This document gives step-by-step Controller installation details which may also be useful for troubleshooting.
If you are only interested in installing the Controller,
you may prefer having a look at installation in Community-Lab/CONFINE administrator's guide,
which uses the
deploy-controller.sh script to automate tasks.
Reference platform: Debian 7.0 wheezy, Python 2.7 and Django 1.6.10
The current state is beta, recommended only for testing and development
Confine-controller ships with a set of management commands for automating some of the installation steps.
These commands are meant to be run within a clean Debian-like distribution, you should be specially careful while following this guide on a customized system.
Confine-controller can be installed in any Linux system, however it is strongly recommended to chose the reference platform for your deployment.
sudo adduser confine # not required but it will be very handy sudo adduser confine sudo su confine
sudo apt-get install python-pip sudo easy_install --upgrade pip # work around issue #689 sudo pip install confine-controller
sudo apt-get install libjpeg-dev libfreetype6-dev # work around issue #688 sudo controller-admin.sh install_requirements
cd ~confine controller-admin.sh clone <project_name> # ie: communitylab, confine ... cd <project_name>
sudo python manage.py setuppostgres --db_user confine --db_password <password> --db_name <project_name> python manage.py syncdb python manage.py migrate
python manage.py createsuperuser
sudo python manage.py setupceleryd --username confine
/48IPv6 prefix (even 6to4, see Addressing in CONFINE) or generate a random ULA one (e.g. here or here), but the resulting prefix should be unique to your testbed:
sudo python manage.py setuptincd --mgmt_prefix <ipv6_prefix::/48> sudo service tinc restart python manage.py updatetincd python manage.py setuppki
Add the following lines to the stanza of your main network interface (usually
/etc/network/interfaces to ensure that the management address (your IPv6 prefix with
::2 at the end) is ready when services bound to it start:
# Ensure that the management address is present early on boot. up ip addr add ADDRESS dev $IFACE up while [ "$(ip -6 addr show tentative)" ]; do sleep 1; done
python manage.py collectstatic --noinput
sudo apt-get install nginx uwsgi uwsgi-plugin-python sudo python manage.py setupnginx sudo rm -f /etc/nginx/sites-enabled/default # work around issue #687 sudo service nginx restart
sudo apt-get install apache2 libapache2-mod-wsgi sudo python manage.py setupapache
python manage.py createmaintenancekey sudo python manage.py setupfirmware # python manage.py loaddata firmwareconfig # No longer necessary since version 0.11.1 python manage.py syncfirmwareplugins
python manage.py setuplocalmonitor
sudo python manage.py restartservices
To upgrade your controller installation to the last release you can use
upgradecontroller management command. Before rolling the upgrade it is strongly recommended to check the release notes.
sudo python manage.py upgradecontroller
Current in development version (master branch) can be installed by
sudo python manage.py upgradecontroller --controller_version dev
Additionally the following command can be used in order to determine the currently installed version:
python manage.py controllerversion
If instead of the latest release of the development version you want to upgrade from a local package or source checkout, instead of using
upgradecontroller you can:
python manage.py controllerversion.
sudo pip install PACKAGE_OR_CHECKOUT(or creating a
pthfile for local development as explained below).
sudo python manage.py postupgradecontroller --from=OLD_VERSION.
If you are planing to do some serious development or testing you really should be doing it under the following setup
sudo rm -r /usr/local/lib/python2.7/dist-packages/controller su - vct git clone firstname.lastname@example.org:confine/controller.git ~vct/confine-controller echo ~vct/confine-controller/ | sudo tee /usr/local/lib/python2.7/dist-packages/controller.pth
sudo ~vct/confine-controller/controller/bin/controller-admin.sh install_requirements
cd ~vct/confine-dist/utils/vct/server/ sudo python manage.py restartservices
python manage.py runserver 0.0.0.0:8888
~vcton your host machine so you can code with your favorite IDE, sshfs can be used for that
# On your host mkdir ~<user>/vct sshfs vct@<container-ip>: ~<user>/vct
Once you have finished the server installation some extra configurations are required: