Page tree
Skip to end of metadata
Go to start of metadata


Summary: information to help you plan your CAST AIP for Dashboards installation.

Typical architecture

2.x

Click to enlarge

Deployment modes

Before beginning the installation process, you should be aware of the various deployment methods available:

ReleaseDeployment modeDeployment scenarioDetails
2.xEnterpriseDocker for Linux or Docker Desktop for Microsoft Windows

Enterprise mode using Docker is highly recommended wherever possible:

  • This mode uses microservices architecture: all Console front-end services (authentication, UI, Node registration etc.) are provided either:
    • as Docker containers
    • or can be installed via Java JAR installers where Docker cannot be used
  • When using Docker/Docker Desktop:
    • the deployment of CAST Dashboards is entirely automatic and no manual configuration is required
    • upgrades to new releases of Console is simple - pull/rebuild new images for the containers
  • The Node service is provided as a Java JAR installer for installation on Microsoft Windows
EnterpriseJava JAR installers (multiple)
StandaloneJava JAR installer (single) for Microsoft Windows only

Standalone mode is targeted at deployments on Microsoft Windows on one single machine, specifically and only for demo or POC requirements. The installer includes all required services in one single Java JAR installer:

  • Console front-end service
  • One single Node back-end service
Note that this mode has some limitations which are explained in 2.x - Standalone mode - Installation of AIP Console front-end in standalone mode.
1.x-Java JAR installer (single)

In 1.x, one single Java JAR installer is provided containing:

  • Console front-end service
  • Node back-end service

Console (front end) package requirements

2.x - Docker install

SoftwareRequiredNotes
Host Operating System(tick)

Microsoft Windows

See https://docs.docker.com/desktop/windows/install/.

Linux

  • all Linux distributions based on (or derived from) Red Hat.

Third-party software required
for install on Docker (Linux and Windows)



(tick)

Docker on Linux

  • Docker Engine ≥ 18.0
  • docker-compose latest stable release recommended
  • curl

Docker on Microsoft Windows

  • Docker Desktop for Windows - latest version recommended, or one that provides:
    • Docker Engine ≥ 19.03.5
    • docker-compose latest stable release recommended
    • Containers for Linux must be enabled:

Access to at least one CAST Storage Service /PostgreSQL(tick)

An installation of the CAST Storage Service/PostgreSQL, which must be accessible over the network. This is used to host the schemas required for storing analysis results - these schemas do not need to be pre-installed as Console will manage their installation.

  • You can use one single CAST Storage Service/PostgreSQL for all Nodes and Measurement schema
  • You can use multiple CAST Storage Services/PostgreSQL - one dedicated server per Node and one dedicated server for the Measurement schema for example
Ports(tick)

The following ports must be opened inbound on the host server. These correspond to each Docker container required by Console (front-end). This is so that remote Node instance can access the required services:

  • 2281 (Service Registry)
  • 2285 (Node database (PostgreSQL))
  • 8081 (Gateway)
  • 8086 (Keycloak OAuth 2 Server)
  • 8087 (embedded Dashboards - available from 2.0.0-beta2)
  • 8088 (Service Registry)

These ports can be customized if required.

User permissions(tick)

To run the Docker install, Administrator privileges are required:

  • Microsoft Windows - local Administrator privileges
  • Linux - user in the sudoers list
Access to hub.docker.com(tick)All Docker containers are pulled direct from https://hub.docker.com/, therefore the host server must have access to this.
Global CAST License(tick)Console requires a global CAST license key. This key will be applied to all Node packages that you install.
CAST Extend (tick)

In order to install any CAST AIP Extensions automatically, Console needs to connect to CAST's managed service known as "Extend" over the public internet. You will also need login credentials for Extend - i.e. you will need to register an account.

Access to the following URL on port 443 via TCP is required:

Note that if (due to security concerns) your organization cannot interact over the public internet with CAST's managed services, you can alternatively use CAST Extend Offline/Proxy.

2.x - Multiple JAR install

The JAR installers are an alternative to a Docker deployment. See 2.x - Enterprise mode - Installation of AIP Console front-end via Java JAR installers.


SoftwareRequiredNotes
Host Operating System(tick)

Supported versions of Windows:

  • Windows Server 2019
  • Windows Server 2016
  • Windows Server 2012 R2 Standard
  • Windows Server 2012 Standard
  • Windows Server 2008 R2 SP1 Standard
  • Windows 10
  • Windows 8.1

Installations of Windows Server using only Server Core (i.e. without a GUI) are not supported.

  • Recommended versions of Linux:
    • all Linux distributions based on (or derived from) Red Hat

Java (JRE/JDK)

(tick)

A 64bit Java JRE or JDK is required to install and run Console.

Any Java variants certified by the OpenJDK Community Technology Compatibility Kit are compatible with Console (you can verify if a company has access to the TCK on the OpenJDK website). The following are known to function with v. ≥ 2.0:

ProviderJava 8 64bitJava 11 (LTS) 64bitJava 17 (LTS) 64bit
Oracle JDK (http://jdk.java.net/)(tick)(tick)(tick) (see note below)
AdoptOpenJDK/Eclipse Temurin(tick)(tick)(tick) (see note below)
Amazon Corretto(tick)(tick)N/A
Eclipse OpenJ9(tick)(tick)N/A
Azul Zulu(tick)(tick)(tick) (see note below)

Java 17 (LTS) is more restrictive regarding java library use and limits some elements to specific modules that are not enabled by default. As a result of this, although supported for use with Console, the start up batch/script files delivered with the installer for the Console front-end and back-end Node must be modified before they can be used to launch Console or a Node. See Configuring start up services and scripts for use with Java 17 and above.

Access to at least one CAST Storage Service /PostgreSQL(tick)

An installation of at least one CAST Storage Service/PostgreSQL, which must be accessible over the network. This is used to host various items required by Console/Nodes:

  • One dedicated database called "keycloak". This database must be created and available on the CAST Storage Service/PostgreSQL instance BEFORE installation is started. This is required by the SSO Java installer.
  • Two dedicated schemas called "aip-config" and "aip-node". These schemas will be created during the service startup and can be stored in any database, however, storage in the "postgres" database is recommended. These are required by the Service Registry Java installer.
  • For each Application managed in Console, various schemas (Management, Analysis, Dashboard) are required for analysis/snapshot storage requirements. These schemas are created when the Application is added into Console. In addition, one schema (Measurement) is required to consolidate snapshot results from all Applications.

You can use one single CAST Storage Service/PostgreSQL to host all required items, or dedicated CAST Storage Service/PostgreSQL instances to host each item. Note that the CAST Storage Service/PostgreSQL instance defined in the Service Registry Java installer will also be made available for use as storage for application analysis/snapshot requirements.

Ports(tick)

The various services run on the following ports by default:

  • 2281 (Service Registry)
  • 8081 (Gateway)
  • 8086 (Keycloak OAuth 2 Server)
  • 8087 (embedded Dashboards - available from 2.0.0-beta2)
  • 8088 (Service Registry)

These ports can be customized if required.

User permissions(tick)

To run the setup start and run the Console package on the server, the follow user permissions are required:

  • Microsoft Windows - local Administrator privileges
  • Linux - user in the sudoers list
Global CAST License(tick)Console requires a global CAST license key. This key will be applied to all Node packages that you install.
CAST Extend (tick)

In order to install any CAST AIP Extensions automatically,  Console needs to connect to CAST's managed service known as "Extend" over the public internet. You will also need login credentials for Extend - i.e. you will need to register an account.

Access to the following URL on port 443 via TCP is required:

Note that if (due to security concerns) your organization cannot interact over the public internet with CAST's managed services, you can alternatively use CAST Extend Offline/Proxy.

1.x - JAR install

SoftwareRequiredNotes
Host Operating System(tick)

The Console package can be installed on both Windows and Linux operating systems:

  • Supported versions of Windows:
    • Windows Server 2019 (supported in Console ≥ 1.10.0)
    • Windows Server 2016
    • Windows Server 2012 R2 Standard
    • Windows Server 2012 Standard
    • Windows Server 2008 R2 SP1 Standard
    • Windows 10
    • Windows 8.1

Installations of Windows Server using only Server Core (i.e. without a GUI) are not supported.

  • Recommended versions of Linux:
    • all Linux distributions based on (or derived from) Red Hat

Java (JRE/JDK)

(tick)

A 64bit Java JRE or JDK is required to install and run Console.

Any Java variants certified by the OpenJDK Community Technology Compatibility Kit are compatible with Console (you can verify if a company has access to the TCK on the OpenJDK website). The following are known to function with v. ≥ 1.14.0:

ProviderJava 8 64bitJava 11 (LTS) 64bitJava 17 (LTS) 64bit
Oracle JDK (http://jdk.java.net/)(tick)(tick)(tick) (see note below)
AdoptOpenJDK(tick)(tick)(tick) (see note below)
Amazon Corretto(tick)(tick)N/A
Eclipse OpenJ9(tick)(tick)N/A
Azul Zulu(tick)(tick)(tick) (see note below)
  • If you have multiple JDK versions installed on a Linux server, you can set the default using the following command:
sudo update-alternatives --config java
  • Java 17 (LTS) is more restrictive regarding java library use and limits some elements to specific modules that are not enabled by default. As a result of this, although supported for use with Console, the start up batch/script files delivered with the installer for the Console front-end and back-end Node must be modified before they can be used to launch Console or an Node. See Configuring start up services and scripts for use with Java 17 and above.
User permissions(tick)

To run the setup start and run the Console package on the server, the follow user permissions are required:

  • Microsoft Windows - local Administrator privileges
  • Linux - user in the sudoers list
Access to Node(s)(tick)

The Console package requires access to the analysis nodes on which the Node package/AIP Core has been installed:

  • Console package version number and the Node package version number must be identical.
  • If you are installing the Node package on multiple analysis nodes, then you need to ensure that the Console package can access the Nodes via the defined URLs - i.e. you may need to adjust firewall rules on the Nodes to allow access on the defined port.
Access on port 8081(tick)The Console package runs by default on port 8081 (although you can customize this if required - CAST recommends enabling secure HTTPS connection) therefore you will need to adjust firewall rules on the host server to allow access to the appropriate port so that users can access Console in their browser.
Global CAST License(tick)The Console package requires a global CAST license key. This key will be applied to all Node packages that you install.
CAST Extend (tick)

In order to install any CAST AIP Extensions automatically, Console needs to connect to CAST's managed service known as "Extend" over the public internet. You will also need login credentials for Extend - i.e. you will need to register an account.

Access to the following URL on port 443 via TCP is required:

Note that if (due to security concerns) your organization cannot interact over the public internet with CAST's managed services, you can alternatively use CAST Extend Offline/Proxy.

Node (back end) package requirements

SoftwareRequiredNotes
Host Operating System(tick)

The Node package must be installed on a Windows host operating system since it requires the presence of AIP Core. Supported versions of Windows:

  • Windows Server 2019 (supported in Console ≥ 1.10.0)
  • Windows Server 2016
  • Windows Server 2012 R2 Standard
  • Windows Server 2012 Standard
  • Windows Server 2008 R2 SP1 Standard
  • Windows 10
  • Windows 8.1
AIP Core(tick)

A standard installation (i.e. run from the AIP Core setup) of AIP Core ≥ 8.3.6 is required on the target node.

  • from v. ≥ 1.16, Console can manage multiple  Nodes using different releases of AIP Core. In previous releases, the same release of AIP Core must be used across all Nodes managed in the same Console installation.
  • CAST recommends the most recent release of AIP Core to take full advantage of all available features.
  • The installation path for AIP Core is referred to as <CAST_AIP_install> in the rest of this document. By default, the path is C:\Program Files\CAST\<version>\ on each Node.
CAST Storage Service /PostgreSQL(tick)

An installation of the CAST Storage Service/PostgreSQL, which must be available either on the target node or on another dedicated server accessible over the network. This is used to host the schemas required for storing analysis results - these schemas do not need to be pre-installed as Console will manage their installation.

  • You can use one single CAST Storage Service/PostgreSQL for all Nodes and Measurement schema
  • You can use multiple CAST Storage Services/PostgreSQL - one dedicated server per Node and one dedicated server for the Measurement schema for example
Java (JRE/JDK)(tick)

A Java JRE or JDK is required to install and run Node. See Java (JRE/JDK) above for more information about requirements.

Data storage folders(tick)

The following folders are required by the Node and must be accessible. CAST recommends the use of a common network share for all Nodes. Note however that in v. 1.x, these folder will be located, by default on each Node.

FolderDescription
deliveryA location for storing successive and compressed versions of an application's source code provided during a source code delivery.
deployA location used to store the most recent version of the application's source code for analysis in uncompressed format.
common-data (v 2.x only)A common location used to store backup, sherlock, upload and other folders used by the Node.
backup (v. 1.x only)Used for storing backups of the Application made from Console.
sherlock (v. 1.x only)Used for storing Sherlock exports of the Application made from Console.
upload (v. 1.x only)A folder on the target node is required for user uploads - i.e. components that may need to be added to an analysis (for example).
Network access(tick)

v. 2.x

The Node instance requires outbound access via the following default ports to the server hosting Console:

  • 2281
  • 2285 (Docker install only - this is the PostgreSQL instance provided as a Docker container and which is required for Keycloak and other schema requirements)
  • 8081
  • 8086
  • 8087
  • 8088

In addition, outbound access to any CAST Storage Service/PostgreSQL instances configured for Analysis/Snapshot/Measurement storage requirements is required.

v. 1.x

The Node package runs by default on port 8082 (although you can customize this if required - CAST recommends enabling secure HTTPS connection) and this port is used for communication from Console to the Node(s), therefore you will need to adjust firewall rules on the Node instance to allow inbound access from Console.

In addition, outbound access to any CAST Storage Service/PostgreSQL instances configured for Analysis/Snapshot/Measurement storage requirements is required.

CAST Extend(tick)

In order to install any CAST AIP Extensions automatically, each Node needs to connect to CAST's managed service known as "Extend" over the public internet. You will also need login credentials for Extend - i.e. you will need to register an account:

Access to the following URL on port 443 via TCP is required:

Note that if (due to security concerns) your organization cannot interact over the public internet with CAST's managed services, you can alternatively use CAST Extend local server.
User permissions(tick)To run the setup and start/run the Node package on the server, local Administrator privileges are required.

Requirements for end users accessing Console

Browsers

The following browsers are supported when run on Linux, macOS or Microsoft Windows. We regularly test with a subset of the available versions, and aim to fix issues found with any of them.

Browser

Supported

Notes

Microsoft Edge(tick)Minimum supported release: 44 and above

Mozilla Firefox

(tick)Minimum supported release: 65 and above
Google Chrome(tick)Minimum supported release: most recent only
Safari(tick)Minimum supported release: 12 and above


CAST RESTAPI requirements (for embedded dashboards)

(tick)CAST RESTAPI

AIP Console ≥ 1.25

A bootable ZIP called cast-integrated-health-engineering-dashboard.zip is provided in the installation media .ZIP file (alongside the .JAR installer for the AIP Console) and is partly pre-configured for use with AIP Console. This does not require a web application server such as Apache Tomcat. A minimum release of 2.0.1 is required.

AIP Console ≤ 1.24

The CAST-RESTAPI-integrated.war is provided in the installation media .ZIP file (alongside the .JAR installer for the AIP Console) and is partly pre-configured for use with AIP Console. This requires a web application server (Apache Tomcat). A minimum release of 1.9.0 is required.

(tick)Application Server

Only required when using AIP Console ≤ 1.24

The CAST RESTAPI requires a host web application server. The following are supported for use with any release of the CAST RESTAPI:

  • Apache Tomcat 7.0.x 64-bit (where x ≥ 20)
  • Apache Tomcat 8.0.x 64-bit
  • Apache Tomcat 8.5.x 64-bit
  • Apache Tomcat 9.0.x 64-bit (cannot be used with the CAST-RESTAPI-integrated.war delivered in AIP Console ≤ 1.15)
(tick)Host Operating SystemThe CAST RESTAPI can be hosted on both Windows and Linux host Operating Systems.
(tick)JDK / JRE

A JDK / JRE must be installed on the target server for the host web application server or for the CAST RESTAPI:

AIP Console ≥ 1.25

  • Java JRE 8 is required.

AIP Console ≤ 1.24

  • Apache Tomcat 7 is designed to run on Java JRE 6 and later
  • Apache Tomcat 8 and 8.5 are designed to run on Java JRE 7 and later

Note that if you have multiple JDK versions installed on a Linux server, you can set the default using the following command:

sudo update-alternatives --config java
(tick)Access to CAST Storage Service/PostgreSQLThe CAST RESTAPI requires network access to all the CAST Storage Services/PostgreSQL instances used to host the schemas required for the functioning of AIP Console, including the Measurement schema.
(tick)Access from the AIP ConsoleThe AIP Console package requires network access to the CAST RESTAPI.
(tick)CAST Dashboard Service schema license keyAccess to data in the CAST Dashboard Service schema (for use with the CAST Engineering Dashboard) is governed by a license key - see Dashboard Service license key configuration. You must have a valid license key in your possession before you begin. An UNRESTRICTED license is required.

CAST Extend Offline/Proxy (optional) requirements

See:

CAST Storage Service / PostgreSQL storage

See:

Supported features of Directory Service systems

The following section lists the features of Enterprise Directories (such as Active Directory) that are supported by the CAST AIP Console/Dashboards:

Feature

Supported

Notes

Directory Services

(tick)
  • Microsoft Active Directory is full supported.
  • Other Directory Services are supported in AIP Console, CAST Health and CAST Engineering Dashboards but will generally require additional configuration.

Microsoft Active Directory Lightweight Directory Services

Partially

Microsoft AD LDS does not have all the information in the server itself, but may provide a pointer to another server where that information is stored. Depending on what is stored, authentication and authorization may fail if pointing to a AD LDS server and not enough information is present. If this occurs, the configuration should be modified to point to a full Microsoft Active Directory server.

Global Catalog Servers (GCS)(tick)

Sometimes required if an Active Directory or other Directory Services server contains multiple domains or domains and sub-domains. as the Global Catalog Server contains LDAP information for all domains. In this case the LDAP URL should point to the GCS server URL (normally same as LDAP URL with port 3268 for LDAP and 3269 for LDAPS)

Proxies

Partially
  • If the proxy has no authentication configured, then they are supported.
  • No support for any Single Sign On (SSO) proxies.

Referrals

PartiallyIf a referral is used, the machine name needs to be able to be resolved the Doman Name Service (DNS) process. This may require that DNS or a local hosts file is modified to ensure that it occurs.

SSO (Single Sign On)

(tick)

Supported for AIP Console/Health/Engineering Dashboards/RestAPI via SAML

Note that SAML is not supported for connections to the dashboard RestAPI made via CAST Report Generator.
Nested Groups(tick)-

  • No labels