2.2.2.1. OpenNAC OVA Deployment Requirements

This section features de requirements steps for deploying OpenNAC from an OVA:

1. Repository Credentials

2. OVA Download

3. IP Address Assignment

4. Network Connectivity

2.2.2.1.1. Repository Credentials

Ensure you have credentials to access our public repository (https://repo-opennac.opencloudfactory.com/ova/).

2.2.2.1.2. OVA Download

Access our public repository (https://repo-opennac.opencloudfactory.com/ova/) to download the OVAs.

Understand that for configuring your environment, each node type requires its own image, which serves as the template for creating multiple instances of that node type. Before configuring the nodes, ensure that you have deployed the necessary OVAs. The repository images configure the following roles:

opennac_core_<ONCORE_FULL_VERSION>_img.ova → Principal, Worker, and Proxy roles. opennac_analytics_<ONNALYTICS_FULL_VERSION>_img.ova → Analytics, Aggregator, Aggregator+Analytics. opennac_sensor_<ONSENSOR_FULL_VERSION>_img.ova → Sensor role. opennac_captive_<ONCAPTIVE_FULL_VERSION>_img.ova → Captive role. opennac_vpngw_<ONVPNGW_FULL_VERSION>_img.ova → VPNGW role.

Once you’ve downloaded te OVA, you can check the Virtualization platforms section to deploy it on the desired environment.

2.2.2.1.3. IP Address Assignment

The very first step to begin a deployment is IP assignment.

Note

The name of the interfaces may change depending on the OS version, i.e.: ens18.

Access your deployed OVAs by CLI and provide IPs for all nodes by executing the graphical network manager:

nmtui

On the initial window, select Edit a connection:

../../../_images/nmtui1.png


Select the interface and press Edit:

../../../_images/nmtui2.png


You will see the following default configuration:

../../../_images/nmtui8.png


The IPv4 Configuration is set to “Automatic” by default. Change it to “Manual” and manually configure the following parameters:

  • Addresses: Add node IP address with netmask (<IP>/<MASK>)

  • Gateway: Add a default gateway

  • DNS Servers: Add a DNS server. We recommend using the Corporate DNS server.

Set option Require IPv4 addressing for this connection.

../../../_images/nmtui9.png


The IPv6 Configuration is set to “Automatic” by default. Change it to “Ignore”:

../../../_images/nmtui3.png


Finalize by selecting <OK> at the bottom of the view and go back to the initial menu.

Afterward, apply the changes by activating and deactivating the interface. Navigate to the Network Manager menu and choose the Activate a connection option.

../../../_images/nmtui5.png


Deactivate and activate interface and go back to the initial menu.

../../../_images/nmtui6.png


Interface is now configured and can be verified by typing the following command in CLI “ifconfig” o “ip a”:

ifconfig
../../../_images/nmtui7.png


2.2.2.1.4. Network Connectivity

Ensure that you have an accessible IP address and internet connection:

[root@CORE ~]# ping google.com
PING google.com (142.250.200.142) 56(84) bytes of data.
64 bytes from mad41s14-in-f14.1e100.net (142.250.200.142): icmp_seq=1 ttl=117 time=13.10 ms
64 bytes from mad41s14-in-f14.1e100.net (142.250.200.142): icmp_seq=2 ttl=117 time=13.10 ms
64 bytes from mad41s14-in-f14.1e100.net (142.250.200.142): icmp_seq=3 ttl=117 time=13.6 ms

--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 13.550/13.833/13.986/0.200 ms

Check you have access to the repository by trying to download the following file:

[root@onprincipal ~]# wget --user "repo_user" --ask-password  https://repo-opennac.opencloudfactory.com/1.2.4/opennac-v1.2.4.repo
Password for user ‘repo_user’:
--2024-03-05 13:56:26--  https://repo-opennac.opencloudfactory.com/1.2.4/opennac-v1.2.4.repo
Resolving repo-opennac.opencloudfactory.com (repo-opennac.opencloudfactory.com)... 10.21.160.10
Connecting to repo-opennac.opencloudfactory.com (repo-opennac.opencloudfactory.com)|10.21.160.10|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 388 [application/x-troff-man]
Saving to: ‘opennac-v1.2.4.repo’

opennac-v1.2.4.repo                                         100%[===========================================================================================================================================>]     388  --.-KB/s    in 0s

2024-03-05 13:56:26 (9.39 MB/s) - ‘opennac-v1.2.4.repo’ saved [388/388]

Once you verify you can access the repository, you can delete this file:

[root@onprincipal ~]# rm opennac-v1.2.4.repo
rm: remove regular file 'opennac-v1.2.4.repo'? y