Navigation :

GUI Node Installation

Overall Installation Steps

The high-level steps for installing and configuring the N2SNS administrative GUI are:

Ensure the installation pre-requisites are met.
Install the GUI package.
Perform any required post-installation steps.
Update the administrative GUI configuration as desired.
Optionally, apply the recommended Apache security configuration.

Installation Pre-requisites

OS-specific Setup

Refer to the specific Red Hat or Debian instructions for any pre-requisites as required.

Apache 2

Apache 2 must be installed prior to installing the N2SNS GUI package. The package to install will depend on your OS type:

RHEL 8	Other RPM-based Systems	DEB-based Systems
`sudo dnf install httpd`	`sudo yum install httpd`	`sudo apt-get install apache2`

The N2SNS GUI package expects that the relevant Apache 2 configuration directory exists. Again, this varies depending on your OS type:

RPM-based Systems	DEB-based Systems
`/etc/httpd`	`/etc/apache2`

Finally, the apachectl program must exist (it is installed as part of the Apache 2 package) and Apache must be running.

Installation Steps

Follow the appropriate installation steps depending on your installation sources.

From N-Squared Repository

Execute the instructions specific to your operating system:

RHEL 8	Other RPM-based Systems	DEB-based Systems
`sudo dnf install n2sns-gui`	`sudo yum install n2sns-gui`	`sudo apt-get install n2sns-gui`

Post-Installation Steps

Default Application

After installation, there is no default behaviour for Apache to automatically navigate to an N2SNS application when a site root request is received. It is recommended that the administrative GUI be chosen as the default application to route to if no other selection is made. Follow the instructions in the appropriate section below to achieve this.

Administrative GUI As Default

To set the administrative GUI as the default application, edit the appropriate file for your OS type:

RPM-based Systems	DEB-based Systems
`/etc/httpd/n2sns.conf`	`/etc/apache2/n2sns.conf`

Add the following line to the top of the file:

RedirectMatch ^/$ /n2sns/

Restart Apache to apply the change:

apachectl restart

Apache Configuration

To update the Apache configuration for the N2SNS administrative GUI, edit the following file:

RPM-based Systems	DEB-based Systems
`/etc/httpd/conf.d/n2sns.conf`	`/etc/apache2/conf-enabled/n2sns.conf`

In the file, update the value REPLACE_WITH_API_ADDRESS to the API instance or loadshare proxy destination as required in the below lines:

# Proxy keepalive requests.
ProxyPass        /n2sns-api/keepalive            http://REPLACE_WITH_API_ADDRESS/jarvis-agent/n2sns-api/__status
ProxyPassReverse /n2sns-api/keepalive            http://REPLACE_WITH_API_ADDRESS/jarvis-agent/n2sns-api/__status

# Proxy application Jarvis requests.
ProxyPass        /n2sns-api/jarvis-agent         http://REPLACE_WITH_API_ADDRESS/jarvis-agent
ProxyPassReverse /n2sns-api/jarvis-agent         http://REPLACE_WITH_API_ADDRESS/jarvis-agent

# Proxy management Jarvis requests if required.
#ProxyPass        /jarvis-agent                    http://REPLACE_WITH_API_ADDRESS/jarvis-agent
#ProxyPassReverse /jarvis-agent                    http://REPLACE_WITH_API_ADDRESS/jarvis-agent

If the GUI node is not on the same node as the API, uncomment the final two lines in the above section. These should remain commented for co-hosted installations of the GUI and API to avoid infinite looping.

Jarvis Configuration

If the N2SNS API is not co-located with the GUI node, in the file /usr/share/n2sns/gui/jarvis-proxy.json, locate the following section:

{
  "/jarvis-agent": {
    "target": "http://jarvis-host/",
    "secure": false
  }
}

Update the value of the target parameter to match the N2SNS API address. Alternately, you may add an entry to the GUI node’s hosts file or DNS lookups to redirect jarvis-host to the API as desired.

Firewall

The firewall (if any) on the GUI node must be updated to allow:

Inbound user requests on the listening Apache port(s).
Outbound API requests to the API node(s).

The exact commands to do this will depend both on the firewall on your platform and also which port(s) are in use. For example, to allow the default Apache ports when using firewalld, the commands might be:

firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent
service firewalld restart

SELinux

If SELinux is in use, Apache must be allowed to read and execute back-end code and initiate proxy connections. To enable this, execute:

sudo setsebool -P httpd_can_network_connect 1
sudo setsebool -P httpd_read_user_content 1