Installation and configuration¶
Installation¶
Important
First need to do setting up the environment. All commands are executed only from superuser.
Mode superuser:
sudo -i
Save the list of previously installed packages before starting the installation, this will allow you to painlessly restore the system in case of damage. Run following commands to do this:
mkdir -p /tmp/rollback/applevel pip3 freeze > /tmp/rollback/applevel/pip_before.txt
After that, directory
/tmp/rollback/applevelwill contain filepip_before.txtwith list of installed applications.Install the package AppLevel:
from Python package repository:
pip3 install applevel
Save the list of installed packages after installation to be able to roll back changes:
pip3 freeze > /tmp/rollback/applevel/pip_after.txt
Note
To install AppLevel on Astra Linux (Smolensk) do following:
Connect the provided repository with AccentOS packages.
Install the package with the command:
sudo apt install -y aos-applevel
Configuration¶
Install the required system packages:
apt install qemu-kvm qemu-utils virtinst libguestfs-tools virt-* mariadb-server python-pymysql rabbitmq-server libffi-dev
Create user named aos:
useradd -s /sbin/nologin
Create directory for logs with required permissions:
mkdir -p /var/log/aos/applevel chown -R aos:aos /var/log/aos/applevel
Create working directory with right permissions:
mkdir /var/lib/applevel chown -R aos:aos /var/lib/applevel
Create directory for configuration files with required rights:
mkdir /etc/aos chown -R aos:aos /etc/aos
Create file
/etc/sudoers.d/applevelfor permission executing commands without entering password:# Allow run applevel commands without password aos ALL = NOPASSWD: /usr/bin/virt-tar-in, /usr/bin/virt-tar-out, /usr/bin/qemu-img, /usr/bin/virt-customize, /usr/bin/virt-win-reg, /usr/bin/guestmount, /usr/bin/virt-copy-in, /usr/bin/virt-copy-out, /usr/bin/virt-install, /usr/bin/virt-diff, /bin/tar
For aos user create file .ssh/config and configure through it passwordless access to all hosts with which you plan to work. Configuration example:
Host *.stand.loc User root IdentityFile ~/.ssh/stand Host 10.40.* User root IdentityFile ~/.ssh/stand
Run
applevel-configurecommand to create configuration file and systemd service files:applevel-configure
Edit the section
[DEFAULT]of the configuration fileetc/aos/applevel.conf, for example:[DEFAULT] log_level = INFO work_dir = /var/lib/applevel db_url = mysql+pymysql://aos:password@localhost:3306/applevel broker_url = amqp://aos:password@localhost:5672/aos
Create database using MySQL as an example, set rights, database type and other parameters:
# Login to the database using the root password mysql -uroot -p # Create applevel database CREATE DATABASE applevel; # Give permission to read, edit, perform any actions on all tables in applevel database GRANT ALL PRIVILEGES ON applevel.* TO 'aos'@'localhost' IDENTIFIED BY 'password'; GRANT ALL PRIVILEGES ON applevel.* TO 'aos'@'%' IDENTIFIED BY 'password'; # Exit the database
Configure RabbitMQ Server message broker:
rabbitmqctl add_user aos password rabbitmqctl add_vhost aos rabbitmqctl set_permissions -p aos aos ".*" ".*" ".*" rabbitmqctl set_permissions aos ".*" ".*" ".*"
Add user rights to RabbitMQ virtual hosts for Openstack services (default value is
/):rabbitmqctl set_permissions -p / aos ".*" ".*" ".*"
Migrate database:
FLASK_APP=applevel.api.app flask db upgrade
Run command to collect static files:
FLASK_APP=applevel.api.ap flask collect
Enable and start systemd services:
systemctl daemon-reload systemctl enable applevel.service applevel-worker.service systemctl start applevel.service applevel-worker.service
Create web server config file.
Important
To configure authentication, it is recommended to use file
.htpasswd.Apache configuration:
Listen 8081 <VirtualHost *:8081> ErrorLog /var/log/apache2/applevel.log CustomLog /var/log/apache2/applevel-access.log combined ProxyPreserveHost On ProxyPass /static/ ! ProxyPass /gold/ ! ProxyPass /backup/ ! ProxyPass / http://127.0.0.1:8000/ ProxyPassReverse / http://127.0.0.1:8000/ Alias /static /var/lib/applevel/static Alias /gold /var/lib/applevel/gold Alias /backup /var/lib/applevel/backup <Directory /var/lib/applevel/static> Require all granted </Directory> <Directory /var/lib/applevel/gold> Require all granted </Directory> <Directory /var/lib/applevel/backup> Require all granted </Directory> </VirtualHost>Nginx configuration:
server { listen 80; server_name applevel.accentos.loc; access_log /var/log/nginx/applevel.log; error_log /var/log/nginx/applevel.log; client_max_body_size 0; client_body_timeout 6000; client_header_timeout 6000; location / { proxy_pass http://127.0.0.1:8000; } location /static/ { alias /var/lib/applevel/static/; } location /gold/ { alias /var/lib/applevel/gold/; } location /backup/ { alias /var/lib/applevel/backup/; } }
Install the required packages on all hosts:
apt install libguestfs-tools python3-guestfs pip3 install virt-extract
Configuration file¶
Configuration file is presented in ini format and consists of the following sections and parameters:
| Section | Parameter | Description | Default value |
|---|---|---|---|
DEFAULT |
log_level |
Logging level. | INFO |
DEFAULT |
api_logfile |
Path to log file of applevel service. |
/var/log/aos/applevel/api.log |
DEFAULT |
work_dir |
Working directory. | /var/lib/applevel |
DEFAULT |
db_url |
Setting up connection to database. | mysql+pymysql://aos:password@localhost:3306/applevel |
DEFAULT |
broker_url |
Setting up connection to message broker. | amqp://guest:guest@localhost:5672// |
Note
It is needed to build layers with Windows:
Go to folder
cd /usr/lib/x86_64-linux-gnu/perl5/5.28/Win/Hivex.Download required patch.
Apply the downloaded patch with commands:
patch -p1 < Regedit.patch