youjiageng1/doc-exports
1
0
Fork 0
forked from laiweijian4/doc-exports
Code Pull Requests Activity
doc-exports/docs/css/umn/css_02_0201.html
Zheng, Xiu 0c90df93b1 CSS UMN 20230404 Version 
Reviewed-by: Pruthi, Vineet <vineet.pruthi@t-systems.com>
Co-authored-by: Zheng, Xiu <zhengxiu@huawei.com>
Co-committed-by: Zheng, Xiu <zhengxiu@huawei.com>
2023-04-05 08:45:09 +00:00

76 lines
8.8 KiB
HTML
Raw Blame History

<a name="css_02_0201"></a><a name="css_02_0201"></a>
<h1 class="topictitle1">How to access Kibana from outside cloud using ELB?</h1>
<div id="body0000001562137917"><div class="section" id="css_02_0201__section1482391592219"><h4 class="sectiontitle">Overview</h4><p id="css_02_0201__p68791145162219">Currently to access Kibana dashboard of CSS Service, a user has to login to OTC consoleand navigate to Kibana login page.</p>
<p id="css_02_0201__p1216452482310"></p>
<p id="css_02_0201__p11734802234">To make the access convenient a user can utilize the provided python script which willconfigure the Dedicated Loadbalancer of OTC and a user would be able to access Kibanadashboard with a public IP.</p>
</div>
<div class="section" id="css_02_0201__section208006412242"><h4 class="sectiontitle">ELB Configuration Script</h4><p id="css_02_0201__p65809622414">Script to Configure ELB to be able to access CSS Kibana Dashboard in https mode. ThisScript will create a Dedicated Loadbalancer with a HTTPS Listener which will be forwardingthe traffic to CSS nodes at 5601 port in order to access Kibana Dashboard.</p>
<p id="css_02_0201__p13550655112410">Download <a href="https://docs.otc.t-systems.com/cloud-search-service/umn/_downloads/048cb558398d6094eec6f4816e5b19c0/script.py" target="_blank" rel="noopener noreferrer">Script</a></p>
</div>
<div class="section" id="css_02_0201__section12933193118253"><h4 class="sectiontitle">Installing Dependency</h4><p id="css_02_0201__p889939162610">The script depends on otcextensions library.</p>
<p id="css_02_0201__p56212020274">If you already have <a href="https://python.org/" target="_blank" rel="noopener noreferrer">Python</a> with <a href="https://pip.pypa.io/" target="_blank" rel="noopener noreferrer">pip</a> installed, you can simply run:</p>
<pre class="screen" id="css_02_0201__screen525319256275">pip install otcextensions</pre>
<ul id="css_02_0201__ul10121104662814"><li id="css_02_0201__li212154618281">To know more details about using otcextensions library you can check <a href="https://python-otcextensions.readthedocs.io/en/latest/install/index.html" target="_blank" rel="noopener noreferrer">otcextensions docs</a>.<p id="css_02_0201__p1620013322308">A file called clouds.yaml holds all necessary configuration parameters. The file can beplaced either in the local directory, below the user home directory in .config/openstack orin the system-wide directory /etc/openstack. You may use a second file secure.yaml in thesame directories to extra protect clear-text password credentials. For more details see thesection configuration in the official documentation.</p>
<p id="css_02_0201__p11143159123113">Minimal sample <strong id="css_02_0201__b593484005915">clouds.yaml</strong> file:</p>
<pre class="screen" id="css_02_0201__screen10883132018329">clouds:
otc:
profile: otc
auth:
username: '&lt;USER_NAME&gt;'
password: '&lt;PASSWORD&gt;'
project_name: '&lt;eu-de_project&gt;'
# or project_id: '&lt;123456_PROJECT_ID&gt;'
user_domain_name: 'OTC00000000001000000xxx'
# or user_domain_id: '&lt;123456_DOMAIN_ID&gt;'
auth_url: 'https://iam.eu-de.otc.t-systems.com:443/v3'</pre>
<p id="css_02_0201__p1844033353714">With this configuration you can start using the CLI with openstack --os-cloud otc *command* or by export OS_CLOUD=otc; openstack *command*.</p>
</li><li id="css_02_0201__li199734305304"><strong id="css_02_0201__b1642910145918">Environment variables</strong>: Authentication using username/password is often used:<pre class="screen" id="css_02_0201__screen1322545893813">export OS_AUTH_URL=&lt;url-to-openstack-identity&gt;
export OS_PROJECT_NAME=&lt;project-name&gt;
export OS_USERNAME=&lt;username&gt;
export OS_PASSWORD=&lt;password&gt;
export OS_USER_DOMAIN_NAME=&lt;user-domain-name&gt;
export OS_IDENTITY_API_VERSION=3</pre>
</li></ul>
<p id="css_02_0201__p19176142403">In addition to that a regular clouds.yaml configuration file can be used.</p>
<p id="css_02_0201__p2035619292403">More information is available at:</p>
<p id="css_02_0201__p393083515405"><a href="https://docs.openstack.org/openstacksdk/latest/user/config/configuration.html" target="_blank" rel="noopener noreferrer">https://docs.openstack.org/openstacksdk/latest/user/config/configuration.html</a></p>
</div>
<div class="section" id="css_02_0201__section169259114114"><h4 class="sectiontitle">Pre-Requisites</h4><p id="css_02_0201__p38661920134112">The Script requires ID of a CSS Cluster and Certificate ID for creating a HTTPS listener.</p>
<ul id="css_02_0201__ul115934724114"><li id="css_02_0201__li0159144784113">You can get a CSS Cluster ID by visiting the OTC console -&gt; CSS Dashboard -&gt;Clusters page, and click on your CSS Cluster to get its details.</li><li id="css_02_0201__li1136619074312">To learn more about Creating and Getting a TLS Certificate, check <a href="https://docs.otc.t-systems.com/elastic-load-balancing/umn/certificate/creating,_modifying,_or_deleting_a_certificate.html" target="_blank" rel="noopener noreferrer">ELB User Guide</a></li></ul>
<p id="css_02_0201__p9888143517457">Generating a TSL Certificate with openssl command.</p>
<pre class="screen" id="css_02_0201__screen15331171815465">openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:4096 -keyout private.key -out certificate.crt</pre>
<div class="note" id="css_02_0201__note15893121184710"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="css_02_0201__p2089310113479">When adding the certificate and private key, Certificate Type must be "Server Certificate".</p>
</div></div>
</div>
<div class="section" id="css_02_0201__section537461911489"><h4 class="sectiontitle">Running The Script</h4><p id="css_02_0201__p111111629184817">Once you have <span class="parmname" id="css_02_0201__parmname359988194912"><b>certificate_id</b></span> and <span class="parmname" id="css_02_0201__parmname1616115112495"><b>cluster_id</b></span>, you are ready to run the script.</p>
</div>
<div class="section" id="css_02_0201__section8660528194912"><h4 class="sectiontitle">List ELB Flavors</h4><pre class="screen" id="css_02_0201__screen943213451497">python3 script.py elb-flavors</pre>
<p id="css_02_0201__p1426691419504">This will print the L7 Flavors supported by Dedicated Loadbalancer. To print all types of flavors supported you may add --all argument to the command. But we need only L7 flavor type, that's why --all argument is set as optional.</p>
</div>
<div class="section" id="css_02_0201__section376014394507"><h4 class="sectiontitle">Configure ELB</h4><pre class="screen" id="css_02_0201__screen189051312195111"> python3 script.py elb-configure --cluster-id &lt;cluster_id&gt; --certificate-id &lt;certificate_id&gt;</pre>
<p id="css_02_0201__p136971242185113">Argument --certificate-id is optional, if it's not provided then Loadbalancer will be configured with HTTP listener.</p>
<p id="css_02_0201__p195311610175113"><strong id="css_02_0201__b143843995216">Configure ELB with specific Flavor</strong></p>
<ul id="css_02_0201__ul0316402527"><li id="css_02_0201__li149712112536">By default ELB will be configured with smallest L7 flavor type. But if you want to have some specific flavor of your choice, follow below commands.</li><li id="css_02_0201__li123194065214">Only L7 flavor type must be used since we are creating HTTPS listener.</li></ul>
<pre class="screen" id="css_02_0201__screen19375113695320"> # Prints list of Loadbalancer flavor Types
python3 script.py elb-flavors
# Run the script
python3 script.py elb-configure --cluster-id &lt;cluster_id&gt; --certificate-id &lt;certificate_id&gt; --flavor-id &lt;flavor_id&gt;</pre>
</div>
<div class="section" id="css_02_0201__section15903125115553"><h4 class="sectiontitle">Delete ELB</h4><pre class="screen" id="css_02_0201__screen169481758155514"> python3 script.py elb-delete &lt;loadbalancer_name_or_id&gt;</pre>
<p id="css_02_0201__p175875625511"><strong id="css_02_0201__b6753163815612">Delete ELB and Release Public EIP</strong></p>
<pre class="screen" id="css_02_0201__screen203309416571">python3 script.py elb-delete &lt;loadbalancer_id&gt; --release-public-ip</pre>
<div class="note" id="css_02_0201__note7141151918573"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="css_02_0201__p12142161912573">Please use the elb-delete command with caution.</p>
</div></div>
</div>
<div class="section" id="css_02_0201__section461164111578"><h4 class="sectiontitle">Logging</h4><p id="css_02_0201__p1985965817574">When you run the script a log file is created with name <strong id="css_02_0201__b112531624115816">debug.log</strong> where you can find details of all the API requests.</p>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="css_02_0082.html">Ports</a></div>
</div>
</div>
View Git Blame Copy Permalink