Versions Compared

Old Version 6

changes.mady.by.user Zane England

Saved on

compared with

New Version 7

changes.mady.by.user Zane England

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Info

This section describes the setup of yarnman and use of the administration application

Table of Contents
minLevel1
maxLevel7

Logging in to Yarnman administration,  https://<ip address or DNS name>/administration

...

To download the new log (Tar) file, select the highlighted link

...

Authentication Databases

...

Yarnman users are authenticated against an authentication database where users and roles are managed. To access, select "Database" from left side menu which will bring up below screen

...

To add/ manage users, select the "Users" tab from right hand main Database screenbescreen

...

New users may be added or existing users managed. To add a new user, select "+ New User"

...

Authentication Access Policies

...

Authentication access policies defines items such as authentication method (local DB, LDAP or UDS) and the linked Database
Select "Access Policies" from menu. By default, there will be a Central DB-Only Policy that may be selected or modified or new policies may be defined as required

...

Yarnman Server Specifications

...

Minimum recommended specifications for Yarnman running standard datasets. For larger datasets, this would need to be increased
4 x vCPU
8 GB vRAM
1000 GB vStorage

Yarnman Manual Log Collection

...

If log collection option as described in previous chapters is not available/ can not be accessed, log collection may be performed manually by ssh access to Yarnman
Please send screenshot of error encountered and detailed steps to reproduce and time stamp from ssh via date command
run command via ssh to collect logs
tar -czvf yarnman-logs.tar.gz --exclude='*.tar.gz' /var/log/yarnman
Then sftp file and send to support as required

Upgrade Yarnman - Apply a patch

...

Process to apply patch in Yarnman

...

Upgrade Yarnman – Linux Deps upgrade

...

Process to upgrade the Linux Deps. It is recommended to take a snapshot prior to update

...

Local Firewall Configuration

...

Configure on each host as required using ufw
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https
sudo ufw enable
Additional rules are required on the core node for each arm deployed
sudo ufw allow from <ip address of arm> to any proto tcp port 5984,5986
sudo ufw allow from <ip address of arm> to any proto tcp port 6379,6380
Default Terminator Configuration (Testmate)
sudo ufw allow from any proto udp port 6700:6799

External Firewall Ports

...

ARM → Core

Couchdb tcp/5984 tcp/5986 tcp/6984Redis 6984 Redis tcp/6379 tcp/6380SSH tcp/22

Core → Arm – Patch transferSSH transfer

SSH tcp/22

User → Yarnman – Access to YarnmanSSH Yarnman

SSH tcp/22HTTPS tcp/443

Customer → Arm - PWreset/Yarndoor/PrattlerHTTPS tcp/443Prattler 443

Prattler upload

tcp/8444Prattler WS tcp/8081RTP 8081

RTP udp/6700-6799 – required for Media

Arm → Customer UC Apps - TestmateCTIT

estmateCTI/QBE. TCP 2748LDAP tcp/389 tcp/636RTP 636

RTP udp/6700-6799 (configurable)

WS AXL/RIS HTTP tcp/80 tcp/443 tcp/8443SSH 8443

SSH tcp/22

Core ↔ Core - HA onlyCouchdb only

Couchdb cluster tcp/9100-9200Redis 9200

Redis Cluster tcp/1000

Other AppsArm → CUCDM8 WS tcp/8181 Arm → VOSS4UCWS tcp/443Arm → KurmiWS tcp/443

...

Yarnman SSL Certificates - Generate CSR

...

To acquire a new certificate you must generate a CSR (Certificate Signing Request). This may be done initially after creating private key or when a certificate expires
Certificate Locations /opt/yarnlab/yarnman/config
/ssl-cert.cert - Standard certificate sent to clients
/ssl-key.pem - Private key file for checking response
Open ssh session to server – go to /opt/yarnlab/yarnman/config
Open Editor 'nano cert.cnf'
In the editor – complete following info

Code Block
[req]
distinguished_name  = req_distinguished_name
req_extensions = v3_req
[ req_distinguished_name ]
emailAddress      = Email Address (emailAddress_max    = 64)
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names (Recommend using DNS name here)
[alt_names]
DNS.1 = <DNS name>

Backup and Restore

...

To Backup Yarnman Open SSH session Run command: cd /opt/yarnlab/yarnmanRun the backup script:  ./scripts/backup-yarnman.sh -b Backup script will create Backup Directory /opt/yarnlab/backup and create backup file Restoring BackupOpen SSH sessionEnsure that the backup directory /opt/yarnlab/backup exist with backup file Run command: cd /opt/yarnlab/yarnmanRun the restore script:  ./scripts/backup-yarnman.sh -rThe backup script will identify the latest backup in the backup directory and restore from there

...