Install on two machines RHEL

Make sure you’ve set up the repositories before attempting these instructions.

This guide walks you through installing the Intelligence Center on two hosts:

  • Host 1: database, services

  • Host 2: Intelligence Center

You must finish installing databases and services on Host 1 before installing the Intelligence Center on Host 2.

On Host 1

This procedure consists of the following steps:

  • Install Java.

  • Set a basic configuration by defining the variables to use during the database installation.

  • Install and configure the databases.

  • Enable and start the database services.

Install Java

First, install Java 11.

yum -y install java-11-openjdk-headless
update-alternatives --set java $(readlink -f /usr/lib/jvm/jre-11/bin/java)

The platform uses OpenJDK.

Set service locations in environment variables

Set the syslog_server environment variable to the location of the Logstash service on the network.

syslog_server=

Env. variable

Description

syslog_server

Network address of Logstash service.

Set credentials in environment variables

Set as environment variables the credentials needed to connect to services:

db_user=
db_name=
db_pass=
neo4j_pass=
neo4jbatcher_user=
neo4jbatcher_pass=
redis_pass=

Env. variable

Description

db_user

PostgreSQL user name.

db_pass

PostgreSQL user password.

db_name

Name of PostgreSQL database used by the IC.

neo4j_pass

Password for neo4j user.

neo4jbatcher_user

User for Neo4j ingestion preprocessor.

neo4jbatcher_pass

User password for Neo4j ingestion preprocessor.

redis_pass

Password for redis user.

Alternatively, set these in the /etc/default/eclecticiq-platform file:

cat << EOF >> /etc/default/eclecticiq-platform
db_user=${db_user}
db_name=${db_name}
db_pass=${db_pass}
neo4j_pass=${neo4j_pass}
neo4jbatcher_user=${neo4jbatcher_user}
neo4jbatcher_pass=${neo4jbatcher_pass}
redis_pass=${redis_pass}
syslog_server=${syslog_server}
EOF

Install the databases package

Install the databases package:

# Install the databases
yum -y install eclecticiq-platform-databases

Configure the services

⚠️ Permissive defaults

Instructions here set permissive default network bindings.

You should change these to a more restrictive configuration.

Modify configuration files for each service to allow them to listen for connections from Host 2. The following commands show how to set each service to listen on 0.0.0.0:

# Redis bind address
echo "bind 0.0.0.0" >> /etc/eclecticiq-redis/local.conf

# Elasticsearch bind address
echo -e "[Service]\nEnvironment=BINDING_ADDRESS=0.0.0.0" > /etc/systemd/system/elasticsearch.service.d/20-eclecticiq_binding_address.conf

# Neo4j bind address
echo "dbms.connectors.default_listen_address=0.0.0.0" >> /etc/eclecticiq-neo4j/neo4j.conf

# Neo4jbatcher bind address
echo -e "BIND_HOST=0.0.0.0" >> /etc/eclecticiq-neo4jbatcher/neo4jbatcher.conf

Start and enable third-party services

Start and enable the services:

# start/enable 3rd party services
for x in \
    elasticsearch \
    kibana \
    neo4j \
    eclecticiq-neo4jbatcher \
    nginx \
    postgresql-11 \
    redis \
    statsite \
    logstash \
    ; do
        systemctl start $x
        systemctl enable $x
done

On Host 2

Start installing the platform on its dedicated server only after completing installing the databases on their dedicated server.

This procedure consists of the following steps:

  • Set a basic configuration by defining the hostnames and the credentials to use during the platform installation.

  • Install the platform backend and frontend.

  • Enable and start the platform services on the local host.

Set service locations in environment variables

Set the following environment variables to each services’ location on the network:

db_host=
redis_host=
es_host=
neo4j_host=
neo4jbatcher_host=
syslog_server=

Env. variable

Description

db_host

Network address of PostgreSQL service.

redis_host

Network address of Redis service.

es_host

Network address of Elasticsearch service.

neo4j_host

Network address of Neo4j service.

neo4jbatcher_host

Network address of eclecticiq-neo4jbatcher service.

syslog_server

Network address of Logstash service.

Set credentials in environment variables

Set as environment variables the credentials needed to connect to services:

db_user=
db_name=
db_pass=
neo4j_pass=
neo4jbatcher_user=
neo4jbatcher_pass=
redis_pass=

Env. variable

Description

db_user

PostgreSQL user name.

db_pass

PostgreSQL user password.

db_name

Name of PostgreSQL database used by the IC.

neo4j_pass

Password for neo4j user.

neo4jbatcher_user

User for Neo4j ingestion preprocessor.

neo4jbatcher_pass

User password for Neo4j ingestion preprocessor.

redis_pass

Password for redis user.

Alternatively, set these in the /etc/default/eclecticiq-platform file:

cat << EOF >> /etc/default/eclecticiq-platform
db_user=${db_user}
db_name=${db_name}
db_pass=${db_pass}
neo4j_pass=${neo4j_pass}
neo4jbatcher_user=${neo4jbatcher_user}
neo4jbatcher_pass=${neo4jbatcher_pass}
redis_pass=${redis_pass}
syslog_server=${syslog_server}
EOF

Install the Intelligence Center

Set a secret key in /etc/default/eclecticiq-platform:

EIQ_SECRET_KEY=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
echo "EIQ_SECRET_KEY=$EIQ_SECRET_KEY" >> /etc/default/eclecticiq-platform

Then, install the IC packages in the order shown:

# Install the backend
yum -y install eclecticiq-platform-backend-all

# Install the frontend and documentation pacakges
yum -y install eclecticiq-platform-frontend eclecticiq-platform-docs

Finally, restrict access to IC configuration files:

chown root:eclecticiq /etc/default/eclecticiq-platform*
chmod 640 /etc/default/eclecticiq-platform*

Install the extensions

Install all extensions:

📔 You must set up the /opt/eclecticiq-platform-backend/pip.conf and ~/.netrc files in “Set up the repositories” for this command to work.

# Uninstall old extensions from venv
/opt/eclecticiq-platform-backend/bin/pip freeze | grep '^eclecticiq-extension-' | grep -v '^eclecticiq-extension-api=' | cut -d= -f1 | xargs -r /opt/eclecticiq-platform-backend/bin/pip uninstall -y

# Install specified extensions in venv
/opt/eclecticiq-platform-backend/bin/pip install $extensions_packages

Start and enable third-party services

Start and enable the services:

# start/enable 3rd party services
systemctl restart nginx
systemctl enable nginx
systemctl start kibana
systemctl enable kibana
systemctl start statsite
systemctl enable statsite
systemctl restart rsyslog
systemctl enable rsyslog

Database migrations

Once done with the instructions here, you must perform database migrations to finish installing the IC.

To complete the installation procedure, make sure you run the database migrations before continuing with the other configuration steps.