Installation on Virtual or Physical Servers

Step 1 – Push Nirmata images to your Private Docker Registry

Note: If your machine has access to Docker Hub (https://hub.docker.com) this step is not required and you can proceed to Step 2 - Configure a Node to Run Nirmata Shared Services.

The first step involves pushing Nirmata container images into your private Docker registry. Nirmata container images are available on Docker Hub. These images will be downloaded and pushed into a repository called “nirmata”.

  1. Copy the script nirmata-pe.sh you received from Nirmata on a Linux host which as a network connectivity with both your Docker private registry and Docker Hub.
  2. Edit the script nirmata-pe.sh and update the following fields with correct values:

    a. DOCKER_REGISTRY: IP address or DNS name of your Docker private registry b. DOCKER_USERNAME: Username used to login to the Docker private registry c. DOCKER_PASSWORD: Password used to login to the Docker private registry

    (If a Network Proxy is required)

    d. HTTP_PROXY: HTTP network proxy URL with username and password if needed e. HTTPS_PROXY: HTTPS network proxy URL with username and password if needed f. NO_PROXY: network addresses, names, or CIDRs for which the proxy is not used

  3. Execute the installer command :

    ./nirmata-pe.sh update –-registry
    

This command is going to pull from Docker Hub all the Nirmata images and push them into your Docker private registry. The list of images is as follows:

$TARGET_REGISTRY/nirmata/nirmata-pe-installer:pe_v1               
$TARGET_REGISTRY/nirmata/users:pe_v1               
$TARGET_REGISTRY/nirmata/webclient:pe_v1               
$TARGET_REGISTRY/nirmata/config:pe_v1               
$TARGET_REGISTRY/nirmata/cluster:pe_v1               
$TARGET_REGISTRY/nirmata/securit:pe_v1               
$TARGET_REGISTRY/nirmata/orchestrator:pe_v1               
$TARGET_REGISTRY/nirmata/cloudprovider:pe_v1               
$TARGET_REGISTRY/nirmata/imageregistry:pe_v1               
$TARGET_REGISTRY/nirmata/nginx-private-edition:pe_v1               
$TARGET_REGISTRY/nirmata/host-gateway:pe_v1               
$TARGET_REGISTRY/nirmata/nirmata-tunnel-server:pe_v1               
$TARGET_REGISTRY/nirmata/analytics:pe_v1               
$TARGET_REGISTRY/nirmata/clientgateway:pe_v1               
$TARGET_REGISTRY/nirmata/gateway:pe_v1               
$TARGET_REGISTRY/nirmata/registry:pe_v1   
$TARGET_REGISTRY/nirmata/kibana418:latest
$TARGET_REGISTRY/nirmata/kafka-es-connector:1.7.3
$TARGET_REGISTRY/mongodb-single:latest
$TARGET_REGISTRY/nirmata/kafka-single:latest
$TARGET_REGISTRY/nirmata/zookeeper-single:latest  
$TARGET_REGISTRY/nirmata/elasticsearch-single:latest  
Step 2 – Configure a Node to Run Nirmata Shared Services

This first Node will run Nirmata shared services - MongoDB, Zookeeper, Elasticsearch, Kafka and Kibana.

  1. SSH to your Node
  2. Disable RHEL7 the firewall (if applicable) :

    sudo systemctl stop firewalld
    sudo systemctl disable firewalld
    sudo systemctl status firewalld
    
  3. Install Docker (for RHEL see Annex A – Docker CE Installation on RHEL 7)

  4. Copy Nirmata Private Edition installation script (Nirmata-pe.sh) under /usr/bin :

    sudo cp nirmata-pe.sh /usr/bin/nirmata-pe
    sudo chmod a+x /usr/bin/nirmata-pe
    
  5. Make sure the following ports are accessible from outside the Node:

    a. Elasticsearch: 9200, 9300 b. Kafka: 9092 c. Zookeeper: 2181, 2888, 3888 d. MongoDB: 27017

Step 3 - Deploy Shared Services

1) Edit the script /usr/bin/nirmata-pe.sh to update the following fields with correct values:

a. DOCKER_REGISTRY: IP address or DNS name of your Docker private registry

b. DOCKER_USERNAME: Username used to login to the Docker private registry

c. DOCKER_PASSWORD: Password used to login to the Docker private registry

d. PRIVATE_IP: Private IP address of your Node

e. BACKEND_IP: Private IP of your Node (must be same as PRIVATE_IP)

(If a Network Proxy is required)

f. HTTP_PROXY: HTTP network proxy URL with username and password if needed.

g. HTTPS_PROXY: HTTPS network proxy URL with username and password if needed.

h. NO_PROXY: network addresses, names, or CIDRs for which the proxy is not used.

2) Execute the installer command: :

     ./nirmata-pe.sh install –-backend

3) Verify that all the backend services are up and running :

     sudo docker ps

At the end of the execution the command will display the list of container running on your Node. You should see an output similar to this:

IMAGE                                                  CREATED              STATUS              
$TARGET_REGISTRY/nirmata/kibana418:latest              About a minute ago   Up About a minute
$TARGET_REGISTRY/nirmata/kafka-es-connector:1.7.3      About a minute ago   Up About a minute
$TARGET_REGISTRY/nirmata/elasticsearch-single:latest   About a minute ago   Up About a minute
$TARGET_REGISTRY/nirmata/mongodb-single:latest         About a minute ago   Up About a minute
$TARGET_REGISTRY/nirmata/kafka-single:latest           About a minute ago   Up About a minute
$TARGET_REGISTRY/nirmata/zookeeper-single:latest       About a minute ago   Up About a minute

In case something goes wrong or if you need to change some of the configuration parameters, you can remove all the services and re-do the installation. To remove all the Nirmata shared services you can execute:

./nirmata-pe.sh remove –-backend
Step 4 - Configure a Node to Run Nirmata Services

This second Node will run the Nirmata microservices and nginx.

  1. SSH to your Node
  2. Disable RHEL7 the firewall :

    sudo systemctl disable firewalld
    
  3. Install Docker

  4. Copy Nirmata Private Edition installation script (Nirmata-pe.sh) under /usr/bin: :

    sudo cp nirmata-pe.sh /usr/bin/nirmata-pe
    sudo chmod a+x /usr/bin/nirmata-pe
    
  5. Make sure that the ports 443 and 80 are open

Step 5 - Install an x509 Certificate

In order to run nginx, you need to provide a certificate valid for the URL use want to use to access Nirmata. If you don’t already have a certificate, you can use a self-signed certificate. Here are the steps required to generate a self-sign certificate:

  1. SSH to the Node you will use to run the Nirmata services
  2. Create a directory where the certificate will be generated :

    sudo mkdir certificates
    
  3. Generate the certificate in this directory :

    sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout certificates/nginx.key -out certificates/nginx.crt
    
  4. Enter the required parameters

    a. Country Name (2 letter code) [AU]:US

    b. State or Province Name (full name) [Some-State]:New York

    c. Locality Name (eg, city) []:New York City

    d. Organization Name (eg, company) [Internet Widgits Pty Ltd]:Acme

    e. Organizational Unit Name (eg, section) []:I.T

    f. Common Name (e.g. server FQDN or YOUR name) []:server_IP_address or DNS

    g. Email Address []:admin@your_domain.com

Step 6 - Deploy Nirmata Services
  1. SSH to your Nirmata Services Node
  2. Edit the script nirmata-pe.sh to update the following fields with correct values:

    a. DOCKER_REGISTRY: IP address or DNS name of your Docker private registry

    b. DOCKER_USERNAME: Username used to login to the Docker private registry

    c. DOCKER_PASSWORD: Password used to login to the Docker privateregistry

    d. PRIVATE_IP: Private IP address of your Node

    e. BACKEND_IP: Private IP of your Node (must be same as PRIVATE_IP)

    f. DATA_DIR: Directory that will contain all the logs and data

    g. BACKUP_DIR: Directory where database backups must be stored

    h. NIRMATA_URL: URL that will be used to connected to Nirmata

    i. CERTIFICATE: Certificates associated to NIRMATA_URL

    j. KEY: PEM key associated to NIRMATA_URL

    k. ADMIN_NAME: Name of the Nirmata super admin user

    l. ADMIN_PASSWORD: Password of the Nirmata super admin user

    m. ADMIN_EMAIL: Email of the super admin user

    n. TENANT_NAME: Name of the first tenant. You can use your company name or team name for instance.

    o. TENANT_OWNER_EMAIL: Email of the user responsible for this tenant

    p. USER_NAME: Name of the first Nirmata user

    q. USER_PASSWORD: Password of the first Nirmata user

    r. USER_EMAIL: Email of the first Nirmata user

  3. Execute the installer command: :

    ./nirmata-pe.sh install –-nirmata
    
  4. Verify that all the backend services are up and running

At the end of the execution, the command will display the list of containers running on your Node. You should see an output similar to this:

IMAGE                                                   CREATED              STATUS             
$TARGET_REGISTRY/nirmata/nginx-private-edition:latest   30 seconds ago       Up 23 seconds
$TARGET_REGISTRY/nirmata/gateway:pe_v1                  35 seconds ago       Up 31 seconds
$TARGET_REGISTRY/nirmata/host-gateway:pe_v1             43 seconds ago       Up 42 seconds
$TARGET_REGISTRY/nirmata/orchestrator:pe_v1             50 seconds ago       Up 49 seconds
$TARGET_REGISTRY/nirmata/webclient:pe_v1                About a minute ago   Up 57 seconds
$TARGET_REGISTRY/nirmata/cluster:pe_v1                  About a minute ago   Up About a minute
$TARGET_REGISTRY/nirmata/nirmata-tunnel-server:pe_v1    About a minute ago   Up About a minute
$TARGET_REGISTRY/nirmata/clientgateway:pe_v1            About a minute ago   Up About a minute
$TARGET_REGISTRY/nirmata/cloudprovider:pe_v1            About a minute ago   Up About a minute
$TARGET_REGISTRY/nirmata/analytics:pe_v1                About a minute ago   Up About a minute
$TARGET_REGISTRY/nirmata/imageregistry:pe_v1            About a minute ago   Up About a minute
$TARGET_REGISTRY/nirmata/config:pe_v1                   2 minutes ago        Up 2 minutes
$TARGET_REGISTRY/nirmata/security:pe_v1                 2 minutes ago        Up 2 minutes
$TARGET_REGISTRY/nirmata/users:pe_v1                    2 minutes ago        Up 2 minutes
$TARGET_REGISTRY/nirmata/registry:pe_v1                 2 minutes ago        Up 2 minutes

In case something goes wrong or if you need to change some of the configuration parameters you can remove all the services and re-do the installation. To remove and re-install all the Nirmata services you can execute:

./nirmata-pe.sh remove –-nirmata
./nirmata-pe.sh install –-nirmata
Step 7 - Logon to Nirmata

You can login to Nirmata using the URL, the email and password you have specified in the installation script (NIRMATA_URL, USER_EMAIL, USER_PASSWORD).

Step 8 – Add the license

Once you log in to Nirmata, go to Account->Settings and update the license key. Once a valid license key is added, you will no longer see the ‘Trial’ message.