Changes

Jump to: navigation, search

Provisioning Your Own SmartSimple Server

4,171 bytes added, 21:48, 8 September 2017
adding AWS example
Coming soon...
 
==Security==
 
Coming soon...
<!--Trend Micro Deep Security-->
==Disaster Recovery==
* Provision your own disaster recovery strategy entirely, e.g. just a daily image of your server volumes instead of a hot backup environment.
=Example Setup within Amazon Web ServicesThe following is an example of how to provision the base infrastructure necessary to host SmartSimple in an AWS environment. These instructions assume a setup from scratch, but if you already have existing AWS components that you wish to deploy your SmartSimple environment into then you may need to modify the instructions. Once complete you will need to contact SmartSimple in order to install the SmartSimple components. ==Prerequisites== * A registered Amazon Web Services account. ==Creating the Initial Infrastructure== <ol><li>Select a '''Region''' to operate in (e.g. US East (N. Virginia)).</li><li>Within the '''VPC''' (Virtual Private Cloud) service menu, create a '''VPC''' with default tenancy.</li><ol><li>Create a '''Subnet''' in the VPC and select an '''Availability Zone'''.</li><li>Create an '''Internet Gateway''' and attach it to the VPC.</li><li>Edit the '''Route Table''' associated to the VPC and add the following route:<br/>Destination: 0.0.0.0/0 Target: above Internet Gateway</li></ol> <li>Create '''Security Groups''' to define the network security.</li><ol><li>Create a '''Security Group''' for the Web layer. Configure inbound rules for ports 80 (HTTP) and 443 (HTTPS) to be open from all sources (0.0.0.0/0).</li><li>Create a '''SecurityGroup''' for SSH access. Configure inbound rules for port 22 (SSH) to be open from SmartSimple office environments (contact SmartSimple for a list of static IPs).</li><li>Create a '''Security Group''' for the Database layer. Configure inbound rules for port 3306 (MySQL) to be open from the above Web Security Group.</li></ol><li>Within the '''IAM''' service menu, create an '''Encryption Key'''. This will be used for volume encryption.</li><li>Within the '''EC2''' service menu, launch an '''EC2 Instance'''.</li><ol><li>From the '''AWS Marketplace''', select the CentOS 6 image 'CentOS 6 (x86_64) - with Updates HVM'.<li>Select an '''Instance Type''' of m4.xlarge.<li>Select the VPC and corresponding Subnet.<li>Create three storage '''Volumes''' and enable encryption on them using the above key. Set the volumes with the following details: {| class="wikitable"| Name| Type| Device| Size (GiB)|-| Root| Root| /dev/sda1| 10|-| SmartSimple| EBS| /dev/sdf| 1000|-| Ext| EBS| /dev/sdg| 30|}</li> <li>Encrypt the volumes with the above Encryption Key.</li><li>Associate the above Web and SSH Security Groups.</li></ol></ol> ===Optional RDS Deployment=== While the above steps are sufficient for a base SmartSimple environment, the following instructions are optional if you wish to provision a high availability clustered environment by adding an AWS Relational Database Service (RDS) instance.
Coming soon<ol><li>Within the '''RDS''' service menu, create a new '''DB Subnet Group''' and add '''Subnets''' for two different '''Availability Zones'''.</li><li>Create a new '''Parameter Group''' based off the default 'mariadb10.0'.Set the following parameters:<br/>connect_timeout = 60<!br/>interactive_timeout = 60<br/>log_bin_trust_function_creators = 1<br/>time_zone = ''your local timezone'' (e.g. 'US/Eastern')<br/>wait_timeout = 60</li><li>Launch a '''DB Instance'''.</li><ol><li>Select the MariaDB database engine (version 10.0.x).</li><li>Select an '''Instance Class''' of db.m4.large (if deploying RDS, the EC2 instance created above may be resized from m4.xlarge down to m4.large).</li><li>You may choose whether to enable '''Multi--Trend Micro Deep AZ Deployment''' or not.</li><li>Set '''Allocated Storage''' to 200GB.</li><li>Select the VPC, Subnet Group, Security--Group, and DB Parameter Group previously created.</li><li>Set '''Publicly Accessible''' to no, and '''Enable Encryption''' to yes and select the Encryption Key previously created.</li><li>You may set '''Auto Minor Version Upgrade''' to yes to allow for automatic updates.</li></ol></ol>
=Amazon Web Services Example Setup=Creating Additional Environments==
Coming soon.In order to create additional environments whether backups for disaster recovery, or for development and testing you can simply take snapshots of the EC2 and RDS instances and deploy new images.You may need to first create new VPC containers for these environments.
[[Category:Infrastructure]]
Smartstaff, administrator
687
edits

Navigation menu