Deploying content and content runtime from Managed services that is behind a firewall

Deployment of content and content runtime in Infrastructure Automation - Managed services that is behind a firewall.

About the task

Two scenarios are supported for this deployment:

  • Deploy the content and content runtime on to a cloud that is outside the firewall. For example, IBM Cloud, AWS and vSphere from the Managed services that is inside the firewall. For this deployment, you need a Bastion Server that is capable of SSH calls. The Terraform template uses this server to make any remote execution calls.
  • Deploy the content and content runtime to a vSphere cloud that is inside a firewall from the Managed services that is also inside a firewall. For this deployment, you need a HTTP proxy server that can forward any HTTP or HTTPS calls. The limitations for this scenario are as follows:
    • For middleware content, support is available only for Ubuntu.
    • For Content Runtime, Bring Your Own Chef is not supported.
    • Starter library MEAN stack template is not supported.

Procedure

  1. In Managed services, go to Manage > Shared parameters.

  2. You can view the shared parameters that are included to support the scenarios mentioned in the "About the task" section.

    • The following Data Types are created to capture Bastion host details and HTTP configuration details:
      • Bastion Host Configuration - Configuration that contains information to connect outbound through a Bastion host.
      • HTTP Proxy Configuration- Proxy configuration that is to be used for both HTTP and HTTPS outbound communication by the virtual machine that is deployed inside a proxy.
    • The following Data Objects that are provided can be used whenever you do not need a Bastion host or HTTP proxy host:
      • DefaultNoBastionHostRequired
      • DefaultNoProxyRequired

  3. If you need a Bastion host or HTTP proxy, then you must create your own Data Objects that capture the details of the Bastion host or HTTP proxy server. For steps to create Data Types and Data Objects, see Managing shared parameters from Managed services console.

  4. Open a Content Runtime, Terraform template, or middleware template to deploy:

    • To deploy from the Managed services that is not behind a firewall and also wherein both Bastion host and HTTP proxy are not required:
      1. Select the cloud connection.
      2. In the Select data object section, select DefaultNoBastionHostRequired for Bastion Host Configuration.
      3. Select DefaultNoProxyRequired for HTTP Proxy Configuration.
    • To deploy to a public cloud from Managed services that is behind a firewall:
      1. Select the cloud connection.
      2. In the Select data object section, for Bastion Host Configuration, select the Bastion host data object that encapsulates your bastion host data.
      3. Select DefaultNoProxyRequired for HTTP Proxy Configuration.
    • Deploy Content Runtime, middleware, and other templates on to a private VMware cloud that is behind a firewall from Managed services that is also behind a firewall: To deploy to a private VMware, additional HTTP Proxy Configuration details are required.
      1. Select the cloud connection.
      2. In the Select data object section, select DefaultNoBastionHostRequired for Bastion Host Configuration.
      3. For HTTP Proxy Configuration, select the HTTP Proxy Configuration data object that encapsulates your HTTP proxy server.

  5. Click Deploy.