Installation preparation (AEN 4.1.2)
====================================

.. raw:: html

    <div class="section" id="download-the-installers">
    <h2>Download the installers<a class="headerlink" href="#download-the-installers" title="Permalink to this headline">¶</a></h2>
    <p>Download the installers and copy them to the corresponding servers.</p>
    <div class="highlight-default"><div class="highlight"><pre><span></span>RPM_CDN=&quot;https://820451f3d8380952ce65-4cc6343b423784e82fd202bb87cf87cf.ssl.cf1.rackcdn.com&quot;
    curl -O $RPM_CDN/aen-server-4.1.2-Linux-x86_64.sh
    curl -O $RPM_CDN/aen-gateway-4.1.2-Linux-x86_64.sh
    curl -O $RPM_CDN/aen-compute-4.1.2-Linux-x86_64.sh
    </pre></div>
    </div>
    <p>NOTE: The current <code class="docutils literal"><span class="pre">$RPM_CDN</span></code> server will be confirmed in an email provided by
    your priority support representative.</p>
    </div>
    <div class="section" id="record-ip-addresses-domain-names-accounts-passwords">
    <h2>Record IP addresses, domain names, accounts, passwords<a class="headerlink" href="#record-ip-addresses-domain-names-accounts-passwords" title="Permalink to this headline">¶</a></h2>
    <p>AEN is very sensitive to the IP address or domain name used to
    connect to the Server and Gateway components. If users will be using the
    domain name, you should install the components using the domain name
    instead of the IP addresses. The authentication system requires the
    proper hostnames when authenticating users between the services.</p>
    <p>Fill in the domain names or IP addresses of the components below and
    record the user name and auto-generated password for the administrative user
    account in the box below after installing the AEN Server component.</p>
    <table border="1" class="docutils">
    <colgroup>
    <col width="30%" />
    <col width="35%" />
    <col width="35%" />
    </colgroup>
    <thead valign="bottom">
    <tr class="row-odd"><th class="head">Component</th>
    <th class="head">Name or IP address</th>
    <th class="head">Port Number</th>
    </tr>
    </thead>
    <tbody valign="top">
    <tr class="row-even"><td>AEN Server</td>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
    </tr>
    <tr class="row-odd"><td>AEN Gateway</td>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
    </tr>
    <tr class="row-even"><td>AEN Compute</td>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
    </tr>
    <tr class="row-odd"><td>AEN_SRVC_GRP</td>
    <td>&nbsp;</td>
    <td>N/A</td>
    </tr>
    <tr class="row-even"><td>AEN_SRVC_ACCT</td>
    <td>&nbsp;</td>
    <td>N/A</td>
    </tr>
    <tr class="row-odd"><td>Password</td>
    <td>&nbsp;</td>
    <td>N/A</td>
    </tr>
    </tbody>
    </table>
    <p>NOTE: These IP entries or DNS entries are referred to as <code class="docutils literal"><span class="pre">&lt;AEN_SERVER_IP&gt;</span></code>
    or <code class="docutils literal"><span class="pre">&lt;AEN_SERVER_FQDN&gt;</span></code>, particularly in examples of shell commands.
    Consider actually assigning those values to environment variables with similar
    names.</p>
    <p>NOTE: <code class="docutils literal"><span class="pre">AEN_SRVC_ACCT</span></code> is also know as the AEN Functional ID (or NFI).
    This is the Linux account that runs all AEN services. The default name for
    this account in the setup script is <code class="docutils literal"><span class="pre">wakari</span></code>, though current best practice
    is to use <code class="docutils literal"><span class="pre">aen-admin</span></code> as the account name. The password to
    be recorded here is generated during the install procedure and goes to the
    <code class="docutils literal"><span class="pre">AEN_SRVC_ACCT</span></code> <code class="docutils literal"><span class="pre">/NFI/wakari/aen-admin</span></code> user.</p>
    <p>NOTE: If you have more than one AEN Compute Node, record the name or IP
    address of each.</p>
    </div>
    <div class="section" id="setup-variables">
    <h2>Setup variables<a class="headerlink" href="#setup-variables" title="Permalink to this headline">¶</a></h2>
    <div class="section" id="aen-server-address">
    <h3>AEN Server address<a class="headerlink" href="#aen-server-address" title="Permalink to this headline">¶</a></h3>
    <p>Define an environment variable for the AEN Server address (FQDN or IP):</p>
    <div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">export</span> <span class="n">AEN_SERVER</span><span class="o">=&lt;</span><span class="n">AEN_SERVER_IP</span><span class="o">&gt;</span>  <span class="c1"># &lt;from table above&gt;</span>
    </pre></div>
    </div>
    <p>Note that the address (FQDN or IP) specified for the AEN server must be
    resolvable by your intended AEN users&#8217; web clients. You may verify your
    hostname as follows:</p>
    <div class="highlight-default"><div class="highlight"><pre><span></span>echo $AEN_SERVER
    </pre></div>
    </div>
    </div>
    <div class="section" id="aen-functional-id">
    <span id="id1"></span><h3>AEN Functional ID<a class="headerlink" href="#aen-functional-id" title="Permalink to this headline">¶</a></h3>
    <p>AEN must be installed and executed by a Linux account called the AEN Service
    Account. The username of the AEN Service Account is called the AEN Functional
    ID (NFI). The AEN Service Account is created during AEN installation if it does
    not exist and is used to run all AEN services.</p>
    <p>The default NFI username is <code class="docutils literal"><span class="pre">wakari</span></code>. Current best practices suggests using
    <code class="docutils literal"><span class="pre">aen_admin</span></code>. Set the environment variable <code class="docutils literal"><span class="pre">AEN_SRVC_ACCT</span></code> <em>before</em> installation:</p>
    <div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">export</span> <span class="n">AEN_SRVC_ACCT</span><span class="o">=</span><span class="s2">&quot;aen_admin&quot;</span>
    </pre></div>
    </div>
    <p>This name will then be the username of the AEN Service Account and the username
    of the AEN Admin account.</p>
    <p>When upgrading AEN, set the NFI to the NFI of the current installation.</p>
    </div>
    <div class="section" id="aen-functional-group">
    <h3>AEN Functional Group<a class="headerlink" href="#aen-functional-group" title="Permalink to this headline">¶</a></h3>
    <p>The name of the AEN Functional Group (NFG) is often set to &#8220;wakari&#8221; or
    &#8220;aen_admin&#8221; but may be given any name. This Linux group includes the AEN Service
    Account, so all files and directories that have the owner NFI also have the
    group NFG.</p>
    <p>When upgrading AEN, set the NFG to the NFG of the current installation.</p>
    <p>Set the AEN Functional Group with this command <strong>before</strong> installation,
    either using &#8220;wakari&#8221; or replacing it with your chosen name:</p>
    <div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">export</span> <span class="n">AEN_SRVC_GRP</span><span class="o">=</span><span class="s2">&quot;aen_admin&quot;</span>
    </pre></div>
    </div>
    </div>
    <div class="section" id="aen-install-sudo-command">
    <h3>AEN install sudo command<a class="headerlink" href="#aen-install-sudo-command" title="Permalink to this headline">¶</a></h3>
    <p>During AEN installation, the installers perform various operations that
    require root level privileges. By default the installers use the
    <code class="docutils literal"><span class="pre">sudo</span></code> command to perform these operations. Set the following
    environment variable <strong>*before*</strong> installation to override the default
    <code class="docutils literal"><span class="pre">sudo</span></code> command to perform root level operations or no command at all
    when the user running the installers has root privileges and the
    <code class="docutils literal"><span class="pre">sudo</span></code> command is not needed or available: <code class="docutils literal"><span class="pre">AEN_SUDO_INSTALL_CMD</span></code></p>
    <p>Examples:</p>
    <div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">export</span> <span class="n">AEN_SUDO_INSTALL_CMD</span><span class="o">=</span><span class="s2">&quot;&quot;</span>
    <span class="n">export</span> <span class="n">AEN_SUDO_INSTALL_CMD</span><span class="o">=</span><span class="s2">&quot;sudo2&quot;</span>
    </pre></div>
    </div>
    </div>
    <div class="section" id="aen-sudo-command">
    <h3>AEN sudo command<a class="headerlink" href="#aen-sudo-command" title="Permalink to this headline">¶</a></h3>
    <p>By default the AEN services uses <code class="docutils literal"><span class="pre">sudo</span> <span class="pre">-u</span></code> to perform operations on
    behalf of other users. Such operations include <code class="docutils literal"><span class="pre">mkdir</span></code>, <code class="docutils literal"><span class="pre">chmod</span></code>,
    <code class="docutils literal"><span class="pre">cp</span></code> and <code class="docutils literal"><span class="pre">mv</span></code>. Set the following environment variable before
    installation to override the default <code class="docutils literal"><span class="pre">sudo</span></code> command when sudo is not
    available on the system: <code class="docutils literal"><span class="pre">AEN_SUDO_CMD</span></code>.</p>
    <p>Note, AEN must have the ability to perform operations on behalf of other
    users. This environment variable cannot be set to an empty string or
    null. The <code class="docutils literal"><span class="pre">AEN_SUDO_CMD</span></code> must support the <code class="docutils literal"><span class="pre">-u</span></code> command line
    parameter similar to the <code class="docutils literal"><span class="pre">sudo</span></code> command.</p>
    <p>Example:</p>
    <div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">export</span> <span class="n">AEN_SUDO_CMD</span><span class="o">=</span><span class="s2">&quot;sudo2&quot;</span>
    </pre></div>
    </div>
    <p>The optional environmental variable <code class="docutils literal"><span class="pre">AEN_SUDO_SH</span></code> is another way to customize
    AEN sudo operations. When AEN executes any sudo command it will include the
    value of <code class="docutils literal"><span class="pre">AEN_SUDO_SH</span></code> if it is set.</p>
    <p>For example, if your username is &#8220;jsmith&#8221; and these values are set:</p>
    <div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">AEN_SUDO_CMD</span><span class="o">=</span><span class="n">sudo</span>
    <span class="n">OWNER</span><span class="o">=</span><span class="n">jsmith</span>
    <span class="n">AEN_SUDO_SH</span><span class="o">=</span><span class="n">sudologger</span>
    <span class="n">PROJECT_HOME</span><span class="o">=/</span><span class="n">projects</span><span class="o">/</span><span class="n">jsmith</span><span class="o">/</span><span class="n">myproj</span>
    </pre></div>
    </div>
    <p>Then AEN will resolve this command:</p>
    <div class="highlight-default"><div class="highlight"><pre><span></span>$AEN_SUDO_CMD -u ${OWNER} $AEN_SUDO_SH rm -rf $PROJECT_HOME
    </pre></div>
    </div>
    <p>To this command:</p>
    <div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="o">-</span><span class="n">u</span> <span class="n">jsmith</span> <span class="n">sudologger</span> <span class="n">rm</span> <span class="o">-</span><span class="n">rf</span> <span class="o">/</span><span class="n">projects</span><span class="o">/</span><span class="n">jsmith</span><span class="o">/</span><span class="n">myproj</span>
    </pre></div>
    </div>
    <p>In this case the <code class="docutils literal"><span class="pre">sudologger</span></code> utility could be a pass through utility that
    logs all sudo usage and then executes the remaining parameters.</p>
    <p>NOTE: You must perform the entire procedure before closing the terminal
    to ensure all variable exports persists.</p>
    </div>
    <div class="section" id="note-on-post-install-customization">
    <h3>Note on Post-Install Customization<a class="headerlink" href="#note-on-post-install-customization" title="Permalink to this headline">¶</a></h3>
    <p>Review the <a class="reference internal" href="customization.html"><span class="doc">post-installation documentation</span></a>
    for additional information on sudo configuration options.</p>
    <p>While root/sudo privileges are required during installation, root/sudo
    privileges are not required during normal operations after install, if
    user accounts are managed outside the software (for example, via LDAP).
    However root/sudo privileges are required to start the services, thus in
    the service config files there may still need to be a <code class="docutils literal"><span class="pre">AEN_SUDO_CMD</span></code>
    entry.</p>
    </div>
    </div>
    <div class="section" id="next-steps">
    <h2>Next Steps<a class="headerlink" href="#next-steps" title="Permalink to this headline">¶</a></h2>
    <p>See the next steps needed for full AEN install below:</p>
    <div class="toctree-wrapper compound">
    <ul>
    <li class="toctree-l1"><a class="reference internal" href="install-server.html">Install AEN Server</a></li>
    <li class="toctree-l1"><a class="reference internal" href="install-gateway.html">Install AEN Gateway</a></li>
    <li class="toctree-l1"><a class="reference internal" href="install-compute.html">Install AEN Compute</a></li>
    </ul>
    </div>
    <p>The following optional install procedures may need to be performed,
    depending on how you set up your data center:</p>
    <div class="toctree-wrapper compound">
    <ul>
    <li class="toctree-l1"><a class="reference internal" href="option-config.html">Optional configuration</a></li>
    <li class="toctree-l1"><a class="reference internal" href="customization.html">Sudo configuration</a></li>
    <li class="toctree-l1"><a class="reference internal" href="ldap.html">LDAP configuration</a></li>
    <li class="toctree-l1"><a class="reference internal" href="ssl.html">SSL</a></li>
    <li class="toctree-l1"><a class="reference internal" href="sso.html">Single sign on</a></li>
    </ul>
    </div>
    <p>Additional post-install information:</p>
    <div class="toctree-wrapper compound">
    <ul>
    <li class="toctree-l1"><a class="reference internal" href="installation_update.html">Upgrading Anaconda Enterprise Notebooks</a></li>
    <li class="toctree-l1"><a class="reference internal" href="uninstall.html">Uninstall</a></li>
    <li class="toctree-l1"><a class="reference internal" href="release.html">Release notes</a></li>
    </ul>
    </div>
    </div>
