Skip to content

Debian based setup

Requirements for Debian based Operation System (Debian, Ubuntu..).

Deployer node setup

Install packages

Execute the following packages installation: 

sudo apt install \
  unzip \
  curl \
  jq \
  sshpass

If jq is not found

jq is normally part of the standard system packages repository. If your local repository does not contain it, jq can be found in the punch packaging: 

sudo cp <deployer_package>/roles/jq/files/jq-linux64 /usr/bin/jq
Alternatively, you can download a copy of the binary (>=1.5) from jq github page, import it to your deployment environment and copy it on the deployment machine inside your /usr/bin, with 766 access mode.

In addition, if your ansible will use passwords for remote ssh connection to target machines during deployment, then you need to deploy sshpass package.

This is not needed if you will use keys for remote ssh connection of the deployer to target servers.

vim as an example text editor

In our documentation, we generally expect your platform to use vi or vim as a text editor. If you want to use vim, then install it using sudo apt install vim

Install Python 3.6.8

sudo apt install python3 python3-pip

Python 3.6.8 from source

If you do not have Python 3.6.8 in the official repository,
you can install Python 3.6.8 from source following this guide

Install Ansible 2.9.7

Install ansible: 

# ansible 2.9.7 
sudo pip3 install ansible==2.9.7

Or, if you do not have internet access or local pip repository : 

unzip punch-deployer-x.y.z.zip
cd archives
unzip ansible-2.9.7.zip
cd ansible-2.9.7
sudo ./install.sh

Specific features

Install Ceph 13.2.5

Deploying a ceph also requires having the OS of the deployer in Centos or RedHat.

If you plan to deploy a Ceph cluster you need additional steps.
the reason to install the Ceph packages on the deployer is because some of the deployment steps requires Ceph tools

Download the external archives and place it to the corresponding punch-deployer-<version>/archive directory.

Ceph archive naming is important, because the deployer will upload ceph archive to remote servers.

wget https://punchplatform.com/artefacts/ceph/ceph_13.2.5_deb.tgz -O punchplatform-[package]-[version]/archives/ceph_13.2.5.tgz

and install Ceph archives on your deployment server

cd punch-deployer-<version>/archives
tar -xvf ceph_13.2.5.tgz
sudo apt install -y ceph13.2.5/*

Environment setup

This section will update your PATH so as to have the punchplatform-deployer.sh available.

cd punch-deployer-<version>
echo "export PATH=`pwd`/bin:$PATH" >> ~/.bashrc
source ~/.bashrc

Configuration setup

Next, create your platform configuration directory.
This directory will hold the description of your target platform with the punchplatform.properties and the punchplatform-deployment.settings files.

Create configuration directory:

cd ~
mkdir pp-deployment-conf
cd pp-deployment-conf
echo "export PUNCHPLATFORM_CONF_DIR=`pwd`" >> ~/.bashrc

Create logs directory:

cd ~
mkdir pp-deployment-logs
cd pp-deployment-logs
echo "export PUNCHPLATFORM_LOG_DIR=`pwd`" >> ~/.bashrc

Then update your environment

source ~/.bashrc

Check it worked as expected. The result of the env command must look like: 

env | grep PUNCH
PUNCHPLATFORM_LOG_DIR=/home/vagrant/pp-deployment-logs
PUNCHPLATFORM_CONF_DIR=/home/vagrant/pp-deployment-conf

echo $PATH
PATH=/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/home/vagrant/bin:/data/deployer/punch-deployer-<version>/bin

Targeted nodes setup

Install Python 3.6 for Ubuntu 20 & Debian 10/11 only

Python3.6 is a Punch requirement for target nodes. Unfortunaly this package is not available by default on Ubuntu 20 & Debian 10/11

Therefore, before deploying you have to install it manually using this guide :

Python 3.6.8 from source

If you do not have Python 3.6.8 in the official repository,
you can install Python 3.6.8 from source following this guide

For others versions (i.e Ubuntu 18 & Debian 9), you do not have to install Python manually, the Punch deployer does it for you

Check Java OpenJDK version for SSL

The Punchplatform security features that concern SSL connexions require :

  • Java OpenJdk 8 version > 8u252

Check the latest OpenJDK version on your targeted system meets this requirement.

You do not have to check this requirement if your targeted OS is :

  • Ubuntu 18
  • Ubuntu 20

Specific features

Ceph specific requirements

You must prevent the updatedb process (standard on Debian-like distributions) to scan the whole system, especially to scan the Ceph data partition or the punchplatform partition. You can do that in several ways

Use the Ansible playbook provided in the official Punchplatform deployer to automatically patch the configuration file on multiple nodes.
This playbook is in updatedb_patch directory, at deployer root directory. Its use is documented on playbook itself.

# add your ceph nodes in the inventory
vim inventory_updatedb_patch.inv

# apply playbook (ssh access from deployer to all servers required)
ansible-playbook -i inventory_updatedb_patch.inv updatedb_patch.yml

Manual process

You can manually patch the /etc/updatedb.conf configuration file, adding /var/lib/ceph to PRUNEPATHS values on Ceph nodes.

You can manually patch the /etc/updatedb.conf configuration file, adding /data to to PRUNEPATHS values on all servers.

Example of a /etc/updatedb.conf must contains: PRUNEPATHS="/var/lib/ceph" "/data"

Note

Preventing updatedb to scan the whole system is necessary on a server exposing many files (typically the situation on a Ceph server), as the updatedb internal database can quickly and dramatically grow up.