Reference
https://jira.appcelerator.org/browse/NODEJS-2685
https://jira.appcelerator.org/browse/CLI-1138
https://wiki.appcelerator.org/display/PartnerDocs/Registry+and+Security+Server
- Build required OVA - eg 1.5.4 build http://10.0.1.200:8080/job/acs_single_image_stage_2_vmware/428/console
- Set up required VM nodes https://wiki.appcelerator.org/pages/viewpage.action?pageId=43318008
- Deployment config
$ cat config/dev_pc_user_input.json
{
"ssh": {
"username": "appcadmin",
"password": "XRQ8jEvqZ2c",
"port": 22
},
"mongodb": {
"hosts": ["10.0.18.71"],
"port": 27017,
"rsname": "data",
"username": "appcelerator",
"password": "cocoafish",
"provision": {
"enabled": true,
"admin_username": "admin",
"admin_password": "cocoafish",
"version": "enterprise"
}
},
"env": "development",
"hosts": ["10.0.18.70"],
"cluster": "pcdev",
"newrelic_key": "key",
"arrowdb_url_prefix": "api",
"arrowcloud_admin_url_prefix": "admin",
"dashboard_url_prefix": "dashboard",
"domain_name": "cloudapp-1.appctest.com",
"ssl_pem_file": "pem/cloudapp-1.appctest.com.pem"
}
- Deploy cluster successfully
$ bin/current/arrowcluster deploy -c config/dev_pc_user_input.json --force --ignore-preinstall-fatal
Login to the All-in-one VM and execute following commands:
cd /opt/appcelerator/360
sudo node data/defaultUser.js
sudo node data/partners.js
sudo node utils --script updateindices
Note the default username and password
- Using appc-registry-server-onprem@2.0.1/
- Set conf/appc.platform.js
$ cat conf/appc.platform.js
module.exports = {
platform: {
baseurl: 'https://dashboard.cloudapp-1.appctest.com',
registry: 'https://software.cloudapp-1.appctest.com',
security: 'https://security.cloudapp-1.appctest.com',
pubsub: '',
webevent: '',
cache: '',
isProduction: true,
supportUntrusted: true,
secureCookies: true,
}
};
- Set conf/security.js [TODO] Tool to generate key, pepper and hmacKey
$ cat conf/security.js
module.exports = {
security: {
key: '337002e07d5cae653d7e347508d851a8f2841aa4a72ece924b8c3f4a7801c9522a7631cc885acd92b1f0badadaae90f8746948590d7e134ca0e2738a2b5bea552025276c8a2c10e59db16f02dc394d1fbe037e462b08a96e83386ff816436999008150b00319ee1c75d9818c6ac1d1dcf1b80283d1495dbeba5e981333c619b6123909b346fa31d1181a0c7c8e53c0ed2af9ba73d626856a35165fba2a75e75233ed5b5a3c4ef333922a7fe32bdfa9d5ee3700777c3cf3fec1df31dca6eb694db0d205535eb8b65381079888c244d020403f89028d3021abce503fdf8c9b5f674d2f3580c3975b79ba0d43727a238e36e602c4c0a5f373ba01dfddaf6e836f06',
pepper: '46c205864a154bb02b6229bc0682b91ab32d3d837f02c39db75700019c78a16b0af7e0b9baf220faa3b621ecffd8b7d714119547ea6ea77bdeee39ff86f56636daaccd4d91618b5bbc3110541aefafffa3c3458c2aa0934f18a8573c0f94d9bae5400c399fb9422b3108fa8f24952d42203b0bd01109d34df080d59ecef6c01b288c7cefaa3825456fb42959da1503f182f364fda957a682e6f37600aebb94d06f00093a91d0f057a0bd80646a626c39262e9fa9a140f25e4f74d7460fbb378962ba612cc789e28db7adbee79b2ddeab1100cb7b6188e71ddbf79687ab6ed09085bacc10947e6ab2592faecbda843026011faa8ee8f3043e4235efd2d824e0a4',
hmacKey: '6f761a7a1d1f90274c525f28bd386d0ef3e23b4f94774a86e3f71c9cb558d50ac15b1907704abb2918b0db0aeafab85eb1504c7d76e845d25aebaf6d86a76f6fd4dd04e7461e226bdde55e07d8805951dcfb2c969eb9f2fe9f5ffccf20210457960b7af0a972d15cb75e28c710fa7069c7ff9af32dce31bd1a158ce7da33d85e14e152ef4344c277a125456b65fa6252b79a053579817917c185106b4098dd951af4eff4aa2c88318b6f77cd41a73896dbba057c3540b8452b2b263e76d1112679495459d7617bd586aa416ca21537344c0f8f8032b9343c55fd88bde5820bdbbe48274ec438eaccd7e2639471b8a35ef7280926caa0e0775d7b69e4b8319b19',
encoding: 'base64',
iterations: 2000,
size: 128,
expiry: 60000 * 60 * 24 * 7
}
};
- Publish the app, set the domain of app accordingly, the final app should look like this:
$ acs list appc-registry-server
ACS: Appcelerator Cloud Services Command-Line Interface, version 1.2.2
Copyright (c) 2012-2016, Appcelerator, Inc. All Rights Reserved.
Admin Hostname: https://admin.cloudapp-1.appctest.com
Organization: My Organization (983916205819696)
============
Points:
-- Quota: unlimited
-- Used: 4
App name: appc-registry-server
-- Created by: admin@dashboard.local
-- URL: https://a0945300e13d8c308995ab21f9577acea082b9e6.cloudapp-1.appctest.com
-- DOMAIN: software.cloudapp-1.appctest.com
-- Created at: Wed Nov 30 2016 15:52:56 GMT+0800 (SGT)
-- Published at: 2016-11-30T16:14:27+08:00
-- Maximum allowed number of servers: 2
-- Minimum number of servers: 1
-- Number of desired servers: 1
-- Zero-downtime upgrading: true
-- Active deployment:
- Node version: 4.4.7
- Server size: Small
- App version: 2.0.1
- Deployed at: Wed Nov 30 2016 16:15:05 GMT+0800 (SGT)
- Status: online
- Number of deployed servers: 1
- Servers:
No. 1 ID: 583e8a666bdfdd91122aed68 Status: Running Launched at: Wed, Nov 30, 2016 4:14 PM
- Using appc-security-server-onprem@0.0.47
- Login to local dashboard with default or newly created user
- Create an app for security and create a user and note the password
- Set the config files as follows
$ cat conf/appc.platform.json
{
"baseurl": "https://dashboard.cloudapp-1.appctest.com",
"registry": "https://software.cloudapp-1.appctest.com",
"security": "https://security.cloudapp-1.appctest.com",
"pubsub": "",
"webevent": "",
"cache": "",
"isProduction": true,
"supportUntrusted": true,
"secureCookies": true,
"loglevel": "debug"
}
Provide the arrowdb app details in the following config
$ cat conf/appc-security-server.acs.json
{
"preproduction": {
"key": "vpePNb0Ctklgx39GK33qGkOs1NAU9M3e",
"apiEntryPoint": "https://api.cloudapp-1.appctest.com",
"login": "security",
"password": "security"
}
}
$ cat conf/appc-security-server.dashboard.json
{
"preproduction": {
"baseurl": "https://dashboard.cloudapp-1.appctest.com",
"secureCookies": true
}
}
The keys in the following config should match that of registry server added earlier
$ cat conf/security.js
module.exports = {
security: {
key: '337002e07d5cae653d7e347508d851a8f2841aa4a72ece924b8c3f4a7801c9522a7631cc885acd92b1f0badadaae90f8746948590d7e134ca0e2738a2b5bea552025276c8a2c10e59db16f02dc394d1fbe037e462b08a96e83386ff816436999008150b00319ee1c75d9818c6ac1d1dcf1b80283d1495dbeba5e981333c619b6123909b346fa31d1181a0c7c8e53c0ed2af9ba73d626856a35165fba2a75e75233ed5b5a3c4ef333922a7fe32bdfa9d5ee3700777c3cf3fec1df31dca6eb694db0d205535eb8b65381079888c244d020403f89028d3021abce503fdf8c9b5f674d2f3580c3975b79ba0d43727a238e36e602c4c0a5f373ba01dfddaf6e836f06',
pepper: '46c205864a154bb02b6229bc0682b91ab32d3d837f02c39db75700019c78a16b0af7e0b9baf220faa3b621ecffd8b7d714119547ea6ea77bdeee39ff86f56636daaccd4d91618b5bbc3110541aefafffa3c3458c2aa0934f18a8573c0f94d9bae5400c399fb9422b3108fa8f24952d42203b0bd01109d34df080d59ecef6c01b288c7cefaa3825456fb42959da1503f182f364fda957a682e6f37600aebb94d06f00093a91d0f057a0bd80646a626c39262e9fa9a140f25e4f74d7460fbb378962ba612cc789e28db7adbee79b2ddeab1100cb7b6188e71ddbf79687ab6ed09085bacc10947e6ab2592faecbda843026011faa8ee8f3043e4235efd2d824e0a4',
hmacKey: '6f761a7a1d1f90274c525f28bd386d0ef3e23b4f94774a86e3f71c9cb558d50ac15b1907704abb2918b0db0aeafab85eb1504c7d76e845d25aebaf6d86a76f6fd4dd04e7461e226bdde55e07d8805951dcfb2c969eb9f2fe9f5ffccf20210457960b7af0a972d15cb75e28c710fa7069c7ff9af32dce31bd1a158ce7da33d85e14e152ef4344c277a125456b65fa6252b79a053579817917c185106b4098dd951af4eff4aa2c88318b6f77cd41a73896dbba057c3540b8452b2b263e76d1112679495459d7617bd586aa416ca21537344c0f8f8032b9343c55fd88bde5820bdbbe48274ec438eaccd7e2639471b8a35ef7280926caa0e0775d7b69e4b8319b19',
encoding: 'base64',
iterations: 2000,
size: 128,
expiry: 60000 * 60 * 24
},
pubsub: {
preferWebSocket: true,
key: 'none',
secret: 'none',
url: 'https://localhost'
},
webevent_server: 'https://localhost'
};
- Publish the app, set the correct domain, final app should look like this:
$ acs list appc-security-server
ACS: Appcelerator Cloud Services Command-Line Interface, version 1.2.2
Copyright (c) 2012-2016, Appcelerator, Inc. All Rights Reserved.
Admin Hostname: https://admin.cloudapp-1.appctest.com
Organization: My Organization (983916205819696)
============
Points:
-- Quota: unlimited
-- Used: 4
App name: appc-security-server
-- Created by: admin@dashboard.local
-- URL: https://7d85687e461a82e24128252512e6186bc25cb1e5.cloudapp-1.appctest.com
-- DOMAIN: security.cloudapp-1.appctest.com
-- Created at: Wed Nov 30 2016 15:43:04 GMT+0800 (SGT)
-- Published at: 2016-11-30T16:13:00+08:00
-- Maximum allowed number of servers: 1
-- Minimum number of servers: 1
-- Number of desired servers: 1
-- Zero-downtime upgrading: true
-- Active deployment:
- Node version: 4.4.7
- Server size: Dev
- App version: 0.0.47
- Deployed at: Wed Nov 30 2016 16:13:29 GMT+0800 (SGT)
- Status: online
- Number of deployed servers: 1
- Servers:
No. 1 ID: 583e8a106bdfdd91122aed67 Status: Running Launched at: Wed, Nov 30, 2016 4:13 PM
Note: [NODEJS-2685] on-premises cluster may not have dns, but arrow apps have to access api url inside container, so we add api, dashboard and admin entry to /etc/hosts inside container.
On this node, we may need to add to /etc/hosts the following (workaround)
10.0.18.70 7d85687e461a82e24128252512e6186bc25cb1e5.cloudapp-1.appctest.com
10.0.18.70 security.cloudapp-1.appctest.com
10.0.18.70 a0945300e13d8c308995ab21f9577acea082b9e6.cloudapp-1.appctest.com
10.0.18.70 software.cloudapp-1.appctest.com
Edit /etc/hosts and include the following
10.0.18.70 dashboard.cloudapp-1.appctest.com
10.0.18.70 software.cloudapp-1.appctest.com
10.0.18.70 security.cloudapp-1.appctest.com
10.0.18.70 admin.cloudapp-1.appctest.com
10.0.18.70 api.cloudapp-1.appctest.com
- Add this to ~/.bash_profile and source
$ cat ~/.bash_profile
APPC_REGISTRY_SERVER=https://software.cloudapp-1.appctest.com; export APPC_REGISTRY_SERVER
APPC_SECURITY_SERVER=https://security.cloudapp-1.appctest.com; export APPC_SECURITY_SERVER
APPC_DASHBOARD_URL=https://dashboard.cloudapp-1.appctest.com; export APPC_DASHBOARD_URL
appc cli (6.0.0) was tested for the above changes.