Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
googlecloud-gettingstarted [2019_07_03 18:25] – [Change Appliance Admin email] steven | googlecloud-gettingstarted [2024_03_18 20:16] (current) – steven | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | # Getting Started with Google Cloud | ||
- | # Getting Started on Google Cloud | + | ##### last updated July 13, 2023 |
## Why Google Cloud? | ## Why Google Cloud? | ||
- | [[https:// | + | [[https:// |
- | Google Cloud customers are using the File Fabric | + | Google Cloud customers are using Nasuni Access Anywhere |
- | For more information on See [[https:// | + | ## Deployment |
- | + | ||
- | ## Architecture | + | |
- | + | ||
- | ### Single VM Deployment | + | |
{{ : | {{ : | ||
- | For evaluation and smaller production environments the Enterprise File Fabric™ solution | + | For evaluation and smaller production environments, the Access Anywhere Server |
A single virtual machine can be launched directly from the Google Cloud Platform Marketplace. | A single virtual machine can be launched directly from the Google Cloud Platform Marketplace. | ||
- | ### Multiple VM Deployment | + | ### High Availability |
{{ : | {{ : | ||
- | The Enterprise File Fabric solution | + | The platform |
Please contact us for more information on setting up HA deployments on the Google Cloud Platform. | Please contact us for more information on setting up HA deployments on the Google Cloud Platform. | ||
- | For production deployments see also [[sizingguide|]]. | + | ### Sizing |
+ | |||
+ | For production deployments see [[sizingguide]]. | ||
## Requirements | ## Requirements | ||
Line 35: | Line 34: | ||
* Access to request / update DNS names for appliance (recommended) | * Access to request / update DNS names for appliance (recommended) | ||
- | | + | |
* Outbound mail relay information. (recommended) | * Outbound mail relay information. (recommended) | ||
* Default storage system connectivity details - Google Cloud Storage recommended (required) | * Default storage system connectivity details - Google Cloud Storage recommended (required) | ||
Line 42: | Line 41: | ||
## Launch | ## Launch | ||
- | {{ : | + | {{ : |
- | + | ||
- | 1. From the Google Cloud Platform Marketplace click [[https:// | + | |
- | 2. Then click **Launch on Compute Engine**. | + | 1. From the Google Cloud Platform Marketplace |
+ | 2. Then click **Launch**. | ||
Line 55: | Line 53: | ||
1. Choose a Zone | 1. Choose a Zone | ||
1. Verify the Machine type - The minimum is large enough for evaluation. | 1. Verify the Machine type - The minimum is large enough for evaluation. | ||
- | 1. Set IP Ranges for TCP port 8080 - This port is used only for initial network configuration | + | |
1. Select **Deploy**. | 1. Select **Deploy**. | ||
Line 65: | Line 63: | ||
{{ : | {{ : | ||
- | |||
## Verify Web Access | ## Verify Web Access | ||
- | {{ : | + | {{ : |
From the deployment panel, click the button **Visit the site** to bring up the appliance login page. You can also use the Site Address URL directly. Use the username **appladmin** and password **Admin password** to log into the appliance. | From the deployment panel, click the button **Visit the site** to bring up the appliance login page. You can also use the Site Address URL directly. Use the username **appladmin** and password **Admin password** to log into the appliance. | ||
Line 74: | Line 71: | ||
Until changed the appliance has an untrusted SSL certificate. Most browsers will flag this as a potential security issue and require your acknowledgement to bring up the page. | Until changed the appliance has an untrusted SSL certificate. Most browsers will flag this as a potential security issue and require your acknowledgement to bring up the page. | ||
- | If you don't have the deployment panel, first open the [[https:// | + | If you don't have the deployment panel, first open the [[https:// |
+ | |||
+ | Open the appliance website at %%https://< | ||
+ | |||
+ | {{ : | ||
Line 80: | Line 81: | ||
## Verify SSH Access | ## Verify SSH Access | ||
- | From the deployment panel, or from vm instance details, click the **SSH** button for remote access to the instance (using a browser or another ssh client). Check that you can become the smeconfiguser. (See trial email for password). | + | From the deployment panel, or from vm instance details, click the **SSH** button for remote access to the instance (using a browser or another ssh client). Check that you can become the smeconfiguser. |
- | su smeconfiguser | + | |
| | ||
- | Check that you can become root. (See trial email for password). | + | Check that you can become root. |
- | su - | + | |
| | ||
- | This will be required to complete configuration. | + | This will be required to complete |
- | {{ : | + | # Configure Network Services |
- | # SSL Configuration (Recommended) | + | ## SSL Configuration (Recommended) |
The appliance is configured, by default, with DHCP and a self-generated untrusted SSL certificate. | The appliance is configured, by default, with DHCP and a self-generated untrusted SSL certificate. | ||
Line 138: | Line 140: | ||
## Change Hostname | ## Change Hostname | ||
- | To update the appliance with the FQDN change to the root user by issuing “su -“ with SSH. As the root user, edit / | + | To update the appliance with the FQDN change to the root user by issuing “sudo su -“ with SSH. As the root user, edit / |
Change the google instance name to your FQDN. | Change the google instance name to your FQDN. | ||
Line 144: | Line 146: | ||
{{ : | {{ : | ||
- | ## Start SME Config | + | ## Start NAAConfig |
- | Leave root privilege and as the smeconfiguser start the configuration server by typing **smeconfigserver**. You should see a confirmation that the config server is running: | + | If you are logged in as root leave root privilege and as the smeconfiguser start the configuration server by typing **smeconfigserver**. You should see a confirmation that the config server is running: |
{{ : | {{ : | ||
Line 156: | Line 158: | ||
## Configure Hostname Settings | ## Configure Hostname Settings | ||
- | Here you only need to configure the three domain names. Click " | + | Here you only need to configure the three domain names. Click " |
{{ : | {{ : | ||
Line 170: | Line 172: | ||
Elevate to the root user by typing the following command and entering the root password when prompted. | Elevate to the root user by typing the following command and entering the root password when prompted. | ||
- | su - | + | |
Note: The appliance will be inaccessible during the request which may be up to a minute. | Note: The appliance will be inaccessible during the request which may be up to a minute. | ||
Line 182: | Line 184: | ||
Please also agree to the Terms of Service. It is not necessary to share the provided email with the Electronic Frontier Foundation. | Please also agree to the Terms of Service. It is not necessary to share the provided email with the Electronic Frontier Foundation. | ||
- | Certbot will automatically detect what FQDNs are setup for the Enterprise File Fabric | + | Certbot will automatically detect what FQDNs are setup for the Access Anywhere server |
Which names would you like to activate HTTPS for? | Which names would you like to activate HTTPS for? | ||
Line 193: | Line 195: | ||
blank to select all options shown (Enter ' | blank to select all options shown (Enter ' | ||
- | Lastly, Certbot will prompt to disable all HTTP access. | + | Lastly, Certbot will prompt to disable all HTTP access. |
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access. | Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access. | ||
Line 204: | Line 206: | ||
Select the appropriate number [1-2] then [enter] (press ' | Select the appropriate number [1-2] then [enter] (press ' | ||
- | After successful completion, the Enterprise File Fabric | + | After successful completion, the server |
### Automatically renewing the certificate | ### Automatically renewing the certificate | ||
Line 210: | Line 212: | ||
A Let’s Encrypt certificate is valid for 90 days, and can be automatically renewed within 30 days of expiration. | A Let’s Encrypt certificate is valid for 90 days, and can be automatically renewed within 30 days of expiration. | ||
- | Please Note: The File Fabric | + | Please Note: The server |
While still logged in as root run the following command to add a cron job. | While still logged in as root run the following command to add a cron job. | ||
Line 216: | Line 218: | ||
crontab -e | crontab -e | ||
- | In the example below the renewal attempt will process at 2: | + | In the example below the renewal attempt will process at 2: |
30 2 * * * / | 30 2 * * * / | ||
Line 222: | Line 224: | ||
This will create a crontab entry for a cron job that will handle the renewals and write its output to a log file. | This will create a crontab entry for a cron job that will handle the renewals and write its output to a log file. | ||
- | Use https:// | + | Use https:// |
## Outbound Email (Recommended) | ## Outbound Email (Recommended) | ||
Line 230: | Line 232: | ||
If you do not configure an email server remember not to use email notification when adding users. | If you do not configure an email server remember not to use email notification when adding users. | ||
- | ### Using Gmail for Outbound Email | + | ### Outbound Email (Recommended) |
- | Below is a sample what my screen looks like, for an SMTP setup using a Gmail account. | + | An SMTP server is used by the appliance to send registration and notification emails to users. A daily report and error notices are also emailed to the " |
- | {{ :cloudappliance: | + | See [[cloudappliance/ |
- | The “Notification Email” address will receive emails from the system warning of license expiration etc. You should enter your email here. | + | If you do not initially configure an email server remember not to use email notifications when adding users. |
### Change Appliance Admin Email | ### Change Appliance Admin Email | ||
Line 243: | Line 245: | ||
You can also set up Two Factor Authentication (2FA) for the Appliance Admin from this screen. | You can also set up Two Factor Authentication (2FA) for the Appliance Admin from this screen. | ||
+ | |||
+ | ### Server Notification Email | ||
+ | |||
+ | Server errors and a daily report are sent to a notification email that must be configured by the Appliance Administrator. The default is not to email reports. | ||
+ | |||
+ | The " | ||
+ | |||
+ | |||
# Create an Organization | # Create an Organization | ||
Line 259: | Line 269: | ||
## Review User Package (Optional) | ## Review User Package (Optional) | ||
- | The File Fabric | + | The platform uses templates for organizations, |
Click “User Packages” and then click the pencil to modify “Organisation Cloud 20 Users” This is a good template to start from. Scroll down to the “Extra options” section and add “Content Search Enabled” and Dropfolders. Use “Crtl-Click" | Click “User Packages” and then click the pencil to modify “Organisation Cloud 20 Users” This is a good template to start from. Scroll down to the “Extra options” section and add “Content Search Enabled” and Dropfolders. Use “Crtl-Click" | ||
Line 305: | Line 315: | ||
* [[organisationcloud/ | * [[organisationcloud/ | ||
* [[cloudproviders/ | * [[cloudproviders/ | ||
- | * [[filesharing|Share files]] | ||
- | * ... | ||
For more information see [[index|]] | For more information see [[index|]] | ||
+ | |||
+ | # Accessing Open Source Licenses | ||
+ | |||
+ | The server includes open source components. Open source licenses can be found on the appliance in the root folder: | ||
+ | |||
+ | * Third Party Licenses including Open Source Software.pdf |