There are a few platform settings that need to be updated after installing Anaconda Enterprise, before you can begin using it. Follow the instructions below, based on whether you used a web browser or a command-line to install the platform. Then you’ll be ready to test your installation and perform additional configuration, specific to your organization.
If you installed Anaconda Enterprise using a web browser, a UI will guide you through some post-install configuration steps.
NOTE: It may take a moment for the Post-Install Setup screen to appear. If you see an error immediately after clicking Continue at the end of the installation process, please refresh your browser after a few seconds to display the UI.
- Enter the cluster Admin account credentials that you will use to log in to the Anaconda Enterprise Operations Center initially, and click Next.
NOTE: The installer will generate self-signed SSL certificates that you can use temporarily to get started. See Updating TLS/SSL certificates for information on how to change them later, if desired.
- Enter the fully-qualified domain name (FQDN) where the cluster will be accessed and click Finish Setup.
- Log in to the Anaconda Enterprise Operations Center using the cluster Admin credentials you provided in Step 1, and follow the instructions below to update the platform settings with the FQDN of the host server.
If you performed an unattended installation using the command-line instructions, follow the instructions below to generate self-signed SSL certificates that you can use temporarily to get started. See Updating TLS/SSL certificates for information on how to change them later, if desired.
NOTE: You need to have
OpenJDK installed to be able to use the following method to generate self-signed SSL certificates.
On the master node for your Anaconda Enterprise installation, run the following commands to save your secrets file to a location where Anaconda Enterprise can access it, replacing
YOUR_FQDNwith the fully-qualified domain name of the cluster on which you installed Anaconda Enterprise.:
cd path/to/Anaconda/Enterprise/unpacked/installer cd DIY-SSL-CA bash create_noprompt.sh YOUR_FQDN cp out/DESIRED_FQDN/secret.yaml /var/lib/gravity/planet/share/secret.yaml
/var/lib/gravity/planet/share/secret.yaml is accessible as
/ext/share/secret.yaml within the Anaconda Enterprise environment, which can be accessed with the following command:
sudo gravity enter
Replace the default secrets cert with the contents of your
secret.yamlfile by running the following commands from within the Anaconda Enterprise environment:
$ kubectl delete secrets anaconda-enterprise-certs secret "anaconda-enterprise-certs" deleted $ kubectl create -f /ext/share/secret.yaml secret "anaconda-enterprise-certs" created
NOTE: If the post-install process doesn’t complete after using the CLI install, you can complete the process by running the following commands within gravity.
To determine the site name:
SITE_NAME=$(gravity status --output=json | jq '.cluster.token.site_domain' -r)
To complete the post-install process:
gravity --insecure site complete $SITE_NAME --ops-url=https://gravity-site.kube-system.svc.cluster.local:3009
SITE_NAME with the actual name of the site.
To update the platform settings with the FQDN of the host server:
- Access the Anaconda Enterprise Operations Center by entering this URL in your browser:
anaconda.example.com with the FQDN of the host server.
Click Configuration in the left menu to display the Anaconda Enterprise Config map.
Throughout the Config map, there are several instances of
https://anaconda.example.comthat you’ll need to replace with the FQDN of your host server.
Click Apply to save your changes to the Config map.
Restart all the service pods using the following command:
kubectl get pods | grep ap- | cut -d' ' -f1 | xargs kubectl delete pods
Now you are ready to follow the instructions below to test your installation.
Testing your installation¶
After you’ve finished installing Anaconda Enterprise, and completed the post-install configuration steps, you can do the following to verify that your installation succeeded:
- Access the Anaconda Enterprise console by entering the URL of your AE server in a web browser:
anaconda.example.comwith the fully-qualified domain name of the host server.
- Login with the default username and password
anaconda-enterprise. After testing your installation, update the credentials for this default login. See Configuring user access for more information.
You can verify a successful installation by doing any or all of the following:
- Creating a new project and starting an editing session
- Deploying a project
- Generating a token from a deployment
NOTE: Some of the sample projects can only be deployed after mirroring the package repository. To test your installation without doing this first, you can deploy the “Hello Anaconda Enterprise” sample project.
Configuring your firewall settings¶
If your organization uses
firewalld, you’ll need to run the following commands to update your configuration:
firewall-cmd --zone=<your-zone> --add-source=10.244.0.0/16 --permanent # pod subnet firewall-cmd --zone=<your-zone> --add-source=10.100.0.0/16 --permanent # service subnet firewall-cmd --zone=<your-zone> --add-source=<node-IP> --permanent # IP address (run for each node IP after installing your AE cluster) firewall-cmd --zone=<your-zone> --add-interface=eth0 --permanent # enable eth0 in trusted zone so nodes can communicate firewall-cmd --zone=<your-zone> --add-masquerade --permanent # masquerading so packets can be routed back firewall-cmd --zone=<your-zone> --add-port=<port>/tcp --permanent # to open each required port firewall-cmd --reload systemctl restart firewalld
To get the IP address(es) for the nodes in your Anaconda Enterprise cluster, run the following command from a terminal on any node:
See Installation requirements for the list of required ports you’ll want to run the command that opens each port against.
Now that you’ve completed these essential steps, you can do any of the following optional steps: