AmpCon Installation Guide
Install AmpCon on a Virtual Machine using an OVA Template
Installing AmpCon on a Virtual Machine consists of the following three steps:
- Install AmpCon on VMware Virtual Machine
- Run the Setup Program
- Verify configuration using a Web Browser
Install AmpCon on VMware Virtual Machine
Installing AmpCon as a Virtual Machine on ESXi server consists of the following two steps:
- Download the OVA file for the AmpCon server you are deploying from https://csp.pica8.com/sw-prod/Ampcon/.
- Deploy the OVA.
Deploy the OVA
- Log into ESXi server GUI and select Virtual Machines and click Create/Register VM as shown below:
2. Click Select creation type and select Deploy a virtual machine from an OVF or OVA file and click Next as shown below.
3.Enter a name for the AmpCon server and drag the downloaded AmpCon server OVA file that you have downloaded earlier to the box as shown below. Click Next.
4. Select the storage you want to use for the AmpCon server VM and click Next as shown below.
5. Select the network you want to use for VM network of the AmpCon server VM and click Next as shown below. Controller network interface is for a special case and you do not need it. Select both network interfaces to be same as shown below and click Next.
6. Click Finish as shown below.
Wait for the AmpCon server VM import task to complete in the ESXi server. After that power up the newly imported AmpCon Server VM. Now we are ready to run the setup program.
Run the Setup script
After the AmpCon server application is deployed, we provide a setup wizard to perform some initial configuration. This setup script is executed in the VMware console. It configures the AmpCon Server's IP settings and peripheral network services such as DNS and NTP. Script also sets up AmpCon Server ID for HA, and Peer Server's IP address.
This script does not set the time zone. Time zone by default is set to UTC. UTC is recommended for AmpCon Server deployments where PICOS switches span across different time zones in the globe.  If you need to change the time zone, use the following timedatectl Linux command before running the Setup Script:
sudo timedatectl set-timezone <your_time_zone>
The Setup script also configures the AmpCon Application.
Running the Setup script consists of the following steps:
- Log into the AmpCon VM console with credentials: root/pica8
Execute the following command:Â
[root@automation automation]# _cd /root/automation
- Run the Setup script as follows:
The following interactive Setup wizard guides you through the initial configuration. Enter the host name of AmpCon server, IP address and subnet prefix of the AmpCon server, IP default gateway, DNS domain name, primary and secondary DNS server IP address, host name of the NTP server, administrative username used for logging into the AmpCon server and administrative password as shown below. Then enter _Y_ to setup the server configuration as shown in the following example.
[root@automation automation\]# ./system-setup_
================================================================================
AmpCon Server Configuration, press Ctrl-C to abort
================================================================================
Server hostname []: AmpCon-HQ-97
IP address []: 172.16.0.97
IP sub network prefix(8/16/24, etc.) []: 24
IP default gateway []: 172.16.0.1
Default DNS domain []: pica8.com
Name server []: 172.16.0.69
Name server 2 []: 8.8.8.8
NTP server []: time.nist.gov
NTP server 2 []:
Username to be added []: ampcon-admin
Password []:
Password again []:
Hostname: AmpCon-HQ-97
IP: 172.16.0.97
Prefix: 24
Gateway: 172.16.0.1
DNS domain: pica8.com
nameserver: 172.16.0.69
nameserver 2: 8.8.8.8
NTP server: time.nist.gov
User to be added: ampcon-admin
Please review the changes, press Y/y to continue, E/e or other key to Edit, Ctrl-C to abort
Are you sure to have them take effect? (Y/y, E/e, or Ctrl-C): Y
================================================================================
System setup is now complete.
================================================================================
The following interactive part of the Setup wizard guides you through the initial configuration of AmpCon _automation_ service. If you do not plan to use two AmpCon servers for High Availability or your enterprise does not use Web Proxy or Gateway, then enter x as follows:
Starting configuration of AmpCon Automation Service
Current AmpCon configuration file is '/etc/automation/automation.ini'
AmpCon configuration options:
[1] Server ID : 1
[2] Server IP : 192.168.42.97
[3] Peer Server IP :
[4] License Portal Proxy : None
[5] SSL Private Key : /usr/share/automation/server/server_keys/server.key.unsecure
[6] SSL Cert : /usr/share/automation/server/server_keys/server.crt
[7] Child Process Workers : 10
[x] Quit with Save
[0] Quit without Save
Which parameter do you want to change (1,2,3,4,5,6,7,x,0)[0]:x
Quit with no changes!
It follows with the High Availability configuration options when system setup is complete.
- If you don't use High Availability, enter _x_ to quit and save the configuration.
- If you have two AmpCon servers for High Availability, please refer the config guide Configuring High Availability for details of how to configure High Availability.
    4. Verify parameters set by the Setup script as follows:
a. Verify host name with the following command:
[root@pica8 ~]# hostnamectl Static hostname: pica8 Icon name: computer-vm Chassis: vm Machine ID: 7ca182db807b4b26ad2e29c2e5f18117 Boot ID: 05b46e737ed14e848b3cb03d6b164c98 Virtualization: vmware Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-862.el7.x86_64 Architecture: x86-64
b. Verify Network interface IP address and test network connectivity using following commands:
[root@pica8 ~]# ifconfig ens160 ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.16.0.97 netmask 255.255.255.0 broadcast 172.16.0.255 inet6 fe80::da0a:dba:1435:64ca prefixlen 64 scopeid 0x20<link> inet6 2603:3024:1852:4083::3329 prefixlen 128 scopeid 0x0<global> inet6 2603:3024:1852:40e3:3eb3:f09a:ce9c:57ae prefixlen 64 scopeid 0x0<global> ether 00:0c:29:32:a5:e3 txqueuelen 1000 (Ethernet) RX packets 4311709 bytes 597954184 (570.2 MiB) RX errors 0 dropped 310 overruns 0 frame 0 TX packets 668852 bytes 882436537 (841.5 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@pica8 ~]# ping 8.8.8.8 -c 4 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_seq=1 ttl=52 time=22.7 ms 64 bytes from 8.8.8.8: icmp_seq=2 ttl=52 time=30.9 ms 64 bytes from 8.8.8.8: icmp_seq=3 ttl=52 time=29.4 ms 64 bytes from 8.8.8.8: icmp_seq=4 ttl=52 time=29.3 ms --- 8.8.8.8 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3004ms rtt min/avg/max/mdev = 22.704/28.102/30.946/3.186 ms
c. Check DNS configuration and verify DNS functionality using following commands:
[root@pica8 ~]# more /etc/resolv.conf # Generated by NetworkManager search pica8.us nameserver 172.16.0.69 nameserver 2603:3024:1852:40e3:290:bff:fe26:a2b7 nameserver 2603:3024:1852:4083::69 [root@pica8 ~]# ping example.com -c 4 PING example.com (93.184.216.34) 56(84) bytes of data. 64 bytes from 93.184.216.34 (93.184.216.34): icmp_seq=1 ttl=54 time=20.1 ms 64 bytes from 93.184.216.34 (93.184.216.34): icmp_seq=2 ttl=54 time=30.8 ms 64 bytes from 93.184.216.34 (93.184.216.34): icmp_seq=3 ttl=54 time=29.7 ms 64 bytes from 93.184.216.34 (93.184.216.34): icmp_seq=4 ttl=54 time=37.7 ms --- example.com ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3004ms rtt min/avg/max/mdev = 20.176/29.621/37.778/6.269 ms
d. Verify time in the AmpCon server.
[root@AmpCon-HQ-97 ~]# date Mon Jun 8 17:45:21 UTC 2020
e. Verify connection to the Pica8 License portal and a test URL works from the Linux shell as follows:
[root@AmpCon-108 ~]# curl https://license.pica8.com [root@AmpCon-SE-108 ~]# curl https://www.example.com
Both commands need to work without any error. Otherwise you will not be able to install PICOS License and deploy switches successfully.
f. Verify whether Server ID is set properly with the Linux command as shown below:
[root@AmpCon-HQ-97 ~]# grep server-id /etc/my.cnf.d/server.cnf server-id=2
g. Verify whether Peer IP is set properly with the Linux Commend as shown below:
[root@AmpCon-HQ-97 ~]# mysql -u<user name> -p<password> -e "show slave status"
If Peer IP is not set, output will be empty. Otherwise you will see the following output:
        Check the Master_host value as shown above.
h. Verify ssh to AmpCon server works.
$ ssh root@172.16.0.97 root@172.16.0.97's password:
i. To verify configuration done by the setup script is persistent, reboot the AmpCon Server and verify items from a to f again.
[root@pica8 ~]# reboot Fri Jun 5 13:14:40 PDT 2020
Verify configuration using a Web Browser
Open a web browser and enter the URL of your AmpCon server. It should be in format of: https://<yourAmpConsSrverName.domain.com/login or https://<AmpCon Server IP>/loginÂ
Enter credentials admin/admin and Click LOG IN.
Changing default passwords in AmpCon server
After installing the AmpCon server VM, you can change the following default passwords:
- Default root password: Change the root password with the following command: sudo passwd root
- Default GUI Super Admin user: GUI default credentials admin/admin. To change password for admin, click the user icon and click Settings as shown below.
Change the password for admin and click Change Password as shown below.
Alternatively you can create a new super user administrator account and delete the default admin user as follows. After you log into the GUI, navigate to Users -> Manage Users and click Add User as shown below:
Create a new Super Admin user as shown below and click Create:
Then delete the default Super Admin user admin as shown below.
Copyright © 2024 Pica8 Inc. All Rights Reserved.