apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-11-02 20:02:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix for cloudstack-403

Browse Source 
Signed-off-by: Radhika PC <radhika.puthiyetath@citrix.com>
Signed-off-by: Joe Brockmeier <jzb@zonker.net>
This commit is contained in:
Radhika PC 2012-11-02 17:17:49 +05:30 committed by Joe Brockmeier
parent d118a3d764
commit 5722827c1b
4 changed files with 268 additions and 139 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
docs/en-US/about-password-encryption.xml Normal file
View File

@ -0,0 +1,65 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="about-password-encryption">
<title>About Password and Key Encryption</title>
<para>&PRODUCT; stores several sensitive passwords and secret keys that are used to provide
security. These values are always automatically encrypted:</para>
<itemizedlist>
<listitem>
<para>Database secret key</para>
</listitem>
<listitem>
<para>Database password</para>
</listitem>
<listitem>
<para>SSH keys</para>
</listitem>
<listitem>
<para>Compute node root password</para>
</listitem>
<listitem>
<para> VPN password</para>
</listitem>
<listitem>
<para>User API secret key</para>
</listitem>
<listitem>
<para>VNC password</para>
</listitem>
</itemizedlist>
<para>&PRODUCT; uses the Java Simplified Encryption (JASYPT) library. The data values are
encrypted and decrypted using a database secret key, which is stored in one of &PRODUCT;s
internal properties files along with the database password. The other encrypted values listed
above, such as SSH keys, are in the &PRODUCT; internal database.</para>
<para>Of course, the database secret key itself can not be stored in the open it must be
encrypted. How then does &PRODUCT; read it? A second secret key must be provided from an
external source during Management Server startup. This key can be provided in one of two ways:
loaded from a file or provided by the &PRODUCT; administrator. The &PRODUCT; database has a new
configuration setting that lets it know which of these methods will be used. If the encryption
type is set to “file,” the key must be in a file in a known location. If the encryption type is
set to “web,” the administrator runs the utility
com.cloud.utils.crypt.EncryptionSecretKeySender, which relays the key to the Management Server
over a known port.</para>
<para>The encryption type, database secret key, and Management Server secret key are set during
&PRODUCT; installation. They are all parameters to the &PRODUCT; database setup script
(cloud-setup-databases). The default values are file, password, and password. It is, of course,
highly recommended that you change these to more secure keys.</para>
</section>

93
docs/en-US/management-server-install-db-external.xml
View File

@ -21,20 +21,17 @@
specific language governing permissions and limitations
under the License.
-->
<section id="management-server-install-db-external">
<title>Install the Database on a Separate Node</title>
<para>This section describes how to install MySQL on a standalone machine, separate from the Management Server.
This technique is intended for a deployment that includes several Management Server nodes.
If you have a single-node Management Server deployment, you will typically use the same node for MySQL.
See <xref linkend="management-server-install-db-local"/>.
</para>
<para>This section describes how to install MySQL on a standalone machine, separate from the
Management Server. This technique is intended for a deployment that includes several Management
Server nodes. If you have a single-node Management Server deployment, you will typically use the
same node for MySQL. See <xref linkend="management-server-install-db-local"/>.</para>
<note>
<para>The management server doesn't require a specific distribution for the MySQL node.
You can use a distribution or Operating System of your choice.
Using the same distribution as the management server is recommended, but not required.
See <xref linkend="management-server-system-requirements"/>.
</para>
<para>The management server doesn't require a specific distribution for the MySQL node. You can
use a distribution or Operating System of your choice. Using the same distribution as the
management server is recommended, but not required. See <xref
linkend="management-server-system-requirements"/>.</para>
</note>
<orderedlist>
<listitem>
@ -44,14 +41,14 @@
<para condition="community">On Ubuntu:</para>
<programlisting language="Bash">apt-get install mysql-server</programlisting>
</listitem>
<listitem><para>Edit the MySQL configuration (/etc/my.cnf or /etc/mysql/my.cnf, depending on your OS)
and insert the following lines in the [mysqld] section. You can put these lines below the datadir
line. The max_connections parameter should be set to 350 multiplied by the number of Management
Servers you are deploying. This example assumes two Management Servers.</para>
<listitem>
<para>Edit the MySQL configuration (/etc/my.cnf or /etc/mysql/my.cnf, depending on your OS)
and insert the following lines in the [mysqld] section. You can put these lines below the
datadir line. The max_connections parameter should be set to 350 multiplied by the number of
Management Servers you are deploying. This example assumes two Management Servers.</para>
<note>
<para>On Ubuntu, you can also create a file /etc/mysql/conf.d/cloudstack.cnf and add
these directives there. Don't forget to add [mysqld] on the first line of the
file.</para>
<para>On Ubuntu, you can also create /etc/mysql/conf.d/cloudstack.cnf file and add these
directives there. Don't forget to add [mysqld] on the first line of the file.</para>
</note>
<programlisting language="Bash">innodb_rollback_on_timeout=1
innodb_lock_wait_timeout=600
@ -62,8 +59,8 @@ bind-address = 0.0.0.0 </programlisting>
</listitem>
<listitem>
<para>Start or restart MySQL to put the new configuration into effect.</para>
<para>On RHEL/CentOS,
MySQL doesn't automatically start after installation. Start it manually.</para>
<para>On RHEL/CentOS, MySQL doesn't automatically start after installation. Start it
manually.</para>
<programlisting language="Bash">service mysqld start</programlisting>
<para>On Ubuntu, restart MySQL.</para>
<programlisting language="Bash">service mysqld restart</programlisting>
@ -71,21 +68,24 @@ bind-address = 0.0.0.0 </programlisting>
<listitem>
<para>(CentOS and RHEL only; not required on Ubuntu)</para>
<warning>
<para>On RHEL and CentOS, MySQL does not set a root password by default. It is very
strongly recommended that you set a root password as a security precaution. </para>
<para>On RHEL and CentOS, MySQL does not set a root password by default. It is very strongly
recommended that you set a root password as a security precaution.</para>
</warning>
<para>Run the following command to secure your installation. You can answer "Y" to all
questions except "Disallow root login remotely?". Remote root login is required to
set up the databases.</para>
questions except "Disallow root login remotely?". Remote root login is required to set up
the databases.</para>
<programlisting language="Bash">mysql_secure_installation</programlisting>
</listitem>
<listitem><para>If a firewall is present on the system, open TCP port 3306 so external MySQL connections can be established.</para>
<listitem>
<para>If a firewall is present on the system, open TCP port 3306 so external MySQL connections
can be established.</para>
<para>On Ubuntu, UFW is the default firewall. Open the port with this command:</para>
<programlisting language="Bash">ufw allow mysql</programlisting>
<para>On RHEL/CentOS:</para>
<orderedlist numeration="loweralpha">
<listitem>
<para>Edit the /etc/sysconfig/iptables file and add the following line at the beginning of the INPUT chain.</para>
<para>Edit the /etc/sysconfig/iptables file and add the following line at the beginning of
the INPUT chain.</para>
<programlisting language="Bash">-A INPUT -p tcp --dport 3306 -j ACCEPT</programlisting>
</listitem>
<listitem>
@ -94,22 +94,47 @@ bind-address = 0.0.0.0 </programlisting>
</listitem>
</orderedlist>
</listitem>
<listitem><para>Return to the root shell on your first Management Server.</para></listitem>
<listitem>
<para>Set up the database. The following command creates the cloud user on the database.</para>
<para>Return to the root shell on your first Management Server.</para>
</listitem>
<listitem>
<para>Set up the database. The following command creates the cloud user on the
database.</para>
<itemizedlist>
<listitem><para>In dbpassword, specify the password to be assigned to the cloud user. You can choose to provide no password.</para></listitem>
<listitem><para>In deploy-as, specify the username and password of the user deploying the database. In the following command, it is assumed the root user is deploying the database and creating the cloud user.</para></listitem>
<listitem><para>(Optional) For encryption_type, use file or web to indicate the technique used to pass in the database encryption password. Default: file. See About Password and Key Encryption.</para></listitem>
<listitem><para>(Optional) For management_server_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; properties file. Default: password. It is highly recommended that you replace this with a more secure value. See About Password and Key Encryption.</para></listitem>
<listitem><para>(Optional) For database_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; database. Default: password. It is highly recommended that you replace this with a more secure value. See About Password and Key Encryption.</para></listitem>
<listitem>
<para>In dbpassword, specify the password to be assigned to the cloud user. You can choose
to provide no password.</para>
</listitem>
<listitem>
<para>In deploy-as, specify the username and password of the user deploying the database.
In the following command, it is assumed the root user is deploying the database and
creating the cloud user.</para>
</listitem>
<listitem>
<para>(Optional) For encryption_type, use file or web to indicate the technique used to
pass in the database encryption password. Default: file. See <xref
linkend="about-password-encryption"/>.</para>
</listitem>
<listitem>
<para>(Optional) For management_server_key, substitute the default key that is used to
encrypt confidential parameters in the &PRODUCT; properties file. Default: password. It
is highly recommended that you replace this with a more secure value. See About Password
and Key Encryption.</para>
</listitem>
<listitem>
<para>(Optional) For database_key, substitute the default key that is used to encrypt
confidential parameters in the &PRODUCT; database. Default: password. It is highly
recommended that you replace this with a more secure value. See <xref
linkend="about-password-encryption"/>.</para>
</listitem>
</itemizedlist>
<programlisting language="Bash">cloud-setup-databases cloud:&lt;dbpassword&gt;@&lt;ip address mysql server&gt; \
--deploy-as=root:&lt;password&gt; \
-e &lt;encryption_type&gt; \
-m &lt;management_server_key&gt; \
-k &lt;database_key&gt;</programlisting>
<para>When this script is finished, you should see a message like “Successfully initialized the database.”</para>
<para>When this script is finished, you should see a message like “Successfully initialized
the database.”</para>
</listitem>
</orderedlist>
</section>

74
docs/en-US/management-server-install-db-local.xml
View File

@ -1,5 +1,5 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
@ -21,10 +21,12 @@
specific language governing permissions and limitations
under the License.
-->
<section id="management-server-install-db-local">
<title>Install the Database on the Management Server Node</title>
<para>This section describes how to install MySQL on the same machine with the Management Server. This technique is intended for a simple deployment that has a single Management Server node. If you have a multi-node Management Server deployment, you will typically use a separate node for MySQL. See <xref linkend="management-server-install-db-external" />.</para>
<para>This section describes how to install MySQL on the same machine with the Management Server.
This technique is intended for a simple deployment that has a single Management Server node. If
you have a multi-node Management Server deployment, you will typically use a separate node for
MySQL. See <xref linkend="management-server-install-db-external"/>.</para>
<orderedlist>
<listitem>
<para>Install MySQL from the package repository from your distribution:</para>
@ -34,9 +36,13 @@
<programlisting language="Bash">apt-get install mysql-server</programlisting>
</listitem>
<listitem>
<para>Edit the MySQL configuration (/etc/my.cnf or /etc/mysql/my.cnf, depending on your OS) and insert the following lines in the [mysqld] section. You can put these lines below the datadir line. The max_connections parameter should be set to 350 multiplied by the number of Management Servers you are deploying. This example assumes one Management Server.</para>
<para>Edit the MySQL configuration (/etc/my.cnf or /etc/mysql/my.cnf, depending on your OS)
and insert the following lines in the [mysqld] section. You can put these lines below the
datadir line. The max_connections parameter should be set to 350 multiplied by the number of
Management Servers you are deploying. This example assumes one Management Server.</para>
<note>
<para>On Ubuntu, you can also create a file /etc/mysql/conf.d/cloudstack.cnf and add these directives there. Don't forget to add [mysqld] on the first line of the file.</para>
<para>On Ubuntu, you can also create a file /etc/mysql/conf.d/cloudstack.cnf and add these
directives there. Don't forget to add [mysqld] on the first line of the file.</para>
</note>
<programlisting language="Bash">innodb_rollback_on_timeout=1
innodb_lock_wait_timeout=600
@ -46,8 +52,8 @@ binlog-format = 'ROW'</programlisting>
</listitem>
<listitem>
<para>Start or restart MySQL to put the new configuration into effect.</para>
<para>On RHEL/CentOS,
MySQL doesn't automatically start after installation. Start it manually.</para>
<para>On RHEL/CentOS, MySQL doesn't automatically start after installation. Start it
manually.</para>
<programlisting language="Bash">service mysqld start</programlisting>
<para>On Ubuntu, restart MySQL.</para>
<programlisting language="Bash">service mysqld restart</programlisting>
@ -55,33 +61,63 @@ binlog-format = 'ROW'</programlisting>
<listitem>
<para>(CentOS and RHEL only; not required on Ubuntu)</para>
<warning>
<para>On RHEL and CentOS, MySQL does not set a root password by default. It is very
strongly recommended that you set a root password as a security precaution. </para>
<para>On RHEL and CentOS, MySQL does not set a root password by default. It is very strongly
recommended that you set a root password as a security precaution. </para>
</warning>
<para>Run the following command to secure your installation. You can answer "Y" to all
questions.</para>
<programlisting language="Bash">mysql_secure_installation</programlisting>
</listitem>
<listitem><para>Set up the database. The following command creates the "cloud" user on the database.</para>
<listitem>
<para>Set up the database. The following command creates the "cloud" user on the
database.</para>
<itemizedlist>
<listitem><para>In dbpassword, specify the password to be assigned to the "cloud" user. You can choose to provide no password although that is not recommended.</para></listitem>
<listitem><para>In deploy-as, specify the username and password of the user deploying the database. In the following command, it is assumed the root user is deploying the database and creating the "cloud" user.</para></listitem>
<listitem><para>(Optional) For encryption_type, use file or web to indicate the technique used to pass in the database encryption password. Default: file. See About Password and Key Encryption.</para></listitem>
<listitem><para>(Optional) For management_server_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; properties file. Default: password. It is highly recommended that you replace this with a more secure value. See About Password and Key Encryption.</para></listitem>
<listitem><para>(Optional) For database_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; database. Default: password. It is highly recommended that you replace this with a more secure value. See About Password and Key Encryption.</para></listitem>
<listitem>
<para>In dbpassword, specify the password to be assigned to the "cloud" user. You can
choose to provide no password although that is not recommended.</para>
</listitem>
<listitem>
<para>In deploy-as, specify the username and password of the user deploying the database.
In the following command, it is assumed the root user is deploying the database and
creating the "cloud" user.</para>
</listitem>
<listitem>
<para>(Optional) For encryption_type, use file or web to indicate the technique used to
pass in the database encryption password. Default: file. See <xref
linkend="about-password-encryption"/>.</para>
</listitem>
<listitem>
<para>(Optional) For management_server_key, substitute the default key that is used to
encrypt confidential parameters in the &PRODUCT; properties file. Default: password. It
is highly recommended that you replace this with a more secure value. See <xref
linkend="about-password-encryption"/>.</para>
</listitem>
<listitem>
<para>(Optional) For database_key, substitute the default key that is used to encrypt
confidential parameters in the &PRODUCT; database. Default: password. It is highly
recommended that you replace this with a more secure value. See <xref
linkend="about-password-encryption"/>.</para>
</listitem>
</itemizedlist>
<programlisting language="Bash">cloud-setup-databases cloud:&lt;dbpassword&gt;@localhost \
--deploy-as=root:&lt;password&gt; \
-e &lt;encryption_type&gt; \
-m &lt;management_server_key&gt; \
-k &lt;database_key&gt;</programlisting>
<para>When this script is finished, you should see a message like “Successfully initialized the database.”</para>
<para>When this script is finished, you should see a message like “Successfully initialized
the database.”</para>
</listitem>
<listitem><para>If you are running the KVM hypervisor on the same machine with the Management Server, edit /etc/sudoers and add the following line:</para>
<listitem>
<para>If you are running the KVM hypervisor on the same machine with the Management Server,
edit /etc/sudoers and add the following line:</para>
<programlisting language="Bash">Defaults:cloud !requiretty</programlisting>
<note><para>This type of single-machine setup is recommended only for a trial installation.</para></note>
<note>
<para>This type of single-machine setup is recommended only for a trial installation.</para>
</note>
</listitem>
<listitem><para>Now that the database is set up, you can finish configuring the OS for the Management Server. This command will set up iptables, sudoers, and start the Management Server.</para>
<listitem>
<para>Now that the database is set up, you can finish configuring the OS for the Management
Server. This command will set up iptables, sudoers, and start the Management Server.</para>
<programlisting language="Bash"># cloud-setup-management</programlisting>
<para>You should see the message “&PRODUCT; Management Server setup is done.”</para>
</listitem>

15
docs/en-US/prepare-system-vm-template.xml
View File

@ -23,8 +23,8 @@
-->
<section id="prepare-system-vm-template">
<title>Prepare the System VM Template</title>
<para>Secondary storage must be seeded with a template that is used for &PRODUCT; system
VMs.</para>
<para>Secondary storage must be seeded with a template that is used for &PRODUCT; system VMs.
Citrix provides you with the necessary binary package of the system VM.</para>
<note>
<para>When copying and pasting a command, be sure the command has pasted as a single line before
executing. Some document viewers may introduce unwanted line breaks in copied text.</para>
@ -37,8 +37,8 @@
<para>If your secondary storage mount point is not named /mnt/secondary, substitute your own
mount point name.</para>
<para>If you set the &PRODUCT; database encryption type to "web" when you set up the database,
you must now add the parameter -s &lt;management-server-secret-key&gt;. See About Password
and Key Encryption.</para>
you must now add the parameter -s &lt;management-server-secret-key&gt;. See <xref
linkend="about-password-encryption"/>.</para>
<para>This process will require approximately 5 GB of free space on the local file system and
up to 30 minutes each time it runs.</para>
<itemizedlist>
@ -57,8 +57,11 @@
</itemizedlist>
</listitem>
<listitem>
<para>If you are using a separate NFS server, perform this step. If you are using the
Management Server as the NFS server, you MUST NOT perform this step.</para>
<para>If you are using a separate NFS server, perform this step.</para>
<note>
<para>Do not perform this step if you are using the Management Server as the NFS
server.</para>
</note>
<para>When the script has finished, unmount secondary storage and remove the created
directory.</para>
<programlisting># umount /mnt/secondary