VMware (vSphere)

Deploying Zercurity to VMware is fairly straightforward. If you’ve deployed an OVA before you can just use the URL provided by your account rep to deploy the OVA and you can skip ahead to starting Zercurity.

The OVA is supported on VMWare ESX 5.5 and higher, VMware workstation 10.x and VMware Fusion 6.x.

To deploy an OVA right click on either your datacenter or group and click “Deploy OVF Template…”

../../_images/onprem_vmware_01.png

The first step of the process is to provide the URL of the OVA. This URL will provided to you by your account rep but will look similar to the one in the screenshot below.

../../_images/onprem_vmware_02.png

The next steps will be specific to your setup but not dissimilar to deploying a Virtual machine. Follow the steps carefully when promoted about your deployment location, disk settings and networking. On the final setup of the process your configuration should look similar to this.

../../_images/onprem_vmware_03.png

When you Finish the setup the OVA will take a while to download and deploy. You can follow the status of the deployment through the VMware task manager.

Once the OVA has finished deploying start the newly created VM. SSH is enabled by default. open-vm-tools is also installed so you’ll be able to see the IP leased to your new VM.

ssh admin@10.215.32.133

The default password is ytirucrez which is Zercurity backwards. The root password is toor. We obviously recommend you change the default passwords as well as using your certificate though authorized_keys instead to authenticate.

Starting Zercurity

To setup Zercurity copy across the installation files. Provided to you by your account manager. The ./setup.sh script will guide you through the process.

You’ll be required to enter the domain name you want to use which will update your production.dev file which stores all configuration settings. The setup will also download the latest version of Zercurity for Docker.

./setup.sh

Once the setup has downloaded all the container images you can start Zercurity like so:

sudo systemctl start zercurity

You can view the logs by using the journalctl command.

sudo journalctl -u zercurity -xef

You can also stop and restart zercurity using the following commands.

sudo systemctl stop zercurity
sudo systemctl restart zercurity

As the containers start (which will take a few minutes) you’ll notice two directories being created, certs and data.

  • The certs directory contains the SSL certificates for the NGINX web-server.
  • The data directory contains both a working directory for the creation of temp files and data for the prostgresql database.

The Zercurity web application will now be available at: https://app.zercurity.local

Warning

If you are using self-signed certificates you will need to manually visit https://app.zercurity.local, https://api.zercurity.local and https://download.zercurity.local in order for the web application to work correctly. Or you can add the generated CA to your preferred browser which can be found in the certs folder.

Updating Zercurity

You can update Zercurity by using the ./update.sh script. This will authenticate to our ECR repository and download all the latest docker images.

This script will not restart any Zercurity services. You will need to do this manually once the script has finished.

# There is no need to shutdown Zercurity. The new image containers will
# be fetched and used the next time the service is restarted.
./update.sh

sudo systemctl restart zercurity

Common issues

When deploying the Zercurity OVA there might be some issues you run into due to OVA versions and compatibility.

Power on failures

When starting the VM you might get the error “No host is compatible with virtual machine, the guest operating system ‘debian9_64Guest’ is not supported.”

This can be quickly remedied by changing the guest OS configuration in ESXi to something more akin to Debian 9.

../../_images/onprem_vmware_pof_01.png

Given the Zercurity VM select “Edit Settings” -> “VM Options” you should see something like this. Under “General options” change the “Guest OS” to “Linux” and the “Guest OS version” to “Debian 9 (64-bit)” or as close as you can get to that OS release.

../../_images/onprem_vmware_pof_02.png