Difference between revisions of "V3 Appliance Reference"
(→Network Menu) |
m (1 revision imported) |
||
Line 1: | Line 1: | ||
− | [[Category: | + | {{template:default}} |
− | [[Category: | + | [[Category:Version3Appliance]] |
+ | [[Category:Manual]] | ||
+ | |||
== Introduction == | == Introduction == | ||
Line 8: | Line 10: | ||
It should be used in conjunction with the How to guides and quick start guide. | It should be used in conjunction with the How to guides and quick start guide. | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== Tomcat Menu == | == Tomcat Menu == | ||
{| class="wikitable" border=1 style="border-collapse:collapse" cellpadding="10" | {| class="wikitable" border=1 style="border-collapse:collapse" cellpadding="10" | ||
+ | |||
|- | |- | ||
| 1 || Start/Stop || Start or Stop Tomcat as required | | 1 || Start/Stop || Start or Stop Tomcat as required | ||
Line 51: | Line 22: | ||
| 3 || HTTPS || Sub menu that allows you to Enable or Disable https on either port 8080 or 8443 as required. <br /> Requires Tomcat Restart to take effect | | 3 || HTTPS || Sub menu that allows you to Enable or Disable https on either port 8080 or 8443 as required. <br /> Requires Tomcat Restart to take effect | ||
|- | |- | ||
− | | 4 || Certificates || Opens a menu for managing certificates | + | | 4 || Certificates ||Opens a menu for managing certificates |
− | |||
− | |||
|} | |} | ||
− | === | + | === Certificates Menu === |
− | {| | + | {| border=1 style="border-collapse:collapse" cellpadding="10" |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
|- | |- | ||
− | | 1 || | + | | 1 || Generate Local Certificate|| Use this option to Generate a Local Certificate, which can then be signed by a Certificate Authority. |
|- | |- | ||
− | | 2 || Generate CSR || Generate a Certificate Signing Request from an existing certificate alias | + | | 2 || Generate CSR || Generate a Certificate Signing Request from an existing certificate alias |
|- | |- | ||
− | | 3 || Import to | + | | 3 || Import to Existing Alias ||This option can be used to import a Certificate Response from a Certificate Authority <br />on top of the existing alias that the Certificate Signing Request was generated from. |
|- | |- | ||
| 4 || View Keystore ||View the contents of the Keystore, either by selecting one alias in particular or choose to view everything. | | 4 || View Keystore ||View the contents of the Keystore, either by selecting one alias in particular or choose to view everything. | ||
Line 84: | Line 45: | ||
|- | |- | ||
| 8 || Import / <br />Roll Back to Previous Keystore || Each time a change is made to a Keystore, a backup is created. <br />This option allows you to rollback to one of those backups and they are labelled according to date and time. <br /> You can also use this option to import from an external keystore. | | 8 || Import / <br />Roll Back to Previous Keystore || Each time a change is made to a Keystore, a backup is created. <br />This option allows you to rollback to one of those backups and they are labelled according to date and time. <br /> You can also use this option to import from an external keystore. | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
|} | |} | ||
− | |||
− | |||
== Network Menu == | == Network Menu == | ||
− | {| | + | {| border=1 style="border-collapse:collapse" cellpadding="10" |
|- | |- | ||
− | | 1 || Change Hostname || Set the hostname of the appliance. | + | | 1 || Change Hostname|| Set the hostname of the appliance. |
− | |||
− | |||
|- | |- | ||
− | | | + | | 2 || Change IP address || Allows for the changing of the address settings of the network interface(s) <br />including IP address, Net mask and Gateway IP address |
|- | |- | ||
− | | | + | | 3 || NIC Settings||Allows for the setting of the bit rate negotiation for the network interfaces. <br />Default is Auto-Negotiation |
|- | |- | ||
− | | | + | | 4 || DNS ||Allows for the adding and removal of DNS servers for the appliance to use for domain-name resolution. |
|- | |- | ||
− | | | + | | 5 || HTTP Proxy || If the Swivel Appliance has to make outbound http connections via an http proxy, those proxy settings can be set here. <br /> This includes proxy IP Address, Port and username/password if required. |
+ | |||
|- | |- | ||
− | | | + | | 6 || NTP Servers || The Swivel appliances run an NTP Daemon. <br />This menu allows you to edit the list of NTP servers that this daemon will use to keep the Appliance server time accurate. |
|- | |- | ||
− | | | + | | 7 || Route Configurations || This allows you to create custom routes, see below |
|- | |- | ||
− | | | + | | 8 || Restart Interfaces ||Allows for the Network interfaces to be restarted. This maybe required to allow new settings to take effect |
|} | |} | ||
Line 137: | Line 74: | ||
− | {| | + | {| border=1 style="border-collapse:collapse" cellpadding="10" |
|- | |- | ||
Line 153: | Line 90: | ||
|- | |- | ||
|} | |} | ||
+ | |||
== Appliance Menu == | == Appliance Menu == | ||
− | {| | + | {| border=1 style="border-collapse:collapse" cellpadding="10" |
|- | |- | ||
Line 174: | Line 112: | ||
− | {| | + | {| border=1 style="border-collapse:collapse" cellpadding="10" |
|- | |- | ||
| || Service || Description || Default | | || Service || Description || Default | ||
Line 186: | Line 124: | ||
| 4 ||Database|| Appliance Database service || ON | | 4 ||Database|| Appliance Database service || ON | ||
|- | |- | ||
− | | 5 || Webmin|| Web based GUI alternative for Appliance management || | + | | 5 || Webmin|| Web based GUI alternative for Appliance management || ON |
|- | |- | ||
| 6 || Heartbeat ||Use for HA installations to determine status of peer appliance || OFF | | 6 || Heartbeat ||Use for HA installations to determine status of peer appliance || OFF | ||
Line 192: | Line 130: | ||
| 7 ||Database|| Use for HA installations to determine status of peer application server||OFF | | 7 ||Database|| Use for HA installations to determine status of peer application server||OFF | ||
|} | |} | ||
+ | |||
=== Start/Stop Services === | === Start/Stop Services === | ||
− | {| | + | {| border=1 style="border-collapse:collapse" cellpadding="10" |
|- | |- | ||
| || Service || Description | | || Service || Description | ||
Line 220: | Line 159: | ||
− | {| | + | {| border=1 style="border-collapse:collapse" cellpadding="10" |
|- | |- | ||
Line 231: | Line 170: | ||
− | {| | + | {| border=1 style="border-collapse:collapse" cellpadding="10" |
|- | |- | ||
| 1 || Backup || This option takes you to the Backup submenu. From here you can choose from a multitude of manual Backup types. | | 1 || Backup || This option takes you to the Backup submenu. From here you can choose from a multitude of manual Backup types. | ||
Line 246: | Line 185: | ||
− | {| | + | {| border=1 style="border-collapse:collapse" cellpadding="10" |
|- | |- | ||
| 1 ||Full Backup || This option takes a full backup of the Swivel Application including the Swivel configuration, database, Tomcat certificate keystore.<br /> The Appliance settings are also backed up. | | 1 ||Full Backup || This option takes a full backup of the Swivel Application including the Swivel configuration, database, Tomcat certificate keystore.<br /> The Appliance settings are also backed up. | ||
Line 261: | Line 200: | ||
=== Restore Menu === | === Restore Menu === | ||
− | {| | + | {| border=1 style="border-collapse:collapse" cellpadding="10" |
|- | |- | ||
| 1 ||Full Restore || This option lets you restore from any full backup present in /backups/swivel. | | 1 ||Full Restore || This option lets you restore from any full backup present in /backups/swivel. | ||
Line 277: | Line 216: | ||
=== Configure FTP Menu === | === Configure FTP Menu === | ||
− | {| | + | {| border=1 style="border-collapse:collapse" cellpadding="10" |
|- | |- | ||
| 1 || Modify FTP Server || Modify the features of the assigned FTP server: server, destination folder, user, password | | 1 || Modify FTP Server || Modify the features of the assigned FTP server: server, destination folder, user, password | ||
Line 289: | Line 228: | ||
== Tools == | == Tools == | ||
− | {| | + | {| border=1 style="border-collapse:collapse" cellpadding="10" |
|- | |- | ||
| 1 || Ping || Allows you to ping a hostname ofrIP address to test DNS and network connectivity | | 1 || Ping || Allows you to ping a hostname ofrIP address to test DNS and network connectivity | ||
Line 309: | Line 248: | ||
=== Disk Space === | === Disk Space === | ||
− | {| | + | {| border=1 style="border-collapse:collapse" cellpadding="10" |
|- | |- | ||
| 1 || Status || Shows the current usage of the Appliance disk partitions | | 1 || Status || Shows the current usage of the Appliance disk partitions | ||
Line 328: | Line 267: | ||
== Admin == | == Admin == | ||
− | {| | + | {| border=1 style="border-collapse:collapse" cellpadding="10" |
|- | |- | ||
| 1 || Change Admin Password || Changes the password required to access the Appliance Menus. <br /> If you do change this password '''please keep a secure record'''. <br /> if you lose this password Swivel Secure may not be able to regain access to the appliance | | 1 || Change Admin Password || Changes the password required to access the Appliance Menus. <br /> If you do change this password '''please keep a secure record'''. <br /> if you lose this password Swivel Secure may not be able to regain access to the appliance | ||
Line 346: | Line 285: | ||
== High Availability (HA) == | == High Availability (HA) == | ||
− | {| | + | {| border=1 style="border-collapse:collapse" cellpadding="10" |
|- | |- | ||
| 1 || Set Peer IP || In an HA configuration there are two servers that act as peers and possibly others that act as Disaster Recovery. <br />Peer servers replicate data between each other (Master-Master replication) <br /> | | 1 || Set Peer IP || In an HA configuration there are two servers that act as peers and possibly others that act as Disaster Recovery. <br />Peer servers replicate data between each other (Master-Master replication) <br /> | ||
Line 388: | Line 327: | ||
=== Database Replication === | === Database Replication === | ||
− | {| | + | {| border=1 style="border-collapse:collapse" cellpadding="10" |
|- | |- | ||
| 1 || Status || Replication will take place between peers and between peers and DRs. <br />This menu will allow you to view the status of replication between this appliance and its peer or its DR | | 1 || Status || Replication will take place between peers and between peers and DRs. <br />This menu will allow you to view the status of replication between this appliance and its peer or its DR | ||
Line 404: | Line 343: | ||
=== Virtual IP === | === Virtual IP === | ||
− | {| | + | {| border=1 style="border-collapse:collapse" cellpadding="10" |
|- | |- | ||
| 1 || Set Email Address || An email alert will be sent in the event of a failover of the VIP from one server to the other <br /> (requires SMTP server to be set up).<br /> This sets the destination email address for this alert | | 1 || Set Email Address || An email alert will be sent in the event of a failover of the VIP from one server to the other <br /> (requires SMTP server to be set up).<br /> This sets the destination email address for this alert |
Revision as of 12:52, 11 May 2017
Contents
Introduction
This is a reference guide for Version 3 of the Swivel Appliance. It describes the function of each menu.
It should be used in conjunction with the How to guides and quick start guide.
Tomcat Menu
1 | Start/Stop | Start or Stop Tomcat as required |
2 | Restart | If Tomcat is running it will be stopped and the restarted. If Tomcat is not running, it will be started |
3 | HTTPS | Sub menu that allows you to Enable or Disable https on either port 8080 or 8443 as required. Requires Tomcat Restart to take effect |
4 | Certificates | Opens a menu for managing certificates |
Certificates Menu
1 | Generate Local Certificate | Use this option to Generate a Local Certificate, which can then be signed by a Certificate Authority. |
2 | Generate CSR | Generate a Certificate Signing Request from an existing certificate alias |
3 | Import to Existing Alias | This option can be used to import a Certificate Response from a Certificate Authority on top of the existing alias that the Certificate Signing Request was generated from. |
4 | View Keystore | View the contents of the Keystore, either by selecting one alias in particular or choose to view everything. |
5 | Delete Certificate from Keystore | Delete a certificate from the Keystore by selecting a particular alias name. |
6 | Generate Self-Signed Certificate | Use this option to Generate a Self-Signed Certificate. |
7 | Clone Certificate | This option can be used to clone a Certificate by specifying the alias name of the certificate you wish to clone and providing a new alias name for the clone. This is useful for backing up aliases prior to making changes such as importing responses |
8 | Import / Roll Back to Previous Keystore |
Each time a change is made to a Keystore, a backup is created. This option allows you to rollback to one of those backups and they are labelled according to date and time. You can also use this option to import from an external keystore. |
Network Menu
1 | Change Hostname | Set the hostname of the appliance. |
2 | Change IP address | Allows for the changing of the address settings of the network interface(s) including IP address, Net mask and Gateway IP address |
3 | NIC Settings | Allows for the setting of the bit rate negotiation for the network interfaces. Default is Auto-Negotiation |
4 | DNS | Allows for the adding and removal of DNS servers for the appliance to use for domain-name resolution. |
5 | HTTP Proxy | If the Swivel Appliance has to make outbound http connections via an http proxy, those proxy settings can be set here. This includes proxy IP Address, Port and username/password if required. |
6 | NTP Servers | The Swivel appliances run an NTP Daemon. This menu allows you to edit the list of NTP servers that this daemon will use to keep the Appliance server time accurate. |
7 | Route Configurations | This allows you to create custom routes, see below |
8 | Restart Interfaces | Allows for the Network interfaces to be restarted. This maybe required to allow new settings to take effect |
Route Configurations Menu
1 | Show Route Table | This displays the default rules for routing traffic. Typically it will show that the default route (for destination IP 0.0.0.0) to be routed via the gateway defined under the Network menu |
2 | Add Route | By default outbound traffic will be routed via the defined gateway. You can specify exceptions to this rule by adding custom routes to the routing table. For example if you require traffic to IP addresses 12.19.19.xxx to be routed via the gateway 172.1.1.1 you would create the route IP address 12.19.19.0
|
3 | Delete Route | You can delete one or all of the custom routes that you have added. This will have no effect on the default routing table. |
Appliance Menu
1 | Default running services | The default running services are those services that will start automatically when the appliance boots. It is recommended that you only start the services your required as starting non-configured services can increase boot times. |
2 | Start/Stop Services | Manually start or stop any of the Appliance services |
3 | SMTP Server | Configure an SMTP server to which to send Appliance alerts |
4 | Set Database to Shipping | Sets the Swivel Core database to Shipping Mode to allow access using default credentials. A Tomcat restart is required |
Default Running Services
Service | Description | Default | |
1 | Tomcat | Host server for Swivel Applications | ON |
2 | Sendmail | Required to use Appliance as a mail relay server | ON |
3 | SNMP | For Network Management (if required) | OFF |
4 | Database | Appliance Database service | ON |
5 | Webmin | Web based GUI alternative for Appliance management | ON |
6 | Heartbeat | Use for HA installations to determine status of peer appliance | OFF |
7 | Database | Use for HA installations to determine status of peer application server | OFF |
Start/Stop Services
Service | Description | |
1 | Tomcat | Host server for Swivel Applications |
2 | Sendmail | Required to use Appliance as a mail relay server |
3 | SNMP | For Network Management (if required) |
4 | Database | Appliance Database service |
5 | Webmin | Web based GUI alternative for Appliance management |
6 | Heartbeat | Use for HA installations to determine status of peer appliance |
7 | Database | Use for HA installations to determine status of peer application server |
SMTP Server
1 | Enable/Disable SMTP | Enable of Disable the sending of alerts via email |
2 | Change SMTP server | Select this option to enter a hostname or IP address of the SMTP server you wish to relay email to, from the appliance. |
Backup and Restore
1 | Backup | This option takes you to the Backup submenu. From here you can choose from a multitude of manual Backup types. |
2 | Restore | This option takes you to the Restore submenu. From here you can choose from a multitude of Restore types. |
3 | Purge Old Backups | Use this option to get to the Purge menu. Here you can define how many days to retain backups and manually purge them |
4 | Configure FTP | Use this option to define your FTP server details. You can also manually send the latest backup to your FTP server. |
Backup Menu
1 | Full Backup | This option takes a full backup of the Swivel Application including the Swivel configuration, database, Tomcat certificate keystore. The Appliance settings are also backed up. |
2 | Application Only Backup | This option takes a backup of the items necessary to restore the application. the Tomcat configuration and keystore, the Swivel home folder contents, and the Tomcat webapps and the database. |
3 | System Only Backup | This option takes a backup of the items more central to the system than the application. Effectively, it’s everything in the full backup that isn’t in the application backup (and the tomcat config and keystore). |
4 | Create Restore Point | This option takes a full backup which is never purged and has an assigned name. |
Restore Menu
1 | Full Restore | This option lets you restore from any full backup present in /backups/swivel. |
2 | Application Only Restore | This option lets you restore only appliance-level files from any full or appliance backup present in /backups/swivel. |
3 | System Only Restore | This option lets you restore only system-level files from any full or system backup present in /backups/swivel. |
4 | Restore Point Restore | This option lets you restore from any restore point backup present in /backups/restore. |
5 | Restore from Older Version | This option lets you restore from v2 backups present in /backups/old |
Configure FTP Menu
1 | Modify FTP Server | Modify the features of the assigned FTP server: server, destination folder, user, password |
2 | Delete FTP Server | Delete the assigned FTP server, and stop sending backups using FTP. |
3 | Forcibly Send Latest Backup Over FTP | Send backups to the FTP server manually. If backups aren’t being sent, the error message from this command could be helpful in debugging the problem. |
Tools
1 | Ping | Allows you to ping a hostname ofrIP address to test DNS and network connectivity |
2 | NS Lookup | Perform a DNS lookup on a hostname |
3 | Telnet | Attempt a telnet session to a remote host and port |
4 | Trace-Route | Lists the hops between the appliance and a remote host |
5 | Command Line | Allows access to the command line, requires command line password, contact support@swivelsecure.com |
6 | Email logs | Collects log information and sends to an email address, requires SMTP server to be set |
7 | Alerts | This allows to enable an email alert to be sent if there is a disk space warning. (See Disk Space) |
Disk Space
1 | Status | Shows the current usage of the Appliance disk partitions |
2 | Change Warning Levels | Allows you to set the level at which a warning will be sent indicating that the partition has gone above capacity expected for normal operation |
3 | Add Disk to Check | Allows you to add a new partition to be have its usage monitored |
4 | Remove a Disk from Check | Remove a disk from the list to be checked |
5 | Restore to Defaults | Restores the partition usage thresholds back to their default settings. |
6 | Email logs | Collects log information and sends to an email address, requires SMTP server to be set |
7 | Alerts | This allows to enable an email alert to be sent if there is a disk space warning. (See Disk Space) |
Admin
1 | Change Admin Password | Changes the password required to access the Appliance Menus. If you do change this password please keep a secure record. if you lose this password Swivel Secure may not be able to regain access to the appliance |
2 | Add Certificate | It is possible to use certificate based authentication to access the Appliance. This menu allows you to add that certificate |
3 | Deauthorise Default Certificates | Remove the ability to log on to the appliance using the default certificates stored in /root/.ssh. Ensure you have some other way of logging in before doing this! |
4 | Reboot | Reboots the appliance. |
5 | Shutdown | Shutdown the appliance, use with caution if remote from appliance |
6 | Update Appliance | The appliance will contact Swivel Secures servers and install any applicable upgrades. |
High Availability (HA)
1 | Set Peer IP | In an HA configuration there are two servers that act as peers and possibly others that act as Disaster Recovery. Peer servers replicate data between each other (Master-Master replication) This menu option allows you to set the details of the appliance that is the peer appliance in the HA pair.
You can set
The Peer Hostname Needs to match the setting set on the peer appliance
Peer IP addresses for ETH0 and ETH1
By default the database replication traffic is routed via eth1.
|
2 | Set DR IP | A DR Appliance has Master-Slave replication. This means changes made on this appliance will be replicated across to the DR Appliance but changes made on the DR appliance will not be reflected back.
This menu allows you to add a DR Appliance to this Appliance so that database replication logs will be available to the configured DR Appliance.
You can add up to 2 DR Appliances.
All that is required is to enter the IP address of the DR appliance |
3 | Database Replication | Start and Stop replication and view the status. see Database Replication |
4 | Virtual IP | An HA pair can share a virtual IP address. If this is enabled then by default primary server will respond to that IP address. In the event that the primary server goes off-line the standby server will respond. The switchover is initiated via Mon or Heartbeat services. See Virtual IP |
5 | Advanced | Change hostnames, IPs for HA. Not usually required as defaults will usually be ok or changes will be made when setting Peer IP address in HA menu |
Database Replication
1 | Status | Replication will take place between peers and between peers and DRs. This menu will allow you to view the status of replication between this appliance and its peer or its DR
|
2 | Start/Stop Reading updates | Starts or stops the reading of updates from the remote peer. Equivalent to starting and stopping the slave. |
3 | Database Replication | Start and Stop replication and view the status. see Database Replication |
4 | Repair Replication | If replication stops (or has never started) this option allows the databases to be brought into to line and for replication to start. To do this select the database that you want to be the version to use. This data will be copied to both servers and replication will be re-started. |
Virtual IP
1 | Set Email Address | An email alert will be sent in the event of a failover of the VIP from one server to the other (requires SMTP server to be set up). This sets the destination email address for this alert |
2 | Change Virtual IP | This sets the value for the virtual IP. This needs setting on both peer appliances. |
3/4 | Add/Remove Ping Nodes | One way that will be used to determine which Appliance should be responding on the virtual IP is to compare how many ping nodes each server can ping. The default gateway is usually a ping node but others can be added. The same number of ping nodes should be set on both appliances |
5 | Start/Stop Mon | Mon monitors whether the Swivel core is running on the peer appliance |
6 | Start/Stop Heartbeat | Heartbeat monitors whether the peer appliance is contactable via either network interface |
Version Information
Lists version numbers of installed software on the appliance.