Skip to main content
Versa Networks

Install Passive Authentication for VMS

Versa-logo-release-icon.pngFor supported software information, click here.

Versa Messaging Service (VMS) is a services platform that enhances the scalability of Versa services and applications. VMS is built by leveraging state-of-the-art open source technologies such as Kubernetes and Docker.

The following are some of the main features of VMS:

  • Handles data such as critical network performance information, security updates, and passive authentication data such as user-to-IP address mapping
  • Manages highly dynamic data that is streamed to each Versa Operating System™ (VOS™) device to keep it updated
  • Processes a high volume and a large scale of data

To create a VMS message-streaming server, you install the VMS software on an bare-metal platform. This article describes how to install the software.

Before You Begin

Before you install the VMS software on a bare-metal platform, ensure that the bare-metal platform meets the following minimum hardware requirements:

  • 8 cores
  • 16-GB RAM
  • 250-GB solid state drive (SSD)

Ensure that you have downloaded the VMS ISO image from https://versanetworks.app.box.com/s/d7jh1z6y3kaijd3yfwil0uxchr1w9ton/folder/164723287877

Ensure that the ports necessary for VMS control and worker nodes are available for communication. For more information see, Firewall Requirements.

Install the VMS Software on a Bare-Metal Platform

This section describes how to install the VMS software on a bare-metal platform.

The figures in this procedure are created using a Supermicro server. The actual screens you see may differ, depending on your server.

To access the bare-metal platform remotely, configure the Intelligent Platform Management Interface (IPMI) on the bare-metal server.

To install the VMS software on a bare-metal platform:

  1. Log in to the remote console.

    supermicro-login.png
  2. Click anywhere in the Remote Console Preview window to launch the remote console. If the Java SE Development Kit is installed on the server, you can launch the remote console from the development kit.

    supermicro-preview-image.png
  3. In the Virtual Media tab, click Virtual Storage.

    virtual-storage.png
  4. In the Virtual Storage window, select the CDROM & ISO tab. The Settings for Device2 window displays.
    1. In the Logical Drive Type field, select ISO File.
    2. Click Open Image, and type the full path name of the software image. You can find the image at  https://versanetworks.app.box.com/s/d7jh1z6y3kaijd3yfwil0uxchr1w9ton/folder/164723287877
    3. Click Plug In.
    4. Click OK.

      cdrom-iso.png
  5. Select the Power Control tab.
    1. Click Set Power Off to power down the device.
    2. Click Set Power On to restart the device.

      power-control-off.png
  6. After the device restarts, the remote console window displays the server banner. To perform device setup, press the Delete key.

    supermicro-options.png
  7. In the Setup Utility window:
    1. Click the Save & Exit tab.
    2. Click IPMI Virtual CDROM 3000 to run the ISO file from a local partition.
    3. Press Enter.

      save-exit-ipmi.png
  8. Install the ISO and then configure the primary IP address and hostname:
    [admin@versa-Msgservice: -] $ sudo vi /etc network/interfaces
    [sudo] password for admin:
    [admin@versa-msgservice: -] $ sudo vi /etc/hosts
    host.conf hostname hosts hosts.allow hosts.deny
    [admin@versa-msgservice: -] $ sudo vi /etc/hosts
    [admin@versa-msgservice: -] $ sudo vi /etc/hostname
    sudo: unable to resolve host versa-msgservice: Resource temporarily unavailable
    [admin@versa-msgservice: -] $
    [admin@versa-msgservice: -] $ sudo reboot
    

    VMS release details such as version, release date, and package ID are displayed after the reboot completes.
  9. If a .bin file is present in the same directory as the .iso file, install the .bin file.
  10. Check the status of the server by issuing the vsh status CLI command. For example:

    vsh-status-cli.PNG
  11. To configure the server, issue the vsh configure-passive-auth CLI command. When prompted, configure the following information:
    1. Generate certificates if you have not already done so. For example:

      generate-certificates.png

      generate-certificates-2.png
    2. Configure the IP address that the VMS server should use to connect to the VOS devices, the IP address that the VMS server should use to connect to the WMI agent, the primary and secondary IP addresses of the Versa Director node, and the Versa Director GUI or API login credentials of a user with administrator privileges. For example:

      configuration-1.png

      configuration-ip-address.png
    3. Configure the tenant name for which to enable passive authentication and the fully qualified domain name (FQDN) of the VMS server to use for certificate generation and validation. For example:

      configuration-tenant-certification.png
    4. Configure the unique name for the VMS node to use during high availability (HA) switching.
  12. When prompted, enter the password to use while generating certificates. For example:

    configuration-password.png
    When the configuration process completes, a screen similar to the following displays:

    configuration-final.png
  13. To start the deployment, vsh initialize-passive-auth CLI command. For, example:

    initialize-server.png

    After the server is initialized, information about pods and services displays:

    pods-service-info.png
  14. To check the status of the deployment, issue the vsh status CLI command. For example:

    vsh-status-check.png
  15. Copy the certificates (root-ca-cert.pem and client-cert.pfx) to the WMI agent. For example:

    copy-certificates-to-wmi.PNG

Supported Software Information

VOS Releases 22.1.3 and earlier support all content described in this article when used with the initial release of VMS (unnumbered).

  • Was this article helpful?