GUI Node Installation
Overall Installation Steps
The high-level steps for installing and configuring the N2SNS administrative GUI are:
- Ensure the installation pre-requisites are met.
- Install the GUI package.
- Perform any required post-installation steps.
- Update the administrative GUI configuration as desired.
- Optionally, apply the recommended Apache security configuration.
Installation Pre-requisites
OS-specific Setup
Refer to the specific Red Hat or Debian instructions for any pre-requisites as required.
Apache 2
Apache 2 must be installed prior to installing the N2SNS GUI package. The package to install will depend on your OS type:
| RHEL 8 | Other RPM-based Systems | DEB-based Systems |
|---|---|---|
sudo dnf install httpd |
sudo yum install httpd |
sudo apt-get install apache2 |
The N2SNS GUI package expects that the relevant Apache 2 configuration directory exists. Again, this varies depending on your OS type:
| RPM-based Systems | DEB-based Systems |
|---|---|
/etc/httpd |
/etc/apache2 |
Finally, the apachectl program must exist (it is installed as part of the Apache 2 package) and Apache must be
running.
Installation Steps
Follow the appropriate installation steps depending on your installation sources.
From N-Squared Repository
Execute the instructions specific to your operating system:
| RHEL 8 | Other RPM-based Systems | DEB-based Systems |
|---|---|---|
sudo dnf install n2sns-gui |
sudo yum install n2sns-gui |
sudo apt-get install n2sns-gui |
Post-Installation Steps
Default Application
After installation, there is no default behaviour for Apache to automatically navigate to an N2SNS application when a site root request is received. It is recommended that the administrative GUI be chosen as the default application to route to if no other selection is made. Follow the instructions in the appropriate section below to achieve this.
Administrative GUI As Default
To set the administrative GUI as the default application, edit the appropriate file for your OS type:
| RPM-based Systems | DEB-based Systems |
|---|---|
/etc/httpd/n2sns.conf |
/etc/apache2/n2sns.conf |
Add the following line to the top of the file:
RedirectMatch ^/$ /n2sns/
Restart Apache to apply the change:
apachectl restart
Apache Configuration
To update the Apache configuration for the N2SNS administrative GUI, edit the following file:
| RPM-based Systems | DEB-based Systems |
|---|---|
/etc/httpd/conf.d/n2sns.conf |
/etc/apache2/conf-enabled/n2sns.conf |
In the file, update the value REPLACE_WITH_API_ADDRESS to the API instance or loadshare proxy destination as required
in the below lines:
# Proxy keepalive requests.
ProxyPass /n2sns-api/keepalive http://REPLACE_WITH_API_ADDRESS/jarvis-agent/n2sns-api/__status
ProxyPassReverse /n2sns-api/keepalive http://REPLACE_WITH_API_ADDRESS/jarvis-agent/n2sns-api/__status
# Proxy application Jarvis requests.
ProxyPass /n2sns-api/jarvis-agent http://REPLACE_WITH_API_ADDRESS/jarvis-agent
ProxyPassReverse /n2sns-api/jarvis-agent http://REPLACE_WITH_API_ADDRESS/jarvis-agent
# Proxy management Jarvis requests if required.
#ProxyPass /jarvis-agent http://REPLACE_WITH_API_ADDRESS/jarvis-agent
#ProxyPassReverse /jarvis-agent http://REPLACE_WITH_API_ADDRESS/jarvis-agent
If the GUI node is not on the same node as the API, uncomment the final two lines in the above section. These should remain commented for co-hosted installations of the GUI and API to avoid infinite looping.
Jarvis Configuration
If the N2SNS API is not co-located with the GUI node, in the file /usr/share/n2sns/gui/jarvis-proxy.json, locate the
following section:
{
"/jarvis-agent": {
"target": "http://jarvis-host/",
"secure": false
}
}
Update the value of the target parameter to match the N2SNS API address. Alternately, you may add an entry to the GUI
node’s hosts file or DNS lookups to redirect jarvis-host to the API as desired.
Firewall
The firewall (if any) on the GUI node must be updated to allow:
- Inbound user requests on the listening Apache port(s).
- Outbound API requests to the API node(s).
The exact commands to do this will depend both on the firewall on your platform and also which port(s) are in use. For
example, to allow the default Apache ports when using firewalld, the commands might be:
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent
service firewalld restart
SELinux
If SELinux is in use, Apache must be allowed to read and execute back-end code and initiate proxy connections. To enable this, execute:
sudo setsebool -P httpd_can_network_connect 1
sudo setsebool -P httpd_read_user_content 1