Skip to content

Guide to Install RDAF deployment CLI.

1. RDAF Deployment CLI

RDA Fabric deployment CLI is a comprehensive command line management tool that is used to setup, install/deploy and manage CloudFabrix on-premise Docker registry, RDA Fabric platform, infrastructure and application services.

RDA Fabric platform, infrastructure and application services are supported to be deployed on a Kubernetes cluster or as a standalone container services using docker-compose utility.

RDAF CLI uses docker-compose as underlying container management utility for deploying and managing RDA Fabric environment when it need to be deployed on non-kubernetes cluster environment.

RDAF CLI can be installed on on-premise docker registry VM if it is provisioned or on one of the RDA Fabric platform VMs or both to install, configure and manage on-premise docker registry service and RDA Fabric platform services.

1.1 CLI Installation:

Login as rdauser user into on-premise docker registry or RDA Fabric Platform VM using any SSH client tool (ex: putty)

Run the following command to install the RDA Fabric deployment CLI tool.

pip install --user rdafcli-<version>.tar.gz

Run the below command to verify installed RDAF deployment CLI version

rdaf --version

Run the below command to view the RDAF deployment CLI help

1
2
3
4
5
6
rdaf --help

Documented commands (type help <topic>):
========================================
app           help   platform      registry  setregistry  status
config_check  infra  prune_images  reset     setup        worker

1.2 On-premise Docker Registry setup:

CloudFabrix support hosting an on-premise docker registry which will download and synchronize RDA Fabric's platform, infrastructure and application services from CloudFabrix's public docker registry that is securely hosted on AWS and from other public docker registries as well. For more information on on-premise docker registry, please refer Docker registry access for RDAF platform services.

1.2.1 rdaf registry setup

Run rdaf registry --help to see available CLI options to deploy and manage on-premise docker registry.

rdaf registry --help

usage: ('registry',) [--insecure] [-h] [--debug]
                     {setup,upgrade,install,fetch,delete-images,list-tags} ...

Manage the Docker registry

positional arguments:
  {setup,upgrade,install,fetch,delete-images,list-tags}
    setup               Setup Docker Registry
    upgrade             Upgrade Registry locally
    install             Install Registry locally
    fetch               Fetch from configured Docker registries
    delete-images       Deletes tag(s) and corresponding docker images
    list-tags           Lists all the tags for all images in the docker
                        registry

optional arguments:
  --insecure            Ignore SSL certificate issues when communicating with
                        various hosts
  -h, --help            show this help message and exit
  --debug               Enable debug logs for the CLI operations

Run rdaf registry setup --help to see available CLI options.

rdaf registry setup --help

optional arguments:
  -h, --help            show this help message and exit
  --install-root INSTALL_ROOT
                        Path to a directory where the Docker registry will be
                        installed and managed
  --docker-server-host DOCKER_SERVER_HOST
                        Host name or IP address of the host where the Docker
                        registry will be installed
  --docker-registry-source-host DOCKER_SOURCE_HOST
                        The hostname/IP of the source docker registry
  --docker-registry-source-port DOCKER_SOURCE_PORT
                        port of the docker registry
  --docker-registry-source-user DOCKER_SOURCE_USER
                        The username to use while connecting to the source
                        docker registry
  --docker-registry-source-password DOCKER_SOURCE_PASSWORD
                        The password to use while connecting to the source
                        docker registry
  --no-prompt           Don't prompt for inputs

Run the below command to setup and configure on-premise docker registry service. In the below command example, 10.99.120.140 is the machine on which on-premise registry service is going to installed.

cfxregistry.cloudfabrix.io is the CloudFabrix's public docker registry hosted on AWS from which RDA Fabric docker images are going to be downloaded.

1
2
3
4
5
rdaf registry setup --docker-server-host 10.99.120.140 \
    --docker-registry-source-host cfxregistry.cloudfabrix.io \
    --docker-registry-source-port 443 \
    --docker-registry-source-user readonly \
    --docker-registry-source-password readonly

1.2.2 rdaf registry install

Run the below command to install the on-premise docker registry service.

rdaf registry install --tag <tag-name>

Info

  • For latest tag version, please contact support@cloudfabrix.com
  • On-premise docker registry service runs on port TCP/5000. This port may need to be enabled on firewall device if on-premise docker registry service and RDA Fabric service VMs are deployed in different network environments.

Run the below command to upgrade the on-premise docker registry service to latest version.

rdaf registry upgrade --tag <tag-name>

To check the status of the on-premise docker registry service, run the below command.

docker ps -a | grep docker-registry

1.2.3 rdaf registry fetch

Once on-premise docker registry service is installed, run the below command to download one or more tags to pre-stage the docker images for RDA Fabric services deployment for fresh install or upgrade.

rdaf registry fetch --tag 1.0.1,1.0.2

Minio object storage service image need to be downloaded explicitly using the below command.

rdaf registry fetch --minio-tag RELEASE.2022-05-08T23-50-31Z

Info

Note: It may take few minutes to few hours depends on the outbound internet access bandwidth and the number of docker images to be downloaded. The default location path for the downloaded docker images is /opt/rdaf/data/docker/registry. This path can be overridden/changed during rdaf registry setup command using --install-root option if needed.

1.2.4 rdaf registry list-tags

Run the below command to list the downloaded images and their corresponding tags / versions.

rdaf registry list-tags

1.2.5 rdaf registry delete-images

Run the below command to delete one or more tags and corresponding docker images from on-premise docker registry.

rdaf registry delete-images

Important

When on-premise docker repository service is used, please make sure to add the insecure-registries parameter to /etc/docker/daemon.json file and restart the docker daemon as shown below on all of RDA Fabric VMs before the deployment.

{
 "tls": true, 
 "tlscacert": "/etc/tlscerts/ca/ca.pem", 
 "tlsverify": true, 
 "storage-driver": "overlay2", 
 "hosts": [
  "unix:///var/run/docker.sock", 
  "tcp://0.0.0.0:2376"
 ], 
 "tlskey": "/etc/tlscerts/server/server.key", 
 "debug": false, 
 "tlscert": "/etc/tlscerts/server/server.pem", 
 "experimental": false, 
 "insecure-registries" : ["<on-premise-docker-registry-ip-or-dns>:5000"],
 "live-restore": true
}
sudo systemctl restart docker

Tip

The location of the on-premise docker registry's CA certificate file ca.crt is located under /opt/rdaf/cert/ca/. This file ca.crt need to be copied to the machine on which RDAF CLI is used to setup, configure and install RDA Fabric platform and all of the required services using on-premise docker registry. This step is not applicable when cloud hosted docker registry cfxregistry.cloudfabrix.io is used.

1.3 RDAF Platform setup

1.3.1 rdaf setregistry

When on-premise docker registry is deployed, change the default docker registry configuration to on-premise docker registry host to pull and install the RDA Fabric services.

Please refer rdaf setregistry --help for detailed command options.

Configure the Docker registry for the platform

optional arguments:
  -h, --help            show this help message and exit
  --debug               Enable debug logs for the CLI operations (Optional)
  --host DOCKER_REGISTRY_HOST
                        Hostname/IP of the Docker registry
  --port DOCKER_REGISTRY_PORT
                        Port of the Docker registry
  --user DOCKER_REGISTRY_USER
                        Username of the Docker registry (Optional)
  --password DOCKER_REGISTRY_PASSWORD
                        Password of the Docker registry (Optional)
  --cert-path CERT_PATH
                        path of the Docker registry ca cert
  • Copy the ca.crt file from on-premise registry.

sudo mkdir /opt/rdaf/registry-ca-cert
sudo chown -R `id -u`:`id -g` /opt/rdaf/registry-ca-cert
scp rdauser@<on-premise-registry-ip>:/opt/rdaf/cert/ca/ca.crt /opt/rdaf/registry-ca-cert/registry-ca-cert.crt

  • Run the below command to set the docker-registry to on-premise one.
rdaf setregistry --host <on-premise-docker-registry-ip-or-dns> --port 5000 --cert-path /opt/rdaf/registry-ca-cert/registry-ca-cert.crt

Tip

Please verify if on-premise registry is accessible on port 5000 using either of the below commands.

  • telnet <on-premise-docker-registry-ip-or-dns> 5000
  • curl -vv telnet://<on-premise-docker-registry-ip-or-dns>:5000

1.3.2 rdaf setup

Run the below rdaf setup command to create the RDAF platform's deployment configuration. It is a pre-requisite before RDAF infrastructure, platform and application services can be installed.

It will prompt for all the necessary configuration details.

rdaf setup
  • Accept the EULA
Do you accept the EULA? [yes/no]: yes
  • Enter the rdauser SSH password for all of the RDAF hosts.
What is the SSH password for the SSH user used to communicate between hosts
SSH password:
Re-enter SSH password:

Tip

Please make sure rdauser's SSH password on all of the RDAF hosts is same during the rdaf setup command.

  • Enter RDAF Platform host(s) ip address or DNS name. For HA configuration, please enter comma separated values. Minimum of 2 hosts are required for the HA configuration. If it is a non-HA deployment, only one RDAF platform host's ip address or DNS name is required.
What are the host(s) on which you want the RDAF platform services to be installed?
Platform service host(s)[rda-platform-vm01]: 192.168.125.141,192.168.125.142
  • Enter RDAF Application services host(s) ip address or DNS name. For HA configuration, please enter comma separated values. Minimum of 2 hosts or more are required for the HA configuration. If it is a non-HA deployment, only one RDAF application service host's ip address or DNS name is required.
What are the host(s) on which you want the application services to be installed?
Application service host(s)[rda-platform-vm01]: 192.168.125.143,192.168.125.144
  • Enter the name of the Organization. In the below example, ACME_IT_Services is used as the Organization name. It is for a reference only.
What is the organization you want to use for the admin user created?
Admin organization[CloudFabrix]: ACME_IT_Services
  • Enter RDAF Worker service host(s) ip address or DNS name. For HA configuration, please enter comma separated values. Minimum of 2 hosts or more are required for the HA configuration. If it is a non-HA deployment, only one RDAF worker service host's ip address or DNS name is required.
What are the host(s) on which you want the Worker to be installed?
Worker host(s)[rda-platform-vm01]: 192.168.125.145
  • Enter RDAF infrastructure service NATs host(s) ip address or DNS name. For HA configuration, please enter comma separated values. Minimum of 2 hosts are required for the NATs HA configuration. If it is a non-HA deployment, only one RDAF NATs service host's ip address or DNS name is required.
What is the "host/path-on-host" on which you want the Nats to be deployed?
Nats host/path[192.168.125.141]: 192.168.125.145,192.168.125.146
  • Enter RDAF infrastructure service Minio host(s) ip address or DNS name. For HA configuration, please enter comma separated values. Minimum of 4 hosts are required for the Minio HA configuration. If it is a non-HA deployment, only one RDAF Minio service host's ip address or DNS name is required.
What is the "host/path-on-host" where you want Minio to be provisioned?
Minio server host/path[192.168.125.141]: 192.168.125.145,192.168.125.146,192.168.125.147,192.168.125.148
  • Change the default Minio user credentials if needed or press Enter to accept the defaults.
What is the user name you want to give for Minio root user that will be created and used by the RDAF platform?
Minio user[rdafadmin]: 
What is the password you want to use for the newly created Minio root user?
Minio password[Q8aJ63PT]: 
  • Enter RDAF infrastructure service MariDB database host(s) ip address or DNS name. For HA configuration, please enter comma separated values. Minimum of 3 hosts are required for the MariDB database HA configuration. If it is a non-HA deployment, only one RDAF MariaDB service host's ip address or DNS name is required.
What is the "host/path-on-host" on which you want the MariaDB server to be provisioned?
MariaDB server host/path[192.168.125.141]: 192.168.125.145,192.168.125.146,192.168.125.147
  • Change the default MariaDB user credentials if needed or press Enter to accept the defaults.
What is the user name you want to give for MariaDB admin user that will be created and used by the RDAF platform?
MariaDB user[rdafadmin]: 
What is the password you want to use for the newly created MariaDB root user?
MariaDB password[jffqjAaZ]: 
  • Enter RDAF infrastructure service Opensearch host(s) ip address or DNS name. For HA configuration, please enter comma separated values. Minimum of 3 hosts are required for the Opensearch HA configuration. If it is a non-HA deployment, only one RDAF Opensearch service host's ip address or DNS name is required.
What is the "host/path-on-host" on which you want the opensearch server to be provisioned?
opensearch server host/path[192.168.125.141]: 192.168.125.145,192.168.125.146,192.168.125.147
  • Change the default Opensearch user credentials if needed or press Enter to accept the defaults.
What is the user name you want to give for Opensearch admin user that will be created and used by the RDAF platform?
Opensearch user[rdafadmin]: 
What is the password you want to use for the newly created Opensearch admin user?
Opensearch password[sLmr4ICX]: 
  • Enter RDAF infrastructure service Zookeeper host(s) ip address or DNS name. For HA configuration, please enter comma separated values. Minimum of 3 hosts are required for the Zookeeper HA configuration. If it is a non-HA deployment, only one RDAF Zookeeper service host's ip address or DNS name is required.
What is the "host/path-on-host" on which you want the Zookeeper server to be provisioned?
Zookeeper server host/path[192.168.125.141]: 192.168.125.145,192.168.125.146,192.168.125.147
  • Enter RDAF infrastructure service Kafka host(s) ip address or DNS name. For HA configuration, please enter comma separated values. Minimum of 3 hosts are required for the Kafka HA configuration. If it is a non-HA deployment, only one RDAF Kafka service host's ip address or DNS name is required.
What is the "host/path-on-host" on which you want the Kafka server to be provisioned?
Kafka server host/path[192.168.125.141]: 192.168.125.145,192.168.125.146,192.168.125.147
  • Enter RDAF infrastructure service Redis host(s) ip address or DNS name. For HA configuration, please enter comma separated values. Minimum of 3 hosts are required for the Redis HA configuration. If it is a non-HA deployment, only one RDAF Redis service host's ip address or DNS name is required.
What is the "host/path-on-host" on which you want the Redis server to be provisioned?
Redis server host/path[192.168.125.141]: 192.168.125.145,192.168.125.146,192.168.125.147
  • Enter RDAF infrastructure service HAProxy (load-balancer) host(s) ip address or DNS name. For HA configuration, please enter comma separated values. Minimum of 2 hosts are required for the HAProxy HA configuration. If it is a non-HA deployment, only one RDAF HAProxy service host's ip address or DNS name is required.
What is the host on which you want HAProxy to be provisioned?
HAProxy host[192.168.125.141]: 192.168.125.145,192.168.125.146
  • Select the network interface name which is used for UI portal access. Ex: eth0 or ens160 etc.
What is the network interface on which you want the rdaf to be accessible externally?
Advertised external interface[eth0]: ens160
  • Enter the HAProxy service's virtual IP address when it is configured in HA configuration. Virtual IP address should be an unused IP address. This step is not applicable when HAProxy service is deployed in non-HA configuration.
What is the host on which you want the platform to be externally accessible?
Advertised external host[192.168.125.143]: 192.168.125.149

After entering the required inputs as above, rdaf setup generates self-signed SSL certificates, creates the required directory structure, configures SSH key based authentication on all of the RDAF hosts and generates rdaf.cfg configuration file under /opt/rdaf directory.

It creates the below director structure on all of the RDAF hosts.

  • /opt/rdaf/cert: It contains the generated self-signed SSL certificates for all of the RDAF hosts.
  • /opt/rdaf/config: It contains the required configuration file for each deployed RDAF service where applicable.
  • /opt/rdaf/data: It contains the persistent data for some of the RDAF services.
  • /opt/rdaf/deployment-scripts: It contains the docker-compose .yml file of the services that are configured to be provisioned on RDAF host.
  • /opt/rdaf/logs: It contains the RDAF services log files.

1.3.3 rdaf infra

rdaf infra command is used to deploy and manage RDAF infrastructure services. Run the below command to view available CLI options.

usage: infra [--insecure] [-h] [--debug] {status,install,upgrade,up,down} ...

Manage infra services

positional arguments:
  {status,install,upgrade,up,down}
    status              Status of the RDAF Infra
    install             Install the RDAF Infra containers
    upgrade             Upgrade the RDAF Infra containers
    up                  Crate the RDAF Infra Containers
    down                Delete the RDAF Infra Containers

optional arguments:
  --insecure            Ignore SSL certificate issues when communicating with
                        various hosts
  -h, --help            show this help message and exit
  --debug               Enable debug logs for the CLI operations
1.3.3.1 Install infra services

rdaf infra install command is used to deploy / install RDAF infrastructure services. Run the below command to view the available CLI options.

usage: infra install [-h] --tag TAG [--service SERVICES]

optional arguments:
  -h, --help          show this help message and exit
  --tag TAG           Tag to use for the docker images of the infra components
  --service SERVICES  Restrict the scope of the command to a specific service

Run the below command to deploy all RDAF infrastructure services. (Note: Below shown tag name is a sample one for a reference only, for actual tag, please contact CloudFabrix support team at support@cloudfabrix.com.)

rdaf infra install --tag 1.0.1

Run the below command to install a specific RDAF infrastructure service. Below are the supported infrastructure services. (Note: Below shown tag name is a sample one for a reference only, for actual tag, please contact CloudFabrix support team at support@cloudfabrix.com)

  • haproxy
  • nats
  • mariadb
  • opensearch
  • kafka
  • zookeeper
  • redis
rdaf infra install --service haproxy --tag 1.0.1
1.3.3.2 Status check

Run the below command to see the status of all of the deployed RDAF infrastructure services.

rdaf infra status
+----------------+---------------+-------------------+--------------+------------------------------+
| Name           | Host          | Status            | Container Id | Tag                          |
+----------------+---------------+-------------------+--------------+------------------------------+
| haproxy        | 192.168.125.143 | Up 10 minutes     | 390aaacc2c2a | 1.0.1                        |
| haproxy        | 192.168.125.144 | Up 4 minutes      | 047dd8bd1f46 | 1.0.1                        |
| keepalived     | 192.168.125.143 | active            | N/A          | N/A                          |
| keepalived     | 192.168.125.144 | active            | N/A          | N/A                          |
| nats           | 192.168.125.143 | Up 4 minutes      | 7dce6b27e944 | 1.0.1                        |
| nats           | 192.168.125.144 | Up 4 minutes      | 99efcf0c85d5 | 1.0.1                        |
| minio          | 192.168.125.143 | Up 4 minutes      | 44d273514136 | RELEASE.2022-05-08T23-50-31Z |
| minio          | 192.168.125.144 | Up 4 minutes      | f29c601fb19f | RELEASE.2022-05-08T23-50-31Z |
| minio          | 192.168.125.145 | Up 3 minutes      | e31494b1f150 | RELEASE.2022-05-08T23-50-31Z |
| minio          | 192.168.125.146 | Up 3 minutes      | 1b286a6e80ae | RELEASE.2022-05-08T23-50-31Z |
| mariadb        | 192.168.125.143 | Up 3 minutes      | 74ac88171487 | 1.0.1                        |
| mariadb        | 192.168.125.144 | Up 3 minutes      | 985dae637bc3 | 1.0.1                        |
| mariadb        | 192.168.125.145 | Up 3 minutes      | 320c19c7194d | 1.0.1                        |
| opensearch     | 192.168.125.143 | Up 2 minutes      | 306516b8888e | 1.0.1                        |
| opensearch     | 192.168.125.144 | Up 2 minutes      | fbd40979bcd1 | 1.0.1                        |
| opensearch     | 192.168.125.145 | Up 2 minutes      | 76a5bed0b3e7 | 1.0.1                        |
| zookeeper      | 192.168.125.143 | Up About a minute | 2feb7590465c | 1.0.1                        |
| zookeeper      | 192.168.125.144 | Up About a minute | bd330173e3ca | 1.0.1                        |
| zookeeper      | 192.168.125.145 | Up 43 seconds     | ef738a6082d7 | 1.0.1                        |
| kafka          | 192.168.125.143 | Up 36 seconds     | df9f9c36c4a9 | 1.0.1                        |
| kafka          | 192.168.125.144 | Up 31 seconds     | 96dd9273765d | 1.0.1                        |
| kafka          | 192.168.125.145 | Up 27 seconds     | f9ebd18b53b1 | 1.0.1                        |
| redis          | 192.168.125.143 | Up 20 seconds     | 095d7069d0fb | 1.0.1                        |
| redis          | 192.168.125.144 | Up 15 seconds     | 78dfe09c2504 | 1.0.1                        |
| redis          | 192.168.125.145 | Up 10 seconds     | 610d39a2d36d | 1.0.1                        |
| redis-sentinel | 192.168.125.143 | Up 5 seconds      | 3938218e2fa2 | 1.0.1                        |
| redis-sentinel | 192.168.125.144 | Up 3 seconds      | fd8b991f923d | 1.0.1                        |
| redis-sentinel | 192.168.125.145 | Up 1 second       | fa7b3b5e6b40 | 1.0.1                        |
1.3.3.3 Start/Stop infra services

Run the below command to start / stop all RDAF infrastructure services.

rdaf infra up
rdaf infra down

Run the below commands to start / stop a specific RDAF infrastructure service.

rdaf infra up --service minio
rdaf infra down --service minio

Danger

Stopping and Starting RDAF infrastructure service or services is a disruptive operation which will impact all of the RDAF dependant services and causes a downtime. When RDAF platform is deployed in Production environment, please perform these operations only during a scheduled downtime.

1.3.3.4 Upgrade infra services

Run the below command to upgrade all RDAF infrastructure services to a newer version.

rdaf infra upgrade --tag 1.0.2

Run the below command to upgrade a specific RDAF infrastructure service to a newer version.

rdaf infra upgrade --service nats --tag 1.0.2

Tip

Above shown tag version is a sample one and for a reference only, for actual newer versioned tag, please contact CloudFabrix support team at support@cloudfabrix.com

Danger

Please take full configuration and data backup of RDAF platform before any upgrade process. Upgrading RDAF infrastructure service or services is a disruptive operation which will impact all of the RDAF dependant services and causes a downtime. When RDAF platform is deployed in Production environment, please perform upgrade operation only during a scheduled downtime.

1.3.4 rdaf platform

rdaf platform command is used to deploy and manage RDAF core platform services. Run the below command to view available CLI options.

usage: platform [-h] [--debug] {} ...

Manage the RDAF Platform

positional arguments:
  {}                commands
    add-service-host
                    Add extra service vm
    status          Status of the RDAF Platform
    up              Create the RDAF Platform Containers
    down            Deleting the RDAF Platform Containers
    install         Install the RDAF platform containers
    upgrade         Upgrade the RDAF platform containers
    generate-certs  Generate certificates for hosts belonging to this
                    installation
    reset-admin-user
                    reset the password of user

optional arguments:
  -h, --help        show this help message and exit
  --debug           Enable debug logs for the CLI operations
1.3.4.1 Install platform services

rdaf platform install command is used to deploy / install RDAF core platform services. Run the below command to view the available CLI options.

usage: platform install [-h] --tag TAG [--service SERVICES]

optional arguments:
  -h, --help          show this help message and exit
  --tag TAG           Tag to use for the docker images of the platform
                      components
  --service SERVICES  Restrict the scope of the command to specific service

Run the below command to deploy all RDAF core infrastructure services. (Note: Below shown tag name is a sample one for a reference only, for actual tag, please contact CloudFabrix support team at support@cloudfabrix.com)

rdaf platform install --tag 3.0.5

As part of the installation of RDAF core platform services, it creates a default tenant admin user called admin@cfx.com

The default password for admin@cfx.com is admin1234

On first login onto RDAF UI portal, it prompts for resetting the above default password to user's choice.

In order to access RDAF UI portal, open a web browser and type the HAProxy server's IP address if it is a non-HA deployment or HAProxy server's virtual IP address if it is an HA deployment as shown below.

https://192.168.125.148
1.3.4.2 Status check

Run the below command to see the status of all of the deployed RDAF infrastructure services.

rdaf platform status
+--------------------------+---------------+-------------------+--------------+---------------------+
| Name                     | Host          | Status            | Container Id | Tag                 |
+--------------------------+---------------+-------------------+--------------+---------------------+
| cfx-rda-access-manager   | 192.168.125.141 | Up 2 minutes      | 7da846eb3d79 |     3.0.5         |
| cfx-rda-resource-manager | 192.168.125.141 | Up 2 minutes      | 46f7cccc2ad4 |     3.0.5         |
| cfx-rda-user-preferences | 192.168.125.141 | Up 2 minutes      | 76e3ca13d497 |     3.0.5         |
| portal-backend           | 192.168.125.141 | Up About a minute | 9f0a7f6eb201 |     3.0.5         |
| portal-frontend          | 192.168.125.141 | Up About a minute | f379b1cd5a6b |     3.0.5         |
| rda_api_server           | 192.168.125.141 | Up About a minute | c6f0bb5d8a93 |     3.0.5         |
| rda_asm                  | 192.168.125.141 | Up About a minute | ff845c5e9298 |     3.0.5         |
| rda_asset_dependency     | 192.168.125.141 | Up About a minute | e7de8b4ad2f3 |     3.0.5         |
| rda_collector            | 192.168.125.141 | Up About a minute | 06aa08a80041 |     3.0.5         |
| rda_identity             | 192.168.125.141 | Up About a minute | 9c396d11d111 |     3.0.5         |
| rda_registry             | 192.168.125.141 | Up About a minute | 14be8c7db66c |     3.0.5         |
| rda_sched_admin          | 192.168.125.141 | Up About a minute | 7e254ab6f70f |     3.0.5         |
| rda_scheduler            | 192.168.125.141 | Up About a minute | a48e28b84512 |     3.0.5         |
+--------------------------+---------------+-------------------+--------------+---------------------+
1.3.4.3 Upgrade platform services

Run the below command to upgrade all RDAF core platform services to a newer version.

rdaf platform upgrade --tag 1.0.2

Below are the RDAF core platform services

  • cfx-rda-access-manager
  • cfx-rda-resource-manager
  • cfx-rda-user-preferences
  • portal-backend
  • portal-frontend
  • rda_api_server
  • rda_asm
  • rda_asset_dependency
  • rda_collector
  • rda_identity
  • rda_registry
  • rda_sched_admin
  • rda_scheduler

Run the below command to upgrade a specific RDAF core platform service to a newer version.

rdaf platform upgrade --service rda_collector --tag 3.0.5.1

Tip

Above shown tag version is a sample one and for a reference only, for actual newer versioned tag, please contact CloudFabrix support team at support@cloudfabrix.com

Danger

Please take full configuration and data backup of RDAF platform before any upgrade process. Upgrading RDAF core platform service or services is a disruptive operation which will impact all of the RDAF dependant services and causes a downtime. When RDAF platform is deployed in Production environment, please perform upgrade operation only during a scheduled downtime.

1.3.4.4 Start/Stop platform services

Run the below commands to start / stop all RDAF core platform services.

rdaf platform up
rdaf platform down

Run the below commands to start / stop a specific RDAF core platform service.

rdaf platform up --service rda_collector
rdaf platform down --service rda_collector

Danger

Stopping and Starting RDAF core platform service or services is a disruptive operation which will impact all of the RDAF dependant services and causes a downtime. When RDAF platform is deployed in Production environment, please perform these operations only during a scheduled downtime.

1.3.4.5 Reset password

Run the below command to reset the default user's admin@cfx.com password to factory default. i.e. admin1234 and will force the user to reset the default password to tenant admin user's choice.

rdaf platform reset-admin-user

Warning

Use above command option only in a scenario where tenant admin users are not able to access RDAF UI portal because of external IAM (identity and access management) tool such as Active Directory / LDAP / SSO is down or not accessible and default tenant admin user's password is forgotten or lost.

1.3.4.6 Generate SSL Certificates

Self-signed SSL certificates are used for RDAF infrastructure, core platform services and for RDAF CLI as well. This manual step is not usually needed as it will be run automatically during rdaf setup execution.

However, this command is useful to re-generate self-signed SSL certificates and overwrite existing ones if there is a need.

rdaf platform generate-certs --overwrite

After re-generating the SSL certificates, please restart RDAF infrastructure, core platform, application, worker and agent services.

Danger

Re-generating self-signed SSL certificates is a disruptive operation which will impact all of the RDAF dependant services and causes a downtime. When RDAF platform is deployed in Production environment, please perform these operations only during a scheduled downtime.

1.3.4.7 Add new service host

RDAF platform's application services can be distributed on multiple hosts to distributed the workload and to run them in high-availability mode.

After deploying initial RDAF platform's application services, if there is a need, using the below command, a new RDAF platform's application services host can be added to the configuration after which existing application services can be re-deployed to be run on this new host to distribute the workload.

rdaf platform add-service-host --ssh-password <SSH_PASSWORD> <ip-address-or-dns-name>

1.3.5 rdaf app

rdaf app command is used to deploy and manage RDAF application services. Run the below command to view available CLI options.

The supported application services are below.

  • OIA: Operations Intelligence and Analytics (Also known as AIOps)
  • AIA: Asset Intelligence and Analytics
usage: ('app',) [-h] [--debug] {} ...

Manage the RDAF Apps

positional arguments:
  {}             commands
    status       Status of the App
    up           Create the App serviceContainers
    down         Delete the App service Containers
    install      Install the App service containers
    upgrade      Upgrade the App service containers
    update-config
                 Updated configurations of one or more components

optional arguments:
  -h, --help     show this help message and exit
  --debug        Enable debug logs for the CLI operations
1.3.5.1 Install OIA/AIA services

rdaf app install command is used to deploy / install RDAF OIA/AIA application services. Run the below command to view the available CLI options.

usage: ('app',) install [-h] --tag TAG [--service SERVICES] {AIA,OIA}

positional arguments:
  {AIA,OIA}           Select the APP to act on

optional arguments:
  -h, --help          show this help message and exit
  --tag TAG           Tag to use for the docker images of the app components
  --service SERVICES  Restrict the scope of the command to specific service

Run the below command to deploy RDAF OIA / AIA application services. (Note: Below shown tag name is a sample one for a reference only, for actual tag, please contact CloudFabrix support team at support@cloudfabrix.com)

rdaf app install OIA --tag 3.0.5
1.3.5.2 Start/Stop app services

Run the below command to start / stop all RDAF application OIA services.

rdaf app up OIA
rdaf app down OIA

Run the below command to start / stop all RDAF application AIA services.

rdaf app up AIA
rdaf app down AIA

Run the below commands to start / stop a specific RDAF application OIA service.

rdaf app up OIA --service cfx-rda-alert-ingester
rdaf app down OIA --service cfx-rda-alert-ingester

Below are the RDAF OIA application services

  • all-alerts-cfx-rda-dataset-caas
  • cfx-rda-alert-ingester
  • cfx-rda-alert-processor
  • cfx-rda-app-builder
  • cfx-rda-app-controller
  • cfx-rda-collaboration
  • cfx-rda-configuration-service
  • cfx-rda-event-consumer
  • cfx-rda-file-browser
  • cfx-rda-ingestion-tracker
  • cfx-rda-irm-service
  • cfx-rda-ml-config
  • cfx-rda-notification-service
  • cfx-rda-reports-registry
  • cfx-rda-smtp-server
  • cfx-rda-webhook-server
  • current-alerts-cfx-rda-dataset-caas

Danger

Stopping and Starting RDAF application OIA / AIA service or services is a disruptive operation which will impact the availability of these application services. When RDAF platform is deployed in Production environment, please perform these operations only during a scheduled downtime.

1.3.5.3 Status check

Run the below command to see the status of all of the deployed RDAF application services.

rdaf app status
+------------------------------+-----------------+---------------+--------------+---------------------+
| Name                         | Host            | Status        | Container Id | Tag                 |
+------------------------------+-----------------+---------------+--------------+---------------------+
| all-alerts-cfx-rda-dataset-  | 192.168.125.146 | Up 17 seconds | 83ac2a138b83 |       3.0.5         |
| caas                         |                 |               |              |                     |
| cfx-rda-alert-ingester       | 192.168.125.146 | Up 16 seconds | 9fc56e92002d |       3.0.5         |
| cfx-rda-alert-processor      | 192.168.125.146 | Up 15 seconds | 9880d500527b |       3.0.5         |
| cfx-rda-app-builder          | 192.168.125.146 | Up 15 seconds | baa67fffafa7 |       3.0.5         |
| cfx-rda-app-controller       | 192.168.125.146 | Up 14 seconds | 2d0728cbdba7 |       3.0.5         |
| cfx-rda-collaboration        | 192.168.125.146 | Up 13 seconds | 4ba81174c926 |       3.0.5         |
| cfx-rda-configuration-       | 192.168.125.146 | Up 12 seconds | 33f1e3379a6c |       3.0.5         |
| service                      |                 |               |              |                     |
| cfx-rda-event-consumer       | 192.168.125.146 | Up 12 seconds | fa3e19f6f6b7 |       3.0.5         |
| cfx-rda-file-browser         | 192.168.125.146 | Up 11 seconds | 58cad20da8a5 |       3.0.5         |
| cfx-rda-ingestion-tracker    | 192.168.125.146 | Up 10 seconds | 9bab4b1b0be4 |       3.0.5         |
| cfx-rda-irm-service          | 192.168.125.146 | Up 10 seconds | c62128cc5e2d |       3.0.5         |
| cfx-rda-ml-config            | 192.168.125.146 | Up 9 seconds  | 3abf1f54ddd7 |       3.0.5         |
| cfx-rda-notification-service | 192.168.125.146 | Up 8 seconds  | db28a2065906 |       3.0.5         |
| cfx-rda-reports-registry     | 192.168.125.146 | Up 7 seconds  | 2c0586f91742 |       3.0.5         |
| cfx-rda-smtp-server          | 192.168.125.146 | Up 6 seconds  | 5847535b72bc |       3.0.5         |
| cfx-rda-webhook-server       | 192.168.125.146 | Up 5 seconds  | 69acfb72fdc3 |       3.0.5         |
| current-alerts-cfx-rda-      | 192.168.125.146 | Up 4 seconds  | de9e818435e3 |       3.0.5         |
| dataset-caas                 |                 |               |              |                     |
+------------------------------+-----------------+---------------+--------------+---------------------+
1.3.5.4 Upgrade app OIA/AIA services

Run the below command to upgrade all RDAF OIA / AIA application services to a newer version.

rdaf app upgrade OIA --tag 3.0.5.1
rdaf app upgrade AIA --tag 3.0.5.1

Below are the RDAF OIA application services

  • all-alerts-cfx-rda-dataset-caas
  • cfx-rda-alert-ingester
  • cfx-rda-alert-processor
  • cfx-rda-app-builder
  • cfx-rda-app-controller
  • cfx-rda-collaboration
  • cfx-rda-configuration-service
  • cfx-rda-event-consumer
  • cfx-rda-file-browser
  • cfx-rda-ingestion-tracker
  • cfx-rda-irm-service
  • cfx-rda-ml-config
  • cfx-rda-notification-service
  • cfx-rda-reports-registry
  • cfx-rda-smtp-server
  • cfx-rda-webhook-server
  • current-alerts-cfx-rda-dataset-caas

Run the below command to upgrade a specific RDAF OIA application service to a newer version.

rdaf app upgrade OIA --service cfx-rda-webhook-server --tag 3.0.5.1

Tip

Above shown tag version is a sample one and for a reference only, for actual newer versioned tag, please contact CloudFabrix support team at support@cloudfabrix.com

Danger

Please take full configuration and data backup of RDAF platform before any upgrade process. Upgrading RDAF OIA / AIA application service or services is a disruptive operation which will impact the availability of these services. When RDAF platform is deployed in Production environment, please perform upgrade operation only during a scheduled downtime.

1.3.5.5 Update HAProxy configuration

Run the below command to update the necessary HAProxy load-balancer configuration for RDAF OIA / AIA application services.

rdaf app update-config OIA
rdaf app update-config AIA

After deploying the RDAF OIA application services, it is mandatory to run the rdaf app update-config which will apply and restart the HAProxy load-balancer service automatically.

1.3.6 rdaf worker

rdaf worker command is used to deploy and manage RDAF worker services. Run the below command to view available CLI options.

usage: worker [-h] [--debug] {} ...

Manage the RDAF Worker

positional arguments:
  {}               commands
    add-worker-host
                   Add extra worker vm
    status         Status of the RDAF Worker
    up             Create the RDAF Worker Containers
    down           Delete the RDAF Worker Containers
    install        Install the RDAF Worker containers
    upgrade        Upgrade the RDAF Worker containers

optional arguments:
  -h, --help       show this help message and exit
  --debug          Enable debug logs for the CLI operations
1.3.6.1 Install worker service(s)

rdaf worker install command is used to deploy / install RDAF worker services. Run the below command to view the available CLI options.

usage: worker install [-h] --tag TAG

optional arguments:
  -h, --help  show this help message and exit
  --tag TAG   Tag to use for the docker images of the worker components

Run the below command to deploy all RDAF worker services. (Note: Below shown tag name is a sample one for a reference only, for actual tag, please contact CloudFabrix support team at support@cloudfabrix.com)

rdaf worker install --tag 3.0.5
1.3.6.2 Status check

Run the below command to see the status of all of the deployed RDAF worker services.

rdaf worker status
+------------+-----------------+---------------+--------------+---------------------+
| Name       | Host            | Status        | Container Id | Tag                 |
+------------+-----------------+---------------+--------------+---------------------+
| rda_worker | 192.168.125.149 | Up 18 seconds | 29cdeefd9d95 |       3.0.5         |
+------------+-----------------+---------------+--------------+---------------------+
1.3.6.3 Upgrade worker services

Run the below command to upgrade all RDAF worker service(s) to a newer version.

rdaf worker upgrade --tag 3.0.5.1

Tip

Above shown tag version is a sample one and for a reference only, for actual newer versioned tag, please contact CloudFabrix support team at support@cloudfabrix.com

Danger

Upgrading RDAF worker service or services is a disruptive operation which will impact all of the worker jobs. When RDAF platform is deployed in Production environment, please perform upgrade operation only during a scheduled downtime.

1.3.6.4 Start/Stop worker services

Run the below commands to start / stop all RDAF worker services.

rdaf worker up
rdaf worker down

Danger

Stopping and Starting RDAF worker service(s) is a disruptive operation which will impact all of the worker jobs. When RDAF platform is deployed in Production environment, please perform these operations only during a scheduled downtime.

1.3.6.5 Add new worker host

RDAF platform's worker services can be distributed on multiple hosts to distributed the workload.

After deploying initial RDAF platform's worker services, if there is a need, using the below command, a new RDAF platform's worker host can be added to the configuration after which new jobs can be run on this new worker host to distribute the workload.

rdaf worker add-worker-host --ssh-password <SSH_PASSWORD> <ip-address-or-dns-name>

1.3.7 rdaf prune_images

After upgrading the RDAF infrastructure, core platform, application and worker services, run the below command to clean up the un-used docker images. This command helps to clean up and free the disk space on /var/lib/docker mount point.

rdaf prune_images

1.3.8 rdaf validate

rdaf validate command helps to verify or validate the below two configurations.

  • values-yaml: values.yml is a configuration file which allows the user to modify RDAF service's parameter(s) based on the deployment requirements. This file resides under /opt/rdaf/deployment-scripts directory on RDAF platform VM on which rdaf setup was run.
rdaf validate values-yaml
  • configs: This command option verifies some of the pre-requisites on all RDAF hosts.

Below are the checks it performs.

  • SSH access and port check
  • Docker is installed or not
  • Docker-Compose is installed or not
  • Firewall ports are opened or not for RDAF services
rdaf validate configs
2022-09-06 00:30:40,660 [rdaf.cmd.validate] INFO     - checking connection for the host 192.168.125.146
2022-09-06 00:30:40,701 [rdaf.cmd.validate] INFO     - ssh check for host 192.168.125.146 successful
2022-09-06 00:30:40,701 [rdaf.cmd.validate] INFO     - checking connection for the host 192.168.125.143
2022-09-06 00:30:40,791 [rdaf.cmd.validate] INFO     - ssh check for host 192.168.125.143 successful
2022-09-06 00:30:40,792 [rdaf.cmd.validate] INFO     - checking connection for the host 192.168.125.149
....
2022-09-06 00:30:40,949 [rdaf.cmd.validate] INFO     - ssh check for host 192.168.125.144 successful
2022-09-06 00:30:41,112 [rdaf.cmd.validate] INFO     - Docker is installed on host 192.168.125.146
2022-09-06 00:30:41,317 [rdaf.cmd.validate] INFO     - Docker is installed on host 192.168.125.143
....
2022-09-06 00:30:42,036 [rdaf.cmd.validate] INFO     - Docker-compose is installed on host 192.168.125.146
2022-09-06 00:30:42,189 [rdaf.cmd.validate] INFO     - Docker-compose is installed on host 192.168.125.143
....
2022-09-06 00:30:42,899 [rdaf.cmd.validate] INFO     - port is open 7222 on host 192.168.125.143 of component haproxy
2022-09-06 00:30:42,900 [rdaf.cmd.validate] INFO     - port is open 9443 on host 192.168.125.143 of component haproxy
2022-09-06 00:30:42,900 [rdaf.cmd.validate] INFO     - port is open 3307 on host 192.168.125.143 of component haproxy
....
2022-09-06 00:30:43,134 [rdaf.cmd.validate] INFO     - port is open 8808 on host 192.168.125.144 of component haproxy
2022-09-06 00:30:43,364 [rdaf.cmd.validate] INFO     - port is open 4222 on host 192.168.125.143 of component nats
....
2022-09-06 00:30:47,060 [rdaf.cmd.validate] INFO     - port is open 9093 on host 192.168.125.144 of component kafka
2022-09-06 00:30:47,264 [rdaf.cmd.validate] INFO     - port is open 9092 on host 192.168.125.145 of component kafka
2022-09-06 00:30:47,264 [rdaf.cmd.validate] INFO     - port is open 9093 on host 192.168.125.145 of component kafka
2022-09-06 00:30:47,521 [rdaf.cmd.validate] INFO     - port is open 6379 on host 192.168.125.143 of component redis
2022-09-06 00:30:47,763 [rdaf.cmd.validate] INFO     - port is open 6379 on host 192.168.125.144 of component redis
2022-09-06 00:30:47,974 [rdaf.cmd.validate] INFO     - port is open 6379 on host 192.168.125.145 of component redis
2022-09-06 00:30:48,222 [rdaf.cmd.validate] INFO     - port is open 26379 on host 192.168.125.143 of component redis-sentinel
2022-09-06 00:30:48,456 [rdaf.cmd.validate] INFO     - port is open 26379 on host 192.168.125.144 of component redis-sentinel
2022-09-06 00:30:48,668 [rdaf.cmd.validate] INFO     - port is open 26379 on host 192.168.125.145 of component redis-sentinel

1.3.9 rdaf reset

rdaf reset command allows the user to reset the RDAF platform configuration by performing the below operations.

  • Stop RDAF application, worker, platform & infrastructure services
  • Delete RDAF application, worker, platform & infrastructure services and its data
  • Delete all Docker images and volumes RDAF application, worker, platform & infrastructure services
  • Delete RDAF platform configuration

Danger

rdaf reset command is a disruptive operation as it clears entire RDAF platform footprint. It's primary purpose is to use only in Demo or POC environments ("NOT" in Production) where it requires to re-install entire RDAF platform from scratch.