diff options
Diffstat (limited to 'docs/installation')
| -rw-r--r-- | docs/installation/cloud/aws.rst | 47 | ||||
| -rw-r--r-- | docs/installation/virtual/docker.rst | 6 | ||||
| -rw-r--r-- | docs/installation/virtual/libvirt.rst | 25 |
3 files changed, 72 insertions, 6 deletions
diff --git a/docs/installation/cloud/aws.rst b/docs/installation/cloud/aws.rst index d64aca82..da0c46d3 100644 --- a/docs/installation/cloud/aws.rst +++ b/docs/installation/cloud/aws.rst @@ -49,9 +49,54 @@ Deploy VyOS on Amazon :abbr:`AWS (Amazon Web Services)` ssh -i ~/.ssh/amazon.pem vyos@203.0.113.3 vyos@ip-192-0-2-10:~$ +Amazon CloudWatch Agent Usage +----------------------------- +To use Amazon CloudWatch Agent, configure it within the Amazon SSM Parameter Store. If you don't have a configuration yet, do :ref:`configuration_creation`. +1. Create an :abbr:`IAM (Identity and Access Management)` role for the :abbr:`EC2 (Elastic Compute Cloud)` instance to access CloudWatch service, and name it CloudWatchAgentServerRole. The role should contain two default policies: CloudWatchAgentServerPolicy and AmazonSSMManagedInstanceCore. + +2. Attach the created role to your VyOS :abbr:`EC2 (Elastic Compute Cloud)` instance. + +3. Ensure that amazon-cloudwatch-agent package is installed. + + .. code-block:: none + + $ sudo apt list --installed | grep amazon-cloudwatch-agent + + .. note:: The amazon-cloudwatch-agent package is normally included in VyOS 1.3.3+ and 1.4+ + +3. Retreive an existing CloudWatch Agent configuration from the :abbr:`SSM (Systems Manager)` Parameter Store. + + .. code-block:: none + + $ sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -s -c ssm:<your-configuration-name> + + This step also enables systemd service and runs it. + + .. note:: The VyOS platform-specific scripts feature is under development. Thus, this step should be repeated manually after changing system image (:doc:`/installation/update`) + +.. _configuration_creation: + +CloudWatch SSM Configuration creation +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Creating the Amazon Cloudwatch Agent Configuration in Amazon :abbr:`SSM (Systems Manager)` Parameter Store. + +1. Create an :abbr:`IAM (Identity and Access Management)` role for your :abbr:`EC2 (Elastic Compute Cloud)` instance to access the CloudWatch service. Name it CloudWatchAgentAdminRole. The role should contain at two default policies: CloudWatchAgentAdminPolicy and AmazonSSMManagedInstanceCore. + + .. note:: CloudWatchAgentServerRole is too permisive and should be used for single configuration creation and deployment. That's why after completion of step #3 higly recommended to replace instance CloudWatchAgentAdminRole role with CloudWatchAgentServerRole. + +2. Run Cloudwatch configuration wizard. + + .. code-block:: none + + $ sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-config-wizard + +3. When prompted, answer "yes" to the question "Do you want to store the config in the SSM parameter store?". References ---------- -https://console.aws.amazon.com/
\ No newline at end of file +- https://console.aws.amazon.com/ +- https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/create-iam-roles-for-cloudwatch-agent.html +- https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/install-CloudWatch-Agent-on-EC2-Instance-fleet.html
\ No newline at end of file diff --git a/docs/installation/virtual/docker.rst b/docs/installation/virtual/docker.rst index e2bc0198..0abb4f26 100644 --- a/docs/installation/virtual/docker.rst +++ b/docs/installation/virtual/docker.rst @@ -49,7 +49,7 @@ Deploy container from ISO ========================= Download the ISO on which you want to base the container. In this example, -the name of the ISO is ``vyos-1.4-rolling-202111281249-amd64.iso``. If you +the name of the ISO is ``vyos-1.4-rolling-202308240020-amd64.iso``. If you created a custom IPv6-enabled network, the ``docker run`` command below will require that this network be included as the ``--net`` parameter to ``docker run``. @@ -57,9 +57,9 @@ will require that this network be included as the ``--net`` parameter to .. code-block:: none $ mkdir vyos && cd vyos - $ cp ~/vyos-1.4-rolling-202111281249-amd64.iso . + $ curl -o vyos-1.4-rolling-202308240020-amd64.iso https://github.com/vyos/vyos-rolling-nightly-builds/releases/download/1.4-rolling-202308240020/vyos-1.4-rolling-202308240020-amd64.iso $ mkdir rootfs - $ sudo mount -o loop vyos-1.4-rolling-202111281249-amd64.iso rootfs + $ sudo mount -o loop vyos-1.4-rolling-202308240020-amd64.iso rootfs $ sudo apt-get install -y squashfs-tools $ mkdir unsquashfs $ sudo unsquashfs -f -d unsquashfs/ rootfs/live/filesystem.squashfs diff --git a/docs/installation/virtual/libvirt.rst b/docs/installation/virtual/libvirt.rst index 09d2cfed..5bc16273 100644 --- a/docs/installation/virtual/libvirt.rst +++ b/docs/installation/virtual/libvirt.rst @@ -25,7 +25,6 @@ the virtual network (type Virtio) created by the hypervisor with NAT. --ram 4096 \ --vcpus 2 \ --cdrom /var/lib/libvirt/images/vyos.iso \ - --os-type linux \ --os-variant debian10 \ --network network=default \ --graphics vnc \ @@ -68,7 +67,6 @@ Create VM with ``import`` qcow2 disk option. $ virt-install -n vyos_r2 \ --ram 4096 \ --vcpus 2 \ - --os-type linux \ --os-variant debian10 \ --network network=default \ --graphics vnc \ @@ -92,6 +90,29 @@ Connect to VM with command ``virsh console vyos_r2`` vyos@vyos:~$ +If you can not go to this screen + +.. code-block:: none + + vyos login: vyos + Password: + +Stayed in this stage. This is because the KVM console is chosen as the default boot option. + +.. code-block:: none + + Connected to domain vyos_r2 + Escape character is ^] + +Open a secondary/parallel session and use this command to reboot the VM: + +.. code-block:: none + + $ virsh reboot vyos_r2 + +Then go to the first session where you opened the console. +Select ``VyOS 1.4.x for QEMU (Serial console)`` and press ``Enter`` + The system is fully operational. Virt-manager |