Using the Pre-Check Script

The pre-check script performs a series of checks on the Controller host to determine whether it is ready to accept the installation. To use the script:

  1. Download the hpe-cp-prechecks-<version>.bin script, where <version> is the version number, such as 5.6.
  2. If needed, copy the .bin file to a directory on the machine that will become the Controller host.
  3. Make the .bin file executable by executing the command:
    chmod a+x hpe-cp-prechecks-<version>.bin
  4. Run the executable binary using the format:
    hpe-cp-prechecks-<version>.bin <options>

    where <options> denotes the options and parameters you need to pass to the script. See Script Options for a complete list of options and when to use them, and Examples for examples of usage scenarios.

  5. After running the script, see Sample Pre-Check Output for a complete example of a successful pre-check as well as links to common errors and how to resolve them. In addition to the displayed output, the pre-check script generates several files that are described in Pre-Check Generated Files. If needed, remediate any issues and then re-run the pre-check script until all tests pass or until you have accounted for any warnings.
    CAUTION

    Do not use the config file to install the controller in a production environment if the pre-check output lists one or more errors.

    For non-production environments, when you want to create a deployment that is smaller than the requirements for production environments, specify the --force option when executing the script.

  6. After you are satisfied with the results of the pre-check, you may proceed to install the Controller host using either of the following methods:
NOTE
Hewlett Packard Enterprise recommends using the config file generated by the pre-check script when installing HPE Ezmeral Runtime Enterprise on the Controller host as this method will most likely be faster and easier than manual installation.

Script Options

This table lists all of the Controller-specific options that can be used with the pre-check script. Not all of these options will apply in all situations. See Examples for exmaples of how this script can be used in a variety of real-world scenarios.

Option Short Option Description Notes Example
--controller
-c
Verify host meets Controller requirements. Use this option on the Controller host only.
--int-gateway-ip
Internal gateway IP address for virtual nodes/containers. This address cannot be used by another resource on the corporate network. See Network Requirements. Optional. If not specified, default value is 172.16.13.1
--int-gateway-ip 172.1.1.1
--proxy
-p

Proxy URL in the format

[protocol://]
                        [username:password@]
                        proxy_address[:port]
Skip this option if no web proxy is being used for EPIC. See Web Proxy Requirements.
--proxy https://admin:admin123@ 172.1.1.2:8080
--controller-automount-root
Auto-mount root on the Controller.
--controller-automount-root <path>
--config-file-path
Path where the configuration file (see Sample Pre-Check Output) will be written.
--config-file-path <path>
SUDO_PREFIX
Specify the actual sudo prefix to use when running privileged commands as a non-root user. Defaults to sudo -n if no other option provided.
export SUDO_PREFIX="usr/sbin/dzdo/dzdo"
--ssl-cert
SSL certificate to use for secure (https://) access to the web interface. Do not use this option if you will be using non-secured (http://) access to the web interface.
--ssl-cert /root/bds-https.cert
--ssl-ca-data
Provide the CA authentication chain data required for having an SSL client authenticate the server certificate. This must be an absolute file path that will be readable by the httpd process. The “CA data” file is used for an openssl verify -CAfile command to ensure that an SSL client (such as those used in our k8s support) can validate the certificate.
--ssl-ca-data <path>
--gateway-ssl-cert
Provide the public-key SSL certificate for SSL termination in the gateway. If this is not provided, but the server certificate and private key are, these values will now default from those server certificate values (--ssl-cert and --ssl-priv-key). This must be an absolute path.
--gateway-ssl-cert <path>
--gateway-priv-key
Provide the private key corresponding to the above. This also must be an absolute path if given.
--gateway-priv-key <path>
--ssl-priv-key
SSL private key to use for secure (https://) access to the web interface. Do not use this option if you will be using non-secured (http://) access to the web interface.
--ssl-priv-key /root/bds-https.pem
--worker-agent-install
Worker hosts must be initialized manually before installing them via the web interface. ONLY USE THIS OPTIONS WHEN YOUR ENVIRONMENT DOES NOT ALLOW KEY-BASED SSH. SEE Configuration Requirements.
--force
-f
Force pre-check validation to succeed regardless of any errors. THIS OPTION IS FOR ADVANCED USERS ONLY AND MAY RESULT IN AN UNUSABLE DEPLOYMENT.
--dnsmasq-user
Optional. Specifies the user that dnsmasq service will run under. If not specified, then the dnsmasq service will run under user nobody:nobody.
--dnsmasq-user dnsmasquser
--dnsmasq-grp
Optional. Specifies the group of dnsmasq users. =
--dnsmasq-grp dnsmasqgroup

Examples

This section presents some examples of using the pre-check script.

  • Root/Agent: This example pre-checks HPE Ezmeral Runtime Enterprise as the root user and includes the Worker agent because password-less SSH is not available in the environment.

    # root@localhost> /root/hpe-cp-prechecks-5.1.bin --worker-agent-install
  • Root/non-Agent: This example pre-checks HPE Ezmeral Runtime Enterprise as the root user. The environment does allow password-less SSH, and thus the --worker-agent-install option is not used.

    # root@localhost> /root/hpe-cp-prechecks-5.1.bin
  • Root/Agent/SSL: This example pre-checks HPE Ezmeral Runtime Enterprise as the root user and includes the Worker agent because password-less SSH is not available in the environment. It also provides SSL information to enable secure (https://) access to the HPE Ezmeral Runtime Enterprise interface.

    # root@localhost> /root/hpe-cp-prechecks-5.1.bin --worker-agent-install --ssl-cert /root/bdhost.cert --ssl-priv-key /root/bdhost.pem
  • Root/Non-Agent/SSL: This example pre-checks HPE Ezmeral Runtime Enterprise as the root user. The environment does allow password-less SSH, and thus the --worker-agent-install option is not used. This example also provides SSL information to enable secure (https://) access to the HPE Ezmeral Runtime Enterprise interface.

    # root@localhost> /home/epic/hpe-cp-prechecks-5.1.bin --ssl-cert /root/bdhost.cert --ssl-priv-key /root/bdhost.pem
  • Non-root/Agent: This example pre-checks HPE Ezmeral Runtime Enterprise as a non-root user and includes the Worker agent because password-less SSH is not available in the environment.

    # epic@localhost> /home/epic/hpe-cp-prechecks-5.1.bin --worker-agent-install
  • Non-root/non-Agent: This example pre-checks HPE Ezmeral Runtime Enterprise as a non-root user. The environment does allow password-less SSH, and thus the --worker-agent-install option is not used

    # epic@localhost> /home/epic/hpe-cp-prechecks-5.1.bin
  • Non-root/Agent/SSL: This example pre-checks HPE Ezmeral Runtime Enterprise as a non-root user and includes the Worker agent because password-less SSH is not available in the environment. It also provides SSL information to enable secure (https://) access to the web interface.

    # epic@localhost> /home/epic/hpe-cp-prechecks-5.1.bin --worker-agent-install --ssl-cert /home/epic/bdhost.cert --ssl-priv-key /home/epic/bdhost.pem
  • Non-root/non-Agent/SSL: This example pre-checks HPE Ezmeral Runtime Enterprise as a non-root user. The environment does allow password-less SSH, and thus the --worker-agent-install option is not used. This example also provides SSL information to enable secure (https://) access to the web interface.

    # epic@localhost> /home/epic/hpe-cp-prechecks-5.1.bin --ssl-cert /home/epic/bdhost.cert --ssl-priv-key /home/epic/bdhost.pem
NOTE
Be sure to run both the precheck script and installer as the user who will be installing HPE Ezmeral Runtime Enterprise.