1. Home
  2. Knowledge Base
  3. Howto's
  4. How to configure subscriptions for SKUDONET (former ZEVENET) Enterprise Edition

How to configure subscriptions for SKUDONET (former ZEVENET) Enterprise Edition

Overview

This article aims to explain how SKUDONET 6 (former ZEVENET) Subscriptions work and how to configure SKUDONET Enterprise Edition subscriptions to maintain updated SKUDONET appliances in a very automatic way.

Architecture

The SKUDONET Enterprise Edition appliances require to have connectivity to two services: certs.skudonet.com and repo.skudonet.com

SKUDONET Enterprise Edition connects to https://certs.skudonet.com/ in order to check your Subscription Plan or Support status. Once this system confirms the access is granted, then it connects to https://repo.skudonet.com/ to check the package updates.

For this reason, it’s important to ensure that the Load Balancer can reach both remote points. If for any reason, the connection to the Internet from the load balancer is not allowed to those sites the load balancer can be configured to add an HTTP and HTTPS proxy. Ensure to have enabled the following destination rules in your data centre:

For Firewall sysadmins: Allow From the SKUDONET IP to DNS resolution of certs.skudonet.com and repo.skudonet.com port 443 (HTTPS protocol)
For Proxy sysadmins: Allow From the SKUDONET IP  to https://certs.skudonet.com/* and https://repo.skudonet.com/* (HTTPS protocol)

Configuration Procedure

Please follow the next steps to enable your subscription plan or support for the SKUDONET load balancer Enterprise Edition appliances. Firstly, please ensure you have the appliances deployed and activated.

1. Connect to your SKUDONET appliance and ensure that at least the release SKUDONET 6 is installed:

root@skdlb:~# dpkg -l | grep skudonet
ii  skudonet                        6.3.1                      amd64        SKUDONET Load Balancer Enterprise Edition

2. If your SKUDONET package is in a previous version please apply the latest release that you received at the moment of the Subscription Plan or Support acquisition.

3. If required, configure the proxy when a direct connection to the Internet is not allowed. Edit the global.conf file and configure the $http_proxy and $https_proxy variables as follows.

root@zvnlb:~# vi /usr/local/zevenet/config/global.conf

#proxy
$http_proxy="http://PROXY_IP:PROXY_HTTPS_PORT";
$https_proxy="https://PROXY_IP:PROXY_HTTPS_PORT";

NOTE: If the SKUDONET Version is 6 or higher the proxy configuration can be done in web GUI System > Remote Services > Proxy.

Just in case your proxy requires validation please configure it as follows:

root@skdlb:~# vi /usr/local/zevenet/config/global.conf

#proxy
$http_proxy="http://USER:PASSWORD@PROXY_IP:PROXY_HTTPS_PORT";
$https_proxy="https://USER:PASSWORD@PROXY_IP:PROXY_HTTPS_PORT";

Take into account to:

  • Change USER and PASSWORD for the given proxy credentials.
  • Change PROXY_IP with your own proxy IP or proxy name.
  • Change PROXY_HTTPS_PORT with your proxy port that accepts HTTPS.
  • Ensure that the proxy IP and proxy port are reachable from the Load Balancer, you can use telnet for these tests.

Repeat this configuration to every SKUDONET appliance that requires to have access to the remote repository for updates.

Applying package updates and hotfixes

SKUDONET appliances are fully integrated with the Linux operating system based in a GNU/Debian environment, so once the release SKUDONET 6 or higher is applied you will be able to update the SKUDONET system as any other GNU/Debian via APT repository, please refer to the following commands to be applied to maintain the appliances up to date.

Update the database of packages in your SKUDONET appliance from the remote APT repository.

root@zvnlb:~# apt-get update
 Hit:1 https://repo.skudonet.com/ee/v5/4.9.13zva5000 stretch InRelease
 Reading package lists... Done
root@zvnlb:~# apt-get --with-new-pkgs upgrade
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Calculating upgrade... Done
The following packages will be upgraded:
  cherokee skudonet skudonet-web-gui
2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 1,764 kB of archives.
After this operation, 3,072 B disk space will be freed.
Do you want to continue? [Y/n] Y
.
.
.

Since SKUDONET 6 the system has included a tool called checkupgrades which checks if any package update is pending and gives information about the system status as follows:

root@zvnlb:~# checkupgrades 
SKUDONET Packages are up-to-date.

or via web GUI:

Search a certain package in the local database.

root@zvnlb:~# apt-cache search skudonet
cherokee - SKUDONET cherokee
gdnsd - SKUDONET gdnsd
health-checks - SKUDONET health checks
pound - SKUDONET pound reverse proxy
ssyncd - SKUDONET Ssyncd
skudonet - SKUDONET Load Balancer Enterprise Edition
skudonet-web-gui - Web GUI of SKUDONET Enterprise
skudonet-ipds - Security updates to feed IPDS module of SKUDONET Load Balancer

Read the contents and information for a certain package.

root@zvnlb:~# apt-cache show skudonet-web-gui

Update a certain package.

root@zvnlb:~# apt-get install skudonet-web-gui

Update the whole system.

root@zvnlb:~# apt-get --with-new-pkgs upgrade

Offline updates

SKUDONET Load Balancer can be updated even if the load balancer is not allowed to connect to the Internet, so the latest SKUDONET updates also are accessible in ISO format, this ISO file can be downloaded from the Support Portal SKDCENTRAL.

The procedure for the offline updating process is the following.
1. Ensure that the load balancer has an active support contract.
2. Download the latest SKUDONET Update ISO file from the KB section of the SKDCentral portal, direct link here.
3. Copy the ISO file in the load balancer path /usr/local/zevenet/updates/.
4. Run the command checkupgrades, this command will check in first place the connectivity to our private system, if the connection is not possible, then the command will check if there are update ISO files in the updates path.
5. If there are pending updates, a message will be shown to confirm the updating process.

Considerations

SKUDONET 6 configures the subscription by default at the moment of appliance activation, so please ensure that the load balancer has internet connectivity before activating it, if the activation procedure is done without internet connectivity, then the subscription won’t be configured properly, but you can force the procedure once there is internet connectivity with the following command:

echo "" | /usr/local/zevenet/bin/enterprise.bin Zevenet::Apt setAPTRepo

Compatibility and Security

SKUDONET Load Balancer is based on a GNU/Debian system and fully integrated with the APT repository services. However, it doesn’t mean that SKUDONET packages are fully compatible with Debian mainstream packages, as this has been designed to be optimized and ready for high availability, scalability, and security of applications.

It is capable of adding third-party APT repositories for certain packages, but use this at your sole responsibility. System updates and upgrades are only supported by the official SKUDONET APT repositories. In addition, for security reasons, only accept updates from signed package repositories.

Was this article helpful?
Yes No

Related Articles

Need Support?

Can't find the answer you're looking for?
Contact Support

Download Skudonet ADC Load Balancer
Community Edition

Source Code

A versatile and installable ADC system designed for diverse vendor hardware.

DOWNLOAD SOURCE

Installable ISO 

Load Balancing as a Service alongside an ADC orchestration toolkit.

DOWNLOAD ISO
Download Community Edition

Download Community Edition

“We manage the information you provide with the sole aim of assisting with your requests or queries in regards to our products or services; applying the computer and security procedures to ensure its protection. Your data can be rectified or removed upon request but won’t be offered to any third parties, unless we are legally required to do so.” Responsible: SKUDONET SL - info@skudonet.com