http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/35dcda2e/docs/tmp/en-US/xml/management-server-install-db-external.xml ---------------------------------------------------------------------- diff --git a/docs/tmp/en-US/xml/management-server-install-db-external.xml b/docs/tmp/en-US/xml/management-server-install-db-external.xml index 31b8deb..dab7586 100644 --- a/docs/tmp/en-US/xml/management-server-install-db-external.xml +++ b/docs/tmp/en-US/xml/management-server-install-db-external.xml @@ -53,7 +53,7 @@ </para> <note> <para> - On Ubuntu, you can also create a file /etc/mysql/conf.d/cloudstack.cnf and add these directives there. Don't forget to add [mysqld] on the first line of the file. + On Ubuntu, you can also create /etc/mysql/conf.d/cloudstack.cnf file and add these directives there. Don't forget to add [mysqld] on the first line of the file. </para> </note> @@ -136,6 +136,7 @@ bind-address = 0.0.0.0</programlisting> <para> Return to the root shell on your first Management Server. </para> + </listitem> <listitem> <para> @@ -146,35 +147,40 @@ bind-address = 0.0.0.0</programlisting> <para> In dbpassword, specify the password to be assigned to the cloud user. You can choose to provide no password. </para> + </listitem> <listitem> <para> In deploy-as, specify the username and password of the user deploying the database. In the following command, it is assumed the root user is deploying the database and creating the cloud user. </para> + </listitem> <listitem> <para> - (Optional) For encryption_type, use file or web to indicate the technique used to pass in the database encryption password. Default: file. See About Password and Key Encryption. + (Optional) For encryption_type, use file or web to indicate the technique used to pass in the database encryption password. Default: file. See <xref linkend="about-password-encryption" />. </para> + </listitem> <listitem> <para> (Optional) For management_server_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; properties file. Default: password. It is highly recommended that you replace this with a more secure value. See About Password and Key Encryption. </para> + </listitem> <listitem> <para> - (Optional) For database_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; database. Default: password. It is highly recommended that you replace this with a more secure value. See About Password and Key Encryption. + (Optional) For database_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; database. Default: password. It is highly recommended that you replace this with a more secure value. See <xref linkend="about-password-encryption" />. </para> + </listitem> </itemizedlist> <programlisting language="Bash">cloud-setup-databases cloud:<dbpassword>@<ip address mysql server> \ - --deploy-as=root:<password> \ - -e <encryption_type> \ - -m <management_server_key> \ - -k <database_key></programlisting> +--deploy-as=root:<password> \ +-e <encryption_type> \ +-m <management_server_key> \ +-k <database_key></programlisting> <para> When this script is finished, you should see a message like âSuccessfully initialized the database.â </para>
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/35dcda2e/docs/tmp/en-US/xml/management-server-install-db-local.xml ---------------------------------------------------------------------- diff --git a/docs/tmp/en-US/xml/management-server-install-db-local.xml b/docs/tmp/en-US/xml/management-server-install-db-local.xml index 4dae069..b5d520d 100644 --- a/docs/tmp/en-US/xml/management-server-install-db-local.xml +++ b/docs/tmp/en-US/xml/management-server-install-db-local.xml @@ -101,35 +101,40 @@ binlog-format = 'ROW'</programlisting> <para> In dbpassword, specify the password to be assigned to the "cloud" user. You can choose to provide no password although that is not recommended. </para> + </listitem> <listitem> <para> In deploy-as, specify the username and password of the user deploying the database. In the following command, it is assumed the root user is deploying the database and creating the "cloud" user. </para> + </listitem> <listitem> <para> - (Optional) For encryption_type, use file or web to indicate the technique used to pass in the database encryption password. Default: file. See About Password and Key Encryption. + (Optional) For encryption_type, use file or web to indicate the technique used to pass in the database encryption password. Default: file. See <xref linkend="about-password-encryption" />. </para> + </listitem> <listitem> <para> - (Optional) For management_server_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; properties file. Default: password. It is highly recommended that you replace this with a more secure value. See About Password and Key Encryption. + (Optional) For management_server_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; properties file. Default: password. It is highly recommended that you replace this with a more secure value. See <xref linkend="about-password-encryption" />. </para> + </listitem> <listitem> <para> - (Optional) For database_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; database. Default: password. It is highly recommended that you replace this with a more secure value. See About Password and Key Encryption. + (Optional) For database_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; database. Default: password. It is highly recommended that you replace this with a more secure value. See <xref linkend="about-password-encryption" />. </para> + </listitem> </itemizedlist> <programlisting language="Bash">cloud-setup-databases cloud:<dbpassword>@localhost \ - --deploy-as=root:<password> \ - -e <encryption_type> \ - -m <management_server_key> \ - -k <database_key></programlisting> +--deploy-as=root:<password> \ +-e <encryption_type> \ +-m <management_server_key> \ +-k <database_key></programlisting> <para> When this script is finished, you should see a message like âSuccessfully initialized the database.â </para> @@ -145,6 +150,7 @@ binlog-format = 'ROW'</programlisting> <para> This type of single-machine setup is recommended only for a trial installation. </para> + </note> </listitem> http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/35dcda2e/docs/tmp/en-US/xml/management-server-install-flow.xml ---------------------------------------------------------------------- diff --git a/docs/tmp/en-US/xml/management-server-install-flow.xml b/docs/tmp/en-US/xml/management-server-install-flow.xml index dc46997..8f24f54 100644 --- a/docs/tmp/en-US/xml/management-server-install-flow.xml +++ b/docs/tmp/en-US/xml/management-server-install-flow.xml @@ -25,6 +25,7 @@ <xi:include href="management-server-install-prepare-os.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> <xi:include href="management-server-install-client.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> <xi:include href="management-server-install-db.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> + <xi:include href="about-password-encryption.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> <xi:include href="management-server-install-nfs-shares.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> <xi:include href="management-server-install-multi-node.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> <xi:include href="management-server-install-systemvm.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/35dcda2e/docs/tmp/en-US/xml/prepare-system-vm-template.xml ---------------------------------------------------------------------- diff --git a/docs/tmp/en-US/xml/prepare-system-vm-template.xml b/docs/tmp/en-US/xml/prepare-system-vm-template.xml index 7e5e089..ea10f8f 100644 --- a/docs/tmp/en-US/xml/prepare-system-vm-template.xml +++ b/docs/tmp/en-US/xml/prepare-system-vm-template.xml @@ -22,7 +22,7 @@ under the License. --> <title>Prepare the System VM Template</title> <para> - Secondary storage must be seeded with a template that is used for &PRODUCT; system VMs. + Secondary storage must be seeded with a template that is used for &PRODUCT; system VMs. Citrix provides you with the necessary binary package of the system VM. </para> <note> <para> @@ -39,7 +39,7 @@ If your secondary storage mount point is not named /mnt/secondary, substitute your own mount point name. </para> <para> - If you set the &PRODUCT; database encryption type to "web" when you set up the database, you must now add the parameter -s <management-server-secret-key>. See About Password and Key Encryption. + If you set the &PRODUCT; database encryption type to "web" when you set up the database, you must now add the parameter -s <management-server-secret-key>. See <xref linkend="about-password-encryption" />. </para> <para> This process will require approximately 5 GB of free space on the local file system and up to 30 minutes each time it runs. @@ -75,8 +75,14 @@ </listitem> <listitem> <para> - If you are using a separate NFS server, perform this step. If you are using the Management Server as the NFS server, you MUST NOT perform this step. + If you are using a separate NFS server, perform this step. </para> + <note> + <para> + Do not perform this step if you are using the Management Server as the NFS server. + </para> + + </note> <para> When the script has finished, unmount secondary storage and remove the created directory. </para> http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/35dcda2e/docs/tmp/en-US/xml_tmp/management-server-install-db-external.xml ---------------------------------------------------------------------- diff --git a/docs/tmp/en-US/xml_tmp/management-server-install-db-external.xml b/docs/tmp/en-US/xml_tmp/management-server-install-db-external.xml index a749dc7..3bba45f 100644 --- a/docs/tmp/en-US/xml_tmp/management-server-install-db-external.xml +++ b/docs/tmp/en-US/xml_tmp/management-server-install-db-external.xml @@ -21,95 +21,120 @@ specific language governing permissions and limitations under the License. --> - <section id="management-server-install-db-external"> - <title>Install the Database on a Separate Node</title> - <para>This section describes how to install MySQL on a standalone machine, separate from the Management Server. - This technique is intended for a deployment that includes several Management Server nodes. - If you have a single-node Management Server deployment, you will typically use the same node for MySQL. - See <xref linkend="management-server-install-db-local"/>. - </para> - <note> - <para>The management server doesn't require a specific distribution for the MySQL node. - You can use a distribution or Operating System of your choice. - Using the same distribution as the management server is recommended, but not required. - See <xref linkend="management-server-system-requirements"/>. - </para> - </note> - <orderedlist> - <listitem> - <para>Install MySQL from the package repository from your distribution:</para> - <para condition="community">On RHEL or CentOS:</para> - <programlisting language="Bash">yum install mysql-server</programlisting> - <para condition="community">On Ubuntu:</para> - <programlisting language="Bash">apt-get install mysql-server</programlisting> - </listitem> - <listitem><para>Edit the MySQL configuration (/etc/my.cnf or /etc/mysql/my.cnf, depending on your OS) - and insert the following lines in the [mysqld] section. You can put these lines below the datadir - line. The max_connections parameter should be set to 350 multiplied by the number of Management - Servers you are deploying. This example assumes two Management Servers.</para> - <note> - <para>On Ubuntu, you can also create a file /etc/mysql/conf.d/cloudstack.cnf and add - these directives there. Don't forget to add [mysqld] on the first line of the - file.</para> - </note> - <programlisting language="Bash">innodb_rollback_on_timeout=1 + <title>Install the Database on a Separate Node</title> + <para>This section describes how to install MySQL on a standalone machine, separate from the + Management Server. This technique is intended for a deployment that includes several Management + Server nodes. If you have a single-node Management Server deployment, you will typically use the + same node for MySQL. See <xref linkend="management-server-install-db-local"/>.</para> + <note> + <para>The management server doesn't require a specific distribution for the MySQL node. You can + use a distribution or Operating System of your choice. Using the same distribution as the + management server is recommended, but not required. See <xref + linkend="management-server-system-requirements"/>.</para> + </note> + <orderedlist> + <listitem> + <para>Install MySQL from the package repository from your distribution:</para> + <para condition="community">On RHEL or CentOS:</para> + <programlisting language="Bash">yum install mysql-server</programlisting> + <para condition="community">On Ubuntu:</para> + <programlisting language="Bash">apt-get install mysql-server</programlisting> + </listitem> + <listitem> + <para>Edit the MySQL configuration (/etc/my.cnf or /etc/mysql/my.cnf, depending on your OS) + and insert the following lines in the [mysqld] section. You can put these lines below the + datadir line. The max_connections parameter should be set to 350 multiplied by the number of + Management Servers you are deploying. This example assumes two Management Servers.</para> + <note> + <para>On Ubuntu, you can also create /etc/mysql/conf.d/cloudstack.cnf file and add these + directives there. Don't forget to add [mysqld] on the first line of the file.</para> + </note> + <programlisting language="Bash">innodb_rollback_on_timeout=1 innodb_lock_wait_timeout=600 max_connections=700 log-bin=mysql-bin binlog-format = 'ROW' -bind-address = 0.0.0.0 </programlisting> +bind-address = 0.0.0.0</programlisting> + </listitem> + <listitem> + <para>Start or restart MySQL to put the new configuration into effect.</para> + <para>On RHEL/CentOS, MySQL doesn't automatically start after installation. Start it + manually.</para> + <programlisting language="Bash">service mysqld start</programlisting> + <para>On Ubuntu, restart MySQL.</para> + <programlisting language="Bash">service mysqld restart</programlisting> + </listitem> + <listitem> + <para>(CentOS and RHEL only; not required on Ubuntu)</para> + <warning> + <para>On RHEL and CentOS, MySQL does not set a root password by default. It is very strongly + recommended that you set a root password as a security precaution.</para> + </warning> + <para>Run the following command to secure your installation. You can answer "Y" to all + questions except "Disallow root login remotely?". Remote root login is required to set up + the databases.</para> + <programlisting language="Bash">mysql_secure_installation</programlisting> + </listitem> + <listitem> + <para>If a firewall is present on the system, open TCP port 3306 so external MySQL connections + can be established.</para> + <para>On Ubuntu, UFW is the default firewall. Open the port with this command:</para> + <programlisting language="Bash">ufw allow mysql</programlisting> + <para>On RHEL/CentOS:</para> + <orderedlist numeration="loweralpha"> + <listitem> + <para>Edit the /etc/sysconfig/iptables file and add the following line at the beginning of + the INPUT chain.</para> + <programlisting language="Bash">-A INPUT -p tcp --dport 3306 -j ACCEPT</programlisting> </listitem> <listitem> - <para>Start or restart MySQL to put the new configuration into effect.</para> - <para>On RHEL/CentOS, - MySQL doesn't automatically start after installation. Start it manually.</para> - <programlisting language="Bash">service mysqld start</programlisting> - <para>On Ubuntu, restart MySQL.</para> - <programlisting language="Bash">service mysqld restart</programlisting> + <para>Now reload the iptables rules.</para> + <programlisting language="Bash">service iptables restart</programlisting> </listitem> + </orderedlist> + </listitem> + <listitem> + <para>Return to the root shell on your first Management Server.</para> + </listitem> + <listitem> + <para>Set up the database. The following command creates the cloud user on the + database.</para> + <itemizedlist> <listitem> - <para>(CentOS and RHEL only; not required on Ubuntu)</para> - <warning> - <para>On RHEL and CentOS, MySQL does not set a root password by default. It is very - strongly recommended that you set a root password as a security precaution. </para> - </warning> - <para>Run the following command to secure your installation. You can answer "Y" to all - questions except "Disallow root login remotely?". Remote root login is required to - set up the databases.</para> - <programlisting language="Bash">mysql_secure_installation</programlisting> + <para>In dbpassword, specify the password to be assigned to the cloud user. You can choose + to provide no password.</para> </listitem> - <listitem><para>If a firewall is present on the system, open TCP port 3306 so external MySQL connections can be established.</para> - <para>On Ubuntu, UFW is the default firewall. Open the port with this command:</para> - <programlisting language="Bash">ufw allow mysql</programlisting> - <para>On RHEL/CentOS:</para> - <orderedlist numeration="loweralpha"> - <listitem> - <para>Edit the /etc/sysconfig/iptables file and add the following line at the beginning of the INPUT chain.</para> - <programlisting language="Bash">-A INPUT -p tcp --dport 3306 -j ACCEPT</programlisting> - </listitem> - <listitem> - <para>Now reload the iptables rules.</para> - <programlisting language="Bash">service iptables restart</programlisting> - </listitem> - </orderedlist> + <listitem> + <para>In deploy-as, specify the username and password of the user deploying the database. + In the following command, it is assumed the root user is deploying the database and + creating the cloud user.</para> + </listitem> + <listitem> + <para>(Optional) For encryption_type, use file or web to indicate the technique used to + pass in the database encryption password. Default: file. See <xref + linkend="about-password-encryption"/>.</para> + </listitem> + <listitem> + <para>(Optional) For management_server_key, substitute the default key that is used to + encrypt confidential parameters in the &PRODUCT; properties file. Default: password. It + is highly recommended that you replace this with a more secure value. See About Password + and Key Encryption.</para> </listitem> - <listitem><para>Return to the root shell on your first Management Server.</para></listitem> <listitem> - <para>Set up the database. The following command creates the cloud user on the database.</para> - <itemizedlist> - <listitem><para>In dbpassword, specify the password to be assigned to the cloud user. You can choose to provide no password.</para></listitem> - <listitem><para>In deploy-as, specify the username and password of the user deploying the database. In the following command, it is assumed the root user is deploying the database and creating the cloud user.</para></listitem> - <listitem><para>(Optional) For encryption_type, use file or web to indicate the technique used to pass in the database encryption password. Default: file. See About Password and Key Encryption.</para></listitem> - <listitem><para>(Optional) For management_server_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; properties file. Default: password. It is highly recommended that you replace this with a more secure value. See About Password and Key Encryption.</para></listitem> - <listitem><para>(Optional) For database_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; database. Default: password. It is highly recommended that you replace this with a more secure value. See About Password and Key Encryption.</para></listitem> - </itemizedlist> - <programlisting language="Bash">cloud-setup-databases cloud:<dbpassword>@<ip address mysql server> \ - --deploy-as=root:<password> \ - -e <encryption_type> \ - -m <management_server_key> \ - -k <database_key></programlisting> - <para>When this script is finished, you should see a message like âSuccessfully initialized the database.â</para> + <para>(Optional) For database_key, substitute the default key that is used to encrypt + confidential parameters in the &PRODUCT; database. Default: password. It is highly + recommended that you replace this with a more secure value. See <xref + linkend="about-password-encryption"/>.</para> </listitem> - </orderedlist> + </itemizedlist> + <programlisting language="Bash">cloud-setup-databases cloud:<dbpassword>@<ip address mysql server> \ +--deploy-as=root:<password> \ +-e <encryption_type> \ +-m <management_server_key> \ +-k <database_key></programlisting> + <para>When this script is finished, you should see a message like âSuccessfully initialized + the database.â</para> + </listitem> + </orderedlist> </section> http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/35dcda2e/docs/tmp/en-US/xml_tmp/management-server-install-db-local.xml ---------------------------------------------------------------------- diff --git a/docs/tmp/en-US/xml_tmp/management-server-install-db-local.xml b/docs/tmp/en-US/xml_tmp/management-server-install-db-local.xml index 9880c54..3e09c55 100644 --- a/docs/tmp/en-US/xml_tmp/management-server-install-db-local.xml +++ b/docs/tmp/en-US/xml_tmp/management-server-install-db-local.xml @@ -1,5 +1,5 @@ <?xml version='1.0' encoding='utf-8' ?> -<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd"; [ +<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd"; [ <!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent"> %BOOK_ENTITIES; ]> @@ -21,69 +21,105 @@ specific language governing permissions and limitations under the License. --> - <section id="management-server-install-db-local"> - <title>Install the Database on the Management Server Node</title> - <para>This section describes how to install MySQL on the same machine with the Management Server. This technique is intended for a simple deployment that has a single Management Server node. If you have a multi-node Management Server deployment, you will typically use a separate node for MySQL. See <xref linkend="management-server-install-db-external" />.</para> - <orderedlist> - <listitem> - <para>Install MySQL from the package repository from your distribution:</para> - <para condition="community">On RHEL or CentOS:</para> - <programlisting language="Bash">yum install mysql-server</programlisting> - <para condition="community">On Ubuntu:</para> - <programlisting language="Bash">apt-get install mysql-server</programlisting> - </listitem> - <listitem> - <para>Edit the MySQL configuration (/etc/my.cnf or /etc/mysql/my.cnf, depending on your OS) and insert the following lines in the [mysqld] section. You can put these lines below the datadir line. The max_connections parameter should be set to 350 multiplied by the number of Management Servers you are deploying. This example assumes one Management Server.</para> - <note> - <para>On Ubuntu, you can also create a file /etc/mysql/conf.d/cloudstack.cnf and add these directives there. Don't forget to add [mysqld] on the first line of the file.</para> - </note> - <programlisting language="Bash">innodb_rollback_on_timeout=1 + <title>Install the Database on the Management Server Node</title> + <para>This section describes how to install MySQL on the same machine with the Management Server. + This technique is intended for a simple deployment that has a single Management Server node. If + you have a multi-node Management Server deployment, you will typically use a separate node for + MySQL. See <xref linkend="management-server-install-db-external"/>.</para> + <orderedlist> + <listitem> + <para>Install MySQL from the package repository from your distribution:</para> + <para condition="community">On RHEL or CentOS:</para> + <programlisting language="Bash">yum install mysql-server</programlisting> + <para condition="community">On Ubuntu:</para> + <programlisting language="Bash">apt-get install mysql-server</programlisting> + </listitem> + <listitem> + <para>Edit the MySQL configuration (/etc/my.cnf or /etc/mysql/my.cnf, depending on your OS) + and insert the following lines in the [mysqld] section. You can put these lines below the + datadir line. The max_connections parameter should be set to 350 multiplied by the number of + Management Servers you are deploying. This example assumes one Management Server.</para> + <note> + <para>On Ubuntu, you can also create a file /etc/mysql/conf.d/cloudstack.cnf and add these + directives there. Don't forget to add [mysqld] on the first line of the file.</para> + </note> + <programlisting language="Bash">innodb_rollback_on_timeout=1 innodb_lock_wait_timeout=600 max_connections=350 log-bin=mysql-bin binlog-format = 'ROW'</programlisting> + </listitem> + <listitem> + <para>Start or restart MySQL to put the new configuration into effect.</para> + <para>On RHEL/CentOS, MySQL doesn't automatically start after installation. Start it + manually.</para> + <programlisting language="Bash">service mysqld start</programlisting> + <para>On Ubuntu, restart MySQL.</para> + <programlisting language="Bash">service mysqld restart</programlisting> + </listitem> + <listitem> + <para>(CentOS and RHEL only; not required on Ubuntu)</para> + <warning> + <para>On RHEL and CentOS, MySQL does not set a root password by default. It is very strongly + recommended that you set a root password as a security precaution. </para> + </warning> + <para>Run the following command to secure your installation. You can answer "Y" to all + questions.</para> + <programlisting language="Bash">mysql_secure_installation</programlisting> + </listitem> + <listitem> + <para>Set up the database. The following command creates the "cloud" user on the + database.</para> + <itemizedlist> + <listitem> + <para>In dbpassword, specify the password to be assigned to the "cloud" user. You can + choose to provide no password although that is not recommended.</para> </listitem> <listitem> - <para>Start or restart MySQL to put the new configuration into effect.</para> - <para>On RHEL/CentOS, - MySQL doesn't automatically start after installation. Start it manually.</para> - <programlisting language="Bash">service mysqld start</programlisting> - <para>On Ubuntu, restart MySQL.</para> - <programlisting language="Bash">service mysqld restart</programlisting> + <para>In deploy-as, specify the username and password of the user deploying the database. + In the following command, it is assumed the root user is deploying the database and + creating the "cloud" user.</para> </listitem> <listitem> - <para>(CentOS and RHEL only; not required on Ubuntu)</para> - <warning> - <para>On RHEL and CentOS, MySQL does not set a root password by default. It is very - strongly recommended that you set a root password as a security precaution. </para> - </warning> - <para>Run the following command to secure your installation. You can answer "Y" to all - questions.</para> - <programlisting language="Bash">mysql_secure_installation</programlisting> + <para>(Optional) For encryption_type, use file or web to indicate the technique used to + pass in the database encryption password. Default: file. See <xref + linkend="about-password-encryption"/>.</para> </listitem> - <listitem><para>Set up the database. The following command creates the "cloud" user on the database.</para> - <itemizedlist> - <listitem><para>In dbpassword, specify the password to be assigned to the "cloud" user. You can choose to provide no password although that is not recommended.</para></listitem> - <listitem><para>In deploy-as, specify the username and password of the user deploying the database. In the following command, it is assumed the root user is deploying the database and creating the "cloud" user.</para></listitem> - <listitem><para>(Optional) For encryption_type, use file or web to indicate the technique used to pass in the database encryption password. Default: file. See About Password and Key Encryption.</para></listitem> - <listitem><para>(Optional) For management_server_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; properties file. Default: password. It is highly recommended that you replace this with a more secure value. See About Password and Key Encryption.</para></listitem> - <listitem><para>(Optional) For database_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; database. Default: password. It is highly recommended that you replace this with a more secure value. See About Password and Key Encryption.</para></listitem> - </itemizedlist> - <programlisting language="Bash">cloud-setup-databases cloud:<dbpassword>@localhost \ - --deploy-as=root:<password> \ - -e <encryption_type> \ - -m <management_server_key> \ - -k <database_key></programlisting> - <para>When this script is finished, you should see a message like âSuccessfully initialized the database.â</para> + <listitem> + <para>(Optional) For management_server_key, substitute the default key that is used to + encrypt confidential parameters in the &PRODUCT; properties file. Default: password. It + is highly recommended that you replace this with a more secure value. See <xref + linkend="about-password-encryption"/>.</para> </listitem> - <listitem><para>If you are running the KVM hypervisor on the same machine with the Management Server, edit /etc/sudoers and add the following line:</para> - <programlisting language="Bash">Defaults:cloud !requiretty</programlisting> - <note><para>This type of single-machine setup is recommended only for a trial installation.</para></note> + <listitem> + <para>(Optional) For database_key, substitute the default key that is used to encrypt + confidential parameters in the &PRODUCT; database. Default: password. It is highly + recommended that you replace this with a more secure value. See <xref + linkend="about-password-encryption"/>.</para> </listitem> - <listitem><para>Now that the database is set up, you can finish configuring the OS for the Management Server. This command will set up iptables, sudoers, and start the Management Server.</para> - <programlisting language="Bash"># cloud-setup-management</programlisting> - <para>You should see the message â&PRODUCT; Management Server setup is done.â</para> - </listitem> - </orderedlist> + </itemizedlist> + <programlisting language="Bash">cloud-setup-databases cloud:<dbpassword>@localhost \ +--deploy-as=root:<password> \ +-e <encryption_type> \ +-m <management_server_key> \ +-k <database_key></programlisting> + <para>When this script is finished, you should see a message like âSuccessfully initialized + the database.â</para> + </listitem> + <listitem> + <para>If you are running the KVM hypervisor on the same machine with the Management Server, + edit /etc/sudoers and add the following line:</para> + <programlisting language="Bash">Defaults:cloud !requiretty</programlisting> + <note> + <para>This type of single-machine setup is recommended only for a trial installation.</para> + </note> + </listitem> + <listitem> + <para>Now that the database is set up, you can finish configuring the OS for the Management + Server. This command will set up iptables, sudoers, and start the Management Server.</para> + <programlisting language="Bash"># cloud-setup-management</programlisting> + <para>You should see the message â&PRODUCT; Management Server setup is done.â</para> + </listitem> + </orderedlist> </section> http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/35dcda2e/docs/tmp/en-US/xml_tmp/management-server-install-flow.xml ---------------------------------------------------------------------- diff --git a/docs/tmp/en-US/xml_tmp/management-server-install-flow.xml b/docs/tmp/en-US/xml_tmp/management-server-install-flow.xml index 33bcac9..cf14857 100644 --- a/docs/tmp/en-US/xml_tmp/management-server-install-flow.xml +++ b/docs/tmp/en-US/xml_tmp/management-server-install-flow.xml @@ -28,6 +28,7 @@ <xi:include href="management-server-install-prepare-os.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> <xi:include href="management-server-install-client.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> <xi:include href="management-server-install-db.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> + <xi:include href="about-password-encryption.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> <xi:include href="management-server-install-nfs-shares.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> <xi:include href="management-server-install-multi-node.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> <xi:include href="management-server-install-systemvm.xml" xmlns:xi="http://www.w3.org/2001/XInclude"; /> http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/35dcda2e/docs/tmp/en-US/xml_tmp/prepare-system-vm-template.xml ---------------------------------------------------------------------- diff --git a/docs/tmp/en-US/xml_tmp/prepare-system-vm-template.xml b/docs/tmp/en-US/xml_tmp/prepare-system-vm-template.xml index 5ed78f7..22674d4 100644 --- a/docs/tmp/en-US/xml_tmp/prepare-system-vm-template.xml +++ b/docs/tmp/en-US/xml_tmp/prepare-system-vm-template.xml @@ -23,8 +23,8 @@ --> <section id="prepare-system-vm-template"> <title>Prepare the System VM Template</title> - <para>Secondary storage must be seeded with a template that is used for &PRODUCT; system - VMs.</para> + <para>Secondary storage must be seeded with a template that is used for &PRODUCT; system VMs. + Citrix provides you with the necessary binary package of the system VM.</para> <note> <para>When copying and pasting a command, be sure the command has pasted as a single line before executing. Some document viewers may introduce unwanted line breaks in copied text.</para> @@ -37,8 +37,8 @@ <para>If your secondary storage mount point is not named /mnt/secondary, substitute your own mount point name.</para> <para>If you set the &PRODUCT; database encryption type to "web" when you set up the database, - you must now add the parameter -s <management-server-secret-key>. See About Password - and Key Encryption.</para> + you must now add the parameter -s <management-server-secret-key>. See <xref + linkend="about-password-encryption"/>.</para> <para>This process will require approximately 5 GB of free space on the local file system and up to 30 minutes each time it runs.</para> <itemizedlist> @@ -57,8 +57,11 @@ </itemizedlist> </listitem> <listitem> - <para>If you are using a separate NFS server, perform this step. If you are using the - Management Server as the NFS server, you MUST NOT perform this step.</para> + <para>If you are using a separate NFS server, perform this step.</para> + <note> + <para>Do not perform this step if you are using the Management Server as the NFS + server.</para> + </note> <para>When the script has finished, unmount secondary storage and remove the created directory.</para> <programlisting># umount /mnt/secondary
