Google Git
Sign in
apache / trafficcontrol-website / 42d25dc5af468e8233ad33997082e83da5786a8e / . / docs / latest / admin / traffic_ops_install.html
blob: e68fe6bcd4c1f6c8b1ce664bc89c4c77a4512a6c [file] [log] [blame]
<!DOCTYPE html>
<!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]-->
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Installing Traffic Ops &mdash; Traffic Control 1.8-dev documentation </title>
<link rel="shortcut icon" href="../_static/favicon.ico"/>
<link rel="stylesheet" href="../_static/css/theme.css" type="text/css" />
<link rel="stylesheet" href="../_static/theme_overrides.css" type="text/css" />
<link rel="top" title="Traffic Control 1.8-dev documentation" href="../index.html"/>
<link rel="up" title="Administrator’s Guide" href="index.html"/>
<link rel="next" title="Configuring Traffic Ops" href="traffic_ops_config.html"/>
<link rel="prev" title="Administrator’s Guide" href="index.html"/>
<script src="_static/js/modernizr.min.js"></script>
</head>
<body class="wy-body-for-nav" role="document">
<div class="wy-grid-for-nav">
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
<div class="wy-side-nav-search">
<a href="/" class="icon icon-home"> Traffic Control
<img src="../_static/tc_logo_c_only.png" class="logo" />
</a>
<div role="search">
<form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
<input type="text" name="q" placeholder="Search docs" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div>
<div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
<ul>
<li class="toctree-l1"><a class="reference internal" href="../basics/index.html">CDN Basics</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../basics/content_delivery_networks.html">Content Delivery Networks</a></li>
<li class="toctree-l2"><a class="reference internal" href="../basics/http_11.html">HTTP 1.1</a></li>
<li class="toctree-l2"><a class="reference internal" href="../basics/caching_proxies.html">Caching Proxies</a></li>
<li class="toctree-l2"><a class="reference internal" href="../basics/cache_revalidation.html">Cache Control Headers and Revalidation</a></li>
</ul>
</li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../overview/index.html">Traffic Control Overview</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../overview/introduction.html">Introduction</a></li>
<li class="toctree-l2"><a class="reference internal" href="../overview/traffic_ops.html">Traffic Ops</a></li>
<li class="toctree-l2"><a class="reference internal" href="../overview/traffic_portal.html">Traffic Portal</a></li>
<li class="toctree-l2"><a class="reference internal" href="../overview/traffic_router.html">Traffic Router</a></li>
<li class="toctree-l2"><a class="reference internal" href="../overview/traffic_monitor.html">Traffic Monitor</a></li>
<li class="toctree-l2"><a class="reference internal" href="../overview/traffic_stats.html">Traffic Stats</a></li>
<li class="toctree-l2"><a class="reference internal" href="../overview/traffic_server.html">Traffic Server</a></li>
<li class="toctree-l2"><a class="reference internal" href="../overview/traffic_vault.html">Traffic Vault</a></li>
</ul>
</li>
</ul>
<ul class="current">
<li class="toctree-l1 current"><a class="reference internal" href="index.html">Administrator&#8217;s Guide</a><ul class="current">
<li class="toctree-l2 current"><a class="current reference internal" href="#">Installing Traffic Ops</a></li>
<li class="toctree-l2"><a class="reference internal" href="traffic_ops_config.html">Configuring Traffic Ops</a></li>
<li class="toctree-l2"><a class="reference internal" href="traffic_ops_using.html">Using Traffic Ops</a></li>
<li class="toctree-l2"><a class="reference internal" href="traffic_ops_extensions.html">Managing Traffic Ops Extensions</a></li>
<li class="toctree-l2"><a class="reference internal" href="traffic_portal.html">Traffic Portal Administration</a></li>
<li class="toctree-l2"><a class="reference internal" href="traffic_monitor.html">Traffic Monitor Administration</a></li>
<li class="toctree-l2"><a class="reference internal" href="traffic_monitor_golang.html">Traffic Monitor Administration</a></li>
<li class="toctree-l2"><a class="reference internal" href="traffic_router.html">Traffic Router Administration</a></li>
<li class="toctree-l2"><a class="reference internal" href="traffic_stats.html">Traffic Stats Administration</a></li>
<li class="toctree-l2"><a class="reference internal" href="traffic_server.html">Traffic Server Administration</a></li>
<li class="toctree-l2"><a class="reference internal" href="traffic_vault.html">Traffic Vault Administration</a></li>
<li class="toctree-l2"><a class="reference internal" href="quick_howto/index.html">Quick How To Guides</a></li>
</ul>
</li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../development/index.html">Developer&#8217;s Guide</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../development/traffic_ops.html">Traffic Ops</a></li>
<li class="toctree-l2"><a class="reference internal" href="../development/traffic_portal.html">Traffic Portal</a></li>
<li class="toctree-l2"><a class="reference internal" href="../development/traffic_router.html">Traffic Router</a></li>
<li class="toctree-l2"><a class="reference internal" href="../development/traffic_monitor.html">Traffic Monitor</a></li>
<li class="toctree-l2"><a class="reference internal" href="../development/traffic_monitor_golang.html">Traffic Monitor Golang</a></li>
<li class="toctree-l2"><a class="reference internal" href="../development/traffic_stats.html">Traffic Stats</a></li>
<li class="toctree-l2"><a class="reference internal" href="../development/traffic_server.html">Traffic Server</a></li>
</ul>
</li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../faq/index.html">FAQ</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../faq/general.html">General</a></li>
<li class="toctree-l2"><a class="reference internal" href="../faq/development.html">Development</a></li>
<li class="toctree-l2"><a class="reference internal" href="../faq/administration.html">Running a Traffic Control CDN</a></li>
</ul>
</li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../glossary.html">Glossary</a></li>
</ul>
</div>
&nbsp;
</nav>
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
<nav class="wy-nav-top" role="navigation" aria-label="top navigation">
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
<a href="../index.html">Traffic Control</a>
</nav>
<div class="wy-nav-content">
<div class="rst-content">
<div role="navigation" aria-label="breadcrumbs navigation">
<ul class="wy-breadcrumbs">
<li><a href="../index.html">Traffic Control 1.8-dev</a> &raquo;</li>
<li><a href="index.html">Administrator&#8217;s Guide</a> &raquo;</li>
<li>Installing Traffic Ops</li>
<li class="wy-breadcrumbs-aside">
<a href="../_sources/admin/traffic_ops_install.txt" rel="nofollow"> View page source</a>
</li>
</ul>
<hr/>
</div>
<div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
<a href="traffic_ops_config.html" class="btn btn-neutral float-right" title="Configuring Traffic Ops">Next <span class="fa fa-arrow-circle-right"></span></a>
<a href="index.html" class="btn btn-neutral" title="Administrator’s Guide"><span class="fa fa-arrow-circle-left"></span> Previous</a>
</div>
<div role="main" class="document">
<div class="section" id="installing-traffic-ops">
<span id="rl-ps"></span><span id="index-0"></span><h1>Installing Traffic Ops<a class="headerlink" href="#installing-traffic-ops" title="Permalink to this headline"></a></h1>
<div class="section" id="system-requirements">
<h2>System Requirements<a class="headerlink" href="#system-requirements" title="Permalink to this headline"></a></h2>
<p>The user must have the following for a successful install:</p>
<ul class="simple">
<li>CentOS 6</li>
<li>4 vCPUs</li>
<li>32GB RAM</li>
<li>20 GB disk space</li>
<li>YUM repository with minimally the following dependecies avaliable<ul>
<li>apr 1.3.9-5</li>
<li>apr-util 1.3.9-3</li>
<li>apr-util-ldap 1.3.9-3</li>
<li>expat-devel 2.0.1-11</li>
<li>genisoimage 1.1.9-12</li>
<li>httpd 2.2.15</li>
<li>httpd-tools 2.2.15</li>
<li>libpcap-devel 14:1.4</li>
<li>mod_ssl 1:2.2.15-29</li>
<li>mysql 5.1.71</li>
<li>autoconf 2.63-5.1.</li>
<li>automake 1.11.1-4</li>
<li>gcc 4.4.7-4</li>
<li>gettext 0.17-16</li>
<li>libcurl-devel 7.19.7-37</li>
<li>libtool 2.2.6-15.5</li>
<li>mysql-devel 5.1.73-3</li>
<li>perl-CPAN 1.9402-136</li>
<li>libcurl 7.19.7-37</li>
<li>openssl 1.0.1e-30</li>
<li>cloog-ppl 0.15.7-1.2</li>
<li>cpp 4.4.7-4</li>
<li>cvs 1.11.23-16</li>
<li>libgomp 4.4.7-4</li>
<li>libidn-devel 1.18-2</li>
<li>m4 1.4.13-5</li>
<li>mpfr 2.4.1-6</li>
<li>perl-Digest-SHA 1:5.47-136</li>
<li>ppl 0.10.2-11</li>
<li>curl 7.19.7-37</li>
<li>openssl-devel 1.0.1e-30</li>
</ul>
</li>
<li>Access to <a class="reference external" href="http://www.cpan.org/">The Comprehensive Perl Archive Network (CPAN)</a></li>
</ul>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">The above versions are known to work on CentOS 6.5. Higher versions may work.</p>
</div>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">Although Traffic Ops supports both MySQL and Postgres as a database, support for MySQL is more mature and better tested. It is best to use MySQL when first getting started, and the rest of this guide assumes MySQL as the database.</p>
</div>
</div>
<div class="section" id="navigating-the-install">
<h2>Navigating the Install<a class="headerlink" href="#navigating-the-install" title="Permalink to this headline"></a></h2>
<p>To begin the install:</p>
<ol class="arabic simple">
<li>Install Traffic Ops:</li>
</ol>
<blockquote>
<div><p>Download the traffic_ops rpm package from <a class="reference external" href="http://trafficcontrol.apache.org/downloads/index.html">http://trafficcontrol.apache.org/downloads/index.html</a></p>
<p><code class="docutils literal"><span class="pre">sudo</span> <span class="pre">rpm</span> <span class="pre">-ivh</span> <span class="pre">traffic_ops-1.*.*-****.x86_64.rpm</span></code></p>
</div></blockquote>
<ol class="arabic simple" start="2">
<li>After installation of Traffic Ops rpm enter the following command: <code class="docutils literal"><span class="pre">sudo</span> <span class="pre">/opt/traffic_ops/install/bin/postinstall</span></code></li>
</ol>
<blockquote>
<div><p>Example output:</p>
<div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">trafficops</span><span class="o">-</span><span class="n">vm</span> <span class="c1"># /opt/traffic_ops/install/bin/postinstall</span>
<span class="n">This</span> <span class="n">script</span> <span class="n">will</span> <span class="n">build</span> <span class="ow">and</span> <span class="n">package</span> <span class="n">the</span> <span class="n">required</span> <span class="n">Traffic</span> <span class="n">Ops</span> <span class="n">perl</span> <span class="n">modules</span><span class="o">.</span>
<span class="n">In</span> <span class="n">order</span> <span class="n">to</span> <span class="n">complete</span> <span class="n">this</span> <span class="n">operation</span><span class="p">,</span> <span class="n">Development</span> <span class="n">tools</span> <span class="n">such</span> <span class="k">as</span> <span class="n">the</span> <span class="n">gcc</span>
<span class="n">compiler</span> <span class="n">must</span> <span class="n">be</span> <span class="n">installed</span> <span class="n">on</span> <span class="n">this</span> <span class="n">machine</span><span class="o">.</span>
<span class="n">Hit</span> <span class="n">ENTER</span> <span class="n">to</span> <span class="k">continue</span><span class="p">:</span>
</pre></div>
</div>
<p>The first thing postinstall will do is install additional packages needed from the yum repo.</p>
<p>Ater that, it will automatically proceed to installing the required Perl packages from CPAN.</p>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">Especially when installing Traffic Ops for the first time on a system this can take a long time, since many dependencies for the Mojolicous application need to be downloaded. Expect 30 minutes.</p>
</div>
<p>If there are any prompts in this phase, please just answer with the defaults (some CPAN installs can prompt for install questions).</p>
<p>When this phase is complete, you will see:</p>
<div class="highlight-default"><div class="highlight"><pre><span></span>...
Successfully installed Test-Differences-0.63
Successfully installed DBIx-Class-Schema-Loader-0.07042
Successfully installed Time-HiRes-1.9726 (upgraded from 1.9719)
Successfully installed Mojolicious-Plugin-Authentication-1.26
113 distributions installed
Complete! Modules were installed into /opt/traffic_ops/app/local
Linking perl libraries...
Installing perl scripts
This script will initialize the Traffic Ops database.
Please enter the following information in order to completely
configure the Traffic Ops mysql database.
Database type [mysql]:
</pre></div>
</div>
<p>The next phase of the install will ask you about the local environment for your CDN.</p>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">Before proceeding to this step, the database has to have at least a root password, and needs to be started. When using mysql, please type <code class="docutils literal"><span class="pre">service</span> <span class="pre">mysqld</span> <span class="pre">start</span></code> as root in another terminal and follow the instructions on the screen to set the root password.</p>
</div>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">CentOS files note.</p>
</div>
<p>Example output:</p>
<div class="highlight-default"><div class="highlight"><pre><span></span>Database type [mysql]:
Database name [traffic_ops_db]:
Database server hostname IP or FQDN [localhost]:
Database port number [3306]:
Traffic Ops database user [traffic_ops]:
Password for traffic_ops:
Re-Enter password for traffic_ops:
Error: passwords do not match, try again.
Password for traffic_ops:
Re-Enter password for traffic_ops:
Database server root (admin) user name [root]:
Database server root password:
Database Type: mysql
Database Name: traffic_ops_db
Hostname: localhost
Port: 3306
Database User: traffic_ops
Is the above information correct (y/n) [n]: y
The database properties have been saved to /opt/traffic_ops/app/conf/production/database.conf
The database configuration has been saved. Now we need to set some custom
fields that are necessary for the CDN to function correctly.
Traffic Ops url [https://localhost]: https://traffic-ops.kabletown.net
Human-readable CDN Name. (No whitespace, please) [kabletown_cdn]:
DNS sub-domain for which your CDN is authoritative [cdn1.kabletown.net]:
Fully qualified name of your CentOS 6.5 ISO kickstart tar file, or &#39;na&#39; to skip and add files later [/var/cache/centos65.tgz]: na
Fully qualified location to store your ISO kickstart files [/var/www/files]:
Traffic Ops URL: https://traffic-ops.kabletown.net
Traffic Ops Info URL: https://traffic-ops.kabletown.net/info
Domainname: cdn1.kabletown.net
CDN Name: kabletown_cdn
GeoLocation Polling URL: https://traffic-ops.kabletown.net/routing/GeoIP2-City.mmdb.gz
CoverageZone Polling URL: https://traffic-ops.kabletown.net/routing/coverage-zone.json
Is the above information correct (y/n) [n]: y
Install information has been saved to /opt/traffic_ops/install/data/json/post_install.json
Adding an administration user to the Traffic Ops database.
Administration username for Traffic Ops: admin
Password for the admin user admin:
Verify the password for admin:
Do you wish to create an ldap configuration for access to traffic ops [y/n] ? [n]: n
creating database
Creating database...
Creating user...
Flushing privileges...
setting up database
Executing &#39;drop database traffic_ops_db&#39;
Executing &#39;create database traffic_ops_db&#39;
Creating database tables...
Migrating database...
goose: migrating db environment &#39;production&#39;, current version: 0, target: 20150316100000
OK 20141222103718_extension.sql
OK 20150108100000_add_job_deliveryservice.sql
OK 20150205100000_cg_location.sql
OK 20150209100000_cran_to_asn.sql
OK 20150210100000_ds_keyinfo.sql
OK 20150304100000_add_ip6_ds_routing.sql
OK 20150310100000_add_bg_fetch.sql
OK 20150316100000_move_hdr_rw.sql
Seeding database...
Database initialization succeeded.
seeding profile data...
name EDGE1 description Edge 1
name TR1 description Traffic Router 1
name TM1 description Traffic Monitor 1
name MID1 description Mid 1
seeding parameter data...
</pre></div>
</div>
<p>Explanation of the information that needs to be provided:</p>
<blockquote>
<div><table border="1" class="docutils">
<colgroup>
<col width="35%" />
<col width="65%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Field</th>
<th class="head">Description</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td>Database type</td>
<td>mysql or postgres</td>
</tr>
<tr class="row-odd"><td>Database name</td>
<td>The name of the database Traffic Ops uses to store the configuration information</td>
</tr>
<tr class="row-even"><td>Database server hostname IP or FQDN</td>
<td>The hostname of the database server</td>
</tr>
<tr class="row-odd"><td>Database port number</td>
<td>The database port number</td>
</tr>
<tr class="row-even"><td>Traffic Ops database user</td>
<td>The username Traffic Ops will use to read/write from the database</td>
</tr>
<tr class="row-odd"><td>Password for traffic ops</td>
<td>The password for the above database user</td>
</tr>
<tr class="row-even"><td>Database server root (admin) user name</td>
<td>Privileged database user that has permission to create the database and user for Traffic Ops</td>
</tr>
<tr class="row-odd"><td>Database server root (admin) user password</td>
<td>The password for the above privileged database user</td>
</tr>
<tr class="row-even"><td>Traffic Ops url</td>
<td>The URL to connect to this instance of Traffic Ops, usually <a class="reference external" href="https:/">https:/</a>/&lt;traffic ops host FQDN&gt;/</td>
</tr>
<tr class="row-odd"><td>Human-readable CDN Name</td>
<td>The name of the first CDN traffic Ops will be managing</td>
</tr>
<tr class="row-even"><td>DNS sub-domain for which your CDN is authoritative</td>
<td>The DNS domain that will be delegated to this Traffic Control CDN</td>
</tr>
<tr class="row-odd"><td>name of your CentOS 6.5 ISO kickstart tar file</td>
<td>See <a class="reference internal" href="traffic_ops_config.html#creating-centos-kickstart"><span class="std std-ref">Creating the CentOS Kickstart File</span></a></td>
</tr>
<tr class="row-even"><td>Administration username for Traffic Ops</td>
<td>The Administration (highest privilege) Traffic Ops user to create;
use this user to login for the first time and create other users</td>
</tr>
<tr class="row-odd"><td>Password for the admin user</td>
<td>The password for the above user</td>
</tr>
</tbody>
</table>
</div></blockquote>
<p>The postinstall script will now seed the database with some inital configuration settings for the CDN and the servers in the CDN.</p>
<p>The next phase is the download of the geo location database and configuration of information needed for SSL certificates.</p>
<p>Example output:</p>
<div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">Downloading</span> <span class="n">MaxMind</span> <span class="n">data</span><span class="o">.</span>
<span class="o">--</span><span class="mi">2015</span><span class="o">-</span><span class="mi">04</span><span class="o">-</span><span class="mi">14</span> <span class="mi">02</span><span class="p">:</span><span class="mi">14</span><span class="p">:</span><span class="mi">32</span><span class="o">--</span> <span class="n">http</span><span class="p">:</span><span class="o">//</span><span class="n">geolite</span><span class="o">.</span><span class="n">maxmind</span><span class="o">.</span><span class="n">com</span><span class="o">/</span><span class="n">download</span><span class="o">/</span><span class="n">geoip</span><span class="o">/</span><span class="n">database</span><span class="o">/</span><span class="n">GeoLite2</span><span class="o">-</span><span class="n">City</span><span class="o">.</span><span class="n">mmdb</span><span class="o">.</span><span class="n">gz</span>
<span class="n">Resolving</span> <span class="n">geolite</span><span class="o">.</span><span class="n">maxmind</span><span class="o">.</span><span class="n">com</span><span class="o">...</span> <span class="mf">141.101</span><span class="o">.</span><span class="mf">115.190</span><span class="p">,</span> <span class="mf">141.101</span><span class="o">.</span><span class="mf">114.190</span><span class="p">,</span> <span class="mi">2400</span><span class="p">:</span><span class="n">cb00</span><span class="p">:</span><span class="mi">2048</span><span class="p">:</span><span class="mi">1</span><span class="p">::</span><span class="mi">8</span><span class="n">d65</span><span class="p">:</span><span class="mi">73</span><span class="n">be</span><span class="p">,</span> <span class="o">...</span>
<span class="n">Connecting</span> <span class="n">to</span> <span class="n">geolite</span><span class="o">.</span><span class="n">maxmind</span><span class="o">.</span><span class="n">com</span><span class="o">|</span><span class="mf">141.101</span><span class="o">.</span><span class="mf">115.190</span><span class="o">|</span><span class="p">:</span><span class="mf">80.</span><span class="o">..</span> <span class="n">connected</span><span class="o">.</span>
<span class="n">HTTP</span> <span class="n">request</span> <span class="n">sent</span><span class="p">,</span> <span class="n">awaiting</span> <span class="n">response</span><span class="o">...</span> <span class="mi">200</span> <span class="n">OK</span>
<span class="n">Length</span><span class="p">:</span> <span class="mi">17633433</span> <span class="p">(</span><span class="mi">17</span><span class="n">M</span><span class="p">)</span> <span class="p">[</span><span class="n">application</span><span class="o">/</span><span class="n">octet</span><span class="o">-</span><span class="n">stream</span><span class="p">]</span>
<span class="n">Saving</span> <span class="n">to</span><span class="p">:</span> <span class="s2">&quot;GeoLite2-City.mmdb.gz&quot;</span>
<span class="mi">100</span><span class="o">%</span><span class="p">[</span><span class="o">==================================================================================================================================================================&gt;</span><span class="p">]</span> <span class="mi">17</span><span class="p">,</span><span class="mi">633</span><span class="p">,</span><span class="mi">433</span> <span class="mf">7.03</span><span class="n">M</span><span class="o">/</span><span class="n">s</span> <span class="ow">in</span> <span class="mf">2.4</span><span class="n">s</span>
<span class="mi">2015</span><span class="o">-</span><span class="mi">04</span><span class="o">-</span><span class="mi">14</span> <span class="mi">02</span><span class="p">:</span><span class="mi">14</span><span class="p">:</span><span class="mi">35</span> <span class="p">(</span><span class="mf">7.03</span> <span class="n">MB</span><span class="o">/</span><span class="n">s</span><span class="p">)</span> <span class="o">-</span> <span class="s2">&quot;GeoLite2-City.mmdb.gz&quot;</span> <span class="n">saved</span> <span class="p">[</span><span class="mi">17633433</span><span class="o">/</span><span class="mi">17633433</span><span class="p">]</span>
<span class="n">Copying</span> <span class="n">coverage</span> <span class="n">zone</span> <span class="n">file</span> <span class="n">to</span> <span class="n">public</span> <span class="nb">dir</span><span class="o">.</span>
<span class="n">Installing</span> <span class="n">SSL</span> <span class="n">Certificates</span><span class="o">.</span>
<span class="n">We</span><span class="s1">&#39;re now running a script to generate a self signed X509 SSL certificate.</span>
<span class="n">When</span> <span class="n">prompted</span> <span class="n">to</span> <span class="n">enter</span> <span class="n">a</span> <span class="k">pass</span> <span class="n">phrase</span><span class="p">,</span> <span class="n">just</span> <span class="n">enter</span> <span class="s1">&#39;pass&#39;</span> <span class="n">each</span> <span class="n">time</span><span class="o">.</span> <span class="n">The</span>
<span class="k">pass</span> <span class="n">phrase</span> <span class="n">will</span> <span class="n">be</span> <span class="n">stripped</span> <span class="kn">from</span> <span class="nn">the</span> <span class="n">private</span> <span class="n">key</span> <span class="n">before</span> <span class="n">installation</span><span class="o">.</span>
<span class="n">When</span> <span class="n">prompted</span> <span class="n">to</span> <span class="n">enter</span> <span class="n">a</span> <span class="s1">&#39;challenge password&#39;</span><span class="p">,</span> <span class="n">just</span> <span class="n">hit</span> <span class="n">the</span> <span class="n">ENTER</span> <span class="n">key</span><span class="o">.</span>
<span class="n">The</span> <span class="n">remaining</span> <span class="n">enformation</span> <span class="n">Country</span><span class="p">,</span> <span class="n">State</span><span class="p">,</span> <span class="n">Locality</span><span class="p">,</span> <span class="n">etc</span><span class="o">...</span> <span class="n">are</span> <span class="n">required</span> <span class="n">to</span>
<span class="n">generate</span> <span class="n">a</span> <span class="n">properly</span> <span class="n">formatted</span> <span class="n">SSL</span> <span class="n">certificate</span><span class="o">.</span>
<span class="n">Hit</span> <span class="n">Enter</span> <span class="n">when</span> <span class="n">you</span> <span class="n">are</span> <span class="n">ready</span> <span class="n">to</span> <span class="k">continue</span><span class="p">:</span>
<span class="n">Postinstall</span> <span class="n">SSL</span> <span class="n">Certificate</span> <span class="n">Creation</span><span class="o">.</span>
<span class="n">Generating</span> <span class="n">an</span> <span class="n">RSA</span> <span class="n">Private</span> <span class="n">Server</span> <span class="n">Key</span><span class="o">.</span>
<span class="n">Generating</span> <span class="n">RSA</span> <span class="n">private</span> <span class="n">key</span><span class="p">,</span> <span class="mi">1024</span> <span class="n">bit</span> <span class="n">long</span> <span class="n">modulus</span>
<span class="o">..........................++++++</span>
<span class="o">.....................++++++</span>
<span class="n">e</span> <span class="ow">is</span> <span class="mi">65537</span> <span class="p">(</span><span class="mh">0x10001</span><span class="p">)</span>
<span class="n">Enter</span> <span class="k">pass</span> <span class="n">phrase</span> <span class="k">for</span> <span class="n">server</span><span class="o">.</span><span class="n">key</span><span class="p">:</span>
<span class="n">Verifying</span> <span class="o">-</span> <span class="n">Enter</span> <span class="k">pass</span> <span class="n">phrase</span> <span class="k">for</span> <span class="n">server</span><span class="o">.</span><span class="n">key</span><span class="p">:</span>
<span class="n">The</span> <span class="n">server</span> <span class="n">key</span> <span class="n">has</span> <span class="n">been</span> <span class="n">generated</span><span class="o">.</span>
<span class="n">Creating</span> <span class="n">a</span> <span class="n">Certificate</span> <span class="n">Signing</span> <span class="n">Request</span> <span class="p">(</span><span class="n">CSR</span><span class="p">)</span>
<span class="n">Enter</span> <span class="k">pass</span> <span class="n">phrase</span> <span class="k">for</span> <span class="n">server</span><span class="o">.</span><span class="n">key</span><span class="p">:</span>
<span class="n">You</span> <span class="n">are</span> <span class="n">about</span> <span class="n">to</span> <span class="n">be</span> <span class="n">asked</span> <span class="n">to</span> <span class="n">enter</span> <span class="n">information</span> <span class="n">that</span> <span class="n">will</span> <span class="n">be</span> <span class="n">incorporated</span>
<span class="n">into</span> <span class="n">your</span> <span class="n">certificate</span> <span class="n">request</span><span class="o">.</span>
<span class="n">What</span> <span class="n">you</span> <span class="n">are</span> <span class="n">about</span> <span class="n">to</span> <span class="n">enter</span> <span class="ow">is</span> <span class="n">what</span> <span class="ow">is</span> <span class="n">called</span> <span class="n">a</span> <span class="n">Distinguished</span> <span class="n">Name</span> <span class="ow">or</span> <span class="n">a</span> <span class="n">DN</span><span class="o">.</span>
<span class="n">There</span> <span class="n">are</span> <span class="n">quite</span> <span class="n">a</span> <span class="n">few</span> <span class="n">fields</span> <span class="n">but</span> <span class="n">you</span> <span class="n">can</span> <span class="n">leave</span> <span class="n">some</span> <span class="n">blank</span>
<span class="n">For</span> <span class="n">some</span> <span class="n">fields</span> <span class="n">there</span> <span class="n">will</span> <span class="n">be</span> <span class="n">a</span> <span class="n">default</span> <span class="n">value</span><span class="p">,</span>
<span class="n">If</span> <span class="n">you</span> <span class="n">enter</span> <span class="s1">&#39;.&#39;</span><span class="p">,</span> <span class="n">the</span> <span class="n">field</span> <span class="n">will</span> <span class="n">be</span> <span class="n">left</span> <span class="n">blank</span><span class="o">.</span>
<span class="o">-----</span>
<span class="n">Country</span> <span class="n">Name</span> <span class="p">(</span><span class="mi">2</span> <span class="n">letter</span> <span class="n">code</span><span class="p">)</span> <span class="p">[</span><span class="n">XX</span><span class="p">]:</span><span class="n">US</span>
<span class="n">State</span> <span class="ow">or</span> <span class="n">Province</span> <span class="n">Name</span> <span class="p">(</span><span class="n">full</span> <span class="n">name</span><span class="p">)</span> <span class="p">[]:</span><span class="n">CO</span>
<span class="n">Locality</span> <span class="n">Name</span> <span class="p">(</span><span class="n">eg</span><span class="p">,</span> <span class="n">city</span><span class="p">)</span> <span class="p">[</span><span class="n">Default</span> <span class="n">City</span><span class="p">]:</span><span class="n">Denver</span>
<span class="n">Organization</span> <span class="n">Name</span> <span class="p">(</span><span class="n">eg</span><span class="p">,</span> <span class="n">company</span><span class="p">)</span> <span class="p">[</span><span class="n">Default</span> <span class="n">Company</span> <span class="n">Ltd</span><span class="p">]:</span>
<span class="n">Organizational</span> <span class="n">Unit</span> <span class="n">Name</span> <span class="p">(</span><span class="n">eg</span><span class="p">,</span> <span class="n">section</span><span class="p">)</span> <span class="p">[]:</span>
<span class="n">Common</span> <span class="n">Name</span> <span class="p">(</span><span class="n">eg</span><span class="p">,</span> <span class="n">your</span> <span class="n">name</span> <span class="ow">or</span> <span class="n">your</span> <span class="n">server</span><span class="s1">&#39;s hostname) []:</span>
<span class="n">Email</span> <span class="n">Address</span> <span class="p">[]:</span>
<span class="n">Please</span> <span class="n">enter</span> <span class="n">the</span> <span class="n">following</span> <span class="s1">&#39;extra&#39;</span> <span class="n">attributes</span>
<span class="n">to</span> <span class="n">be</span> <span class="n">sent</span> <span class="k">with</span> <span class="n">your</span> <span class="n">certificate</span> <span class="n">request</span>
<span class="n">A</span> <span class="n">challenge</span> <span class="n">password</span> <span class="p">[]:</span><span class="k">pass</span>
<span class="n">An</span> <span class="n">optional</span> <span class="n">company</span> <span class="n">name</span> <span class="p">[]:</span>
<span class="n">The</span> <span class="n">Certificate</span> <span class="n">Signing</span> <span class="n">Request</span> <span class="n">has</span> <span class="n">been</span> <span class="n">generated</span><span class="o">.</span>
<span class="n">Removing</span> <span class="n">the</span> <span class="k">pass</span> <span class="n">phrase</span> <span class="kn">from</span> <span class="nn">the</span> <span class="n">server</span> <span class="n">key</span><span class="o">.</span>
<span class="n">Enter</span> <span class="k">pass</span> <span class="n">phrase</span> <span class="k">for</span> <span class="n">server</span><span class="o">.</span><span class="n">key</span><span class="o">.</span><span class="n">orig</span><span class="p">:</span>
<span class="n">writing</span> <span class="n">RSA</span> <span class="n">key</span>
<span class="n">The</span> <span class="k">pass</span> <span class="n">phrase</span> <span class="n">has</span> <span class="n">been</span> <span class="n">removed</span> <span class="kn">from</span> <span class="nn">the</span> <span class="n">server</span> <span class="n">key</span><span class="o">.</span>
<span class="n">Generating</span> <span class="n">a</span> <span class="n">Self</span><span class="o">-</span><span class="n">signed</span> <span class="n">certificate</span><span class="o">.</span>
<span class="n">Signature</span> <span class="n">ok</span>
<span class="n">subject</span><span class="o">=/</span><span class="n">C</span><span class="o">=</span><span class="n">US</span><span class="o">/</span><span class="n">ST</span><span class="o">=</span><span class="n">CO</span><span class="o">/</span><span class="n">L</span><span class="o">=</span><span class="n">Denver</span><span class="o">/</span><span class="n">O</span><span class="o">=</span><span class="n">Default</span> <span class="n">Company</span> <span class="n">Ltd</span>
<span class="n">Getting</span> <span class="n">Private</span> <span class="n">key</span>
<span class="n">A</span> <span class="n">server</span> <span class="n">key</span> <span class="ow">and</span> <span class="bp">self</span> <span class="n">signed</span> <span class="n">certificate</span> <span class="n">has</span> <span class="n">been</span> <span class="n">generated</span><span class="o">.</span>
<span class="n">Installing</span> <span class="n">the</span> <span class="n">server</span> <span class="n">key</span> <span class="ow">and</span> <span class="n">server</span> <span class="n">certificate</span><span class="o">.</span>
<span class="n">The</span> <span class="n">private</span> <span class="n">key</span> <span class="n">has</span> <span class="n">been</span> <span class="n">installed</span><span class="o">.</span>
<span class="n">Installing</span> <span class="n">the</span> <span class="bp">self</span> <span class="n">signed</span> <span class="n">certificate</span><span class="o">.</span>
<span class="n">Saving</span> <span class="n">the</span> <span class="bp">self</span> <span class="n">signed</span> <span class="n">csr</span><span class="o">.</span>
<span class="n">The</span> <span class="bp">self</span> <span class="n">signed</span> <span class="n">certificate</span> <span class="n">has</span> <span class="n">now</span> <span class="n">been</span> <span class="n">installed</span><span class="o">.</span>
<span class="n">You</span> <span class="n">may</span> <span class="n">obtain</span> <span class="n">a</span> <span class="n">certificate</span> <span class="n">signed</span> <span class="n">by</span> <span class="n">a</span> <span class="n">Certificate</span> <span class="n">Authority</span> <span class="n">using</span> <span class="n">the</span>
<span class="n">server</span><span class="o">.</span><span class="n">csr</span> <span class="n">file</span> <span class="n">saved</span> <span class="ow">in</span> <span class="n">the</span> <span class="n">current</span> <span class="n">directory</span><span class="o">.</span> <span class="n">Once</span> <span class="n">you</span> <span class="n">have</span> <span class="n">obtained</span>
<span class="n">a</span> <span class="n">signed</span> <span class="n">certificate</span><span class="p">,</span> <span class="n">copy</span> <span class="n">it</span> <span class="n">to</span> <span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">pki</span><span class="o">/</span><span class="n">tls</span><span class="o">/</span><span class="n">certs</span><span class="o">/</span><span class="n">localhost</span><span class="o">.</span><span class="n">crt</span> <span class="ow">and</span>
<span class="n">restart</span> <span class="n">Traffic</span> <span class="n">Ops</span><span class="o">.</span>
<span class="n">SSL</span> <span class="n">Certificates</span> <span class="n">have</span> <span class="n">been</span> <span class="n">installed</span><span class="o">.</span>
<span class="n">Starting</span> <span class="n">Traffic</span> <span class="n">Ops</span><span class="o">.</span>
<span class="n">Starting</span> <span class="n">Traffic</span> <span class="n">Ops</span>
<span class="n">Subroutine</span> <span class="n">TrafficOps</span><span class="p">::</span><span class="n">has</span> <span class="n">redefined</span> <span class="n">at</span> <span class="o">/</span><span class="n">opt</span><span class="o">/</span><span class="n">traffic_ops</span><span class="o">/</span><span class="n">app</span><span class="o">/</span><span class="n">local</span><span class="o">/</span><span class="n">lib</span><span class="o">/</span><span class="n">perl5</span><span class="o">/</span><span class="n">Mojo</span><span class="o">/</span><span class="n">Base</span><span class="o">.</span><span class="n">pm</span> <span class="n">line</span> <span class="mf">38.</span>
<span class="n">Subroutine</span> <span class="n">TrafficOps</span><span class="p">::</span><span class="n">has</span> <span class="n">redefined</span> <span class="n">at</span> <span class="o">/</span><span class="n">opt</span><span class="o">/</span><span class="n">traffic_ops</span><span class="o">/</span><span class="n">app</span><span class="o">/</span><span class="n">local</span><span class="o">/</span><span class="n">lib</span><span class="o">/</span><span class="n">perl5</span><span class="o">/</span><span class="n">Mojo</span><span class="o">/</span><span class="n">Base</span><span class="o">.</span><span class="n">pm</span> <span class="n">line</span> <span class="mf">38.</span>
<span class="n">Loading</span> <span class="n">config</span> <span class="kn">from</span> <span class="o">/</span><span class="n">opt</span><span class="o">/</span><span class="n">traffic_ops</span><span class="o">/</span><span class="n">app</span><span class="o">/</span><span class="n">conf</span><span class="o">/</span><span class="n">cdn</span><span class="o">.</span><span class="n">conf</span>
<span class="n">Reading</span> <span class="n">log4perl</span> <span class="n">config</span> <span class="kn">from</span> <span class="o">/</span><span class="n">opt</span><span class="o">/</span><span class="n">traffic_ops</span><span class="o">/</span><span class="n">app</span><span class="o">/</span><span class="n">conf</span><span class="o">/</span><span class="n">production</span><span class="o">/</span><span class="n">log4perl</span><span class="o">.</span><span class="n">conf</span>
<span class="n">Starting</span> <span class="n">hot</span> <span class="n">deployment</span> <span class="k">for</span> <span class="n">Hypnotoad</span> <span class="n">server</span> <span class="mf">32192.</span>
<span class="n">Waiting</span> <span class="k">for</span> <span class="n">Traffic</span> <span class="n">Ops</span> <span class="n">to</span> <span class="n">start</span><span class="o">.</span>
<span class="n">Shutdown</span> <span class="n">Traffic</span> <span class="n">Ops</span> <span class="p">[</span><span class="n">y</span><span class="o">/</span><span class="n">n</span><span class="p">]</span> <span class="p">[</span><span class="n">n</span><span class="p">]:</span> <span class="n">n</span>
<span class="n">To</span> <span class="n">start</span> <span class="n">Traffic</span> <span class="n">Ops</span><span class="p">:</span> <span class="n">service</span> <span class="n">traffic_ops</span> <span class="n">start</span>
<span class="n">To</span> <span class="n">stop</span> <span class="n">Traffic</span> <span class="n">Ops</span><span class="p">:</span> <span class="n">service</span> <span class="n">traffic_ops</span> <span class="n">stop</span>
<span class="n">traffic_ops</span> <span class="c1">#</span>
</pre></div>
</div>
</div></blockquote>
<p>Traffic Ops is now installed!</p>
<div class="section" id="upgrading-traffic-ops">
<h3>Upgrading Traffic Ops<a class="headerlink" href="#upgrading-traffic-ops" title="Permalink to this headline"></a></h3>
<p>To upgrade:</p>
<ol class="arabic simple">
<li>Enter the following command:<code class="docutils literal"><span class="pre">service</span> <span class="pre">traffic_ops</span> <span class="pre">stop</span></code></li>
<li>Enter the following command:<code class="docutils literal"><span class="pre">yum</span> <span class="pre">upgrade</span> <span class="pre">traffic_ops</span></code></li>
<li>See <a class="reference internal" href="#rl-ps"><span class="std std-ref">Installing Traffic Ops</span></a> to run postinstall.</li>
<li>Enter the following command:<code class="docutils literal"><span class="pre">service</span> <span class="pre">traffic_ops</span> <span class="pre">start</span></code></li>
</ol>
</div>
</div>
<div class="section" id="manually-generating-and-installing-the-ssl-certificate">
<h2>Manually Generating and Installing the SSL Certificate<a class="headerlink" href="#manually-generating-and-installing-the-ssl-certificate" title="Permalink to this headline"></a></h2>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">This section is valid for traffic-control 2.0.0 and later.</p>
</div>
<div class="section" id="self-signed-certificate-development">
<h3>Self-signed Certificate (Development)<a class="headerlink" href="#self-signed-certificate-development" title="Permalink to this headline"></a></h3>
<blockquote>
<div><p>Example Procedure:</p>
<div class="highlight-default"><div class="highlight"><pre><span></span>$ openssl genrsa -des3 -passout pass:x -out localhost.pass.key 2048
Generating RSA private key, 2048 bit long modulus
...
$ openssl rsa -passin pass:x -in localhost.pass.key -out localhost.key
writing RSA key
$ rm localhost.pass.key
$ openssl req -new -key localhost.key -out localhost.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter &#39;.&#39;, the field will be left blank.
-----
Country Name (2 letter code) [XX]:US&lt;enter&gt;
State or Province Name (full name) []:CO&lt;enter&gt;
Locality Name (eg, city) [Default City]:Denver&lt;enter&gt;
Organization Name (eg, company) [Default Company Ltd]: &lt;enter&gt;
Organizational Unit Name (eg, section) []: &lt;enter&gt;
Common Name (eg, your name or your server&#39;s hostname) []: &lt;enter&gt;
Email Address []: &lt;enter&gt;
Please enter the following &#39;extra&#39; attributes
to be sent with your certificate request
A challenge password []: pass&lt;enter&gt;
An optional company name []: &lt;enter&gt;
$ openssl x509 -req -sha256 -days 365 -in localhost.csr -signkey localhost.key -out localhost.crt
Signature ok
subject=/C=US/ST=CO/L=Denver/O=Default Company Ltd
Getting Private key
$ sudo cp localhost.crt /etc/pki/tls/certs
$ sudo cp localhost.key /etc/pki/tls/private
$ sudo chown trafops:trafops /etc/pki/tls/certs/localhost.crt
$ sudo chown trafops:trafops /etc/pki/tls/private/localhost.key
</pre></div>
</div>
</div></blockquote>
</div>
<div class="section" id="certificate-from-certificate-authority-production">
<h3>Certificate from Certificate Authority (Production)<a class="headerlink" href="#certificate-from-certificate-authority-production" title="Permalink to this headline"></a></h3>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p>You will need to know the appropriate answers when generating the certificate request file <cite>trafficopss.csr</cite> below.</p>
<p>Example Procedure:</p>
<div class="last highlight-default"><div class="highlight"><pre><span></span>$ openssl genrsa -des3 -passout pass:x -out trafficops.pass.key 2048
Generating RSA private key, 2048 bit long modulus
...
$ openssl rsa -passin pass:x -in trafficops.pass.key -out trafficops.key
writing RSA key
$ rm localhost.pass.key
Generate the Certificate Signing Request (CSR) file needed for Certificate Authority (CA) request.
$ openssl req -new -key trafficops.key -out trafficops.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter &#39;.&#39;, the field will be left blank.
-----
Country Name (2 letter code) [XX]: &lt;enter country code&gt;
State or Province Name (full name) []: &lt;enter state or province&gt;
Locality Name (eg, city) [Default City]: &lt;enter locality name&gt;
Organization Name (eg, company) [Default Company Ltd]: &lt;enter organization name&gt;
Organizational Unit Name (eg, section) []: &lt;enter organizational unit name&gt;
Common Name (eg, your name or your server&#39;s hostname) []: &lt;enter server&#39;s hostname name&gt;
Email Address []: &lt;enter e-mail address&gt;
Please enter the following &#39;extra&#39; attributes
to be sent with your certificate request
A challenge password []: &lt;enter challenge password&gt;
An optional company name []: &lt;enter&gt;
$ sudo cp trafficops.key /etc/pki/tls/private
$ sudo chown trafops:trafops /etc/pki/tls/private/trafficops.key
You must then take the output file trafficops.csr and submit a request to your Certificate Authority (CA).
Once you get approved and receive your trafficops.crt file:
$ sudo cp trafficops.crt /etc/pki/tls/certs
$ sudo chown trafops:trafops /etc/pki/tls/certs/trafficops.crt
If necessary, install the CA certificates .pem and .crt in /etc/pki/tls/certs.
You will need to update the file /opt/traffic_ops/app/conf/cdn.conf with the following changes:
...
e.g. given trafficops.crt and trafficops.key
&#39;hypnotoad&#39; =&gt; ...
&#39;listen&#39; =&gt; &#39;https://[::]:443?cert=/etc/pki/tls/certs/trafficops.crt&amp;key=/etc/pki/tls/private/trafficops.key&amp;ca=/etc/pki/tls/certs/localhost.ca&amp;verify=0x00&amp;ciphers=AES128-GCM-SHA256:HIGH:!RC4:!MD5:!aNULL:!EDH:!ED&#39;
...
</pre></div>
</div>
</div>
</div>
</div>
</div>
</div>
<footer>
<div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
<a href="traffic_ops_config.html" class="btn btn-neutral float-right" title="Configuring Traffic Ops">Next <span class="fa fa-arrow-circle-right"></span></a>
<a href="index.html" class="btn btn-neutral" title="Administrator’s Guide"><span class="fa fa-arrow-circle-left"></span> Previous</a>
</div>
<hr/>
<div role="contentinfo">
<p>
</p>
</div>
Built with <a href="http://sphinx-doc.org/">Sphinx</a> using a <a href="https://github.com/snide/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>.
</footer>
</div>
</div>
</section>
</div>
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT:'../',
VERSION:'1.8-dev',
COLLAPSE_INDEX:false,
FILE_SUFFIX:'.html',
HAS_SOURCE: true
};
</script>
<script type="text/javascript" src="../_static/jquery.js"></script>
<script type="text/javascript" src="../_static/underscore.js"></script>
<script type="text/javascript" src="../_static/doctools.js"></script>
<script type="text/javascript" src="../_static/js/theme.js"></script>
<script type="text/javascript">
jQuery(function () {
SphinxRtdTheme.StickyNav.enable();
});
</script>
</body>
</html>