Installing Skylar One in Azure

Download this manual as a PDF file

This section describes how to deploy a Skylar One (formerly SL1) virtual machine in Azure from a virtual hard disk (VHD) file. ScienceLogic supports the following subscription types for deploying Skylar One in Azure:

  • Azure Global

  • Azure Government

For Azure resources and support, see the Microsoft Azure Marketplace: https://azuremarketplace.microsoft.com/.

If you are configuring a Database Server, ScienceLogic recommends allocating four times the memory for the Database Server as compared to the memory for the Data Collectors.

High-availability for Azure deployments is supported for installations of 12.1.x and later that are running on Oracle Linux 8 (OL8). ScienceLogic recommends that customers running Skylar One versions prior to 12.1.x upgrade to 12.1.x or later, convert to OL8, and then complete the high-availability setup and configuration. For more information about upgrading, see the section on Updating Skylar One.

A single Azure image can be used to create multiple virtual machines. For example, you can use the same Azure image for the Database Server to create multiple Database Servers.

Use the following menu options to navigate the Skylar One user interface:

  • To view a pop-out list of menu options, click the menu icon ().
  • To view a page containing all of the menu options, click the Advanced menu icon ().

Azure Instance Specifications

For details about Azure and the requirements and specifications for each Skylar One appliance, see the ScienceLogic Support Site: https://support.sciencelogic.com/s/system-requirements?tabset-3429b=f4ac1.

Prerequisites

You must have an Azure Resource group and a storage account that includes at least one blob container before attempting to deploy Skylar One.

In addition, before attempting to deploy Skylar One in Azure, you should confirm that the following prerequisites are all true: 

  • Your Azure policies allow you to create a new virtual machine using the ScienceLogic virtual hard disk (VHD).

  • Your virtual machine naming convention does not conflict with any existing policies in Azure.

  • You are using virtual networks and subnets that allow access and the creation of new virtual machines.

  • Your resource group allows you to create new virtual networks.

Configuring an Azure Resource Group and Storage Account

To create and configure an Azure storage account:

  1. Log in to the Azure Portal and follow Microsoft's instructions for Creating resource groups to create a new Azure resource group.
  2. After creating the resource group, follow Microsoft's instructions for Creating an Azure storage account to create a new storage account for your resource group. While configuring the storage account, make sure to associate it with the resource group you created in step 1.
  3. After creating the storage account, follow Microsoft's instructions for Creating a blob container to add a new container to the storage account you created in step 2.

Generating a Source Blob SAS URL

To upload the Skylar One VHD file to your Azure storage account, you must generate a source URL in the Azure portal. You will need this URL when you transfer the Skylar One VHDs to your Azure blob container.

To generate the SAS URL, you must be assigned one of the following roles:

  • Storage Blob Data Owner

  • Storage Blob Data Contributor

  • Storage Blob Delegator at the Storage Account level

If you are not assigned one of these roles, the generated URL will not work and you will receive a message warning that you do not have the proper permissions needed to grant the appropriate level of access to your signature recipient.

To generate a source blob SAS URL: 

  1. Log in to the Azure portal and navigate to your storage account, then to your container.

  2. Right-click the container name and then select Generate SAS.

  3. In the Generate SAS pane, in the Signing method field, select User delegation key.

    The User delegation key option is the only supported option at this time.

  4. In the Permissions field, select Read and Write.

  5. In the Start and Expiry fields, specify the start and end dates for the token's validity. The token will be valid only within this time frame.

  6. Click Generate SAS Token URL, then copy the source blob SAS URL.

Transferring Skylar One VHD Files to Your Azure Blob Container

You can transfer Skylar One VHD files directly to your Azure blob container from the ScienceLogic Support Center. This enables you to transfer all appliance types for Skylar One in parallel in just a few minutes.

To transfer Skylar One VHD files to your Azure blob container:

  1. Log in to the ScienceLogic Support Center and go to the ScienceLogic Product Licensing page (Support > License & Image Requests).

  2. Click the Request Azure VHD button. The Azure VHD Request page appears.

  3. Review and, if necessary, complete the prerequisites listed on the page , then complete the following fields:

    • Please Choose a Product. Select Skylar One.

    • Product Type or Version. Select the version of Skylar One you want to deploy.

    • Appliance Types. Select the Skylar One appliances you want to deploy.

    • Blob SAS URL. Type or paste the Blob SAS URL you generated.

  4. Click the Submit Azure VHD Request button. The VHDs are transferred to your desired container.

This transfer might take several minutes.

Creating the Azure Image

After transferring the Skylar One VHD files to your Azure blob container, you must create the Azure image.

You can do so in one of two ways:

To create the Azure image using Azure's legacy managed images feature:

  1. Open Microsoft Azure PowerShell and log in to your Azure account:

    2. Login-AzureRmAccount

  1. Run the following command:

    2. az image create --name <image_name> -g <resource_group_name> --os-disk-caching ReadWrite --os-type Linux --source <container_URI>

    where:

    • <image_name> specifies what you want to call the Azure image (such as "dbimage123").
    • <resource_group_name> specifies the resource group you created in Azure.
    • <container_URI> specifies the destination value you provided when you uploaded the Skylar One VHD file. When entering the container URI, you must include the .vhd file name. For example: https://azuretest.blob.core.windows.net/vhds/skylaroneinazure.vhd

    This command might return a large amount of JSON output. This is normal.

  2. Repeat these steps for each Skylar One appliance you want to build.

Skylar One Appliance Deployment Order for Distributed Systems

To deploy a distributed Skylar One system on Azure instances, create appliances in this order:

  1. Database Server
  2. Administration Portal (if applicable)
  3. Data Collectors
  4. Message Collectors (if applicable)

Creating an Azure Virtual Machine

The following steps require that you have an Azure resource group and storage account with the VHD file uploaded.

To create an Azure virtual machine (VM) using the Azure portal:

  1. Log in to your Azure account, then go to the Microsoft Marketplace.

  2. In the search bar, type "ScienceLogic," then select the Skylar One appliance type that you want to deploy.

  3. From the image's Overview page, click Get It Now.

  4. In the modal that appears, review the software plan details and then click Continue to confirm the agreement. Your Azure portal opens with the image download already selected.

  5. Click Create to start the VM creation process.

  6. During the VM creation process, do the following:

    • Under Project Details, select the appropriate Resource group.

    • Under Instance Details, follow the System Requirements for sizing the VM based on the appliance type you are deploying.

    • Under Administrator Account:

      • Set the Authentication type to SSH public key.

      • Enter the Username as "em7admin".

      • For the SSH public key source, use an existing key or generate a new one.

    • Under Inbound Port Rules, select the necessary inbound ports.

  7. Complete the rest of the VM creation steps based on your specific needs. (For more information, see Microsoft's instructions for Creating a Linux VM.) When you are finished, click Review + create.

  8. Review the details for the VM you are about to create. When you are ready, click Create.

  9. When the Generate new key pair window appears, click Download private key and create resource. When you do so, your key is downloaded as the file myKey.pem. Make note of the file's download location.

  10. When the deployment has completed, click Go to resource.

  11. On the page for your new VM, make note of the VM's Public IP address.

  12. Repeat these steps for each Skylar One appliance you want to build.

Setting the Public IP Address to Static

To ensure the IP address for the virtual machine remains the same after reboot, which ensures that your Skylar One appliances work properly, you must configure the public IP address to be static. To do so:

  1. In the Azure Portal, enter "network interfaces" in the search box at the top of the portal. Select Network interfaces in the search results.

  2. From the list of network interfaces, select the network interface you want to modify.

  3. Click Settings > IP configurations, and then select the IP configuration that you want to modify.

  4. In the Edit IP configuration window, click Disassociate in the Public IP Address field, and then select Associate public IP address.

  5. In the Public IP address field, click Create a public IP address.

  6. Under Add a public IP address, type a name for your IP address in the Name field and select Static in the Assignment field.

  7. Click OK and then click Save.

  8. Repeat these steps for each Skylar One appliance you want to build.

Configuring the Virtual Machine

To configure each virtual machine, perform the following steps:

  1. Use SSH to access the virtual machine using its public IP address, username, and the SSH key defined when creating your Azure virtual machine.

    ssh -i <private key path> em7admin@<vm-ip-address>

  2. If you are performing a fresh installation, you will be prompted by the Message of the Day to set up the MariaDB password.

  3. If this is a new STIG installation, the Message of the Day will also contain instructions for setting a new password. Follow these instructions for setting a password on the em7admin account.

    If you are updating a STIG system, the Message of the Day will display a security warning stating that the em7admin account does not have a password, along with instructions for setting the password.

  4. Use the following command to edit the /etc/silo.conf file:

    sudo visilo --no-validation

  5. In the /etc/silo.conf file, update the following section or sections:

    • For the clientdbuser account:

      [LOCAL]

      dbpasswd = <NEW_PASSWORD>

      [CENTRAL]

      dbpasswd = <NEW_PASSWORD>

      The CENTRAL section does not appear for all appliance types. If it does, then the dbpasswd values should match in both sections.

    • For the ap_user account:

      [CENTRAL]

      ap_user = apuser

      ap_pass = <NEW_PASSWORD>

      The CENTRAL section does not appear for all appliance types.

  6. Save the file (:wq) and enter y to move the changes to the /etc/siteconfig/siloconf.siteconfig file automatically.

  7. If you are upgrading to this release of Skylar One, run the following command:

    sudo systemctl restart nextui php-fpm nginx

    If this is a new STIG installation, you can skip this step.

  8. Repeat these steps on the other Skylar One appliances in your stack as needed to update the passwords for those appliances as well.