Set up and configure PEG

Configure PEG for your environment.

Prerequisites

If you require a proxy configuration, first perform the steps outlined in Configure PEG to work with a proxy.

Ensure the following:
  • Unique ID (UID) provided by Process Discovery
  • Platform endpoint provided by Process Discovery
  • PEG-managed certificates: the apex domain that you want to use for the PEG DNS names (for example, example.com)

Procedure

  1. Log in to PEG through ssh.
    Note: If you do not log in as user named peguser, then ensure that you switch to the peguser before performing these steps: sudo su peguser.
  2. Run the following commands:
    echo "<apex domain>"  > ~/.kudzu/apex_domain.txt 
    echo "<UID>" > ~/.kudzu/appliance.txt
    echo "127.0.0.1" > ~/.kudzu/external_ip.txt
    echo "CSRs Generated" > ~/.kudzu/csr_log.txt
  3. Modify the existing values in ~/peg/text_pipeline/values-gpu.yaml as seen here. Do not include a slash at the end of the URL.
    external_fluentd_url: "https://<Automation Anywhere provided platform endpoint>"
    external_fluentd_port: "443"
  4. Confirm that the PEG VM can reach the Process Discovery platform by running the following: curl https://<Automation Anywhere provided platform endpoint>
    Use the platform endpoint based on where your cloud tenant is located:
    Region Process Discovery provided platform endpoint
    United States https://tr-na-000-fluentd-web.fortressiq.com
    United Kingdom https://tr-uk-00-fluentd-web.fortressiq.com
    Australia https://tr-au-00-fluentd-web.fortressiq.com
    Canada https://prod-ca-001-fluentd-web.fiq-process-intelligence.com
    The following message is displayed:

    400 Bad Request

    'json' or 'msgpack' parameter is required.

    Although that result is an error response, it is expected as the curl is not sending a well-formed message. The response confirms that the server received the request and responded.

  5. Copy the PEG certificates that you created to /peg_v/certs/ directory.
    Ensure that they are named according to the certificate file names in Create certificates.
  6. If you also created your own keys, copy the PEG keys that you created to the /peg_v/keys/ directory. Ensure that the keys are not password protected. Also, ensure that they are named according to the certificate file names in Table 1.
    If you did not create your own keys, the PEG-generated keys are automatically included by PEG.
  7. Run ~/peg/scripts/validatecerts.sh.
    To confirm that the certificates are valid, continue only if the script passes with "All checks passed!"
  8. Reboot to ensure that any updated drivers are applied correctly: sudo reboot now
  9. Run cd ~/peg && ./peg_start.sh.
  10. Select Redaction Management and press Enter, and then select Install module and press Enter again.
    install redaction management

    select install module
    Note: Do NOT install cluster.
  11. Select Vault Management and press Enter, and then select Install Module and press Enter again.
    install vault management

    select install module
  12. Select Storage Management and press Enter, and then select Initialize Storage and press Enter again.
    install storage management

    select initialize storage
  13. Select Cluster Management and press Enter, and then select Load Certificates and press Enter again.
    load the certificates into PEG and select cluster management

    select load certificates
  14. Change the analytics page password. Run the following and enter your password. cd ~/peg/scripts/ && ./change_elastic_password.rb
    Note: The username for logging in to https://analytics-fiq-<UID>.<apex domain> is admin.
  15. Add storage users as needed . You will need at least one user with at least read access to confirm that PEG works. These are the users that can review the redaction of the images. ~/peg/scripts/add-storage-user.rb .
    This script also gives you the option to create users that can edit the pass-and-block (allow/deny) list.
    Note: The username that you create corresponds to the Access Key in the login page for https://storage-fiq-<UID>.<apex domain>. The password corresponds to the Secret Key.
    Configuration is now complete.