Hyper Open Edge Cloud

SlapOS HowTo Install SlapOS Master (Experimental)

FINAL - Document outlining alternative and depreciated ways of installing a SlapOS master.
  • Last Update:2020-05-25
  • Version:002
  • Language:en

Experimental Ways to Install SlapOS Master

This document covers alternative ways of setting up a SlapOS Master. While still useful to understand, it is recommended to use the single-line installer as shown in setting up a SlapOS Master. This howto is kept for the purpose of comprehension.

This howTo requires to have a fresh server (Debian 8 or 9, such as available at OVH or Online.net) with command line access and wget installed.

Note, that Debian 8 and 9 are tested daily and can be installed from binary cache, meaning installation will take between 15-30 mins depending on the machine. Other Linux distributions are also supported but the source code will likely be compiled from scratch meaning installation will take around 6-7 hours.

Table of Content

  • Installing SlapOS Master Using SlapOS Client
 

Install SlapOS Master using SlapOS client

The SlapOS client is a command line Python shell utility to manage SlapOS nodes, instantiated software services as well as the SlapOS Master account itself. The SlapOS client is bundled with every SlapOS node installation.

To use the SlapOS client, the dedicated server requires to have SlapOS installed and it needs to be formatted.

Supply SlapOS-Master

$ sudo su

# slapos console

supply(
  'https://lab.nexedi.com/nexedi/slapos/raw/master/software/slapos-master/software.cfg',
  # replace with identifier of machine chosen during formatting
  '[COMP-XXXX]' 
)

The client can be called running:

$ sudo su
# slapos console

 

Installing the SlapOS Master is done using:

supply(
  'https://lab.nexedi.com/nexedi/slapos/raw/master/software/slapos-master/software.cfg',
  # replace with identifier of machine chosen during formatting
  '[COMP-XXXX]' 
)

Before continuing, the certificate authority folder on the machine needs to be configured. Note, that this creates a security vulnerability in case other services are deployed on this computer besides the SlapOS Master.

# create folder for certificate files
mkdir -p /etc/slapos-ssl

# enable access to user and slapsoft group
chmod 770 -R /etc/slapos-ssl
chown -R slapsoft:slapsoft /etc/slapos-ssl

Configure SlapOS Master


  parameter_dict = {
    "bt5": "erp5_full_text_mroonga_catalog slapos_configurator",
    "mariadb-computer-guid": "slaprunner",
    "site-id": "erp5",
    "timezone": "UTC",
    "wsgi": false,
    "zodb-computer-guid": "slaprunner",
    "zodb-software-type": "zeo",
    "zope-partition-dict": {
      "admin-node": {
        "computer-guid": "slaprunner",
        "family": "admin",
        "instance-count": 1,
        "port-base": 2220,
        "thread-amount": 4,
        "timerserver-interval": 1
      }
    }
  }

NOTE, that if you arrived here trying to install a SlapOS Master on a webrunner in an existing environment (ViFiB for example), you need to have at least 20 partitions set on your webrunner configuration (on your webrunner configuration in the Dashboard). When using on the default nine partitions, the SlapOS Master installation will not finish completely.

In the next step configuration for instantiation needs to be added (you may have to replace "slaprunner" with your computer_uid and "True" with "true" depending on the environment you are using):

# slapos console

# choose SlapOS Node (use 'slaprunner' when deploying with Webrunner)
computer_id = '[COMP-XXXX]'

parameter_dict = {
	"timezone": "UTC",
	"site-id": "erp5",
	"bt5": "erp5_full_text_mroonga_catalog slapos_configurator",
	"zope-partition-dict": {

		"activities-node": {
			"family": "activities",
			"thread-amount": 3,
			"instance-count": 1,
			"timerserver-interval": 1,
			"computer-guid": "slaprunner"
		},

		"distribution-node": {
			"family": "distribution",
			"thread-amount": 1,
			"instance-count": 1,
			"computer-guid": "slaprunner",
			"port-base": 2210,
			"timerserver-interval": 1
		},

		"admin-node": {
			"family": "admin",
			"thread-amount": 1,
			"instance-count": 1,
			"port-base": 2220,
			"computer-guid": "slaprunner"
		},

		"web-node": {
			"family": "web",
			"thread-amount": 2,
			"instance-count": 1,
			"computer-guid": "slaprunner",
			"port-base": 2230
		},

		"service-slapos": {
			"family": "service",
			"thread-amount": 2,
			"instance-count": 1,
			"computer-guid": "slaprunner",
			"port-base": 2240,
			"ssl-authentication": true,
			"backend-path": "/%(site-id)s/portal_slap"
		}
	},

	"mariadb-computer-guid": "slaprunner",
	"mariadb": {
		"test-database-amount": 0
	},

	"zodb-software-type": "zeo",
	"zodb-computer-guid": "slaprunner"
}

# Don't set "certificate-authority-path" if deploying SlapOS Master via Webrunner
ca_path = '/etc/slapos-ssl'
parameter_dict["shared-certificate-authority-path"] = ca_path

# Choose title
title = "SlapOS Master on [COMP-XXXX]"

Requesting SlapOS Master Instance

request(
  'https://lab.nexedi.com/nexedi/slapos/raw/master/software/slapos-master/software.cfg',
  title,
  filter_kw={
    'computer_guid': computer_id
    },
    software_type='create-erp5-site',
    partition_parameter_kw={
    '_': json.dumps(parameter_dict, sort_keys=True, indent=2),
  }
)

With the configuration parameter set, the SlapOS Master instance can be requested using:

request(
  'https://lab.nexedi.com/nexedi/slapos/raw/master/software/slapos-master/software.cfg',
  title,
  filter_kw={
    'computer_guid': computer_id
    },
    software_type='create-erp5-site',
    partition_parameter_kw={
    '_': json.dumps(parameter_dict, sort_keys=True, indent=2),
  }
)

Once the instance has been deployed, etc/slapos-ssl access permissions need to be updated again. Note, that as before the following modifications create a security vulnerability in case other services than the SlapOS Master are deployed on the computer:

cd /etc/slapos-ssl
chmod -R 770 cacert.pem crl requests certs crlnumber index.txt newcerts private serial 
chown -R slapsoft:slapsoft cacert.pem crl requests certs crlnumber index.txt newcerts private serial

ERP5 Interface Access

# slapos console
# inituser-login
# inituser-password

Next the initial IPv4 url to connect to the ERP5 cloud instance as well as the login/password can be requested using:

  • inituser-login: Admin login. Default is zope
  • inituser-password: Auto generated password for login

Calling # slapos node instance will show the deployed instances. On the instance called balancer and the services:

  • service-v6: master_url for all future SlapOS nodes (usually /etc/opt/slapos/slapos.cfg)
  • web-v6: access url, accessible with a Frontend

provide the master url (for adding network nodes) and frontend url (for accessing the SlapOS Master Dashboard.

Frontend Apache

# slapos console
request(
  'http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg',
  'Slave frontend for SlapOS Master on [COMP-XXXX]',
  partition_parameter_kw = {
    'url': 'REPLACE THIS BY YOUR BALANCER WEB-V6 URL',
    'type': 'zope',
    'path': 'erp5',
  },
  shared=True,
)

To access the SlapOS web interface, a Frontend (Apache) reverse proxy (soon to be provided automatically via the Master is required. It is possible to add it to the software catalog of the SlapOS Master or request it from vifib.com (registration required) running:

# slapos console
request(
  'http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg',
  'Slave frontend for SlapOS Master on [COMP-XXXX]',
  partition_parameter_kw = {
    'url': 'REPLACE THIS BY YOUR BALANCER WEB-V6 URL',
    'type': 'zope',
    'path': 'erp5',
  },
  shared=True,
)

After a few minutes, the ERP5 Cloud Engine interface behind the SlapOS Master should be accessible (restarting instances using:

slapos node restart all

may be required).

A second Frontend (Slave) instance can be used to access the SlapOS Dashboard directly using:

# slapos console
$HOME/.slapos/slapos.cfg request(
'http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg',
'Slave frontend for SlapOS Master on COMP-XXX',
partition_parameter_kw={
  'url': 'REPLACE THIS BY YOUR BALANCER WEB-V6 URL',
  'type': 'zope',
  'path': 'erp5/web_site_module/hosting',
},
shared=True,
)

Once instantiated, the SlapOS Master Slave Frontend url can be located using slapos node instance and accessing the frontend instance. The ERP5 Dashboard is accessible by appending /erp5/. to the url. The login and password generated earlier can be used to login and then start configuring the ERP5 Cloud Engine.

Thank You

Image Nexedi Office
  • Nexedi SA
  • 147 Rue du Ballon
  • 59110 La Madeleine
  • France