Before you begin, you must download the latest custom BlueCat Gateway image that contains the BlueCat Cisco ACI workflow.
Prerequisites:
-
You must have at least 2 CPUs and 8GB of RAM allocated to the host machine that will be running the BlueCat Gateway instance.
-
You must have Docker installed on the host machine that will be running the BlueCat Gateway instance. For more information, refer to the 'Requirements' section of the BlueCat Gateway Installation Guide.
-
You must have an Address Manager server configured with the BlueCatGateway UDF and a BlueCat Gateway user. For more information, refer to the 'Configuring BlueCat Gateway' section of the BlueCat Gateway Installation Guide.
-
You must have a license for the BlueCat Cisco ACI Adaptive Application from BlueCat.
-
You must have a Quay account that has been granted read access to the BlueCat Cisco ACI private repository.
For more information on setting up your Quay account, refer to the information that was provided when you purchased the BlueCat Cisco ACI Adaptive Application from BlueCat.
-
You must have a Docker CLI password.
You can create one by clicking Generate Encrypted Password under Docker CLI Password on the Account Settings page in Quay.
Defining the workspace and log directories
When you first install the BlueCat Cisco ACI Adaptive Application, BlueCat recommends setting up your workspace and logs directory right away:
-
Define a workspace:
-
A workspace is the logical location for workflows and associated data, including configurations, libraries, requirements, permissions, and customizations. A workspace can be a Docker volume (recommended), or a volume on your local machine. For more details, see the Workspace section in the BlueCat Gateway Administration Guide.
-
-
Define a logs directory:
-
A logs directory can be a Docker volume (recommended), or a volume on your local machine
-
Why map to Docker volumes? Volumes are completely managed by Docker, so you typically do not need to set permissions manually when using Docker volumes. This is also the recommended practice for Docker containers.
If you prefer to mount data and log volumes to your local machine, you must
manually set rwx
(read, write, execute) permissions to those
directories before running the container.
chmod -R o=rwx <mapped volume>
If you do not map data or log volumes to your local machine during installation, the BlueCat Cisco ACI Adaptive Application will write all the data to the container by default. If you then stop or restart the container, all this data will be lost.
-
You can name the workspace and logs directory to anything.
-
The BlueCat Cisco ACI Adaptive Application saves configuration and workflow data to the workspace, and all execution and session logs to the mapped logs directory. If you do not map a workspace or a logs directory, all the configuration and logging data is written to the container by default.
Installing the BlueCat Cisco ACI docker image
To install the BlueCat Cisco ACI image:
-
From the host machine, run the following command:
docker login quay.io
-
At the prompt, enter your Quay user name and password obtained when generating the encrypted password.
-
Download the BlueCat Cisco ACI Application from Quay using the following command:
docker pull quay.io/bluecat/cisco_aci:24.1
-
If you will be using custom certificates for BlueCat Cisco ACI, do the following:
Rename your
crt
andkey
files togateway.crt
andgateway.key
respectively.Copy them to the following locations relative to the custom workspace on the host machine as follows. (Create the
server
subdirectory if needed.):<Path to the custom workspace>/certificates/server/gateway.crt
<Path to the custom workspace>/certificates/server/gateway.key
Set read, write, and execute permissions on the custom workspace and logs folder. To do so, execute the following commands:
chmod -R o=rwx <Path to the custom workspace> chmod -R o=rwx <path to the mapped log directory>
-
Start the custom Gateway image using the following command:
docker run -d \ -p 80:8000 \ -p 443:44300 \ -v <Path to mapped log directory>:/logs/ \ -v <Path to mapped data directory>:/bluecat_gateway/ \ -e BAM_IP=<Your BAM's IP address> \ --name <Container name> \ quay.io/bluecat/cisco_aci:24.1
If you are configuring the image with a proxy, start the custom Gateway image using the following command:
docker run -d \ -p 80:8000 \ -p 443:44300 \ -v <Path to mapped log directory>:/logs/ \ -v <Path to mapped data directory>:/bluecat_gateway/ \ -e BAM_IP=<Your BAM's IP address> \ --env HTTP_PROXY=<Your proxy address> \ --env HTTPS_PROXY=<Your proxy address> \ --name <Container name> \ quay.io/bluecat/cisco_aci:24.1