Deploying HSTS using the OpenShift web console

You can use OpenShift to deploy the HSTS operator and create an HSTS service instance. HSTS is a remote endpoint that accepts authenticated connections from Aspera client applications and that participates as a source or destination for authorized transfers. Your server can also take the role of a client and connect to other Aspera servers to initiate transfers.

Note: You must have completed the required prerequisites before you do this procedure. See Before you begin.
Note: When deploying HSTS, the OpenShift web console provides the Condition for the current status. The console might also provide an Error message condition if it finds something that is not properly configured. To continue deploying, the error needs to be fixed. See High-Speed Transfer Server deployment conditions and error messages.
CAUTION:
If your environment does not provide public IP addresses for worker nodes (for example, with AWS), you must use Aspera Proxy to allow transfers from clients to the HSTS instance, which requires additional configuration of your HSTS instance. See Using Aspera Proxy with HSTS.

Deploying the HSTS operator

If the operator has already been installed by your administrator, skip ahead to the instructions for instantiating the HSTS service instance.

Note: If deploying multiple HSTS instances, you must use a unique name for each namespace that you create because the cluster doesn’t allow using the same name.
  1. Access the OpenShift web console for your cluster.

    For example, if OpenShift is deployed on https://cloud.ibm.com/, log on and select your account from the drop-down. Then, after Resource summary, select Clusters, and select the name of your cluster. From your cluster page, select OpenShift web console.

  2. In the OpenShift web console, click Operators > OperatorHub.
  3. From the Project drop-down list, make a selection for the namespace you want to use.
  4. Under All Items, search for IBM Aspera HSTS.
  5. Click the IBM Aspera HSTS Operator tile.
  6. On the IBM Aspera HSTS page, click Install.
  7. In the Installation Mode section, make a selection for either installing the operator in all namespaces, or installing the operator in a single namespace (which you must specify).
  8. Under Update Channel, you must select v1.1 to be able to install the 4.0+ version of HSTS.
  9. In the Approval Strategy section, select Automatic if you want operator upgrades to be applied automatically, or Manual if you want to apply them yourself.
  10. Click Install.

    The Installed Operators page opens, providing the status of the operator installation for both HSTS and Redis (which is required for HSTS). When complete, the Status column displays Succeeded.

Create an HSTS service instance

  1. Navigate to Operators > Installed Operators.
  2. Click IBM Aspera HSTS.
  3. On the Details tab, under Provided APIs, click Create Instance.

Configuring the instance

OpenShift offers two methods for configuring the instance; the Form view and the YAML view. The Form view gives the standard configuration options and is selected by default. The YAML view opens an editor containing an example YAML file for a resource. Select the Samples tab to display the options and their descriptions. To select the sample you want to use, click Try it. The YAML file for that configuration is then displayed.

  1. Add the Name for your instance. It is best to use a name that is easy to remember and that is descriptive, as the name is used as part of the URL. The default name of the instance is quickstart.
  2. If you want to use one or more Kubernetes labels, use the Labels field.
  3. If you want to use a TCP proxy service type for incoming FASP transfers from clients that is different from the default, add it to the YAML file.

    Put this section inside the services element, with the indentation as the other elements that are in services.

  4. In the License section of the form:
    1. Toggle the Accept License button to True to accept the conditions of your license.
    2. In the Aspera License field, enter your license.
    3. From the License use drop-down, select your license use type (for production or non-production use).
      Note: To obtain full HSTS performance you need an Aspera production environment license.
  5. If you want to use a different version of the operand, enter the version number in the Operand version field.
  6. In the Storages section you must specify the storage.
    1. In the Claim name field, provide a name for your Persistent Volume Claim storage.
    2. From the Storage Class drop-down list, select the storage class that you want to use. If you are using storage that you created before you installed the operator, from the drop-down list select the storage class that you want to use so that your storage is mounted when the HSTS service is created.
    3. In the Mount Path field, change the name if you want to use a different one. The mountPath specification is required. It defines where the storage will be mounted to the pod (the name is up to you).
    4. Set Delete Claim to True if you want the claim to be deleted when the operand is deleted.
  7. In the Redis section, select a storage class to store AppendOnlyFiles for the Redis database.
    CAUTION:
    If you do not do so, you will not be able to perform upgrades, which require doing a backup and restore of Redis data. For information about upgrading, see Upgrading High-Speed Transfer Server.

    Note that the quick start deployment example does not have persistent Redis storage but the production configuration example does.

  8. Click Advanced Configuration to display additional configuration options.
    1. If you want to use a UDP port different from the default ASCP UDP Host Port 33001, enter it in the UDP Host Port field.
      CAUTION:
      If you install more than one instance of HSTS in a cluster, each UDP port must be unique. And the port number must be greater than 1024 and not within the range of 30000-32767.

The following instructions describe additional settings that you must configure:

  1. To configure the Endpoints click YAML view (which allows configuration of fields that may not be represented in the Form view). Add an endpoints section to define the values for your SSH and API URL. If you want to use a different host name for API traffic, enter it in the API URL field.

    Put this section inside the status element, with the indentation as the other elements that are in status

    Your configuration file should look like this:
    status:
  endpoints:
    - name: ascp
      type: ssh
      uri: 'tcp://your-aspera-tcp-proxy:33001'
    - credentials:
        pass: <pass>
        secretName: <your-secret-name>
        user: <user>
      name: asperanoded
      type: api
      uri: >-
        <https://<your_aspera_route_url>
  2. If you are using a Node API user name, password, and secret that you created before installing the operator (as described in Before you begin), you must specify your secret name in the YAML file.

    Add a Node Admin section to define the values that you used when you created the Kubernetes secret for credentials.

    For example, you can use this command to create your credentials: 

    oc create secret generic mySecretName \
--from-literal=NODE_USER="myUserName" \
--from-literal=NODE_PASS="myPassWord"
    Now add your credentials to your YAML configuration file. The file should look like this: 
    credentials:
    user: NODE_USER
    secretName: mySecretName
    pass: NODE_PASS

    Put this section inside the spec element, with the same the indentation as the other elements in spec.

    Note that you use the literal name string for secretName, but the variable names NODE_USER and NODE_PASS for user and pass.

    When you do this configuration, the deployment uses the credentials you have created, rather then generating them automatically.

  3. Click Create.

    The Aspera HSTS Service tab displays the status of the HSTS instantiation. When it is complete, the Status column displays Running.

Next

Review Initiating high-speed transfers.