VMware (vSphere)¶
Deploying Zercurity to VMware is fairly straightforward. If you’ve deployed an OVA before you can just use the URL provided by your account rep to deploy the OVA and you can skip ahead to starting Zercurity.
The OVA is supported on VMWare ESX 5.5 and higher, VMware workstation 10.x and VMware Fusion 6.x.
To deploy an OVA right click on either your datacenter or group and click “Deploy OVF Template…”
The first step of the process is to provide the URL of the OVA. This URL will provided to you by your account rep but will look similar to the one in the screenshot below.
The next steps will be specific to your setup but not dissimilar to deploying a Virtual machine. Follow the steps carefully when promoted about your deployment location, disk settings and networking. On the final setup of the process your configuration should look similar to this.
When you Finish the setup the OVA will take a while to download and deploy. You can follow the status of the deployment through the VMware task manager.
Once the OVA has finished deploying start the newly created VM. SSH is enabled by default. open-vm-tools is also installed so you’ll be able to see the IP leased to your new VM.
ssh admin@10.215.32.133
The default password is ytirucrez which is Zercurity backwards. The root
password is toor. We obviously recommend you change the default passwords
as well as using your certificate though authorized_keys instead to
authenticate.
Starting Zercurity¶
To setup Zercurity copy across the installation files. Provided to you by
your account manager. The ./setup.sh script will guide you through the
process.
You’ll be required to enter the domain name you want to use which will update your production.dev file which stores all configuration settings. The setup will also download the latest version of Zercurity for Docker.
./setup.sh
Once the setup has downloaded all the container images you can start Zercurity like so:
sudo systemctl start zercurity
You can view the logs by using the journalctl command.
sudo journalctl -u zercurity -xef
You can also stop and restart zercurity using the following commands.
sudo systemctl stop zercurity
sudo systemctl restart zercurity
As the containers start (which will take a few minutes) you’ll notice two
directories being created, certs and data.
- The
certsdirectory contains the SSL certificates for the NGINX web-server. - The
datadirectory contains both a working directory for the creation of temp files and data for theprostgresqldatabase.
The Zercurity web application will now be available at:
https://app.zercurity.local
Warning
If you are using self-signed certificates you will need to manually visit
https://app.zercurity.local, https://api.zercurity.local
and https://download.zercurity.local in order for the web
application to work correctly. Or you can add the generated CA to your
preferred browser which can be found in the certs folder.
Updating Zercurity¶
You can update Zercurity by using the ./update.sh script. This will
authenticate to our ECR repository and download all the latest docker images.
This script will not restart any Zercurity services. You will need to do this manually once the script has finished.
# There is no need to shutdown Zercurity. The new image containers will
# be fetched and used the next time the service is restarted.
./update.sh
sudo systemctl restart zercurity
Common issues¶
When deploying the Zercurity OVA there might be some issues you run into due to OVA versions and compatibility.
Power on failures¶
When starting the VM you might get the error “No host is compatible with virtual machine, the guest operating system ‘debian9_64Guest’ is not supported.”
This can be quickly remedied by changing the guest OS configuration in ESXi to something more akin to Debian 9.
Given the Zercurity VM select “Edit Settings” -> “VM Options” you should see something like this. Under “General options” change the “Guest OS” to “Linux” and the “Guest OS version” to “Debian 9 (64-bit)” or as close as you can get to that OS release.
