Before deploying Mavis, you need to know the following information:
- As a best practice, it is recommended to avoid using the root account and instead use an IAM user for deploying Mavis,If you do not have IAM user, please refer to the「Create the necessary IAM policy for Mavis deployment」for more information.
- Minimum system requirements for installing Mavis on the server are essential. If the server does not meet these requirements, Mavis cannot be installed. If you are unsure whether the server meets these requirements, please refer to the 「Planning and Preparation」 for more information.
The steps to install mavis are as follows
- Step 1. Launch an instance
- Step 2. Deploy Mavis service
- Step 3. Start Mavis with enter license key
- Step 4. Check service and monitor system service performance
- Step 5. Deployment Troubleshooting
- Step 6. Viewing Available Resources
.
Step 1. Launch an instance
1. Open a web browser and navigate to the following URL: https://console.aws.amazon.com/ec2 and use your IAM user credentials to log in.
2. From the EC2 console dashboard, in the Launch instance box, choose Launch instance, and then choose Launch instance from the options that appear.
You can refer to this article for recommended types (Planning and Preparation)
3. Enter an easily identifiable name for the instance.
4. AMI : CentOS 7 / Ubuntu 18 / Ubuntu 20
5. At the Instance type step of the wizard, select an EC2 instance type for the Mavis.
The minimum recommended EC2 instance type is t2.xlarge .
6. At the Key pair (login) step of the wizard, specify a key pair that will be used to authenticate against the backup appliance. You can select an existing key pair or create a new one.
For a key pair to be displayed in the Key pair name drop-down list, it must be created in the Amazon EC2 console. To learn how to create key pairs, see AWS Documentation.
7. In the Network and Subnet fields, specify an Amazon VPC and subnet to which the backup appliance will be connected. You can either select an existing Amazon VPC and subnet, or create a new Amazon VPC and subnet.
For more information on Amazon VPCs and subnets, see AWS Documentation.
8. From the Auto-assign Public IP drop-down list, select Enable.
9. Choose a security group that will control the inbound and outbound traffic for the backup appliance. You can either associate an existing security group with the backup appliance or create a new security group. If you choose an existing security group, make sure it allows access to Mavis services Ports listed in the Planning and Preparation.
10. Set Security group name
11. Add a new inbound rule for the SSH.
(i) Select ssh from the Type drop-down list.
(ii) Select Custom from the Source type drop-down list.
(iii) In the Source field, specify IPv4 address ranges from which Mavis Server will be accessible.
12. In the Inbound security groups rules section, click Add security group rule for the HTTPS traffic. The Security group rule 2 settings will appear.
(i) Select HTTPS from the Type drop-down list.
(ii) Select Custom from the Source type drop-down list.
(iii) In the Source field, specify IPv4 address ranges from which Mavis web portal will be accessible.
PS:0.0.0.0/0 is deprecated for unrestricted access to devices
13. At the Configure storage step of the wizard, storage settings 40 GB. Install Mavis need least 40 GB spaces.
14. Enable encryption to protect data on the volume from malicious activity. For more information on Amazon EBS encryption, see AWS Documentation.
15. From the KMS key drop-down list, can either select an existing Amazon KMS key, or create a new Amazon KMS key.
To learn how to create KMS key, see Configure a Rotating programmatic system credentials and cryptographic keys documentation.
.
16. Support the ability for the customer to disable Instance Metadata Service Version 1 (IMDSv1).
At the Advanced details step of the wizard, do the following:
Select V2 only (token required) from the Metadata version drop-down list.
17. Launching instance
IMPORTANT:
Please allocate an Elastic IP address for your Mavis instances to avoid changing instances IP after reboot.
Step 2. Deploy Mavis service
1. Preparation
According to the security requirements of Mavis, please prepare a valid certificate file for installation, and ensure that the DNS service has been configured with a domain name related to the server IP address.
Some features of Mavis will not work if the server does not have an SSL certificate.
1-1. Upload the SSL certificate files (.cer and .key) to the path of the server where the installation script is started.
1-2. Renamed .cer and .key filenames to tls.crt and tls.key
mv <your_certificate_name>.cer tls.crt
mv <your_key_name>.key tls.key
.
2. Install Mavis (installation time is about 10~15 minutes)
2-1. Connect to your server
ssh -i /path/key-pair-name.pem instance-user-name@instance-IPv4-address
2-2. Download the script and install Mavis by root privilege
sudo su
curl -sSL https://releases.pentium.network/release.mavis/version/1.4.0/install.sh | MAVIS_URL="your_domain_name" bash
2-3. Wait for the automation installation to complete.
To install Mavis, go to the following public resources to download related packages: S3、GCP storage
Relevant Mavis documentation is hosted on Zendesk
2-4. After the process is completed, the script will display the login URL, login account, and default password.
Step 3. Start Mavis with enter license key
1.Login using the default account.
2. To enter the license key, please find the license in your mail content.
3. Once done, you can start using Mavis.
.
Step 4. Check service and monitor system service performance
1. Confirm that the pod service status is Running or Completed is normal.
kubectl get po -A
2. If the service has not been started for a long time or the status is abnormal, you can first try to forcibly shut down and restart the service first, such as restarting kong gateway-api
kubectl get pod -n kube-system |grep kong |awk '{print $1}' |xargs kubectl -n kube-system delete po
3. Check resource usage CPU/RAM usage
top
.
Step 5. Deployment Troubleshooting
The following section describes the specific point of failure you might encounter and how to resolve them.
Error message: |
The installer could not install on the current operating system. Current support: Centos 7 or Ubuntu 18, 20. |
Solution: |
The server operating system doesn’t match Mavis's requirement. AWS cannot update the AMI on an existing instance. The only way to do that is to terminate the current instance and relaunch the instances with the desired the AMI. Please refer to the Deployment Document Step 1 - [4. AMI] to choose the specified operating system (CentOS 7 / Ubuntu 18 / Ubuntu 20).
|
Error message: |
Memory size error. Minimum memory size: 16 GB. |
Solution: |
The server memory size doesn’t match Mavis’s requirement. Please change instance types to meets requirements. Note: If the server memory is set to exactly 16 GB, it may be insufficient due to capacity differences. 1. Stop Mavis instance. 2. Change instance type.
|
Error message: |
Storage size error. Minimum storage size: 40 GB.
|
Solution: |
The server storage size doesn’t match Mavis’s requirement. Please increase the size of the data volume. Note: If the server memory is set to exactly 40 GB, it may be insufficient due to capacity differences. 1. Confirm Mavis Server Instance ID.
2. Under the Volumes tab, select the Volume ID of your data volume.
3. Select the check box for your Volume ID, choose Actions, and then Modify volume.
4. The Modify volume screen displays the volume ID and the volume’s current configuration, change size to 40 GB.
5. Confirm that the volume size has been increased to 40 GB.
6. Extend the file system of EBS volumes.
# sudo lsblk
# sudo growpart /dev/xvda 1
# df -Th
# sudo xfs_growfs -d /
# sudo resize2fs /dev/xvda1 7. Verify that the file system has been extended. Use the df -hT command and confirm that the file system size is equal to the volume size. |
Error message: |
Unable to connect to the internet.
|
Solution: |
Mavis cannot download the software package, to troubleshoot why your Amazon EC2 can't access the internet, do the following: 1. Verify that the EC2 instance meets all prerequisites. 1-1. The route table that's associated with your instance’s subnet has a default route to an internet gateway (0.0.0.0/0).
1-2. The internet gateway that's associated with the route isn't deleted.
1-3. The security group that's attached to the instance’s elastic network interface has rules allowing outbound internet traffic (0.0.0.0/0) for your ports and protocols.
1-4. The network access control list (network ACL) that is associated with the instance's subnet has rules allowing both outbound and inbound traffic to the internet.
2. Verify that the instance has a public IP address.
3. Verify that a firewall isn't blocking the access. |