Installation Instructions (AEN 4.0)
===================================

.. raw:: html

    <p>Anaconda Enterprise Notebooks (AEN) is a Python data analysis environment
    from Continuum Analytics. Accessed through a browser, Anaconda
    Enterprise Notebooks is a ready-to-use, powerful, fully-configured
    Python analytics environment. We believe that programmers, scientists,
    and analysts should spend their time analyzing data, not working to set
    up a system. Data should be shareable, and analysis should be
    repeatable. Reproducibility should extend beyond just code to include
    the runtime environment, configuration, and input data.</p>
    <p>This installation guide walks through the steps needed to install a
    basic Anaconda Enterprise Notebooks system comprised of the front-end
    server, gateway and compute machines.</p>
    <p>If you have any questions about the instructions, please contact your sales
    representative or Priority Support team, if applicable, for additional
    assistance.</p>
    <div class="section" id="system-overview">
    <h2>System overview<a class="headerlink" href="#system-overview" title="Permalink to this headline">¶</a></h2>
    <p>The Anaconda Enterprise Notebooks (AEN) platform consists of three main
    service groups: <em>AEN Server</em>, <em>AEN Gateway</em>, and <em>AEN Compute</em>, below
    referred to simply as <em>Server</em>, <em>Gateway</em>, and <em>Compute</em> nodes
    respectively. These services can be run on a single machine or distributed
    across multiple servers.</p>
    <ul class="simple">
    <li><em>Server</em>: the entry point to Anaconda Enterprise Notebooks, managing
    users and projects</li>
    <li><em>Gateway</em>: a proxy service to handle URL and port mapping to ancillary
    services.</li>
    <li><em>Compute Node</em>: each compute node in the Anaconda Enterprise Notebooks system requires a
    <em>Compute Launcher</em> service to mediate access to the <em>Server</em> and
    the <em>Gateway</em></li>
    </ul>
    <p><img alt="image1" src="../../../_images/ae-notebooks/4.0/install/network-diagram.png" /></p>
    <p>Organizationally, each Anaconda Enterprise Notebooks installation has
    exactly one <em>Server</em> instance. One or more <em>Gateway</em> instances can be configured
    and each <em>Compute Node</em> can only connect to one <em>Gateway</em>. The collection of
    <em>Compute Nodes</em> served by a single <em>Gateway</em> will be referred to as a <em>Data Center</em>.
    New <em>Data Centers</em> can be added to the AEN installation at any time.</p>
    <p>For example, a Anaconda Enterprise Notebooks deployment with 2
    <em>Data Centers</em>, where one <em>Gateway</em> had a cluster of 20 physical computers,
    and the second <em>Gateway</em> had 30 virtual machines would have the
    following complement of services installed and running:</p>
    <div class="highlight-default"><div class="highlight"><pre><span></span><span class="mi">1</span>  <span class="n">AEN</span> <span class="n">Server</span> <span class="n">instance</span>
    <span class="mi">2</span>  <span class="n">AEN</span> <span class="n">Gateway</span> <span class="n">instances</span>
    <span class="mi">50</span> <span class="n">AEN</span> <span class="n">Compute</span> <span class="n">instances</span> <span class="p">(</span><span class="mi">20</span> <span class="o">+</span> <span class="mi">30</span><span class="p">)</span>
    </pre></div>
    </div>
    <p>Anaconda Enterprise Notebooks users interact with the system
    predominantly through <em>Projects</em>.</p>
    <ul class="simple">
    <li><em>Project</em>: a set of <em>conda environments</em>, Jupyter Notebooks, and other artefacts that can be accessed by a <em>Team</em> of users</li>
    </ul>
    <p>Projects are associated with a single <em>Data Center</em> within the AEN environment.
    The <em>Team</em> of users includes one <em>Owner</em>, which is the user that created the <em>Project</em>.</p>
    <p>Since Anaconda Enterprise Notebooks is web-based, it uses the standard
    HTTP port 80 or HTTPS port 443 on the <em>Server</em>.</p>
    </div>
    <div class="section" id="installers">
    <h2>Installers<a class="headerlink" href="#installers" title="Permalink to this headline">¶</a></h2>
    <p>The Anaconda Enterprise Notebooks installers are available only to paid
    customers. If you are interested in a demonstration of Anaconda
    Enterprise Notebooks, please <a class="reference external" href="https://www.continuum.io/contact-us">contact
    us</a>.</p>
    </div>
    <div class="section" id="components">
    <h2>Components<a class="headerlink" href="#components" title="Permalink to this headline">¶</a></h2>
    <div class="section" id="server">
    <h3>Server<a class="headerlink" href="#server" title="Permalink to this headline">¶</a></h3>
    <p>The <em>Server</em> component is responsible for login, accounts, admin,
    project creation and management and interfacing with the database.
    The <em>Server</em> is the main entry point for all users. It handles setting up
    projects and ensuring that users are sent to the correct <em>Data Center</em> for a
    given <em>Project</em>.</p>
    <p>Anaconda Enterprise Notebooks uses <em>MongoDB</em> for its internal data
    persistency. This is typically run on the same host as the <em>Server</em> but
    can also be deployed on a separate host.</p>
    <p>The <em>Server</em> uses <em>nginx</em> to handle the user-facing web interface.
    <em>nginx</em> acts as a request proxy. The actual <em>Server</em> web-process runs on
    a high numbered port listening only on <code class="docutils literal"><span class="pre">localhost</span></code>, and <em>nginx</em>
    forwards requests there. The <em>nginx</em> server is also responsible for
    static content.</p>
    </div>
    <div class="section" id="gateway">
    <h3>Gateway<a class="headerlink" href="#gateway" title="Permalink to this headline">¶</a></h3>
    <p>The <em>Gateway</em> provides a single access point to a set of <em>Compute
    Nodes</em>, and acts as a <em>proxy service</em> to manage authorization and
    mapping of URLs and ports to services that are running on <em>Compute
    Nodes</em>, thus providing a consistent uniform interface for the user.
    The <em>Gateway</em> may also be referred to as a <em>Data Center</em> because it
    serves as the proxy for the collection of compute nodes.</p>
    </div>
    <div class="section" id="compute-node">
    <h3>Compute node<a class="headerlink" href="#compute-node" title="Permalink to this headline">¶</a></h3>
    <p><em>Compute Nodes</em> are where <em>Apps</em> (such as Jupyter Notebook
    and Workbench) actually run. These are also the hosts that a user would
    see in a <em>terminal session</em> or if they used <em>SSH</em> to access the node. It
    is where all user-visible programs run. Each <em>Project</em> is associated
    with one or more <em>Compute Nodes</em>, and these in turn are part of a single
    <em>Data Center</em>.</p>
    </div>
    </div>
    <div class="section" id="distributed-install">
    <h2>Distributed install<a class="headerlink" href="#distributed-install" title="Permalink to this headline">¶</a></h2>
    <p>In a distributed install the <em>Server</em> and <em>Gateway</em> run on separate
    hosts.</p>
    </div>
    <div class="section" id="single-box-install">
    <h2>Single-box install<a class="headerlink" href="#single-box-install" title="Permalink to this headline">¶</a></h2>
    <p>Both the <em>Server</em> and the <em>Gateway</em> need separate external ports since
    they are independent services that are running on the same host in the
    <em>single-box</em> installation.</p>
    <p><strong>Both port 80 and port 8089 must be open on the firewall for a
    single-box install</strong></p>
    <p>The <em>Compute</em> service receives connections only from the <em>Gateway</em> and
    the <em>Server</em>, and typically runs on port 80 or port 443.</p>
    <div class="toctree-wrapper compound">
    <ul>
    <li class="toctree-l1"><a class="reference internal" href="installation.html">Installation Runbook</a><ul>
    <li class="toctree-l2"><a class="reference internal" href="installation.html#overview">Overview</a></li>
    <li class="toctree-l2"><a class="reference internal" href="installation.html#audience">Audience</a></li>
    <li class="toctree-l2"><a class="reference internal" href="installation.html#components">Components</a></li>
    <li class="toctree-l2"><a class="reference internal" href="installation.html#table-of-contents">Table of Contents</a></li>
    <li class="toctree-l2"><a class="reference internal" href="installation.html#installation-requirements">Installation Requirements</a></li>
    <li class="toctree-l2"><a class="reference internal" href="installation.html#installation-preparation">Installation Preparation</a></li>
    <li class="toctree-l2"><a class="reference internal" href="installation.html#install-aen-server">Install AEN Server</a></li>
    <li class="toctree-l2"><a class="reference internal" href="installation.html#install-aen-gateway">Install AEN Gateway</a></li>
    <li class="toctree-l2"><a class="reference internal" href="installation.html#install-aen-compute">Install AEN Compute</a></li>
    <li class="toctree-l2"><a class="reference internal" href="installation.html#optional-configuration">Optional Configuration</a></li>
    <li class="toctree-l2"><a class="reference internal" href="installation.html#wrapping-up">Wrapping Up</a></li>
    </ul>
    </li>
    <li class="toctree-l1"><a class="reference internal" href="customization.html">Installation customization</a><ul>
    <li class="toctree-l2"><a class="reference internal" href="customization.html#id1">Installation customization</a></li>
    </ul>
    </li>
    <li class="toctree-l1"><a class="reference internal" href="uninstall.html">Uninstall</a><ul>
    <li class="toctree-l2"><a class="reference internal" href="uninstall.html#server">Server</a></li>
    <li class="toctree-l2"><a class="reference internal" href="uninstall.html#gateway">Gateway</a></li>
    <li class="toctree-l2"><a class="reference internal" href="uninstall.html#compute-node">Compute Node</a></li>
    </ul>
    </li>
    <li class="toctree-l1"><a class="reference internal" href="installation_update.html">Updating Anaconda Enterprise Notebooks</a><ul>
    <li class="toctree-l2"><a class="reference internal" href="installation_update.html#summary">Summary</a></li>
    <li class="toctree-l2"><a class="reference internal" href="installation_update.html#pre-flight-check">Pre-Flight Check</a></li>
    <li class="toctree-l2"><a class="reference internal" href="installation_update.html#aen-server">AEN Server</a></li>
    <li class="toctree-l2"><a class="reference internal" href="installation_update.html#aen-gateway">AEN Gateway</a></li>
    <li class="toctree-l2"><a class="reference internal" href="installation_update.html#aen-compute">AEN Compute</a></li>
    <li class="toctree-l2"><a class="reference internal" href="installation_update.html#project-permissions">Project Permissions</a></li>
    </ul>
    </li>
    <li class="toctree-l1"><a class="reference internal" href="ldap.html">Configuration</a><ul>
    <li class="toctree-l2"><a class="reference internal" href="ldap.html#ldap">LDAP</a></li>
    <li class="toctree-l2"><a class="reference internal" href="ldap.html#openldap">OpenLDAP</a></li>
    <li class="toctree-l2"><a class="reference internal" href="ldap.html#active-directory">Active Directory</a></li>
    <li class="toctree-l2"><a class="reference internal" href="ldap.html#ssl-tls-configuration">SSL/TLS configuration</a></li>
    <li class="toctree-l2"><a class="reference internal" href="ldap.html#test-configuration-with-flask-ldap-check">Test configuration with Flask LDAP Check</a></li>
    </ul>
    </li>
    <li class="toctree-l1"><a class="reference internal" href="ssl.html">SSL</a><ul>
    <li class="toctree-l2"><a class="reference internal" href="ssl.html#required-files">Required files</a></li>
    <li class="toctree-l2"><a class="reference internal" href="ssl.html#configure-ssl-on-the-server">Configure SSL on the <em>Server</em></a></li>
    <li class="toctree-l2"><a class="reference internal" href="ssl.html#configure-ssl-on-the-gateway">Configure SSL on the <em>Gateway</em></a></li>
    <li class="toctree-l2"><a class="reference internal" href="ssl.html#ssl-on-compute-nodes">SSL on <em>Compute</em> Nodes</a></li>
    <li class="toctree-l2"><a class="reference internal" href="ssl.html#security-reminder">Security Reminder</a></li>
    <li class="toctree-l2"><a class="reference internal" href="ssl.html#strict-transport-security-header">Strict Transport Security Header</a></li>
    </ul>
    </li>
    <li class="toctree-l1"><a class="reference internal" href="sso.html">SSO</a></li>
    <li class="toctree-l1"><a class="reference internal" href="release.html">Release History</a><ul>
    <li class="toctree-l2"><a class="reference internal" href="release.html#v4-0-0-june-30-2016">v4.0.0 June 30, 2016</a></li>
    <li class="toctree-l2"><a class="reference internal" href="release.html#v0-10-0-february-2-2016">v0.10.0 February 2, 2016</a></li>
    <li class="toctree-l2"><a class="reference internal" href="release.html#v0-9-1-october-19-2015">v0.9.1 October 19, 2015</a></li>
    <li class="toctree-l2"><a class="reference internal" href="release.html#v0-8-0-august-21-2015">v0.8.0 August 21, 2015</a></li>
    <li class="toctree-l2"><a class="reference internal" href="release.html#v0-7-0-june-12-2015">v0.7.0 June 12, 2015</a></li>
    <li class="toctree-l2"><a class="reference internal" href="release.html#v0-6-3-march-27-2015">v0.6.3 March 27, 2015</a></li>
    </ul>
    </li>
    </ul>
    </div>
    </div>
