Quickstart guide to cloud native deployments

This page provides step-by-step guides to get started with an initial deployment of a demo environment using your selected IaC platform and the corresponding templates provided. This is useful if you want to run an initial deployment with minimal configuration requirements.

The deployment follows this general sequence:

  1. Infrastructure creation
  2. Gateway deployment
  3. Netprobe deployment

Note

For demo environment deployments, the required network, security, and firewall services, as well as the Gateway and License Daemon instances, are already provided.

Terraform Copied

This section outlines the steps for a multi-cloud Terraform deployment for Geneos Gateway and Netprobe demonstration environment. It supports deployments to AWS, Azure, or Google Cloud using cloud-specific template files.

Deployment steps Copied

  1. Activate your preferred cloud provider by renaming the appropriate template file.

  2. Set up your cloud provider credentials.

  3. Update the configuration by editing the terraform.tfvars file with the required values.

  4. Configure the Netprobe by updating the netprobe.yml file with your environment-specific settings.

  5. Initialize Terraform by running:

    terraform init

  6. Plan the deployment.

    terraform plan

  7. Apply the configuration.

    terraform apply

The Terraform demo environment deploys:

Component Deployment condition
One Gateway instance (management server) Always deployed when template is activated.
Configurable number of Netprobe instances (monitoring agents) Conditionally deployed based on deploy_netprobe flag.
Required networking and security configurations Always deployed when template is activated.
Automated Gateway service deployment Always deployed.
Automated Netprobe service deployment Conditionally deployed based on deploy_netprobe flag.

Cloud providers Copied

The demo environment includes template files for each cloud provider. Before running Terraform, activate your chosen cloud provider by renaming the appropriate template file.

Important

Ensure to select only one cloud provider to avoid conflicts between multiple .tf files.

The Gateway virtual machine and service will always be deployed when you activate a cloud template through renaming the *.tf.template file to *.tf.

Authentication Copied

This deployment requires two types of authentication:

  1. Terraform authentication (infrastructure creation) to allow Terraform to create virtual machines, networks, and cloud resources.

    • AWS: Configure AWS CLI profiles or environment variables.
    • Azure: Configure Azure CLI or service principal.
    • Google Cloud: Configure gcloud auth or service account credentials.

  2. Application authentication (cloud storage access) to allow applications running on virtual machines to download the deployment resources from the respective cloud storage.

    • Refer to the cloud storage authentication section for detailed authentication configuration for all cloud providers.
    • This is configured in the netprobe.yml file for each environment.

Configuration files Copied

The following configuration files are provided:

File Description
terraform.tfvars Main configuration file. This must be updated before deployment.
netprobe.yml Netprobe configuration file for Ansible deployment
variables.tf Variable definitions
main.tf Common logic and deployment orchestration
providers.tf Provider configurations
outputs.tf Deployment outputs
<cloud>.tf.template Cloud-specific resource templates
<cloud>.tf Active cloud provider resources (after renaming)

Required configuration Copied

After activating your cloud provider, update terraform.tfvars with your specific values:

Key configuration parameters Copied 

# Deployment Control
deploy_netprobe = true                    # Enable/disable Ansible deployment of Netprobe services
ansible_operation = "install"             # Ansible operation - see ansible/README.md#valid-operations

# Common Configuration  
deployment_count = 5                      # Number of Netprobe instances
ssh_public_key_path = "~/.ssh/id_rsa.pub"
Netprobe instance control Copied

Netprobe instances are controlled by two variables:

  1. Netprobe instance count

    deployment_count = 5    # Number of Netprobe instances to create (when enabled)

  2. Netprobe VM creation and service deployment

    deploy_netprobe = true  # Creates Netprobe VMs and deploys Netprobe service

For example:

SSH access Copied

The deployment creates instances with SSH key authentication. Ensure your SSH keys are configured in:

Parameter Description
ssh_public_key_path Path to the public key file.
ssh_private_key_path Path to the private key file.

Cloud provider configuration Copied

Configure only the section for your selected cloud provider.

Basic configuration examples Copied 
# AWS - Basic Required Parameters
aws_region = "us-east-1"
aws_instance_profile = "your-instance-profile-name"

# GCP - Basic Required Parameters  
gcp_project_id = "your-project-id"
gcp_service_account_email = "your-service-account@your-project-id.iam.gserviceaccount.com"

# Azure - Basic Required Parameters
azure_resource_group_name = "your-resource-group"
azure_subscription_id = "your-subscription-id"
azure_identity_ids = ["/subscriptions/your-subscription-id/resourceGroups/your-resource-group/providers/Microsoft.ManagedIdentity/userAssignedIdentities/your-managed-identity"]

Netprobe configuration Copied

The netprobe.yml file contains Ansible configuration for Netprobe deployment.

These settings only exist in the netprobe.yml file of the demo environment and are not used in the dev environments.

Example (excerpt from netprobe.yml):

cloud_provider: "azure"

demo_configurations:
  aws:
    bootstrap: ""
    source: {}
  azure:
    bootstrap: "sudo {{ python_path }} -m pip install --upgrade msrestazure && ansible-galaxy collection install azure.azcollection --force && sudo python3 -m pip install -r ~/.ansible/collections/ansible_collections/azure/azcollection/requirements.txt"
    source:
      resource_group: Eng-Geneos-Cloud-Resources
      storage_account_name: geneoscloudresources
  gcp:
    bootstrap: "sudo python3 -m pip install --upgrade google-cloud-storage"
    source:
      auth_kind: machineaccount

How these are applied:

Note

These demo-specific keys are intended to simplify switching clouds in the demo. Dev environments manage per-cloud configuration in their respective directories and variables.

Environment-specific settings Copied

Update the following settings in netprobe.yml for your demo environment:

SSH configuration Copied 
# SSH connection configuration (required)
ansible_ssh_private_key_file: "../../../../resources/id_rsa"
ansible_ssh_common_args: "-o ControlMaster=no -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"
Bootstrap configuration Copied 
# Set to true for demo environment to enable Python installation
perform_bootstrap: true

# Configure based on your activated cloud provider template:
additional_bootstrap: ""
# For AWS template (aws.tf): "" (empty, AWS CLI usually pre-installed)
# For Azure template (azure.tf): "curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash"
# For GCP template (gcp.tf): "sudo python3 -m pip install --upgrade google-cloud-storage"
Basic Netprobe settings Copied 
# SSH configuration (required)
ansible_ssh_private_key_file: "../../../../resources/id_rsa"

# Bootstrap configuration
perform_bootstrap: true

# Gateway connection (automatically managed by Terraform)
env_vars:
  GATEWAY_HOST: "0.0.0.0"  # Will be updated automatically by main.tf
  GATEWAY_PORT: "7039" 
  NETPROBE_PORT: "7036"

Clean up Copied

To clean up and remove all resources created, run the following command:

terraform destroy

AWS CloudFormation Copied

This section outlines a simple step-by-step deployment guide for deploying a working Geneos setup using the provided templates and AWS CLI. Replace the parameters for the AWS commands as needed.

Deployment steps Copied

  1. Create an S3 bucket where the Geneos artifacts and templates must be stored.
  2. Create an IAM instance profile.
  3. Deploy the EC2 instance.

Create an S3 bucket and upload artifacts Copied

Create an S3 bucket to store the Geneos artifacts and configuration templates.

aws s3api create-bucket --bucket <your-unique-bucket-name> --region <region> --create-bucket-configuration LocationConstraint=<region>

Upload the following files by running:

aws s3 cp /local/file/path s3://<your-unique-bucket-name>/

Create an IAM instance profile Copied

Create an IAM instance profile with S3 bucket read access permission.

aws iam create-role --role-name MyEC2S3ReadRole --assume-role-policy-document '{
  "Version":"2012-10-17",
  "Statement":[{"Effect":"Allow","Principal":{"Service":"ec2.amazonaws.com"},"Action":"sts:AssumeRole"}]
}'

aws iam put-role-policy --role-name MyEC2S3ReadRole --policy-name S3Read-MyBucket --policy-document '{
  "Version":"2012-10-17",
  "Statement":[
    {"Effect":"Allow","Action":["s3:GetObject"],"Resource":"arn:aws:s3:::<your-unique-bucket-name>/*"},
    {"Effect":"Allow","Action":["s3:ListBucket"],"Resource":"arn:aws:s3:::<your-unique-bucket-name>"}
  ]
}'

aws iam create-instance-profile --instance-profile-name MyEC2InstanceProfile
aws iam add-role-to-instance-profile --instance-profile-name MyEC2InstanceProfile --role-name MyEC2S3ReadRole

Deploying EC2 Instances Copied

Deploying an EC2 instance with the Gateway and License Daemon installed Copied

Using new network resources Copied 
aws cloudformation deploy --stack-name DemoDepsNewNet --template-file src/scripts/native/AWS/DemoDependencies.yaml --parameter-overrides CreateNewResources=true AMIImageId=ami-0123456789abcdef0 IamInstanceProfile=MyEc2InstanceProfile KeyName=my-keypair S3GatewayURL=s3://my-bucket/gateway.tar.gz S3GatewaySetupURL=s3://my-bucket/gateway.setup.xml S3GatewayServiceURL=s3://my-bucket/gateway.service S3LICDURL=s3://my-bucket/licd.tar.gz S3LICDLicenseURL=s3://my-bucket/geneos.lic S3LICDServiceURL=s3://my-bucket/licd.service
Using default network resources Copied 
aws cloudformation deploy --stack-name DemoDepsNewNet --template-file src/scripts/native/AWS/DemoDependencies.yaml --parameter-overrides CreateNewResources=false AMIImageId=ami-0123456789abcdef0 IamInstanceProfile=MyEc2InstanceProfile KeyName=my-keypair S3GatewayURL=s3://my-bucket/gateway.tar.gz S3GatewaySetupURL=s3://my-bucket/gateway.setup.xml S3GatewayServiceURL=s3://my-bucket/gateway.service S3LICDURL=s3://my-bucket/licd.tar.gz S3LICDLicenseURL=s3://my-bucket/geneos.lic S3LICDServiceURL=s3://my-bucket/licd.service

Deploying an EC2 Fleet with the Netprobe installed Copied 

aws cloudformation deploy --stack-name MyNetprobeFleet --template-file src/scripts/native/AWS/EC2withNetprobe.yaml --parameter-overrides AMIImageId=ami-0123456789abcdef0 KeyName=my-keypair IamInstanceProfile=MyEc2InstanceProfile VpcId=my-vpc SubnetId=my-subnet SecurityGroupIds=my-security-group S3NetprobeURL=s3://my-bucket/netprobe.tar.gz S3NetprobeSetupURL=s3://my-bucket/netprobe.setup.xml S3NetprobeServiceURL=s3://my-bucket/netprobe.service GatewayHost=my-gateway-host NumberOfInstances=3

Note

Use the same VPC and subnet as the Gateway EC2 instance to ensure Netprobe and Gateway connectivity.

Azure Resource Manager Copied

This section outlines the steps to deploy a demo environment using the Azure\environments\demo\main.bicep template.

Deployment steps Copied

  1. Create the following Azure resources using the Azure CLI.

    • Azure resource group

      az group create --name <ResourceGroupName> --location <Location>

    • Azure storage account

      az storage account create --name <StorageAccountName> --resource-group  <ResourceGroupName> --location <Location> --sku Standard_LRS --kind StorageV2
az storage container create --name <ContainerName> --account-name <StorageAccountName>

  2. Upload the following Geneos artifacts to the existing Azure storage account container:

    • License Daemon binary tarball (for example, geneos-licd-7.3.1-linux-x64.tar.gz)
    • License Daemon license file (for example, geneos.lic)
    • Gateway binary tarball (for example, geneos-gateway-7.5.0-linux-x64.tar.gz)
    • Gateway setup XML (for example, gateway.setup_template.xml)
    • Netprobe binary tarball (for example, geneos-netprobe-standard-7.5.0-linux-x64.tar.gz)
    • Netprobe setup XML (for example, netprobe.setup_template.xml)

  3. Update the Azure\environments\demo\parameters.bicepparam based on your requirements and the uploaded artifacts.

    • General deployment parameters

      Parameter Description
      storageAccountName Name of the existing storage account that contains the Geneos artifacts.

    • License Daemon (LICD) Geneos deployment parameters

      Parameter Description
      operationLicd Set to install for License Daemon deployment
      binaryUrlLicd URL to the License Daemon binary tarball in the Storage Account
      serviceBinaryTarLicd License Daemon Tarball filename (for example, geneos-licd-7.3.1-linux-x64.tar.gz)
      binaryAssetUrlLicd URL to the License file in the Storage Account
      serviceBinaryAssetLicd License Daemon license file (for example, geneos.lic)

    • Gateway (GW) Geneos deployment parameters

      Parameter Description
      operationGw Set to install for Gateway deployment
      binaryUrlGw URL to the Gateway binary tarball in the Storage Account
      serviceBinaryTarGw Gateway Tarball filename (for example, geneos-gateway-7.5.0-linux-x64.tar.gz)
      configUrlGw URL to the Gateway setup XML in the Storage Account
      serviceConfigGw Gateway setup XML filename (for example, gateway.setup_template.xml)

    • Netprobe (NP) Geneos deployment parameters

      Parameter Description
      operationNp Set to install for Netprobe deployment
      binaryUrlNp URL to the Netprobe binary tarball in the Storage Account
      serviceBinaryTarNp Netprobe Tarball filename (for example, geneos-netprobe-standard-7.5.0-linux-x64.tar.gz)
      configUrlNp URL to the Netprobe setup XML in the Storage Account
      serviceConfigNp Netprobe setup XML filename (for example, netprobe.setup_template.xml)

  4. Deploy using the az stack group create command.

    az stack group create \
  --name <StackName> \
  --resource-group <ResourceGroup> \
  --template-file <BicepFile> \
  --parameters <BicepParameters> \
  --action-on-unmanage deleteAll \
  --deny-settings-mode none

    For example:

    az stack group create \
  --name NetprobeStack \
  --resource-group DeploymentGroup \
  --template-file src\scripts\native\Azure\environments\demo\main.bicep \
  --parameters src\scripts\native\Azure\environments\demo\parameters.bicepparam \
  --action-on-unmanage deleteAll \
  --deny-settings-mode none

    Wait for the deployment to complete. This may take several minutes as it involves provisioning VMs and installing Geneos services.

  5. Verify that the following resources have been created in the specified resource group:

    • One Virtual Network
    • One Network Security Group
    • Five virtual machines (one for License Daemon, one for Gateway, and three for Netprobes)
      • Each VM will have its own Public IP and Network Interface.

    Success

    After the deployment is complete, the License Daemon, Gateway, and Netprobe services should be installed and running on their respective VMs.

  6. You can retrieve the public IP addresses of the VMs using the az stack group show command.

    az stack group show \
  --name <StackName> \
  --resource-group <ResourceGroup> \
  --query "outputs.virtualMachinePublicIps.value" \
  --output table

    For example:

      --name NetprobeStack \
  --resource-group DeploymentGroup \
  --query "outputs.virtualMachines.value" \
  --output table

  7. To clean up and remove all resources created by the deployment stack, use the az stack group delete command.

    az stack group delete \
  --name <StackName> \
  --resource-group <ResourceGroup> \
  --action-on-unmanage deleteAll

    For example:

    az stack group delete \
  --name NetprobeStack \
  --resource-group DeploymentGroup \
  --action-on-unmanage deleteAll
["Geneos"] ["Geneos > Netprobe"] ["User Guide"]

Was this topic helpful?