Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
connectivity-suite:manual [2018/04/30 14:27] enz |
— (current) | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== Connectivity Suite Manual ====== | ||
| - | |||
| - | ===== Supported Network Setup ===== | ||
| - | Secure and simple network management is one of the main features of the Connectivity Suite. The network can be flexible setup depending on customer needs. NetModule recommends to do a basic setup of the network as shown in the following simplified image. | ||
| - | {{:cs:netzwerk.png|}} | ||
| - | |||
| - | The grouping of devices to a tenant allows to manage devices easily. From the user perspective a tenant could be used for a country, region, business unit or whatever is needed. Administration rights can be assigned for each tenant separately. | ||
| - | |||
| - | ===== Provisioning ===== | ||
| - | Initially a device does not know anything how to connect to the Connectivity Suite. The user has to create an initial configuration of his device depending on his needs by using the web interface or CLI. Once this is done the user configuration has to be importet into the Connectivity Suite. The Connectivity Suite will add the required information to this imported user configuration. The information that is added is for example network address of the Connectivity Suite installation, VPN configuration, key material and many more. Now the user can download this configuration file to the device by either doing this with the web interface or with a USB stick. This is the moment when the device can connect for the first time to the Connectivity Suite. To be more precise the device will connect to the provisioning server. At this point by using the Connectivity Suite, the user is free to assign the new device to any tenant in the network without having to provide complex things like public and private keys of tenants and devices. It can be done by simply selecting the target tenant and wait for a few seconds. | ||
| - | |||
| - | Please note that future versions of the Connectivity Suite will be further simplify this procedure. | ||
| - | |||
| - | ===== Comparison between Cloud Router and Connectvity Suite ===== | ||
| - | If you have been working with the Cloud Router, you might want to know what the difference is between the two solutions. | ||
| - | |||
| - | ==== Cloud Router ==== | ||
| - | In the Connectivity Suite the Cloud Router is represented as a Tenant. Note that the Connectivity Suite can have more than one Tenant. | ||
| - | |||
| - | ==== Remote Station ==== | ||
| - | A Remote Station is called Device in the Connectivity Suite. | ||
| - | |||
| - | ==== Control Station ==== | ||
| - | A Control Station allows the user to connect directly with the Remote Station in the Cloud Router. The Connectivity Suite allows to download the Service Access Configuration, which can be used to connect to the Remote Station via the CLI or web interface of the connected device | ||
| - | |||
| - | ==== Devices ==== | ||
| - | In the Cloud Router the Device is the equipment that is connected to the Remote Station. These are called ??? in the Connectivity Suite. | ||
| - | |||
| - | ===== Debugging a Device ===== | ||
| - | Users of the Connectivity Suite require sometimes to have a direct access to the device. The user has to install a VPN client on his computer first. Once this is done there are several options how to access the device directly. One option is to select the device in the Connectivity Suite and select the option OPEN WEB INTERFACE. A new tab in the web browser opens which allows to use the web interface of the device. The other option is to download the Service Access Configuration via the Tool icon. The Service Access Configuration is a ZIP file that contains required certificates and keys which are needed to access the device via SSH. | ||
| - | |||
| - | ===== Setup ===== | ||
| - | |||
| - | 2.1 First login | ||
| - | When logging in to the Connectivity Suite for the first time, a prompt appears stating that no network has been set up yet. To be able to use the Connectivity Suite it is necessary to set up a network and the first VPN-servers. This can be done automatically via the network setup page. The detailed procedure is de-scribed in step 2. If you don't want to set up the network immediately after your first login you can get to the network setup page anytime using the quick link on the dashboard. | ||
| - | |||
| - | |||
| - | |||
| - | Setup prompt | ||
| - | |||
| - | 2.2 Network setup | ||
| - | In order to set up your Connectivity Suite network automatically the following information needs to be pro-vided: | ||
| - | |||
| - | Hostname The hostname of the system which is going to run the Docker containers of the Connectivity Suite core (e.g. cs.example.com). | ||
| - | SSH username The user the private key belongs to. | ||
| - | SSH port The port used for establishing a SSH connection. | ||
| - | Private key Private key which can be used to open an SSH connection to the machine en-tered in hostname. A key pair can be generated using ssh-keygen. The public key has to be added to authorized_keys. | ||
| - | Tenant admin The administrator of the first tenant. | ||
| - | |||
| - | During the automatic network setup process the home and provisioning server are initialized and a first ten-ant VPN server is started. | ||
| - | |||
| - | |||
| - | Network servers overview after setup | ||
| - | |||
| - | 2.3 Adding tenants to the Connectivity Suite network | ||
| - | |||
| - | 1. In the navigation on the left click on "Network" and then "Network servers". | ||
| - | 2. Click on "Add tenant". | ||
| - | 3. Specify an administrator for the new tenant in the details box on the right. | ||
| - | 4. Click on "Add" at the bottom of the details box. | ||
| - | |||
| - | The new tenant VPN server is now started automatically, this might take some time. When the initialization process has finished, the server is going to appear in the network servers overview. | ||
| - | |||
| - | 2.4 Connecting a router to the Connectivity Suite (Provisioning) | ||
| - | The process described in the following paragraph is called provisioning in the context of the Connectivity Suite. Going through the provisioning gives your device access to the Connectivity Suite. In this process a so-called provisioning configuration for your router is created which enables access to the Connectivity Suite. When a router has been supplied with this configuration it automatically connects to the provisioning server via a VPN connection. When the connection has been established, the router can be administrated through the Connectivity Suite. The next step after the provisioning is usually moving the router to a tenant (see 3.1). This has to be done in order to enable all Connectivity Suite features for a router. | ||
| - | |||
| - | |||
| - | Case 1: Provisioning if the router is not in the factory state | ||
| - | |||
| - | 1. Download the current configuration from the router via the Web Manager. | ||
| - | 2. Log into the Connectivity Suite web interface and click on "Add customer configuration" in the quick links box at the bottom. | ||
| - | 3. Click on "Add customer configuration". | ||
| - | 4. Provide all necessary information and upload the configuration file that has been downloaded from the router in step 1. If the configuration is intended for use with one specific device, it is necessary to enter the serial number and the model. If the configuration should be used with all devices of a specific model, only the model has to be provided. | ||
| - | IMPORTANT: The data entered here has to match exactly the serial number and product type you find in the Web Manager under Home Status System. | ||
| - | 5. Download the generated configuration file by selecting it in the list of configurations and choosing "Configuration for file update" at the bottom of the details box. | ||
| - | 6. Upload the complete config.zip onto the router via the Web Manager. | ||
| - | |||
| - | |||
| - | Case 2: Provisioning if the router is the in the factory state | ||
| - | |||
| - | 1. Go to the Web Manager of your router and set an administrator password. | ||
| - | 2. Set router to WAN mode and change the firewall settings accordingly. | ||
| - | 3. Download the configuration file | ||
| - | 4. Log into the Connectivity Suite web interface and click on "Add customer configuration" in the quick links box at the bottom. | ||
| - | 5. Click on "Add customer configuration". | ||
| - | 6. Provide all necessary information and upload the configuration file that has been downloaded from the router in step 1. If the configuration is intended for use with one specific device, it is necessary to enter the serial number. If the configuration should be used with all devices of a specific model, only the model has to be provided. | ||
| - | IMPORTANT: The data entered here has to match exactly the serial number and product type you find in the Web Manager under Home Status System. | ||
| - | 7. Select the generated configuration from the list of configurations. | ||
| - | 8. Bring the generated configuration onto the router. This can either be achieved via USB Stick or via the Web Manager of the router. | ||
| - | |||
| - | USB provisioning | ||
| - | |||
| - | 1. Click on "Configuration for USB update" at the bottom of the details box. | ||
| - | 2. IMPORTANT: Do a factory reset of your router. This is necessary because the USB port has been disabled after your first login. | ||
| - | 3. Unzip the file config_usb.zip. | ||
| - | 4. Copy the content of config_usb.zip onto an empty USB stick. | ||
| - | 5. Plug the USB stick into your router in order to start the configuration update. | ||
| - | |||
| - | |||
| - | Provisioning via the Web Manager | ||
| - | |||
| - | 1. Click on "Configuration for file update" at the bottom of the details box to download the configuration. | ||
| - | 2. Upload the file config.zip onto your router in order to start the configuration update. | ||
| - | |||
| - | |||
| - | |||
| - | |||
| - | |||
| - | |||
| - | |||
| - | Customer configuration upload | ||
| - | |||
| - | After a short period of time the router is displayed with its serial number on the devices page in the Connectivity Suite UI. | ||
| - | ===== Router administration through the Connectivity Suite ===== | ||
| - | |||
| - | 3 | ||
| - | |||
| - | 3.1 Assigning a router which is connected to the provisioning server to a tenant | ||
| - | |||
| - | 1. Navigate to the devices page of the Connectivity Suite UI. | ||
| - | 2. Select the device that has to be assigned to a tenant. | ||
| - | 3. Select the tenant from the "Assign to" dropdown menu in the details box. | ||
| - | 4. Click on "Update" (this operation may take some time). | ||
| - | |||
| - | 3.2 Uploading configurations for deployment | ||
| - | |||
| - | 1. Navigate to Configuration->Files in the Connectivity Suite UI. | ||
| - | 2. Click on "Choose file" at the bottom. | ||
| - | 3. Choose a .zip or .cfg file to upload. | ||
| - | |||
| - | 3.3 Uploading software for deployment | ||
| - | |||
| - | 1. Navigate to Configuration->Software in the Connectivity Suite UI. | ||
| - | 2. Click on "Add software". | ||
| - | 3. Select the software to upload in the box on the right | ||
| - | 4. Click on "Save". | ||
| - | |||
| - | 3.4 Creating packages for the deployment of configurations and software | ||
| - | |||
| - | 1. Navigate to Configuration->Packages in the Connectivity Suite UI. | ||
| - | 2. Click on "Create package". | ||
| - | 3. Select a configuration for deployment (or just click next to skip this step). | ||
| - | 4. Select a firmware for deployment (or just click next to skip this step). | ||
| - | 5. Select which device the configuration/firmware is deployed to. | ||
| - | |||
| - | |||
| - | |||
| - | 3.5 Creating a job for deployment execution | ||
| - | |||
| - | A job provides the flexibility to schedule the deployment of a package created in step 4. | ||
| - | |||
| - | 1. Navigate to Deployment->Jobs in the Connectivity Suite UI. | ||
| - | 2. Click on "Add job". | ||
| - | 3. Select the device you want to deploy the contents of a package to. | ||
| - | 4. Provide all necessary details in the details box on the right (see image below). | ||
| - | 5. If the target router is currently online, you have the possibility to execute the job immediately. In eve-ry case it's also possible to specify a timespan for the execution of the job. | ||
| - | |||
| - | |||
| - | Example for job scheduling: | ||
| - | |||
| - | We have to schedule a job for execution within the timespan from 19.02.2018 to 25.02.2018, but the job can only be executed on Mondays and Sundays between 10pm and 11pm. | ||
| - | |||
| - | This behavior can be achieved by setting start date to 19.02.2018, end date to 25.02.2018, selecting Mon-day and Sunday and set the start time to 10pm and the end time to 11pm. If the job can be successfully executed once under the defined conditions, it is marked as successful. If it cannot be executed until 25.02.2018 11pm (e.g. because the router is offline for some reason), the job is marked as failed. | ||
| - | |||
| - | |||
| - | Job scheduling | ||
| - | |||
| - | |||
| - | |||
| - | [[cs:start|← Back to Connectivity Suite Main Page]] | ||