Docker Deployment
  • 13 Sep 2024
  • 10 Minutes to read
  • Contributors
  • PDF

Docker Deployment

  • PDF

Article summary

This article provides the installation requirements and procedures necessary to deploy a Legacy orchestrator Docker container.

Ubuntu Operating System

Procedure Requirements

You must ensure that the Docker has matched the following items before starting the procedure:

  • Docker host running Ubuntu 22.04 LTS
  • Docker, minimum version 20.10.6
  • Docker Compose Standalone (docker-compose CLI), minimum version 1.29.2


    Note: Docker Compose plugin (docker compose CLI) is not supported.
  • OpenSSH server installed and running on the host
  • The multipath tool (multipath-tools package) has been installed on the host
  • Over 26 GB of free space for Docker images
  • 15 GB of free space for the temporary folder used during the installation
  • Sudo privileges or root access on the host
  • Disable secure boot on the system.

Procedure Steps

Follow the steps below to install Legacy orchestrator on a Docker host.

To install Legacy orchestrator on Docker host

  1. Using an SSH client, log in to your docker host and execute the installation package on a host operating system (OS), where < version > in the name of the installation package is the version of Legacy orchestrator to be installed:
sudo sh docker-dist-<version>.sh
  1. Confirm to proceed by typing y or Y as anything else will abort the installation.
  2. When asked for the temporary installation folder, type Enter to use the /tmp folder or type the location of another temporary folder. A temporary subfolder, so_install, will be created during the installation and will be removed at the end of the installation.
  3. The installation will create the user skylight and the group skylight on the host, if these do not already exist.


Notes:
If the user is created during the installation, you will be asked to set up its password.

The installation will create the home folder for the user “skylight” in /home/skylight.

During the installation, Docker images are loaded from the installation package. The main user of these images (visionems or mysql, depending on the image) is reset to the host user 'skylight' UID and GID. This ensures that the user in containers has full access to the /home/skylight/so folders on the host, via mapped docker volumes.

A Docker network “so-network” is also created, with a random subnet assigned by docker daemon. The subnet can be changed later via Legacy orchestrator client.

For the management of Legacy orchestrator, a climanager service is installed on the host: so.climgr


IMPORTANT: Do not delete the user skylight.

Folder Structure

The installation will create the home folder for the user skylight in /home/skylight.

├── bin
├── config
│ ├── cib
│ ├── climgr
│ │ ├── greetings.txt
│ │ └── hostkey.ser
│ ├── deployment
│ │ └── deployment-user-config.properties
│ ├── domain
│ │ ├── admin-keyfile
│ │ └── keystore.jks
│ ├── gfclient
│ │ └── pass
│ ├── ha
│ │ ├── cib
│ │ ├── drbd-proxy.license
│ │ ├── generated
│ │ └── hamonitorconfig.properties
│ ├── snmp
│ │ └── storesnmpconfig.properties
│ └── ssh
│ │ └── known_hosts
├── data
├── docker
│ ├── core.compose.yaml
│ ├── ha.compose.yaml
│ └── so.env
├── lib
│ └── jdk -> /home/skylight/lib/jdk-17
├── logs
└── mysql
└── mysql-ha

The installation will also create the following Docker volumes that will point, by default, to the home folders of the skylight user:

  • so-config → /home/skylight/so/config
  • so-data → /home/skylight/so/data
  • so-logs → /home/skylight/so/logs
  • so-mysql → /home/skylight/so/mysql

Several files are persisted on the host:

  • /home/skylight/<so_version>/bin = scripts for managing Legacy orchestrator containers
  • /home/skylight/<so_version>/docker = the docker-compose file, the environment file
  • /home/skylight/<so_version>/config = the Legacy orchestrator keystore, admin-keyfile and the ssh configuration for the Skylight orchestrator application
  • /home/skylight/<so_version>/logs = the logs of Legacy orchestrator services
  • /home/skylight/<so_version>/data = data used by Legacy orchestrator (except the main database)
  • /home/skylight/<so_version>/mysql = the main database
  • /home/skylight/<so_version>/mysql-ha = where the main database is stored while HA feature is enabled
  • /home/skylight/so = symlink to the latest installed /home/skylight/<so_version>
  • /home/skylight/<so_version>/bin/logs = the log of the CLI manager

IPv6 Connectivity

For Legacy orchestrator to be able to connect to devices on IPv6 networks, you must:

  1. Add the following flags in the configuration of the Docker service on the host, in the file /etc/docker/daemon.json
{
"ip6tables":true,
"experimental": true
}
  1. To enable the change, reload and restart the Docker daemon:
sudo systemctl daemon-reload
sudo systemctl restart docker
  1. Assign an IPv6 subnet to Legacy orchestrator Docker containers.
    Open the Legacy orchestrator client:
socli.sh  
  1. Configure the subnet using the command config edit network subnet and specify an IPv6 subnet with the ipv6 option.

    Example:

config set network subnet ipv4 <network/subnet mask> ipv6 <network/prefix>

Changing the Greeting Message

The greeting message, displayed when opening the Legacy orchestrator client (socli.sh), can be changed by replacing the content of the file:

/home/skylight/so/config/climgr/greetings.txt

This file resides on the host and can be edited using sudo, or by opening a shell as user skylight. Make sure to not change the permissions of the file as this has to be readable by the user skylight (original file permissions are 770).

After the change, restart the Legacy orchestrator client manager:

sudo systemctl restart so.climgr

Getting a Signed Certificate for Legacy orchestrator

The user should follow the steps from the article Getting a Signed Certificate for Legacy orchestrator, with the following adjustments:

  1. Instead of opening an SSH session to port 22 to Legacy orchestrator, the user should now run the following command on the host OS, and provide the password of skylight user:

    • su - skylight

  2. The path to keytool should be changed from /opt/accedian/skylight/jdk/bin/keytool to:

/home/skylight/so/lib/jdk/bin/keytool
  1. In the section titled Updating the Legacy orchestrator Keystore from the article Getting a Signed Certificate for Legacy orchestrator, at step 2, the user should enter:
cd /home/skylight/so/config/domain/
  1. Restart Legacy orchestrator services for the change to take effect.

Changing Timezone Configuration

To configure the timezone for Legacy orchestrator in Docker Host

  1. Open an SSH terminal session to the Legacy orchestrator on port 22.

  2. Use timedatectl to configure the timezone:

timedatectl set-timezone <timezone_value>
  1. Update the timezone value in the /etc/timezone file.

  2. Reboot the Docker host.

sudo reboot

Red Hat Operating System

Procedure Requirements

  • Docker host running Red Hat version 9.3
  • Docker, minimum version 20.10.6
  • Docker Compose Standalone (docker-compose CLI), minimum version 1.29.2
  • OpenSSH server installed and running on the host
  • The multipath tool (device-mapper-multipath package) has been installed on the host
  • The kernel development package (kernel-devel) has been installed on the host
  • The json_pp utility has been installed on the host
  • Over 26 GB of free space for Docker images
  • 15 GB of free space for the temporary folder used during the installation
  • Sudo privileges or root access on the host
  • Disable secure boot on the system


CAUTION:

During the installation, some necessary ports will be opened on the Docker host. For more information, see the Base Communications - Network Requirements table in Important Considerations.

If the Docker host is deployed to set up the system's High Availability, refer to Ensuring All Required Appliances Are Installed for more details.


Procedure Steps

Follow the steps below to install Legacy orchestrator on a Docker host.

To install Legacy orchestrator on Docker host

  1. Using an SSH client, log in to your docker host and execute the installation package on a host operating system (OS), where < version > in the name of the installation package is the version of Legacy orchestrator to be installed:
sudo sh docker-dist-<version>.sh
  1. Confirm to proceed by typing y or Y as anything else will abort the installation.
  2. When asked for the temporary installation folder, type Enter to use the /tmp folder or type the location of another temporary folder. A temporary subfolder, so_install, will be created during the installation and will be removed at the end of the installation.
  3. The installation will create the user skylight and the group skylight on the host, if these do not already exist.


Notes:
If the user is created during the installation, you will be asked to set up its password.

The installation will create the home folder for the user “skylight” in /home/skylight.

During the installation, Docker images are loaded from the installation package. The main user of these images (visionems or mysql, depending on the image) is reset to the host user 'skylight' UID and GID. This ensures that the user in containers has full access to the /home/skylight/so folders on the host, via mapped docker volumes.

A Docker network “so-network” is also created, with a random subnet assigned by docker daemon. The subnet can be changed later via Legacy orchestrator client.

For the management of Legacy orchestrator, a climanager service is installed on the host: so.climgr


IMPORTANT: Do not delete the user skylight.

Folder Structure

The installation will create the home folder for the skylight user in /home/skylight.

├── bin
├── config
│ ├── cib
│ ├── climgr
│ │ ├── greetings.txt
│ │ └── hostkey.ser
│ ├── deployment
│ │ └── deployment-user-config.properties
│ ├── domain
│ │ ├── admin-keyfile
│ │ └── keystore.jks
│ ├── gfclient
│ │ └── pass
│ ├── ha
│ │ ├── cib
│ │ ├── drbd-proxy.license
│ │ ├── generated
│ │ └── hamonitorconfig.properties
│ ├── snmp
│ │ └── storesnmpconfig.properties
│ └── ssh
│ │ └── known_hosts
├── data
├── docker
│ ├── core.compose.yaml
│ ├── ha.compose.yaml
│ └── so.env
├── lib
│ └── jdk -> /home/skylight/lib/jdk-17
├── logs
└── mysql
└── mysql-ha

The installation will also create the following Docker volumes that will point, by default, to the home folders of the skylight user:

  • so-config → /home/skylight/so/config
  • so-data → /home/skylight/so/data
  • so-logs → /home/skylight/so/logs
  • so-mysql → /home/skylight/so/mysql

Several files are persisted on the host:

  • /home/skylight/<so_version>/bin = scripts for managing Legacy orchestrator containers
  • /home/skylight/<so_version>/docker = the docker-compose file, the environment file
  • /home/skylight/<so_version>/config = the Legacy orchestrator keystore, admin-keyfile and the ssh configuration for the Skylight orchestrator application
  • /home/skylight/<so_version>/logs = the logs of Legacy orchestrator services
  • /home/skylight/<so_version>/data = data used by Legacy orchestrator (except the main database)
  • /home/skylight/<so_version>/mysql = the main database
  • /home/skylight/<so_version>/mysql-ha = where the main database is stored while HA feature is enabled
  • /home/skylight/so = symlink to the latest installed /home/skylight/<so_version>
  • /home/skylight/<so_version>/bin/logs = the log of the CLI manager

IPv6 Connectivity

For Legacy orchestrator to be able to connect to devices on IPv6 networks, you must:

  1. Add the following flags in the configuration of the Docker service on the host, in the file /etc/docker/daemon.json
{
"ip6tables":true,
"experimental": true
}
  1. To enable the change, reload and restart the Docker daemon:
sudo systemctl daemon-reload
sudo systemctl restart docker
  1. Assign an IPv6 subnet to Legacy orchestrator Docker containers.
    Open the Legacy orchestrator client:
socli.sh  
  1. Configure the subnet using the command config edit network subnet and specify an IPv6 subnet with the IPv6 option.

    Example:

config set network subnet ipv4 <network/subnet mask> ipv6 <network/prefix>

Changing the Greeting Message

The greeting message, displayed when opening the Legacy orchestrator client (socli.sh), can be changed by replacing the content of the file:

/home/skylight/so/config/climgr/greetings.txt

This file resides on the host and can be edited using sudo, or by opening a shell as user skylight. Make sure to not change the permissions of the file as this has to be readable by the user skylight (original file permissions are 770).

After the change, restart the Legacy orchestrator client manager:

sudo systemctl restart so.climgr

Getting a Signed Certificate for Legacy orchestrator

The user should follow the steps from the article Getting a Signed Certificate for Legacy orchestrator, with the following adjustments:

  1. Instead of opening an SSH session to port 22 to Legacy orchestrator, the user should now run the following command on the host OS, and provide the password of skylight user:

    • su - skylight

  2. The path to keytool should be changed from /opt/accedian/skylight/jdk/bin/keytool to:

/home/skylight/so/lib/jdk/bin/keytool
  1. In the section titled Updating the Legacy orchestrator Keystore from the article Getting a Signed Certificate for Legacy orchestrator, at step 2, the user should enter:
cd /home/skylight/so/config/domain/
  1. Restart Legacy orchestrator services for the change to take effect.

Changing Timezone Configuration

To configure the timezone for Legacy orchestrator in Docker Host

  1. Open an SSH terminal session to the Legacy orchestrator on port 22.

  2. Use timedatectl to configure the timezone:

timedatectl set-timezone <timezone_value>
  1. Update the timezone value in the /etc/timezone file.

  2. Reboot the Docker host.

sudo reboot

© 2024 Cisco and/or its affiliates. All rights reserved.
 
For more information about trademarks, please visit: Cisco trademarks
For more information about legal terms, please visit: Cisco legal terms

For legal information about Accedian Skylight products, please visit: Accedian legal terms and tradmarks



Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.