/
Syndeia Cloud Installation Instructions for Windows (2012-R2 x64)

Syndeia Cloud Installation Instructions for Windows (2012-R2 x64)

May 22, 2020

Downloading & Installing Syndeia Cloud:

1. Download your build (ex: syndeia-cloud-<release_ver>.zip) from the provided URI & upload it to your designated machine.  

(info)  Note1:  the the default installation topology has Syndeia Cloud & Cassandra on the same machine but they can be on different ones too.  

(info)  Note2:  FQDN = Fully Qualified Domain Name, ex: cassandra.mycompany.com 

2. Extract the zip to C:\Program Files\Intercax.  

3. If using a firewall, ensure the following port is accessible: TCP port 9000.  

(info)  Note: If required by your IT department, perform any other standard security hardening (ie: create a separate syndeia user account & take ownership of the Syndeia Cloud folder, etc.)


Syndeia Cloud Keyspace, Role, & Permissions Setup:

4. On your designated machine, launch a CQLSH session (see Appendix C3.2 for instructions) & authenticate (see Appendix C3.1 on how to validate/configure this) with a superuser account (or have the Cassandra administrator authenticate) to do the following for you or your team:  

(info)  Note1: If you have deployed a multi-node/cluster setup, replace localhost below with the FQDN of one of the nodes, ie:  cass-syndeia-cloud.mycompany.com

(info)  Note2: If you have a user account you can check by running the CQL command LIST ROLES to list all roles to confirm your account has superuser privilege

C:\Program Files\apache-cassandra-3.0.15\bin>cqlsh -u cassandra localhost
Password:
Connected to Test Cluster at 127.0.0.1:9042.
[cqlsh 5.0.1 | Cassandra 3.0.15 | CQL spec 3.4.0 | Native protocol v4]
Use HELP for help.
cassandra@cqlsh> LIST ROLES;

 role             | super | login | options
------------------+-------+-------+---------
        cadmin    |  True |  True |        {}

(3 rows)
cassandra@cqlsh>

5. We will now create a syndeia keyspace in Cassandra as well as all necessary tables/views for that keyspace.  We can do this by running the generate-schema.cql file. 

5.1  Verify the generate-schema.cql file is in the /conf directory as shown below:  

5.2A.  If you have a single-node Cassandra, just run the generate-schema.cql file. 

To run it from within CQLSH, type the below ((lightbulb) Tip: you can use tab to cycle through path autocompletions):   

cassandra@cqlsh> SOURCE 'C:\Program Files\Intercax\syndeia-cloud-<release_ver>\conf\generate-schema.cql'
cassandra@cqlsh>

where <release_ver> is the version of Syndeia Cloud you are installing.  If successful (you will just get the command prompt), skip step 5.3. 

5.2B.  If you are deploying this on a multi-node cluster, before running the generate-schema.cql file, edit it first and update the CREATE KEYSPACE line at the top to change the replication_factor (RF) parameter to reflect the # of nodes in the cluster you wish the tablespace to be replicated to (usually = to the total # of nodes in the cluster), ie:  

CREATE KEYSPACE IF NOT EXISTS syndeia WITH replication = { 'class' : 'SimpleStrategy', 'replication_factor' : <total_#_of_nodes_to_replicate_to> };

    where <total_#_of_nodes_to_replicate_to> is the total # of nodes you wish the keyspace to exist on.  Once updated, save and close the file.  Run the file as above in step 5.2.  

6. Verify if the syndeia keyspace has been created by using the DESC command. You should see syndeia listed in the output.

cassandra@cqlsh> DESC KEYSPACES;

cycling        system_auth  test                system_traces
system_schema  system       system_distributed  syndeia      

cassandra@cqlsh>

7. Alter the new syndeia_admin role to provide it with a new strong password, ie:

ALTER ROLE syndeia_admin WITH PASSWORD = '<syndeia_admin_strong_password>';

    where <syndeia_admin_strong_password> is a strong password, ex:  ‘M1Str9ngPass80rd'.  Then, run the following command to list all roles and confirm syndeia_admin has login access (if you get an error from the ALTER command or do not see syndeia_admin listed in the LIST ROLES output, see Appendix C3.4)

LIST ROLES;

cassandra@cqlsh> ALTER ROLE syndeia_admin WITH PASSWORD='M1Str9ngPass80rd';
cassandra@cqlsh> LIST ROLES;

 role          | super | login | options
---------------+-------+-------+---------
     cassandra |  True |  True |        {}
 syndeia_admin | False |  True |        {}

8. Verify if syndeia_admin has all the permissions on the syndeia keyspace, ie:

LIST ALL PERMISSIONS ON KEYSPACE syndeia;

cassandra@cqlsh> LIST ALL PERMISSIONS ON KEYSPACE syndeia;

 role          | username      | resource           | permission
---------------+---------------+--------------------+------------
 syndeia_admin | syndeia_admin | <keyspace syndeia> |     CREATE
 syndeia_admin | syndeia_admin | <keyspace syndeia> |      ALTER
 syndeia_admin | syndeia_admin | <keyspace syndeia> |       DROP
 syndeia_admin | syndeia_admin | <keyspace syndeia> |     SELECT
 syndeia_admin | syndeia_admin | <keyspace syndeia> |     MODIFY
 syndeia_admin | syndeia_admin | <keyspace syndeia> |  AUTHORIZE

(6 rows)


Configuring & Running Syndeia Cloud:

9. Edit C:\Program Files\Intercax\syndeia-cloud-<release_ver>\conf\application.conf & enter/validate the following values:  

play.http.secret.key="<your_encryption_key>"

db {
  host = "[localhost|<cassandra_node_FQDN>]",
  cluster.consistency = "[ALL|QUORUM|ONE]",
  username = "syndeia_admin",
  password = "<syndeia_admin_strong_password>",
  port = 9042
}

keyspace = "syndeia"
play.filters.headers.contentSecurityPolicy = null

(info)  Note1:  For <your_encryption_key>, set this to a unique string for your deployment, this is used for signing session cookies, CSRF tokens, & built in encryption utilities (see https://www.playframework.com/documentation/2.6.x/ApplicationSecret#The-Application-Secret for more details and other more secure ways to have this set).  
(info)  Note2:  For host, set to localhost if a single node, or the FQDN of one of the Cassandra nodes if multi-node/cluster; FQDN = Fully Qualified Domain Name, ex: cassandra.mycompany.com 
(info)  Note3:  For cluster.consistency, it is recommended you set this to either ALL or QUORUM if you have a multi-node (cluster) Cassandra deployment or ONE if just a single-node (see Appendix B2.12 for more details on Consistency Levels (CL))
(info)  Note4:  For <syndeia_admin_strong_password> use the strong password that was set for the syndeia_admin from step 7 earlier. 

10. Change to the syndeia cloud bin folder, ie: C:\Program Files\Intercax\syndeia-cloud-<release_ver>\bin & run C:\Program Files\Intercax\syndeia-cloud-<release_ver>\bin\syndeia-cloud.bat

(info)  Note: If you wish to ensure the service runs on startup, see Setting up Services to Start on Boot.  


Validating Syndeia Cloud Installation & Configuration:

11. On the server and/or your local machine, launch a web browser & check the following to validate that the application is correctly running:  

11.1.  http://<syndeia_server_FQDN>:9000 should give you:  

11.2.  Clicking on Heartbeat Monitor server status should give you:  

11.3.  Clicking on API Rest API Swagger Documentation should give you:  

(info) To login as the default administrator and create users, see the User Management section.  

Loading