Upload a template to Amazon S3.
-
Click Choose File.
-
Select the downloaded CloudFormation template.
-
Enter a stack name, NAT instance type, VPC ID and subnet information and click Next.
For the NAT instance type, a recommended minimum is
m4.large
. -
Complete the configuration of tags, storage, and other features as needed. Since AWS does not use swap space for storage use a minimum of 12 GB RAM.
-
Click CREATE. Once the stack creation is complete, the connector instance starts and automatically connects to the EAA Cloud.
-
Return to EAA Management Portal.
-
In the EAA Management Portal navigation menu, select Connectors.
-
Select your AWS connector VM and click Approve.
Install a Docker-based connector
Set up Control Center connector as a Docker image on a Docker-ready environment.
Prerequisite:
Installed Docker. Enterprise Application Access (EAA) connectors installed as Docker containers require a Docker-ready OS environment.
Client-access applications cannot be attached to a Docker-based connector. For RDP and SSH, make sure you choose browser-based applications for docker to support.
-
In your Docker environment, open a terminal window.
-
Go to the downloaded Docker container.
-
Unzip the Docker image:
$ gunzip <Connector_docker_image_filename.tar.gz>
-
Load the image into Docker:
$ sudo docker load -i <Connector_docker_image_filename.tar>
-
Check that the image is loaded properly and find the <docker_image_name>:
$ sudo docker images
-
Run the Docker image:
$ sudo docker run --name <Connector_Name> --restart=always -d <docker_image_name>
-
Confirm that the Docker-based container is running:
$ sudo docker ps
-
Return to EAA Management Portal and verify that the connector shows the private and public IP addresses assigned to it.
-
Click Click here to approve the connector. Wait while the EAA service verifies the connector.
A success message appears. Docker-based connector runs as a container. -
To prevent abnormal behavior in the event of the agent being restarted, commit the connector to a new image:
$ sudo docker commit <Connector_Container_ID> <new_image_name>
-
Replace
<new_image_name>
with the name of your connector.
Docker-based connector now runs as a container on your server, and you can add your applications and secure them with Enterprise Application Access.
Install a connector in a Google Cloud Platform environment
-
Log in to the EAA Management Portal.
-
In the EAA Management Portal navigation menu, select Connectors.
-
Locate the connector card labeled GCEtest.
-
Click download to download the tarball (
connector-id.tar.gz
) file.
If necessary, adjust options in your browser to prevent the file from being unzipped and extracted automatically.
-
Save the connector tarball in a safe location.
-
To create a connector VM in the Google Cloud Platform (GCP) log in to the GCP console.
-
Use the storage browser to upload the
connector-id.tar.gz
file to your Google Cloud storage. -
Create an image using the
connector-id.tar.gz
file. Click Compute Engine > Images > New image. -
Enter a name for the connector.
-
In Source Type select Cloud Storage Object.
-
Enter the location of the tarball file stored in Cloud storage. For example,
gs://bucketname/connector-id.tar.gz
. -
Spawn an instance using the new image. Select the image name and click Create Instance.
-
Enter a name for the instance, select the zone, and make sure the Machine Type is
n1-standard
(recommended minimum is 2 vCPU with 8 GB memory for connectors).
Make sure the image has the correct connector image. -
Select the appropriate Boot Disk Type.
-
Make sure the connector has Internet connectivity. Assign Ephemeral or New static IP address.
-
Click Create. GCP creates and boots up the connector instance in Google Cloud.
The connector connects to the EAA cloud. -
Return to EAA Management Portal.
-
Select the connector labeled GCEtest and click Need your approval.
-
Click Approve.
Connector runs in the Google Cloud Platform environment.
Install a connector in a Microsoft Azure environment
Prerequisites:
-
Set up Microsoft Azure account and billing.
-
Make sure an Azure administrator created a resource group necessary for template deployments. If not, to create a resource group, refer to the Microsoft Azure documentation on managing resource groups in Azure portal.
A minimum size of Standard_F4s_v2 is required to secure any type of application.
-
Log in to your Microsoft Azure portal.
-
Deploy the EAA connector template in Azure. Select New.
-
In the search field, type
template deployment
and select Template deployment. -
In Template Deployment select Create.
-
In Custom deployment select Build your own template in the editor.
Edit template appears. -
Replace all properties and elements in the template file with the contents of the connector file:
-
Manually delete everything in the template file.
-
Paste the contents of the connector file.
-
Click Save.
-
-
Configure the basic settings:
-
In Subscription select a type of subscription.
-
For Resource select Use existing, and in the menu, select your resource group.
-
In Location select the location where resources are located.
-
-
In Settings configure the following:
-
In Vnet Resource Group enter the resource group of the virtual network.
-
In Admin Password enter the administrator password of the virtual machine.
-
In Subnet Name enter the name of the subnet in the virtual network.
-
In Admin Username enter the administrator's username of the virtual machine.
-
In Existing Virtual Network Name enter the name of the virtual network.
-
-
Review the Terms and Conditions and select I agree to the terms and conditions stated above.
-
Select Purchase.
Next, verify that the connector was successfully created in Microsoft Azure or deploy a second Azure template.
Verify that the connector was successfully created in Microsoft Azure
Verify that the connector is successfully created in Microsoft Azure and runs in Enterprise Application Access.
-
To check if the virtual machine was created in Microsoft Azure log in to your Microsoft Azure portal.
-
In the Microsoft Azure menu click Virtual Machines.
-
Check if the virtual machine appears and is running.
-
-
To check if the connector is running in EAA Management Portal, log in to the EAA Management Portal.
-
In the EAA Management Portal navigation menu, select Connectors.
-
Verify that the connector you created shows the private and public IP addresses. The system asks you to approve the connector. Click Click here to approve.
Wait until service verifies the connector. A success message appears. Connector runs.
Next, you can deploy a second Azure template.
To deploy a second Azure connector, the template for the second connector must be modified to reference a different public IP address and storage for the connector.
-
Change publicIPAddressName to publicIp2.
-
Change vhd and name. Change
"osDisk": {"caching": "ReadWrite", "vhd": {"uri": "[concat('http://',variables('storageAccountName'),'.blob.core.windows.net/vhds/','osdisk2.vhd')]"}, "createOption": "FromImage", "name": osdisk2
.
Updated about 1 year ago