Install Passive Authentication for VMS
For supported software information, click here.
Versa Messaging Service (VMS) is a services platform that enhances the scalability of Versa services and applications. VMS is built by leveraging state-of-the-art open source technologies such as Kubernetes and Docker.
The following are some of the main features of VMS:
- Handles data such as critical network performance information, security updates, and passive authentication data such as user-to-IP address mapping
- Manages highly dynamic data that is streamed to each Versa Operating System™ (VOS™) device to keep it updated
- Processes a high volume and a large scale of data
To create a VMS message-streaming server, you install the VMS software on an bare-metal platform. This article describes how to install the software.
Before You Begin
Before you install the VMS software on a bare-metal platform, ensure that the bare-metal platform meets the following minimum hardware requirements:
- 8 cores
- 16-GB RAM
- 250-GB solid state drive (SSD)
Ensure that you have downloaded the VMS ISO image from https://versanetworks.app.box.com/s/d7jh1z6y3kaijd3yfwil0uxchr1w9ton/folder/164723287877
Ensure that the ports necessary for VMS control and worker nodes are available for communication. For more information see, Firewall Requirements.
Install the VMS Software on a Bare-Metal Platform
This section describes how to install the VMS software on a bare-metal platform.
The figures in this procedure are created using a Supermicro server. The actual screens you see may differ, depending on your server.
To access the bare-metal platform remotely, configure the Intelligent Platform Management Interface (IPMI) on the bare-metal server.
To install the VMS software on a bare-metal platform:
- Log in to the remote console.
- Click anywhere in the Remote Console Preview window to launch the remote console. If the Java SE Development Kit is installed on the server, you can launch the remote console from the development kit.
- In the Virtual Media tab, click Virtual Storage.
- In the Virtual Storage window, select the CDROM & ISO tab. The Settings for Device2 window displays.
- In the Logical Drive Type field, select ISO File.
- Click Open Image, and type the full path name of the software image. You can find the image at https://versanetworks.app.box.com/s/d7jh1z6y3kaijd3yfwil0uxchr1w9ton/folder/164723287877
- Click Plug In.
- Click OK.
- Select the Power Control tab.
- Click Set Power Off to power down the device.
- Click Set Power On to restart the device.
- After the device restarts, the remote console window displays the server banner. To perform device setup, press the Delete key.
- In the Setup Utility window:
- Click the Save & Exit tab.
- Click IPMI Virtual CDROM 3000 to run the ISO file from a local partition.
- Press Enter.
- Install the ISO and then configure the primary IP address and hostname:
[admin@versa-Msgservice: -] $ sudo vi /etc network/interfaces [sudo] password for admin: [admin@versa-msgservice: -] $ sudo vi /etc/hosts host.conf hostname hosts hosts.allow hosts.deny [admin@versa-msgservice: -] $ sudo vi /etc/hosts [admin@versa-msgservice: -] $ sudo vi /etc/hostname sudo: unable to resolve host versa-msgservice: Resource temporarily unavailable [admin@versa-msgservice: -] $ [admin@versa-msgservice: -] $ sudo reboot
VMS release details such as version, release date, and package ID are displayed after the reboot completes. - If a .bin file is present in the same directory as the .iso file, install the .bin file.
- Check the status of the server by issuing the vsh status CLI command. For example:
- To configure the server, issue the vsh configure-passive-auth CLI command. When prompted, configure the following information:
- Generate certificates if you have not already done so. For example:
- Configure the IP address that the VMS server should use to connect to the VOS devices, the IP address that the VMS server should use to connect to the WMI agent, the primary and secondary IP addresses of the Versa Director node, and the Versa Director GUI or API login credentials of a user with administrator privileges. For example:
- Configure the tenant name for which to enable passive authentication and the fully qualified domain name (FQDN) of the VMS server to use for certificate generation and validation. For example:
- Configure the unique name for the VMS node to use during high availability (HA) switching.
- Generate certificates if you have not already done so. For example:
- When prompted, enter the password to use while generating certificates. For example:
When the configuration process completes, a screen similar to the following displays:
- To start the deployment, vsh initialize-passive-auth CLI command. For, example:
After the server is initialized, information about pods and services displays:
- To check the status of the deployment, issue the vsh status CLI command. For example:
- Copy the certificates (root-ca-cert.pem and client-cert.pfx) to the WMI agent. For example:
Supported Software Information
VOS Releases 22.1.3 and earlier support all content described in this article when used with the initial release of VMS (unnumbered).