Skip to main content

Automated ZNS deployment with SW installation

This article is focused on automated large scale deployment of ZNS appliances.  As such, it entails some non-trivial steps and command-line tools.  It is expected that some of these steps would be adapted into SW management tools such as Ansible/Chef/Puppet/etc to fit into the operational procedures of the target IT organization.

 

For UI-based configuration through zCenter admin portal, please refer to the zCenter admin guide.

 

For automated deployment of ZNS clusters and nodes, the following major steps are required:

  1. API-based configurator to configure zCenter

  2. ZNS node SW installation

  3. ZNS node configuration

  4. FW rules for communication with users/servers/zCenter

 

Detailed steps:

  1. API-based configurator to configure zCenter

    1. If one is not yet available, create a Service-level API Key, in zCenter > Advanced Management > API Management > API Credentials, click Create Credentials, select Admin Type: Service Admin, add relevant comments in description, select all permissions, and save JSON file to a secure location

    2. Download the configurator tool attached to this article

    3. Note - this configurator is built to run on Centos7 operating system.  Contact us for other operating systems

    4. Usage:   ./zns_cluster_node_create_811_centos.bin --scred <api_key.json> --zns_cluster_name <cluster_name>  --control_channel_ip <IP_OR_FQDN> --preferred_data_path_ip <IP_OR_FQDN>

    5. This will produce a file node_enable_key.txt with the pairing key, to be used below

  2. ZNS node SW installation

    1. VM Requirement: Centos 7 OS with latest yum updates.  Please contact us for appropriate VM sizing

    2. Download latest SW installer

      1. For zCenter version 7.4.5:

        1. wget "https://zentera-product-releases.s3.amazonaws.com/7.4.5+(072922a)/zns-node-install-c7.9.2009-7.4.1-14.tar.gz"

      2. for zCenter version 8.1.1: URL to be added

    3. tar xf zns-node-install-<version>.tar.gz

    4. cd zns-install-centos<version>

    5. sudo ./install_zns<version>.sh

  3. ZNS node configuration

    1. Change to the zns-install-centos<version> directory created above

    2. sudo ./cluster.sh enable --mcg-host=<zcenter URL> --shared-key=<Eg abcdef0123456789abcdef0123456789>

      1. Note, if needed, to disable, use: sudo ./cluster.sh disable

  4. Firewall rules

    1. NOTE - The automation of these FW rules will vary depending on the FW technology used and is beyond the scope of this document

    2. NOTE - These rules allow the ZNS appliance to communicate and establish access overlay network, which then tunnel the data channel traffic amongst users and servers.  Once the below rules are in place, no further infrastructure firewall touches are required for individual access policies and connections.

    3. NOTE - It is assumed that other basic functions such as SSH, NTP, yum, etc are already supported

    4. Enable TCP 443 inbound to ZNS Node from any source

    5. Enable TCP 4433 inbound to ZNS Node from zCenter

    6. Enable TCP 443 outbound from ZNS Node to zCenter

Related articles

Comments

0 comments

Please sign in to leave a comment.