Aspera

Aspera

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

Add HSTS (CP4I) as Transfer Node to Aspera On Cloud

By RAJAN N C KRISHNAN posted Wed April 17, 2024 12:59 PM

  

Add HSTS in CP4I as a Transfer Server to Aspera On Cloud

IBM Aspera High Speed Transfer Server (HSTS) can be installed in an OpenShift environment as part of CP4I. This has been available for some time now. However, there were some limitations with the HSTS (CP4I) as compared to the HSTS deployed in virtual machines. For example, if the HSTS were to be added to Aspera On Cloud (AoC) as a tethered node, it had to be added via a Aspera Reverse Proxy. This limitation has been solved and the HSTS (CP4I) can be added to Aspera On Cloud without any reverse proxy.  

This guide explains the steps on how to get this working. 

Pre-Requisites

  1. Have a working HSTS deployed in OpenShift. Have access to issue 'oc' or 'kubectl' commands. Have access to login to OpenShift Console.
  2. Have access to Aspera On Cloud with admin access to the Organization. 
  3. The HSTS NodeURL (that you will find later) MUST have a valid certificate.

Prepare HSTS in CP4I for the integration.

1. Get the NodeAPI user and password from the HSTS. 
Login to the OpenShift Console and go to the namespace where HSTS is installed.

In the Open-shift Console, goto Workloads -> Secrets -> [deployment-name]-asperanoded-admin .
Take note of the username and password. This will be called as NodeUser and NodePassword.

2. Get the NodeAPI URL of the HSTS

oc -n <namespace> get routes

Take note of the http-proxy URL. This will be the NodeURL.

3. Create access-key and secret.  Replace NodeUser, NodePassword and NodeURL with the data collected above. 

curl -ki -u NodeUser:NodePassword https://NodeURL:443/access_keys -d '{"storage":{"type":"local", "path":"/data/"}}'

Take note of the access-id and secret generated. 

4. Create a sub folder for storing files transferred via AoC. Replace ACCESSID, SECRET and NodeURL with the data collected above. 

curl -ki -u ACCESSID:SECRET https://NodeURL:443/files/create -d '{"paths": [ {"path": "aoc", "type": "directory"} ]}'

5. Get the TCP-Proxy External IP address

Look for External-IP of the TCP-Proxy and take note of it. This will called the TCP-Proxy-IP.

oc -n <namespace> get svc

Add HSTS to Aspera On Cloud

1. Login to AoC as a user with admin access. Go to the 'Admin' Application page.
https://AOC-URL/admin

2. Click on "Nodes and Storage" and click on "Node". Then, click on "Create New" and pick the "Attach My Aspera Server" tab. 

Enter details as in the next screenshot.

Click on 'Create' and the node should be successfully created. You will be asked to enter the secret to browse the storage of HSTS. You can safely click Cancel at this point. 

3. Go to 'Workspace' and Create a new WorkSpace. Refer to screenshot below.

Click on Create. That should create a new Workspace and upon successfully creating, it will bring you to the workspace configuration page. 
4. In the workspace configuration page, click on Members. Add members as needed to the workspace. 
That's it. Now you can login as the user who is a member of the workspace and test transferring files from either the Files or Packages applications. 
Files should be stored in the /data/aoc/ folder in the ascp container.
0 comments
14 views

Permalink

https://community.ibm.com/community/user/blogs/rajan-n-c-krishnan1/2024/04/17/add-hsts-cp4i-as-transfer-node-to-aspera-on-cloud