Installing the Cloud Discovery & Visibility image - Adaptive Applications - BlueCat Gateway - 22.1.1

Cloud Discovery & Visibility Administration Guide
Locale
English
Product name
BlueCat Gateway
Version
22.1.1
Before you begin, you must download the latest custom BlueCat Gateway image that contains the Cloud Discovery & Visibility workflow.
Prerequisites:
  • You must have at least 2 CPUs and 8GB of RAM allocated to the host machine that will be running the BlueCat Gateway instance.
  • You must have Docker installed on the host machine that will be running the BlueCat Gateway instance. For more information, refer to the 'Requirements' section of the BlueCat Gateway Installation Guide.
  • You must have an Address Manager server configured with the BlueCatGateway UDF and a BlueCat Gateway user. For more information, refer to the 'Configuring BlueCat Gateway' section of the BlueCat Gateway Installation Guide.
  • You must have purchased the Cloud Discovery & Visibility Adaptive Application from BlueCat.
  • You must have a Quay account that has been granted read access to the Cloud Discovery & Visibility private repository.

    For more information on setting up your Quay account, refer to the information that was provided when you purchased the Cloud Discovery & Visibility Adaptive Application from BlueCat.

  • You must have a Docker CLI password.

    You can create one by clicking Generate Encrypted Password under Docker CLI Password on the Account Settings page in Quay.

Before you begin:

When you first install the Cloud Discovery & Visibility Adaptive Application, BlueCat recommends performing the following:
  • Define a workspace:
    • A workspace is the logical location for you to place your workflows and associated data, including configurations, libraries, requirements, permissions, and customizations; a workspace can be a Docker volume (recommended) or a volume on your local machine. For more information, refer to the Workspace section in the BlueCat Gateway Administration Guide.
  • Define a logs directory:
    • A logs directory can be a Docker volume (recommended) or a volume on your local machine
Tip: BlueCat advises all customers to map Docker volumes for their respective workspace and logs directory to save data from the Cloud Discovery & Visibility Adaptive Application. Volumes are completely managed by Docker and you do not need to set permissions manually when using Docker volumes. This is also the recommended practice for Docker containers. However, if you prefer to mount data and log volumes to your local machine, you must manually set rwx (read, write, execute) permissions to those directories before running the container. If you do not map data or log volumes to your local machine during installation, the Cloud Discovery & Visibility Adaptive Application will write all the data to the container by default. If you then stop or restart the container, all this data will be lost.
To set permissions to external volumes, run the following command:
chmod -R o=rwx <mapped volume>
Note:
  • You can name the workspace and logs directory to anything.
  • The Cloud Discovery & Visibility Adaptive Application saves configuration and workflow data to the workspace, and all execution and session logs to the mapped logs directory. If you do not map a workspace or a logs directory, all the configuration and logging data is written to the container by default.
To install the Cloud Discovery & Visibility image:
  1. From the host machine, run the following command:
    docker login quay.io
  2. At the prompt, enter your Quay user name and password obtained when generating the encrypted password.
  3. Download the Cloud Discovery & Visibility Adaptive Application from Quay using the following command:
    docker pull quay.io/bluecat/cloud_discovery_visibility:22.1.1
  4. Start the custom Gateway image using the following command:
    docker run -d \
-p 80:8000 \
-p 443:44300 \
-v <path_to_mapped_log_directory>:/logs/ \
-v <path_to_mapped_data_directory>:/data/ \
-e BAM_IP=<your_bam_ip_address> \
--name <gateway_container_name> \
quay.io/bluecat/cloud_discovery_visibility:22.1.1
    If you are configuring the image with a proxy, start the custom Gateway image using the following command:
    docker run -d \
-p 80:8000 \
-p 443:44300 \
-v <path_to_mapped_log_directory>:/logs/ \
-v <path_to_mapped_data_directory>:/data/ \
-e BAM_IP=<your_bam_ip_address> \
--env HTTP_PROXY=<your_proxy_address> \
--env HTTPS_PROXY=<your_proxy_address> \
--name <gateway_container_name> \
quay.io/bluecat/cloud_discovery_visibility:22.1.1
    If you are using Cloud Discovery & Visibility with custom certificates, you must store the certificate files locally within a <local_directory>/certificates/server folder and map that location to the /bluecat_gateway/certificates/server directory of the container to ensure that the certificates persist with the Cloud Discovery & Visibility container. You can define custom certificates to be used with the container using the following command:
    docker run -d \
-p 80:8000 \
-p 443:44300 \
-v <path_to_mapped_log_directory>:/logs/ \
-v <path_to_mapped_data_directory>:/data/ \
-v <local_directory>/certificates/server:/bluecat_gateway/certificates/server/ \
-e BAM_IP=<your_bam_ip_address> \
--name <gateway_container_name> \
quay.io/bluecat/cloud_discovery_visibility:22.1.1
    Attention: Your proxy configuration must allow access to the following sites as applicable:
    AWS
    • .amazonaws.com
    GCP
    • .googleapis.com
    • www.gstatic.com
    Azure
    • .microsoftonline.com
    • .azure.com
    • .microsoft.com
    • .servicebus.windows.net

Configuring Cloud Discovery & Visibility with persistence storage

Starting in Cloud Discovery & Visibility v22.1, you can configure visibility jobs to use persistence storage to ensure that in the instance of a container shutdown, the visibility jobs are not lost and can be restarted once the container is restarted.

To configure the Cloud Discovery & Visibility image with persistence storage:
  1. Create a docker volume using the following command:
    docker volume create <volume-name>
    Note: The persistence volume can only be used when starting a new container.
  2. Run a new container with the volume created using the following command:
    docker run -d \
-p 80:8000 \
-p 443:44300 \
-v <volume-name>:/var/lib/postgresql/ \
-e BAM_IP=<your_bam_ip_address> \
--name <gateway_container_name> \
quay.io/bluecat/cloud_discovery_visibility:22.1.1
Attention: When installing a Cloud Discovery & Visibility image with persistence storage, the Override Configuration and Remove Deleted Resources options are enabled when restarting visibility jobs.