UDS Enterprise Configuring UDS Enterprise in HA

Similar documents
Launching Xacta 360 Marketplace AMI Guide June 2017

DELL EMC VxRAIL vcenter SERVER PLANNING GUIDE

VMware AirWatch Certificate Authentication for Cisco IPSec VPN

CNS-222-1I: NetScaler for Apps and Desktops

(CNS-220) Citrix NetScaler Essentials and Traffic Management

Enterprise Installation

Packet Tracer - Configuring a Zone-Based Policy Firewall (ZPF)

Overview. Recommended pre-requisite courses: Key Skills. : CNS-220-1I: Citrix NetScaler Traffic Management

App Orchestration 2.6

Pexip Infinity Secure Mode Deployment Guide

Dolby Conference Phone Support Frequently Asked Questions

Stoneware Inc. Citrix NFuse Configuration. Stoneware, Inc. Configuration Sheet Date: January 2005

Planning, installing, and configuring IBM CMIS for Content Manager OnDemand

CaseWare Working Papers. Data Store user guide

NiceLabel LMS. Installation Guide for Single Server Deployment. Rev-1702 NiceLabel

Campuses that access the SFS nvision Windows-based client need to allow outbound traffic to:

DIVAR IP 3000 Field Installation Guide

Release Notes. Dell SonicWALL Security firmware is supported on the following appliances: Dell SonicWALL Security 200

Troubleshooting Citrix- Published Resources Configuration in VMware Identity Manager

CounterSnipe Software Installation Guide Software Version 10.x.x. Initial Set-up- Note: An internet connection is required for installation.

CXD Citrix XenDesktop 5 Administration

SMART Room System for Microsoft Lync. Software configuration guide

SafeDispatch SDR Gateway for MOTOROLA TETRA

Date: October User guide. Integration through ONVIF driver. Partner Self-test. Prepared By: Devices & Integrations Team, Milestone Systems

Admin Report Kit for Exchange Server

CROWNPEAK DESKTOP CONNECTION (CDC) INSTALLATION GUIDE VERSION 2.0

Secure File Transfer Protocol (SFTP) Interface for Data Intake User Guide

Establishing two-factor authentication with FortiGate and HOTPin authentication server from Celestix Networks

Frequently Asked Questions

AvePoint Discovery Tool 3.5. User Guide

CommandCenter Secure Gateway Release Virtual CC

Configure Data Source for Automatic Import from CMDB

SASAC v1.0 Implementing Core Cisco ASA Security Cisco Training

Knowledge Exchange (KE) System Cyber Security Plan

Avigilon Control Center Virtual Matrix User Guide. Version 6.8

These tasks can now be performed by a special program called FTP clients.

iallworx User s Guide

1 Getting and Extracting the Upgrader

Packet Tracer - Skills Integration Challenge Topology

EVALUATION GUIDE - OCTOBER 2018 VMWARE CLOUD ON AWS. Evaluation Guide

Repstor custodian. On Premise Pre-Requisites. Document Version 1.1 January 2017

This document describes new features and resolved issues for Intelligent Scene Analysis System

Installing Photran with Eclipse (MinGW or Cygwin)

CNS-220-1I: Citrix NetScaler Essentials and Traffic Management

Getting Started with the SDAccel Environment on Nimbix Cloud

BMC Remedyforce Integration with Remote Support

USER MANUAL. RoomWizard Administrative Console

DC Remote Control Installation and Configuration Guide. Version 1.2

Pexip Infinity Secure Mode Deployment Guide

Installing AX Server with PostgreSQL

IMC QoS Manager 7.3 (E0502) Copyright 2015, 2016 Hewlett Packard Enterprise Development LP

Avigilon Control Center Server User Guide. Version 6.4

User Guide. Avigilon Control Center Mobile Version 2.2 for Android

Bitnami LAMP for Huawei Enterprise Cloud

Gemini Intercom Quick Start Guide

This document lists hardware and software requirements for Connected Backup

Firmware Upgrade Wizard v A Technical Guide

Table of Contents. WipeDrive Enterprise Logging, March Logging Settings... 3 Log Format Types Audit Log Destination Options...

CCNA 1 v5.1 Practice Final Exam Answers %

Trimble Survey GNSS Firmware Version 4.81 (July 2013)

SAS Hot Fix Analysis, Download and Deployment Tool

TRAUMACAD 2.5 PREREQUISITES

Manual for installation and usage of the module Secure-Connect

Milestone XProtect. NVR Installer s Guide

The screenshots/advice are based on upgrading Controller 10.1 RTM to 10.1 IF6 on Win2003

Telkom VPN-Lite router setup User Manual Billion 800VGT

TPP: Date: October, 2012 Product: ShoreTel PathSolutions System version: ShoreTel 13.x

Telkom VPN-Lite router setup User Manual Billion 810VGTX

Technical Paper. Installing and Configuring SAS Environment Manager in a SAS Grid Environment

HPE LoadRunner Best Practices Series. LoadRunner Upgrade Best Practices

Kaltura MediaSpace TM Enterprise 2.0 Requirements and Installation

UPGRADING TO DISCOVERY 2005

USER GUIDE. Comtrade OMi Management Pack for Citrix

HPE AppPulse Mobile. Software Version: 2.1. IT Operations Management Integration Guide

VMware EVO:RAIL Customer Release Notes

Demand Forecasting. For. Microsoft Dynamics 365 for Operations. Technical Guide. Release 7.1. December 2017

Configuring the McAfee Windows Event Collector Management Utility *Also can provide client transmission of other non-windows log files*

File Share Navigator Online

Stealing passwords via browser refresh

Pexip Infinity Secure Mode. Deployment Guide

CCNA Security v2.0 Chapter 3 Exam Answers

Welcome to Remote Access Services (RAS) Virtual Desktop vs Extended Network. General

Please contact technical support if you have questions about the directory that your organization uses for user management.

OO Shell for Authoring (OOSHA) User Guide

BMC Remedyforce Integration with Bomgar Remote Support

Cisco Nexus Data Broker Embedded: Implementation Quick- Start Guide

Exercise 1: Deploying Windows Server 2012

TDR and Trend Micro. Integration Guide

EView/400i Management Pack for Systems Center Operations Manager (SCOM)

Install and Configure Guide Version 4.3

Virtual Server Protection (VSP)

Cisco Smart Software Manager satellite

CXA-206-1I Citrix XenApp 6.5 Administration

CCNA 1 Chapter v5.1 Answers 100%

Connect+/SendPro P Series Networking Technical Specification

Cisco Tetration Analytics, Release , Release Notes

Avigilon Control Center Server User Guide. Version 6.8

ABELDent Platform Setup Conventions

istartsmart 3.5 Upgrade - Installation Instructions

How to Guide. DocAve Extender for MOSS 2007 and SPS Installing DocAve Extender and Configuring a Basic SharePoint to Cloud Extension

Transcription:

Intrductin The cmpnents f UDS Enterprise (UDS Server and UDS Tunneler) can be cnfigured in high availability (HA) s that in case f drp any f these items, either due t a failure f the hypervisr that hsts r failure f the Virtual Appliance itself, a user r administratr des nt lse access t the system. UDS Enterprise HA can be cnfigured using any lad balancer that supprts TCP and HTTP mdes. This dcument is an example cnfiguratin using the HAPrxy sftware. Necessary elements Fr a successful deplyment f high-availability in UDS Enterprise, the fllwing items are needed: Server HAPrxy Server in charge f prviding users with access t several UDS Enterprise servers. Access will be in mde active - active. In this example a single HAPrxy server is cnfigured in standalne mde, but fr prductin deplyments it is recmmended t have multiple HAPrxy servers. MySQL Server Database server where UDS server keeps all yur recrds. In this example a single MySQL server is cnfigured, but fr prductin deplyments it is recmmended t have multiple MySQL servers in the cluster. UDS Server (brker) The main element f UDS Enterprise sftware. It supprts HA cnfiguratin f versin 1.9.1. Yu will need t deply at least tw UDS servers. Tunel UDS Server The element that prvides access t users frm a WAN t virtual desktps and applicatins, and HTML5 access t virtual desktps. Yu will need t deply at least tw Tunel UDS servers. Page 1 f 17

Requirements In this HA UDS Enterprise cnfiguratin example there have been used the fllwing resurces: HAPrxy: S.O. and resurces: Linux Server Debian 8.4.0 x64 with 1 GB f RAM, 15 GB f disk, 1 NIC IP Data: 1 IP address, netwrk mask, Gateway and DNS Internet access Certificate: It is necessary t have r generate a valid certificate in PEM frmat fr SSL cnnectins MySQL: Virtual Appliance UDS_MySQL (prvided by VirtualCable): 1 GB f vram, 8 GB f disk, 1 vnic IP Data: 1 IP Address, netwrk mask, Gateway and DNS DB Data: DB Instance, username and passwrd (by default, instance: uds, username: uds, passwrd: uds) UDS Server (brker): Virtual Appliance UDS_Server (prvided by VirtualCable): 1 GB f vram, 5 GB f disk, 1 vnic IP Data: 1 IP Address, netwrk mask, Gateway and DNS Valid serial number fr UDS Enterprie versin MySQL DB Cnnectin Data: IP Address, DB Instance, username and passwrd UDS Tunnel Server: Virtual Appliance UDS_Tunel (prvided by VirtualCable): 1 GB f vram, 5 GB f disk, 1 vnic IP Data: 1 IP address, netwrk mask, Gateway and DNS HAPrxy Service IP Address Page 2 f 17

Cnfiguratin 1. HAPrxy We wuld install a Linux Debian 8.4.0 x64 server with the fllwing cnfiguratin: Step 1 Machine name: HAPrxy IP: 192.168.11.100 Resurces: 1 vcpu, 1 GB f RAM, 15 GB f disk y 1 vnic (with internet access) Befre installing HAPrxy it is necessary t have a certificate (in.pem frmat) fr SSL cnnectins. If yu dn t have a ready ne yu can autgenerate it in the fllwing way: penssl req -x509 -ndes -days 3650 -newkey rsa:2048 -keyut /rt/ssl.key -ut /rt/ssl.crt Yu will be prmpted t prvide a set f data t cmplete the certificate: Page 3 f 17

Once created, yu will have t create the file.pem cat /rt/ssl.crt /rt/ssl.key > /etc/ssl/private/haprxy.pem Step 2 Yu wuld install HAPrxy sftware: apt-get install haprxy Page 4 f 17

Step 3 Edit HAPrxy cnfiguratin file: /etc/haprxy/haprxy.cfg Add redirectin rules t the end f the file: Page 5 f 17

Example f haprxy.cfg cntent: glbal lg /dev/lg lcal0 lg /dev/lg lcal1 ntice chrt /var/lib/haprxy stats scket /run/haprxy/admin.sck mde 660 level admin stats timeut 30s maxcnn 2000 user haprxy grup haprxy daemn # Default SSL material lcatins ca-base /etc/ssl/certs crt-base /etc/ssl/private # Default ciphers t use n SSL-enabled listening sckets. # Fr mre infrmatin, see ciphers(1ssl). This list is frm: # https://hynek.me/articles/hardening-yur-web-servers-ssl-ciphers/ ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA +A$ ssl-default-bind-ptins n-sslv3 defaults lg glbal mde http ptin httplg ptin dntlgnull ptin frwardfr retries 3 ptin redispatch stats enable stats uri /haprxystats stats realm Strictly\ Private stats auth admin:tempral stats auth user:tempral timeut cnnect 5000 timeut client 50000 timeut server 50000 errrfile 400 /etc/haprxy/errrs/400.http errrfile 403 /etc/haprxy/errrs/403.http errrfile 408 /etc/haprxy/errrs/408.http errrfile 500 /etc/haprxy/errrs/500.http errrfile 502 /etc/haprxy/errrs/502.http errrfile 503 /etc/haprxy/errrs/503.http errrfile 504 /etc/haprxy/errrs/504.http frntend http-in bind *:80 mde http reqadd X-Frwarded-Prt:\ http default_backend uds-backend frntend https-in bind *:443 ssl crt /etc/ssl/private/haprxy.pem mde http reqadd X-Frwarded-Prt:\ https default_backend uds-backend frntend tunnel-in bind *:1443 mde tcp ptin tcplg default_backend tunnel-backend-ssl frntend tunnel-in-guacamle bind *:10443 mde tcp # HTML5 Page 6 f 17

ptin tcplg default_backend tunnel-backend-guacamle backend uds-backend # redirect scheme https if!{ ssl_fc } #redirect http t https balance surce ptin httpclse server uds1 192.168.11.102:80 check server uds2 192.168.11.103:80 check backend tunnel-backend-ssl mde tcp ptin tcplg balance surce server udsts1 192.168.11.104:443 check server udsts2 192.168.11.105:443 check backend tunnel-backend-guacamle mde tcp ptin tcplg balance surce server udstg1 192.168.11.104:10443 check server udstg2 192.168.11.105:10443 check Step 4 Start service haprxy and test it s in executin: service haprxy restart service haprxy status Make sure the service autstarts with the server. Page 7 f 17

2. MySQL Installatin f Virtual Appliance MySQL prvided by VirtualCable with the fllwing cnfiguratin: Step 1 Machine name: mysql IP: 192.168.11.101 Resurces: 1 vcpu, 1 GB f RAM, 8 GB f disk and 1 vnic Cnfigure a static IP: Step 2 Test cnnectivity with HAPrxy Server: Page 8 f 17

3. UDS Server (Brker) Install tw Virtual Appliances UDS Server (brker) prvided by VirtualCable fllwing this cnfiguratin: Step 1 Machines name: UDSServer01 and UDSServer02 IP: 192.168.11.102 (UDSServer01) and 192.168.11.103 (UDSServer02) Resurces: 2 vcpu, 1 GB f RAM, 5 GB f disk and 1 vnic (fr each Virtual Apliance UDS Server) Prvide a valid Serial Number f UDS Enterprise: Step 2 Intrduce cnfiguratin data f the Virtual Appliance: Page 9 f 17

Step 3 Cnfigure MySQL DB access data: Step 4 Cmplete access data f the administratr user f UDS platfrm by prviding username and passwrd f superuser f the virtual appliance UDS Server: Page 10 f 17

Step 5 Test and finalize the cnfiguratin f the Virtual Appliance: This is t be repeated fr the secnd UDS Server (UDSServer02) except fr IP field where yu shuld prvide IP f the secnd server. Page 11 f 17

4. UDS Tunnel Install tw Virtual Appliances UDS Tunnel, prvided by VirtualCable, with the fllwing cnfiguratin: Step 1 Machine names: UDSTunel01 and UDSTunel02 IP: 192.168.11.104 (UDSTunel01) and 192.168.11.105 (UDSTunel02) Resurces: 2 vcpu, 1 GB f RAM, 5 GB f disk and 1 vnic (fr each Virtual Appliance UDS Tunnel) Intrduce cnfiguratin data f the Virtual Appliance: Step 2 Prvide the IP f UDS Server, which in a High Availabality cnfiguratin, is the IP f HAPrxy Server: Page 12 f 17

Step 3 Define the rt user passwrd f the Virtual Appliance UDS Tunnel: Step 4 Test all data and finalize the cnfiguratin f the Virtual Appliance: This is t be repeated fr the secnd UDS Tunnel (UDSTunel02) except fr IP field where yu shuld prvide IP f the secnd server. Page 13 f 17

UDS Enterprise Web Access Once all the elements are cnfigured, yu can have access t UDS Enterprise lgin windw using the IP f HAPrxy Server: Access users will be autmatically balanced acrss the tw UDS servers, and if ne f them drps all requests will be redirected t the active server. When a user accesses a desktp r virtual applicatin thrugh the cmpnent UDS Tunnel, cnnectins will be divided between the tw servers, and if the active server t which the user is cnnected drps, the cnnectin is cut. But t perfrm new access t the service he will be cnnected thrugh anther tunnel active server. Page 14 f 17

UDS Enterprise Advanced Parameters When cnfiguring UDS Enterprise fr the access t be made thrugh a lad balancer, the system will detect the IP address f the client as Balancer IP: This can cause prblems when using an IP authenticatr r detecting netwrk cnfiguratins f transprt thrugh netwrk filter. T slve this prblem, we must tell the system that the UDS servers are behind a prxy by enabling the ptin "Behind a prxy" lcated in the sectin: Tls - Cnfiguratin - Security Page 15 f 17

Once this ptin is enabled, test if the detectin f client IP is perfrmed crrectly: Page 16 f 17

Supprt and Prfessinal Services VirtualCable markets UDS Enterprise thrugh a subscriptin mdel, including supprt and updates, as the number f users. In additin, VirtualCable prvides prfessinal services t install and cnfigure UDS Enterprise and ther virtualizatin technlgies. Fr mre infrmatin, visit r email us at inf@udsenterprise.cm Page 17 f 17

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback