Start IP Maestro
This section outlines the steps to initiate the IP Maestro deployment.
Prerequisites
• IP Maestro deployment is installed and Docker images are loaded into the local Docker repository. Refer to the section
Deploy IP Maestro.
• IP Maestro deployment requires certificates to guarantee SSL communication between OcNOS devices and IP Maestro stack (Shipping of OcNOS device logs to IP Maestro), and to expose the deployment through https protocol. The certificates should be placed/installed in the nsmo/certs folder. As part of the IP Maestro startup process, self-signed certificates will be generated and placed inside the nsmo/certs folder. This particular step will only be executed during the initial startup call.
• Signed certificates by a Trusted CA Authority, can be used in the deployment instead of self-signed ones. The certificates needs to be placed at nsmo/certs folder, and during the first start call, the user must type false at the following question: Use self-signed certificate/key for Portal SSL settings. The name of the certificate and key will be requested and checked from nsmo/certs folder.
Procedure
During startup, questions are presented and default values are preset. To continue with default values, you can hit <CR>. The explanations on the options are given below. The user inputs are required only in the first nsmo-start.sh call.
Perform the following steps to start IP Maestro:
1. Set up and start IP Maestro containers
./nsmo_start.sh
Note: This process creates the deployment, manages dependencies, and starts up containers (takes approximately 15 minutes).
On running the nsmo_start.sh script, user inputs are prompted.
2. Press Enter to select default values for most inputs.
Note: At this stage, IP Maestro is deployed and Docker image is loaded.
Here is an example of a sample run:
# ./nsmo-start.sh
_____ _____ __ __ _
|_ _| __ \ | \/ | | |
| | | |__) | | \ / | __ _ ___ ___| |_ _ __ ___
| | | ___/ | |\/| |/ _ |/ _ \/ __| __| '__/ _ \
_| |_| | | | | | (_| | __/\__ \ |_| | | (_) |
|_____|_| |_| |_|\__,_|\___||___/\__|_| \___/
:: Version 3.0.0-ipma ::
[2025-01-28T20:04:54,789][INFO][host-validation] ----------- Executing Host Validation
[2025-01-28T20:04:54,931][INFO][validate-docker] Docker version: 24.0.5
[2025-01-28T20:04:55,464][INFO][validate-docker-compose] Docker Compose version: 2.25.0
[2025-01-28T20:04:55,528][WARN][validate-host-disk] Total Disk Space: 125GB
[2025-01-28T20:04:55,532][WARN][validate-host-disk] Host disk space 500GB or higher is the minimum recommended, but found 125GB
[2025-01-28T20:04:55,536][INFO][validate-host-disk] Available Disk Space: 52GB
[2025-01-28T20:04:55,541][INFO][validate-host-disk] Used Disk Space: 57%
[2025-01-28T20:04:55,579][INFO][validate-host-memory] Total memory: 32GB
[2025-01-28T20:04:55,585][INFO][nsmo-start] ----------- Collecting Host Information
[2025-01-28T20:04:55,589][INFO][nsmo-start] Host IP: 10.14.103.230
[2025-01-28T20:04:55,593][INFO][nsmo-start] Hostname (--fqdn): meg-nsmo-3
[2025-01-28T20:04:55,629][INFO][load-properties] ----------- Checking IP Maestro global configuration
[2025-01-28T20:04:55,633][INFO][load-properties] Global configuration not present. Creating ipi-global.cfg and setting required properties
IP Maestro license server IP address []: 10.2.100.20
Push configuration for ALARMS <true/false> [true]:
Push configuration for LLDP <true/false> [true]:
Push configuration for SYSLOG <true/false> [true]:
DHCP interface []:
OcNOS device image repository path []:
OcNOS device license repository path []:
OcNOS login [ocnos]:
OcNOS password [ocnos]:
OcNOS port [830]:
[2025-01-28T20:05:20,685][INFO][config-tls] ----------- Loading IP Maestro TLS/SSL config
[2025-01-28T20:05:20,691][INFO][config-tls] Creating self-signed certificate/key. Files will be available for ssl configuration
=====================================================
======== Generating IP MAESTRO Certificate(s) =======
=====================================================
Generating Certificate for host meg-nsmo-3 and ip 10.14.103.230 ...
Using instances.yml file to create certificates...
######### START OF IP Infusion LICENSE BLOCK ################################
#
# Copyright (C) 2023-2025 IP Infusion, Inc.
# All rights reserved.
#
# This software is the confidential and proprietary information of
# IP Infusion, Inc. ("Confidential Information"). You shall not
# disclose such Confidential Information and shall use it only in
# accordance with the terms of the license agreement you entered into
# with IP Infusion, Inc.
#
######### END OF IP Infusion LICENSE BLOCK ##################################
# This file is used by elasticsearch-certutil to generate X.509 certificates
# for the Elasticsearch transport networking layer.
# see https://www.elastic.co/guide/en/elasticsearch/reference/current/certutil.html
#
# NOTE Remote connections based on IP is not a good aproach as IPs can change. DNS should be prefered instead.
instances:
- name: "CN=Self-Signed,C=US,ST=California,L=Santa Clara,O=IP Infusion,OU=NSMO"
filename: "selfsigned"
dns:
- meg-nsmo-3
ip:
- 10.14.103.230
Unzipping Certificates...
Deleting /certs/certs.zip - If it exists...
Creating self-signed PKCS8 key for filebeat from /certs/selfsigned.key
ODL Keystore not found. Creating ODL PKCS12 keystore using self-signed cert and key...
Importing keystore /certs/selfsigned.p12 to /odl/etc/keystore/keystore.jks...
Entry for alias karaf successfully imported.
Import command completed: 1 entries successfully imported, 0 entries failed or cancelled
Applying Permissions...
=====================================================
Self-signed Certificate/Key generated successfully.
=====================================================
Use self-signed certificate/key for Portal SSL settings? [true]:
[2025-01-28T20:05:29,801][INFO][config-tls] Use self-signed cert/key settings: true...
[2025-01-28T20:05:29,805][INFO][config-tls] Setting up MY_SSL_CERTIFICATE and MY_SSL_KEY with self-signed certificate/key from nsmo/certs ...
[2025-01-28T20:05:29,838][INFO][config-tls] Verifying if certificates are present at nsmo/certs ...
[2025-01-28T20:05:29,898][INFO][config-admin-user] ----------- Defining settings for User: admin
First Name [IPMA]:
Last Name [Administrator]:
Email [admin@ipinfusion.com]:
[2025-01-28T20:05:32,357][INFO][config-admin-user] First Name: IPMA
[2025-01-28T20:05:32,361][INFO][config-admin-user] Last Name: Administrator
[2025-01-28T20:05:32,365][INFO][config-admin-user] Email: admin@ipinfusion.com
Confirm admin settings [y]:
[2025-01-28T20:05:33,913][INFO][config-admin-user] Admin user settings completed...
[2025-01-28T20:05:33,917][INFO][config-admin-user] Changes can be done later in Portal > System Management > User Management
[2025-01-28T20:05:33,976][INFO][config-smtp] ----------- Defining settings for SMTP
Host [10.14.103.230]: 10.1.14.102
Port [25]:
From [maestro@ipinfusion.com]:
From Display Name [IP Maestro]:
Reply to Display Name [IP Maestro]:
[2025-01-28T20:05:37,427][INFO][config-smtp] Host: 10.1.14.102
[2025-01-28T20:05:37,433][INFO][config-smtp] Port: 25
[2025-01-28T20:05:37,439][INFO][config-smtp] From: maestro@ipinfusion.com
[2025-01-28T20:05:37,443][INFO][config-smtp] From Display Name: IP Maestro
[2025-01-28T20:05:37,447][INFO][config-smtp] Reply to Display Name: IP Maestro
Confirm SMTP settings [y]:
[2025-01-28T20:05:38,795][INFO][config-smtp] SMTP settings completed...
[2025-01-28T20:05:38,799][INFO][config-smtp] Changes can be done later in Portal > System Management > Preferences > SMTP
[2025-01-28T20:05:38,880][INFO][nsmo-start] ----------- Starting IP Maestro Deployment
.
.
.
[2025-01-28T20:13:07,438][INFO][nsmo-start] ----------- IP Maestro Successfully started
[2025-01-28T20:13:07,441][INFO][nsmo-start] IP Maestro Portal Access: https://10.14.103.230
3. Execute the following command to check the status of the containers:
watch docker ps
Note: Ensure that containers that contain a health check have a healthy status.
Here is an example of the output:
*** The following is a short output to show the "healthy" STATUS expected
NAMES STATUS
ipi-portal-server Up 35 hours (healthy)
ipi-odl Up 35 hours (healthy)
ipi-portal-client Up 35 hours (healthy)
ipi-rabbitmq Up 6 days (healthy)
ipi-dhcp Up 6 days (healthy)
ipi-metricbeat Up 6 days (healthy)
ipi-proxy Up 35 hours (healthy)
ipi-keycloak Up 35 hours (healthy)
ipi-gnmic Up 45 hours (healthy)
ipi-logstash Up 35 hours (healthy)
ipi-network-monitoring Up 35 hours (healthy)
ipi-elasticsearch Up 6 days (healthy)
ipi-postgresql Up 6 days (healthy)