Before you begin, you must download the latest GSS Adaptive Application from Quay.
Downloading and installing from Quay
- From the Linux console of a host machine with internet access, log in to
your Quay account using the following
docker login quay.io Username: <quay_username> Password: <quay_password>
- From the Linux console of a host machine with internet access, pull the
latest GSS Adaptive Application image using the following
docker pull quay.io/bluecat/gss:latest
- If a different server will be running the BlueCat Gateway instance, use the
following command to export the GSS Adaptive Application file. Copy this
image file to the server that will be running the BlueCat Gateway
docker save -o <path_to_image_tar_file> quay.io/bluecat/gss:latest
- Run the following command to import the image file created by the Docker
docker load -i <path_to_image_tar_file>
- Run the custom Gateway image using the following
docker run -d \ -p 80:8000 \ -p 443:44300 \ -v <SCHEDULER_LOG_DIR>:/bluecat_gateway/workflows/GSSHealthCheckServer/schedule_logs/ \ -v <GATEWAY_LOG_DIR>:/logs/ \ -e BAM_IP=<your_bam_ip_address> \ -e DISABLE_HEALTH_CHECK=no \ --dns <dns_server_address1> --dns <dns_server_address2> \ --name <gateway_container_name> \ quay.io/bluecat/gssWhere:
GSS contains a configuration file within /bluecat_gateway/customizations/gss.ini that is updated during the GSS installation workflow. In managed environments where the GSS container is deployed automatically and must be stateless, the following configuration parameters can be passed in as environment variables in the docker run command:
- <SCHEDULER_LOG_DIR> represents the directory where the health check logs are stored.
- <GATEWAY_LOG_DIR> represents the directory where the BlueCat Gateway logs are stored.
- <dns_server_address1> and <dns_server_address2> represent the IP addresses of the DNS servers that can resolve the gss.bluecat zone used by GSS.
- The DISABLE_HEALTH_CHECK environment variable
is used to disable the scheduled health checker when starting
the BlueCat Gateway instance. The default value is
no.Tip: BlueCat advises all customers to map Docker logs volumes to save data from BlueCat Gateway. This is the recommended best practice for Docker containers. However, if you prefer to mount logs directories to your local machine, you must manually set rwx (read, write, execute) permissions to those directories before running the container. If you do not map logs directories to your local machine during installation, BlueCat Gateway will write all the data to the container by default. If you then stop or restart the container, all this data will be lost.To set permissions to external volumes, run the following command:
chmod -R a=rwx <mapped volume>
- GSS_USER—name of the BlueCat Gateway user that will be used by the health-check function.
- GSS_PASS—encrypted password for the BlueCat Gateway user that will be used by the health-check function.
- GSS_CONFIGURATION—name of the Address Manager configuration that is used with GSS.
- GSS_VIEW—name of the Address Manager DNS view that is used with GSS.
- GSS_USER—name of the Address Manager Tag Group that is used with GSS. The default value is Traffic Steering but this can be updated to support multiple independent deployments of GSS.
When the configuration parameters are passed in as environment variables, the corresponding values in the /bluecat_gateway/customizations/gss.ini configuration file are ignored. To update the configuration provided in the environment variables, you must delete and redeploy the GSS container.