Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Install Juniper Alert Format Relay

SUMMARY To install Juniper Alert Format Relay, complete the pre-installation checklist and all these procedures.

Pre-Installation Checklist

  • Gather the information that you'll need to complete the installation. See Information Needed for Installation.

  • Ensure that you have three newly installed virtual machines (VMs) available for the installation. See Virtual Machine Specifications.

  • For all three VMs, verify:

    • You can reach the VM through SSH.

    • The VM can reach:

      • Default gateway

      • APT/YUM repository/mirror

      • Juniper Mist cloud API gateway

      • Network monitoring tool

      • SYSLOG server

    • NTP is configured, and the time is synchronized across all VMs.

    • DNS is configured, and DNS resolution is working.

Prepare the VM Hosts

  1. Log in to the deployer VM and create the afr directory under /opt:
  2. Copy the installation bundle TAR file afr-release-<RELEASE-TAG>.tar.gz to the deployer VM and extract the installation bundle under /opt/afr:
  3. In /opt/afr/, navigate afr-release-<RELEASE-TAG> directory:

    In the remaining steps, continue to work from /opt/afr/afr-release-<RELEASE-TAG> as the current working directory.

  4. Create a cluster SSH key:

Set Up the Local Registry

  1. Add a afr-registry entry to /etc/hosts on all the four nodes:
  2. Enter the necessary environment variables in the afr.env file.
  3. Apply the environment variables:
  4. Run the setup-registry.sh to bring up the local registry:
    Note:

    This script brings up the afr-registry, which serves as a container registry, file server, and Helm repository. The script relies on docker commands to bring up the container.

Update Configurations

  1. On the deployer VM, navigate to the inventory directory and update the hosts.yml and overrides.yml files.
    Note:

    You can create a copy of the provided sample and update the details.

  2. In hosts.yml file, update the VM IP addresses in the vars section.
  3. In the overrides.yml file, update the VIP address and the DNS server IP address. Update webhook_whitelist_range with MIST source IPs. For the complete list of source IPs for webhooks, see ../../../mist-management/topics/ref/firewall-ports-to-open.html#section_cx4_bxp_yxb in the Juniper Mist™ Management Guide.

    Depending on whether you have a public CA certificate, follow the appropriate action below.

    • If you have a public CA certificate:

      • Set ingress_use_self_signed_certs as false in the overrides.yml file.

      • Place the certificate and the key file in the afr-deployer container.

      • Update the path for the certificate and key in the overrides.yml file.

    • If you don't have a public CA certificate:

      • Set ingress_use_self_signed_certs as true.

      . With this configuration, a self-signed certificate is generated and applied automatically.

Deploy the Installation Package

  1. Navigate to afr directory:
  2. Set up the deployer container and log in to the container shell:
    Note:

    You can monitor the installation progress by opening a new session and opening the install.log:

  3. Deploy Kubernetes:
  4. Deploy the infrastructure applications:
  5. Deploy the Juniper Alert Format Relay applications:
  6. To complete the deployment process, get the MIB file and load it onto your network monitoring tool to process the traps.