5 Complete Initial Configuration
The initial configuration wizard creates an administrator account, binds your system to your Oracle Cloud Infrastructure environment, and configures network connections for your appliance. During this procedure you use the configuration information you collected while preparing for the appliance installation. Refer to the Initial Installation Checklist you filled out.
Caution:
Do not power down the management nodes during the initial configuration process.
-
From the Private Cloud Appliance First Boot page, create the primary administrative account for your appliance, which is used for initial configuration and will persist after the first boot process. Additional accounts can be added later.
- Enter an Administrative Username.
- Enter and confirm the Administrative Password.
Note:
Passwords must contain a minimum of 12 characters with at least one of each: uppercase character, lowercase character, digit, and any punctuation character (except for double quote ('"') characters, which are not allowed).
- Click Create Account & Login.
Important:
At the Service Enclave Sign In page, Do not sign in and do not refresh your browser.
- Open a terminal to access the Service CLI and
unlock the system.
- Log into one of the management nodes using the primary administrative account details
you just created.
Note:
Management nodes are namedpcamn01
,pcamn02
andpcamn03
by default. You change these names later in the configuration process.$ ssh new-admin-account@pcamn01 -p 30006 Password authentication Password: PCA-ADMIN>
- At the
PCA-ADMIN>
prompt, entersystemStateunlock
. - Verify the system is
unlocked.
PCA-ADMIN> show pcaSystem Command: show pcaSystem Status: Success Time: 2022-09-16 12:24:28,232 UTC Data: Id = 5709f72b-c439-4c3a-8959-758df94eff25 Type = PcaSystem System Config State = Config System Params system state locked = false
- Close the terminal or type
exit
.
- Log into one of the management nodes using the primary administrative account details
you just created.
-
Refresh your web browser to return to the Service Enclave Sign In page and sign in to the system with the primary administrative account.
Note:
You might need to accept the self-signed SSL certificate again before signing in. -
Provide the following appliance details. Required entries are marked with an asterisk.
-
System Name*
-
Domain*
-
Rack Name
-
Description
-
-
Confirm the parameters you just entered are correct. Once System Name and Domain are set, they cannot be changed. Click Save Changes when you are ready to proceed.
-
Refresh your web browser and sign in to the system with the primary administrative account.
Note:
You might need to accept the self-signed SSL certificate again before signing in.The Configure Network Params wizard displays.
- Refer to the information you gathered in the Initial Installation Checklist to complete the system configuration. It is helpful to enter all this information in a text file.
-
Select either static or dynamic routing.
For static routing configurations
Enter the following data center information, then click Next.
-
Routing Type: Static*
-
Uplink gateway IP Address*
-
Spine virtual IP* (comma-separated values if using the 4 port dynamic mesh topology)
-
Uplink VLAN
-
Uplink HSRP Group
For dynamic configurations
Enter the following data center information, then click Next.
-
Routing Type: Dynamic*
-
Peer1 IP and ASN*
-
Peer2 IP and ASN
-
Uplink Gateway
-
Oracle ASN
-
BGP Topology (square, mesh, triangle), KeepAlive Timer and HoldDown Timer
-
MD5 Authentication: enable or disable
Note:
Communication between VCNs on different DRGs residing on a PCA rack is possible if route entries and firewall access on the customer data center network that connects the two VCNs are provided by the customer. -
-
Enter a shared virtual IP and associated host name for the management node cluster; add an IP address and host name for each of the three individual management nodes; and then click Next.
-
Enter the following data center uplink information and then click Next.
-
IP Address for Spine Switch 1 and 2*
-
Uplink Port Speed and Port Count*
-
Uplink VLAN MTU and Netmask*
-
Uplink Port FEC
Note:
Uplinks ports are always configured as port-channels, even when only one uplink port count is configured. Port-channel is configured with LACP mode with LACP rate as fast.
-
-
Enter the NTP configuration details and then click Next.
To specify multiple NTP servers, enter a comma separated list of IP addresses or fully qualified host names.
-
If you elected to segregate administrative appliance access from the data traffic, configure the administration network by entering the following mandatory and optional information and then click Next.
-
Enable Admin Networking
- Admin Management VIP address and Hostname
- Admin Management 1 and 2 and 3 IP address and Hostname
- At least 1, but up to 3, Admin DNS Server IP addresses
-
Admin Port Speed, Port Count, and Admin Router Group
-
Admin VLAN, MTU, Port FEC, and Gateway IP
-
Admin IP Address for Spine Switch 1 and 2, and a shared Virtual IP
- Admin Peer1 and Peer2 IP address and ASN for BGP
- Admin Toplogy (Triangle, Square, Mesh)
- Admin BGP Authentication (Enable/Disable). Keepalive Timer, Hold Down Timer, and Static Routing.
-
-
Enter at least one, but up to three DNS servers in the respective fields and then click Next.
-
Enter the data center IP addresses that the appliance can assign to resources as public IPs.
-
Public IP list of CIDRs in a comma-separated list
-
Object Storage Public IP (must be outside the public IP range)
-
- Use the Previous/Next buttons to recheck that the information you entered is correct and
then click Save Changes.
Your network configuration information does not persist until you commit your changes in the following step. If you need to change any parameters after testing begins, you must re-enter all information.
Caution:
Once you click Save Changes,network configuration and testing begins and can take up to 15 minutes. Do not close the browser window during this time.If a problem is encountered, the Configure Network Params wizard reopens and the error is displayed.
- At the Testing Network Parameters page, you can re-enter network configuration information
or commit the changes.
- Click Re-enter Network Configuration. You are returned to a blank Configure Network Params wizard where you must enter all your information again.
- Click Commit Changes. The network parameters are locked. Once locked, the routing type and public IPs cannot be changed.
Caution:
Once you click Commit Changes, system initialization begins and can take up to 15 minutes. Do not close the browser window during this time.If a problem is encountered, the Configure Network Params wizard reopens and the error is displayed. Otherwise, a Configuration Complete message displays.
- Click Sign Out. You are returned to the Service Enclave.
-
To continue configuration, connect to the Service Web UI at the new virtual IP address of the management node cluster:
https://<virtual_ip>:30099
.Note:
You might need to accept the self-signed SSL certificate again before signing in. -
Verify your system configuration.
- From the Dashboard, click Appliance to view the system details and click Network Environement to view the network configuration.
- Alternatively, you can log in to the Service CLI as an administrator and run the following commands to confirm your
entries.
# ssh 100.96.2.32 -l admin -p 30006 Password: PCA-ADMIN> show pcaSystem [...] PCA-ADMIN> show networkConfig [...]