Install on two machines CentOS
Make sure you’ve set up the repositories before attempting these instructions.
This guide walks you through installing the Intelligence Center on two hosts:
Host 1: database, services
Host 2: Intelligence Center
You must finish installing databases and services on Host 1 before installing the Intelligence Center on Host 2.
On Host 1
This procedure consists of the following steps:
Install Java.
Set a basic configuration by defining the variables to use during the database installation.
Install and configure the databases.
Enable and start the database services.
Install Java
First, install Java 11.
yum -y install java-11-openjdk-headless
update-alternatives --set java $(readlink -f /usr/lib/jvm/jre-11/bin/java)
The platform uses OpenJDK.
Set service locations in environment variables
Set the syslog_server environment variable to the location of the Logstash service on the network.
syslog_server=
Env. variable |
Description |
syslog_server |
Network address of Logstash service. |
Set credentials in environment variables
Set as environment variables the credentials needed to connect to services:
db_user=
db_name=
db_pass=
neo4j_pass=
neo4jbatcher_user=
neo4jbatcher_pass=
redis_pass=
Env. variable |
Description |
db_user |
PostgreSQL user name. |
db_pass |
PostgreSQL user password. |
db_name |
Name of PostgreSQL database used by the IC. |
neo4j_pass |
Password for neo4j user. |
neo4jbatcher_user |
User for Neo4j ingestion preprocessor. |
neo4jbatcher_pass |
User password for Neo4j ingestion preprocessor. |
redis_pass |
Password for redis user. |
Alternatively, set these in the /etc/default/eclecticiq-platform file:
cat << EOF >> /etc/default/eclecticiq-platform
db_user=${db_user}
db_name=${db_name}
db_pass=${db_pass}
neo4j_pass=${neo4j_pass}
neo4jbatcher_user=${neo4jbatcher_user}
neo4jbatcher_pass=${neo4jbatcher_pass}
redis_pass=${redis_pass}
syslog_server=${syslog_server}
EOF
Install the databases package
Install the databases package:
# Install the databases
yum -y install eclecticiq-platform-databases
Configure the services
⚠️ Permissive defaults
Instructions here set permissive default network bindings.
You should change these to a more restrictive configuration.
Modify configuration files for each service to allow them to listen for connections from Host 2. The following commands show how to set each service to listen on 0.0.0.0:
# Redis bind address
echo "bind 0.0.0.0" >> /etc/eclecticiq-redis/local.conf
# Elasticsearch bind address
echo -e "[Service]\nEnvironment=BINDING_ADDRESS=0.0.0.0" > /etc/systemd/system/elasticsearch.service.d/20-eclecticiq_binding_address.conf
# Neo4j bind address
echo "dbms.connectors.default_listen_address=0.0.0.0" >> /etc/eclecticiq-neo4j/neo4j.conf
# Neo4jbatcher bind address
echo -e "BIND_HOST=0.0.0.0" >> /etc/eclecticiq-neo4jbatcher/neo4jbatcher.conf
Start and enable third-party services
Start and enable the services:
# start/enable 3rd party services
for x in \
elasticsearch \
kibana \
neo4j \
eclecticiq-neo4jbatcher \
nginx \
postgresql-11 \
redis \
statsite \
logstash \
; do
systemctl start $x
systemctl enable $x
done
On Host 2
Start installing the platform on its dedicated server only after completing installing the databases on their dedicated server.
This procedure consists of the following steps:
Set a basic configuration by defining the hostnames and the credentials to use during the platform installation.
Install the platform backend and frontend.
Enable and start the platform services on the local host.
Set service locations in environment variables
Set the following environment variables to each services’ location on the network:
db_host=
redis_host=
es_host=
neo4j_host=
neo4jbatcher_host=
syslog_server=
Env. variable |
Description |
db_host |
Network address of PostgreSQL service. |
redis_host |
Network address of Redis service. |
es_host |
Network address of Elasticsearch service. |
neo4j_host |
Network address of Neo4j service. |
neo4jbatcher_host |
Network address of eclecticiq-neo4jbatcher service. |
syslog_server |
Network address of Logstash service. |
Set credentials in environment variables
Set as environment variables the credentials needed to connect to services:
db_user=
db_name=
db_pass=
neo4j_pass=
neo4jbatcher_user=
neo4jbatcher_pass=
redis_pass=
Env. variable |
Description |
db_user |
PostgreSQL user name. |
db_pass |
PostgreSQL user password. |
db_name |
Name of PostgreSQL database used by the IC. |
neo4j_pass |
Password for neo4j user. |
neo4jbatcher_user |
User for Neo4j ingestion preprocessor. |
neo4jbatcher_pass |
User password for Neo4j ingestion preprocessor. |
redis_pass |
Password for redis user. |
Alternatively, set these in the /etc/default/eclecticiq-platform file:
cat << EOF >> /etc/default/eclecticiq-platform
db_user=${db_user}
db_name=${db_name}
db_pass=${db_pass}
neo4j_pass=${neo4j_pass}
neo4jbatcher_user=${neo4jbatcher_user}
neo4jbatcher_pass=${neo4jbatcher_pass}
redis_pass=${redis_pass}
syslog_server=${syslog_server}
EOF
Install the Intelligence Center
Set a secret key in /etc/default/eclecticiq-platform:
EIQ_SECRET_KEY=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
echo "EIQ_SECRET_KEY=$EIQ_SECRET_KEY" >> /etc/default/eclecticiq-platform
Then, install the IC packages in the order shown:
# Install the backend
yum -y install eclecticiq-platform-backend-all
# Install the frontend and documentation pacakges
yum -y install eclecticiq-platform-frontend eclecticiq-platform-docs
Finally, restrict access to IC configuration files:
chown root:eclecticiq /etc/default/eclecticiq-platform*
chmod 640 /etc/default/eclecticiq-platform*
Install the extensions
Install all extensions:
📔 You must set up the /opt/eclecticiq-platform-backend/pip.conf and ~/.netrc files in “Set up the repositories” for this command to work.
# Uninstall old extensions from venv
/opt/eclecticiq-platform-backend/bin/pip freeze | grep '^eclecticiq-extension-' | cut -d= -f1 | xargs -r /opt/eclecticiq-platform-backend/bin/pip uninstall -y
# Install specified extensions in venv
/opt/eclecticiq-platform-backend/bin/pip install $extensions_packages
Start and enable third-party services
Start and enable the services:
# start/enable 3rd party services
systemctl restart nginx
systemctl enable nginx
systemctl start kibana
systemctl enable kibana
systemctl start statsite
systemctl enable statsite
systemctl restart rsyslog
systemctl enable rsyslog
Database migrations
Once done with the instructions here, you must perform database migrations to finish installing the IC.
To complete the installation procedure, make sure you run the database migrations before continuing with the other configuration steps.