Set up and configure PEG
Configure PEG for your environment.
If you require a proxy configuration, first perform the steps outlined in Configure PEG to work with a proxy.
- Unique ID (UID) provided by FortressIQ
- Platform endpoint provided by FortressIQ
- PEG-managed certificates: the apex domain that you want to use for the PEG DNS names (for example, example.com)
Log in to PEG through ssh.
Note: If you do not log in as user named peguser, then ensure that you switch to the peguser before performing these steps:
sudo su - peguser.
Run the following commands:
echo "<apex domain>" > ~/.kudzu/apex_domain.txt
"<UID>" > ~/.kudzu/appliance.txt
echo "127.0.0.1" > ~/.kudzu/external_ip.txt
echo "CSRs Generated" > ~/.kudzu/csr_log.txt
Modify the existing values in ~/peg/text_pipeline/values-gpu.yaml as seen here.
Do not include a slash at the end of the URL.
external_fluentd_url: "https://<FortressIQ provided platform endpoint>"
Confirm that the PEG VM can reach the FortressIQ platform by
running the following:
curl https://<FortressIQ provided platform endpoint>The following message is displayed:
400 Bad Request
'json' or 'msgpack' parameter is required.
Although that result is an error response, it is expected as the curl is not sending a well-formed message. The response confirms that the server received the request and responded.
Copy the PEG certificates that you created to /peg_v/certs/ directory.
Ensure that they are named according to the certificate file names in Table 1.
If you also created your own keys, copy the PEG keys that you created to the
/peg_v/keys/ directory. Ensure that the keys are not password protected. Also,
ensure that they are named according to the certificate file names in Table
If you did not create your own keys, the PEG-generated keys are automatically included by PEG.
~/peg/scripts/validatecerts.sh.To confirm that the certificates are valid, continue only if the script passes with "All checks passed!"
Reboot to ensure that any updated drivers are applied correctly:
sudo reboot now
cd ~/peg && ./peg_start.sh.
Select Redaction Management and press Enter, and then select Install
module and press Enter again.
Note: Do NOT install cluster.
Select Vault Management and press Enter, and then select System
Monitoring and press Enter again.
Select Storage Management and press Enter, and then select Initialize
Storage and press Enter again.
Select Cluster Management and press Enter, and then select Load
Certificates and press Enter again.
Change the analytics page password. Run the following and enter your password.
cd ~/peg/scripts/ && ./change_elastic_password.rbNote: The username for logging in to https://analytics-fiq-<UID>.<apex domain> is admin.
Add storage users as needed . You will need at least one user with at least
read access to confirm that PEG works. These are the users that can review the
redaction of the images.
~/peg/scripts/add-storage-user.rb.This script also gives you the option to create users that can edit the pass-and-block (allow/deny) list.Note: The username that you create corresponds to the Access Key in the login page for https://storage-fiq-<UID>.<apex domain>. The password corresponds to the Secret Key.Configuration is now complete.