Quick deployment

Configuring the operating system

Follow this section to complete the system configuration on the virtual machine or physical server to be deployed, and install Docker as the container runtime.

System configuration

RHEL/Rocky Linux

1. Configure static IP addresses:

   sudo vi /etc/sysconfig/network-scripts/ifcfg-<interface>

   Replace <interface> with the network interface name, for example eth0.

2. Configure the DNS server:

   sudo vi /etc/resolv.conf

3. Disable the firewall:

   sudo systemctl stop firewalld && sudo systemctl disable firewalld

4. Disable SELinux:

   echo -e "SELINUX=disabled\nSELINUXTYPE=targeted" | sudo tee /etc/selinux/config
   sudo setenforce 0

Ubuntu

1. Configure static IP addresses and a DNS server:

   sudo vi /etc/netplan/50-cloud-init.yaml

2. Apply the network configuration:

   sudo netplan apply

3. Disable the firewall:

   sudo ufw disable

4. Optional: disable AppArmor as needed:

   sudo systemctl disable apparmor && sudo systemctl stop apparmor

5. Restart the operating system to apply the configuration:

   sudo reboot

Installing Docker

RHEL/Rocky Linux

1. Install Docker CE:

   sudo dnf -y install dnf-plugins-core
   sudo dnf config-manager --add-repo https://download.docker.com/linux/rhel/docker-ce.repo
   sudo dnf -y install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

2. Start the Docker service:

   sudo systemctl enable --now docker

3. Confirm Docker is installed successfully:

   docker --version

4. Restart the operating system to apply the configuration:

   sudo reboot

Ubuntu

1. Update the package index:

   sudo apt-get update
   sudo apt-get -y install ca-certificates curl

2. Add the Docker GPG key:

   sudo install -m 0755 -d /etc/apt/keyrings
   sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
   sudo chmod a+r /etc/apt/keyrings/docker.asc

3. Add the Docker software source:

   echo \
    "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
    $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \
    sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

4. Install Docker CE:

   sudo apt-get update
   sudo apt-get -y install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

5. Start the Docker service:

   sudo systemctl enable --now docker

6. Confirm Docker is installed successfully:

   docker --version

Downloading the deployment tool

Install the Neutree CLI tool on the virtual machine or physical server to be deployed and grant it executable permissions. This CLI tool is used to deploy the Neutree management plane, which includes monitoring components and the control plane.

1. Download version 1.0.1 of the Neutree CLI tool for the server’s CPU architecture.

2. Grant executable permissions to the CLI tool.

   chmod +x neutree-cli-<arch>

   Replace <arch> with the server’s CPU architecture: amd64 or aarch64.

Deploying monitoring components

Use the Neutree CLI tool to deploy the OBSStack monitoring components to provide system monitoring and observability support for the platform.

1. Start the monitoring component service:

   ./neutree-cli-<arch> launch obs-stack

   Replace <arch> with the server’s CPU architecture: amd64 or aarch64.

   Information

   This method automatically pulls the required images from DockerHub. Ensure the server network can access DockerHub.

2. If the monitoring component service fails to start, run the following command to view its logs for troubleshooting:

   docker compose -f ./neutree-deploy/obs-stack/docker-compose.yml logs

Deploying the control plane

Use the Neutree CLI tool to deploy a simplified control plane that provides the user management interface.

1. Run the following command in the terminal to generate a random JWT secret:

   openssl rand -base64 32 | tr '+/' '-_' | tr -d '='

   Information

   Neutree uses JWT (JSON Web Token) for authentication and authorization. The JWT secret is used to ensure the security of JWTs.

2. Start the control plane service:

   ./neutree-cli-<arch> launch neutree-core \
     --version=v1.0.1-enterprise \
     --metrics-remote-write-url=http://<obstack_ip>:8480/insert/0/prometheus/ \
     --jwt-secret=<jwt_secret> \
     --grafana-url=http://<obstack_ip>:3030 \
     --admin-password=<admin_password>

   Parameter	Description
   <arch>	The server’s CPU architecture: amd64 or aarch64.
   <obstack_ip>	The IP address of the server where the monitoring components are deployed.
   <jwt_secret>	The JWT secret string generated in step 1.
   <admin_password>	The initial password for Neutree administrator. Optional; it is recommended to set a custom initial password. If left empty, the system will generate one automatically, which you can retrieve after deployment using docker logs -f post-migration-hook.

   Information

   This method automatically pulls the required images from DockerHub. Ensure the server network can access DockerHub.

3. If the control plane service fails to start, run the following command to view its logs for troubleshooting:

   docker compose -f ./neutree-deploy/neutree-core/docker-compose.yml logs

Verifying the deployment

After all services have started, verify the deployment.

1. Check the status of all services:

   docker ps

2. Use the administrator account admin@neutree.local and the initial password to access the Neutree management interface at http://<control_plane_ip>:3000.

   If you cannot access the Neutree management interface, check whether the Docker service is running properly.