Deploying HAWK eyeCon |version|
-------------------------------

Once the operating system is installed and configured, deploying the high availability solution is the next step. 

The steps described below utilize HAWK's automated installer to deploy HAWK eyeCon |version| BDSA. Perform the steps by logging into one of the HAWK appliances.

.. note::
	Before you continue ensure that NTP is setup on all servers, That DNS is correctly setup including adding each server in the /etc/hosts file.


1. Install the 'hawk-install' package from the HAWK repository.

``user@host:# yum install hawk-install -y``

2. Copy the example configuration to the root directory. 

``user@host:# cp /usr/share/hawk/hawk-install/hawk-install.cfg.example /root/hawk-install.cfg``

3. Edit the 'hawk-install' configuration file.

``user@host:# vi hawk-install.cfg``

3a. **First section is System Configuration.**

.. code::

	[SYS]
	username = root
	password = password
	ssh_port = 40000
	smtp_from = no-reply@hawkdefense.com
	smtp_admins = [ [ "HAWK Administrator", "support@hawkdefense.com" ] ]
	smtp_server = localhost:25
	http_proxy = localhost:8080
	memcached = 8192

.. glossary::

	username:
		Operating System username. User must have root privileges.

	password:
		Password for operating system username.

	ssh_port:
		Port number for SSH access. After running the required initialization script this port should be 40000.

	smtp_from:
		Configure the smtp from address.

	smtp_admins:
		List of admins to notify when services detect warning. (i.e. Running low on disk space). Because this is a list of list if you would like to notify more than one administrator use the following syntax:  [ [ "Admin1", "admin1@example.com" ], ["Admin2", "admin2@example.com"] ]

	smtp_server:
		smtp server to be used to send mail.

	http_proxy:
		If a proxy server is required to access internet, This can be configured here. 

	memcached:
		Configure the amount of memory in MB memcached should use.


3b. **Next section is to configure MySQL Directory Service.**

.. code::

	[MYSQL]
	primary_server = server1
	secondary_server = None
	username = hawk
	password = password

.. glossary::

	primary_server:
		Enter the IP address or Hostname of the server where you would like to install the MySQL Directory Service.

	secondary_server:
		Enter the IP address or Hostname of the server where you would like to install the MySQL slave Directory Service.

	username:
		Enter the username you would like to use for the MySQL instance.

	password:
		Enter the password you would like to use for the MySQL instance. 


3c. **The next three sections are to setup Mongo Database. This includes three config servers, three members to make a complete shard, and three aggregation servers.** 

.. code::

	[CONFIG]
	server = server1,server2,server3
	storage_path = /data/config/

.. glossary::

	server:
		Enter three IP addresses or Hostnames separated by a comma ',' where you would like to install the Mongo Config servers.

	storage_path:
		Enter the directory path where you would like the Mongo Config server files to be stored. 

.. code::

	[SHARD]
	server = server1,server2,server3
	storage_path = /data
	shard_name = data01
	storage_size = 30720
	port = 27001

.. glossary::

	server:
		Enter three IP addresses or Hostnames separated by a comma ',' where you would like to install the Mongo shard servers.

	storage_path:
		Enter the directory path where you would like the Mongo shard server files to be stored. 

	shard_name:
		Enter the shard name you would like to use.  

	storage_size:
		Enter the max size in MB that is available to Mongo for the directory path you listed for storage_path.

	port:
		Enter the port Mongo should use. Default port is '27001'.

.. Note::
	If you would like to install additional shards. Please see the manual steps for adding shards. 

.. code::

	[AGGREGATION]
	server = server1,server2,server3
	username = hawk
	password = password

.. glossary::

	server:
		Enter three IP addresses or Hostnames separated by a comma ',' where you would like to install the Mongo Aggregation servers.

	username:
		Enter the username you would like to use for Mongo Authentication. 

	password:
		Enter the password you would like to use for Mongo Authentication.


3d. **Next step is to configure where the HAWK API will be installed too.**

.. code::

	[API]
	server = server3
	ssl_cert = example.crt
	ssl_key = example.key
	secret = example-secret
	insecure = False
	username = admin
	password = password

.. glossary::
	
	server:
		Enter the IP address or Hostname where you would like to install the HAWK API.

	ssl_cert:
		Enter the location to your SSL certificate. If you would like to use the default self-signed cert you can use the default example.crt.

	ssl_key:
		Enter the location to your SSL private key. If you would like to use the default self-signed private key you can use the default example.key.

	secret:
		Enter the SSL secret to be used. 

	secure:
		Set to True if you are using a self-signed certificate. 

	username:
		Setup the service account for backend services to communicate with the API.

	password:
		Set the password for the service account. 


3e. **Next step is to configure the HAWK User Interface.**

.. code::

	[IEK]
	server = server3
	ssl_cert = example.crt
	ssl_key = example.key

.. glossary::
	
	server:
		Enter the IP address or Hostname where you would like to install the HAWK User Interface.

	ssl_cert:
		Enter the location to your SSL certificate. If you would like to use the default self-signed cert you can use the default example.crt.

	ssl_key:
		Enter the location to your SSL private key. If you would like to use the default self-signed private key you can use the default example.key.

.. Note::
	If you need to update your SSL certificates at a later time please see the section 'Update SSL Certificate'.


3f. **The next two sections are for setting up HAWK vStream services.**

.. code::

	[ZOO]
	server = server1,server2,server3

.. glossary::

	server:
		Enter three IP addresses or Hostnames separated by a comma ',' where you would like to install the Zookeeper service.

.. code::

	[KAFKA]
	server = server1,server2,server3
	storage_path = /data/vstream-logs/
	days = 8
	storage_size = 50

.. glossary::

	server:
		Enter as many vStream nodes you would like to use. Ensure the IP addresses or Hostnames are separated by a comma ','.

	storage_path:
		Enter the directory path where you would like the vStream server files to be stored. 

	days:
		Enter how many days you would like to keep in active data stored in vStream.

	storage_size:
		Enter max storage size in GB.


3g. **The last step is to configure the HAWK engine.** 

.. code::

	[ENGINE]
	server = Engine1

.. glossary::

	server:
		Enter the IP addresses or Hostnames where you would like to install the HAWK engine.

.. Note::
	To install additional engines please see the manual install process.


4. After you have configured 'hawk-instal.cfg'. You will need to run the hawk-install program using your configuration file. 

``user@host:# hawk-install -c hawk-install.cfg``

Depending on how many servers are configured the install process can take between 10 and 25 minutes to complete. 

Example output:

.. code::

	HAWK Network Defense, Inc.      HAWK 5.0 Installer
	Copyright 2015. All Rights Reserved.
	Parsing configuration: hawk-install.cfg
	Installing: HAWK Directory Services      |################################| 10/10
	Installing: HAWK Data Services (Tier 2)  |################################| 5/5
	Installing: HAWK Data API Services       |################################| 5/5
	Installing: HAWK Tier 1 Configuration    |################################| 4/4
	Installing: HAWK Tier 1 Data Services    |################################| 7/7
	Installing: HAWK UX Services             |################################| 5/5
	Installing: HAWK Engine Services         |################################| 10/10

5. Once the install process completes. Log into the HAWK system and update your license key.