Using the Pre-Check Script
The pre-check script performs a series of checks on the Controller host to determine whether it is ready to accept the installation. To use the script:
- Download the
hpe-cp-prechecks-<version>.bin
script, where<version>
is the version number, such as5.6
.-
For RHEL/CentOS (5.6.0):
- NA download link: 5.6.0 RHEL/CentOS Pre-check script
- AP download link: 5.6.0 RHEL/CentOS Pre-check script
-
For SLES (5.6.0):
- NA download link: 5.6.0 SLES Pre-check script
- AP download link: 5.6.0 SLES Pre-check script
-
- If needed, copy the .bin file to a directory on the machine that will become the Controller host.
- Make the .bin file executable by executing the command:
chmod a+x hpe-cp-prechecks-<version>.bin
-
Run the executable binary using the format:
hpe-cp-prechecks-<version>.bin <options>
where
<options>
denotes the options and parameters you need to pass to the script. See Script Options for a complete list of options and when to use them, and Examples for examples of usage scenarios. - After running the script, see Sample Pre-Check Output for a
complete example of a successful pre-check as well as links to common errors and how
to resolve them. In addition to the displayed output, the pre-check script generates
several files that are described in Pre-Check Generated Files.
If needed, remediate any issues and then re-run the pre-check script until all tests
pass or until you have accounted for any warnings. CAUTION
Do not use the config file to install the controller in a production environment if the pre-check output lists one or more errors.
For non-production environments, when you want to create a deployment that is smaller than the requirements for production environments, specify the
--force
option when executing the script. - After you are satisfied with the results of the pre-check, you may proceed to
install the Controller host using either of the following methods:
- Configuration file generated by the pre-check script, as described in Using the Pre-Check Config File. The name of the
configuration file is the following:
/tmp/bd_prechecks.conf
- Manually, as described in Standard Installation.
- Configuration file generated by the pre-check script, as described in Using the Pre-Check Config File. The name of the
configuration file is the following:
Script Options
This table lists all of the Controller-specific options that can be used with the pre-check script. Not all of these options will apply in all situations. See Examples for exmaples of how this script can be used in a variety of real-world scenarios.
Option | Short Option | Description | Notes | Example |
|
|
Verify host meets Controller requirements. | Use this option on the Controller host only. | |
|
Internal gateway IP address for virtual nodes/containers. This address cannot be used by another resource on the corporate network. See Network Requirements. | Optional. If not specified, default value is 172.16.13.1 |
|
|
|
|
Proxy URL in the format
|
Skip this option if no web proxy is being used for EPIC. See Web Proxy Requirements. |
|
|
Auto-mount root on the Controller. |
|
||
|
Path where the configuration file (see Sample Pre-Check Output) will be written. |
|
||
|
Specify the actual sudo prefix to use when running privileged commands as a non-root user. | Defaults to sudo -n if no other option
provided. |
|
|
|
SSL certificate to use for secure (https://) access to the web interface. | Do not use this option if you will be using non-secured (http://) access to the web interface. |
|
|
|
Provide the CA authentication chain data required for having an SSL client authenticate the server certificate. | This must be an absolute file path that will be readable by the
httpd process. The “CA data” file is used for an openssl
verify -CAfile command to ensure that an SSL client
(such as those used in our k8s support) can validate the
certificate. |
|
|
|
Provide the public-key SSL certificate for SSL termination in the
gateway. If this is not provided, but the server certificate and
private key are, these values will now default from those server
certificate values (--ssl-cert and
--ssl-priv-key ). |
This must be an absolute path. |
|
|
|
Provide the private key corresponding to the above. | This also must be an absolute path if given. |
|
|
|
SSL private key to use for secure (https://) access to the web interface. | Do not use this option if you will be using non-secured (http://) access to the web interface. |
|
|
|
Worker hosts must be initialized manually before installing them via the web interface. | ONLY USE THIS OPTIONS WHEN YOUR ENVIRONMENT DOES NOT ALLOW KEY-BASED SSH. SEE Configuration Requirements. | ||
|
|
Force pre-check validation to succeed regardless of any errors. | THIS OPTION IS FOR ADVANCED USERS ONLY AND MAY RESULT IN AN UNUSABLE DEPLOYMENT. | |
|
Optional. Specifies the user that dnsmasq
service will run under. |
If not specified, then the dnsmasq service will
run under user nobody:nobody . |
|
|
|
Optional. Specifies the group of dnsmasq
users. |
= |
|
Examples
This section presents some examples of using the pre-check script.
-
Root/Agent: This example pre-checks HPE Ezmeral Runtime Enterprise as the root user and includes the Worker agent because password-less SSH is not available in the environment.
# root@localhost> /root/hpe-cp-prechecks-5.1.bin --worker-agent-install
-
Root/non-Agent: This example pre-checks HPE Ezmeral Runtime Enterprise as the root user. The environment does allow password-less SSH, and thus the
--worker-agent-install
option is not used.# root@localhost> /root/hpe-cp-prechecks-5.1.bin
-
Root/Agent/SSL: This example pre-checks HPE Ezmeral Runtime Enterprise as the root user and includes the Worker agent because password-less SSH is not available in the environment. It also provides SSL information to enable secure (https://) access to the HPE Ezmeral Runtime Enterprise interface.
# root@localhost> /root/hpe-cp-prechecks-5.1.bin --worker-agent-install --ssl-cert /root/bdhost.cert --ssl-priv-key /root/bdhost.pem
-
Root/Non-Agent/SSL: This example pre-checks HPE Ezmeral Runtime Enterprise as the root user. The environment does allow password-less SSH, and thus the
--worker-agent-install
option is not used. This example also provides SSL information to enable secure (https://) access to the HPE Ezmeral Runtime Enterprise interface.# root@localhost> /home/epic/hpe-cp-prechecks-5.1.bin --ssl-cert /root/bdhost.cert --ssl-priv-key /root/bdhost.pem
-
Non-root/Agent: This example pre-checks HPE Ezmeral Runtime Enterprise as a non-root user and includes the Worker agent because password-less SSH is not available in the environment.
# epic@localhost> /home/epic/hpe-cp-prechecks-5.1.bin --worker-agent-install
-
Non-root/non-Agent: This example pre-checks HPE Ezmeral Runtime Enterprise as a non-root user. The environment does allow password-less SSH, and thus the
--worker-agent-install
option is not used# epic@localhost> /home/epic/hpe-cp-prechecks-5.1.bin
-
Non-root/Agent/SSL: This example pre-checks HPE Ezmeral Runtime Enterprise as a non-root user and includes the Worker agent because password-less SSH is not available in the environment. It also provides SSL information to enable secure (https://) access to the web interface.
# epic@localhost> /home/epic/hpe-cp-prechecks-5.1.bin --worker-agent-install --ssl-cert /home/epic/bdhost.cert --ssl-priv-key /home/epic/bdhost.pem
-
Non-root/non-Agent/SSL: This example pre-checks HPE Ezmeral Runtime Enterprise as a non-root user. The environment does allow password-less SSH, and thus the --worker-agent-install option is not used. This example also provides SSL information to enable secure (https://) access to the web interface.
# epic@localhost> /home/epic/hpe-cp-prechecks-5.1.bin --ssl-cert /home/epic/bdhost.cert --ssl-priv-key /home/epic/bdhost.pem