Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
Words and Phrases
| Search for | Example | Results |
|---|---|---|
| A single word | cat
|
Topics that contain the word "cat". You will also find its grammatical variations, such as "cats". |
|
A phrase. You can specify that the search results contain a specific phrase. |
"cat food" (quotation marks) |
Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase. |
Using Boolean Operators
| Search for | Operator | Example |
|---|---|---|
|
Two or more words in the same topic |
|
|
| Either word in a topic |
|
|
| Topics that do not contain a specific word or phrase |
|
|
| Topics that contain one string and do not contain another | ^ (caret) |
cat ^ mouse
|
| A combination of search types | ( ) parentheses |
|
- Configure CSA on each CSA node
- Edit properties
- Enable JNDI
- Request a software license
- Configure Marketplace Portal redirection
- Configure JBoss
- Configure a secure connection
- Configure the Identity Management component
- Configure SAML on CSA nodes in a clustered environment
- Reconfigure the CSA service
- Configure global search
- Configure the TCP communication channel on JGroups
- Configure SSO
Configure global search
Global search allows you to find a certain service offering, service instance, or subscription by a meaningful keyword from the Marketplace Portal. For service offerings, global search finds the keyword in the name, description, option sets, options, and properties. For service instances and subscriptions, global search finds the keyword in the name, description, and instance properties (name and value).
Global search is enabled by default. Global search must be enabled to be available on the Marketplace Portal. See the Cloud Service Automation Configuration Guide for more information about enabling and disabling global search.
Caution Be sure to disable global search in a FIPS 140-2 compliant environment.
To configure global search, do the following:
-
Edit the
CSA_HOME/elasticsearch-1.6.1/config/elasticsearch.ymlfile:-
Uncomment the
cluster.nameproperty and set it to a unique name that is shared by all the nodes in the cluster. That is, if you have more than one clustered environment on the same network, each clustered environment should have a unique cluster name. All the nodes in the single clustered environment will share the same cluster name.For example,
cluster.name: "csa_cluster" -
Set the
node.nameproperty to a unique name. Each node in the cluster must have a unique node name.For example,
node.name: "node1" -
Uncomment the
node.masterproperty and set it to true to make this node a master node. All nodes in the cluster should be a master node.For example,
node.master: true -
Optionally, uncomment and set the
node.dataproperty. Refer to the comments in the file for information of how to combine this and thenode.masterproperty settings to suit the requirements of the node. -
Comment out the
node.local: trueproperty. When disabled, global search can find and communicate with other nodes on the network. If this property is left enabled, global search will not discover other nodes and will isolate itself from the network. -
Verify that the following properties are set to these values (and if they are not set to these values, set them to these values):
transport.tcp.port: 9300
http.port: 9201
http.enabled: true
discovery.zen.ping.timeout: 5s -
Set the
discovery.zen.ping.unicast.hostsproperty to the IP addresses of the master nodes that perform discovery when new master or data nodes are started. Since all nodes in the cluster are master nodes, set this property to all IP addresses of the nodes in the cluster.For example,
discovery.zen.ping.unicast.hosts: ["111.222.333.444","111.222.333.445","111.222.333.446"] -
Locate the
Transport layer SSLsection and do the following:-
Verify that the following properties are set to these values (and if they are not set to these values, set them to these values):
searchguard.ssl.transport.node.keystore_type: JKS
searchguard.ssl.transport.node.keystore_password: changeit
searchguard.ssl.transport.node.truststore_type: JKS
searchguard.ssl.transport.node.truststore_password: changeit -
Set the
searchguard.ssl.transport.node.keystore_filepathproperty to the location of the CSA keystore. For example,Windows:
searchguard.ssl.transport.node.keystore_filepath: C:\Program Files\HPE\CSA\jboss-as/standalone/configuration.keystoreLinux:
searchguard.ssl.transport.node.keystore_filepath: /usr/local/hpe/csa/jboss-as/standalone/configuration.keystore -
Set the
searchguard.ssl.transport.node.truststore_filepathproperty to the location of the CSA truststore. For example,Windows:
searchguard.ssl.transport.node.truststore_filepath: C:\Program Files\HPE\CSA/openjre/lib/security/cacertsLinux:
searchguard.ssl.transport.node.truststore_filepath: /usr/local/hpe/csa/openjre/lib/security/cacerts
-
-
Locate the
REST layer SSLsection and do the following:-
Verify that the following properties are set to these values (and if they are not set to these values, set them to these values):
searchguard.ssl.transport.http.keystore_type: JKS
searchguard.ssl.transport.http.keystore_password: changeit
searchguard.ssl.transport.http.truststore_type: JKS
searchguard.ssl.transport.http.truststore_password: changeit -
Set the
searchguard.ssl.transport.http.keystore_filepath:property to the location of CSA's keystore. For example,Windows:
searchguard.ssl.transport.http.keystore_filepath: C:\Program Files\HPE\CSA/jboss-as/standalone/configuration/.keystoreLinux:
searchguard.ssl.transport.http.keystore_filepath: /usr/local/hpe/csa/jboss-as/standalone/configuration/.keystore -
Set the
searchguard.ssl.transport.http.truststore_filepathproperty to the location of the CSA truststore. For example,Windows:
searchguard.ssl.transport.http.truststore_filepath: C:\Program Files\HPE\CSA/openjre/lib/security/cacertsLinux:
searchguard.ssl.transport.http.truststore_filepath: /usr/local/hpe/csa/openjre/lib/security/cacerts
-
- Save and exit the file.
-
- In the
csa.propertiesfile, set the value of thecsa.provider.msvc.hostnameproperty with the local nodeFQDN. -
In the
CSA_HOME/csa-search-service/app.jsonfile, set the values of the following properties:ccue-basic-server.hostwith the local nodeFQDNmsvc-basic-search.searchidmURLshould point to the load balancer FQDN and load balancer port 8443. -
If the cluster setup is using default CSA (self-signed) certificates, complete the following step. (This step is not required if the cluster runs valid certificates signed by a common CA).
In the
csa-search-service\app.jsonfile, find the following keys and change the values to false:msvc-basic-search.strictSSLrejectUnauthorized -
Verify that the following High Availability configurations in the
CSA_HOME/csa-search-service/app.jsonfile, are maintained after the installation of CSA:-
msvc-basic-search.idmURL:[APACHE_LOAD_BALANCER_HOSTNAME]:[APACHE_LOAD_BALANCER_CSA_HTTPS_PORT]/idm-serviceFor example:
For Load balancer:
idmURL:https://http-loadbalancer.csapcoe.hp.com:8443/idm-serviceFor Apache load balancer:
idmURL:https://http-apache.csapcoe.hp.com:8443/idm-servicewhere port 8443 is the
-
cert.cashould point to theFor example:
For Load balancer:
"ca": "C:/Program Files/HPE/CSA/jboss-as/standalone/configuration/loadbalancer_csa.crt".For Apache load balancer:
"ca": "C:/Program Files/HPE/CSA/jboss-as/standalone/configuration/apache_csa.crt".The name of the
crtfile cannot remain asjboss.crtwhich is set as the default.
-
-
Create the security key on one node and copy it to the other nodes in the cluster. The security key is used to authenticate the communication between the nodes in the cluster when sharing the shards and replicas of the inventory index. The security key must be the same on all nodes in the cluster.
-
On a
CSA_Node(for example,csa_node1), complete the following steps:Windows:
Stop then start the Elasticsearch 1.6.1 service:
- Navigate to the Services screen (Control Panel > Administrative Tools > Services).
- Right-click on the Elasticsearch 1.6.1 service and select Restart.
Linux:
Stop, then start CSA. Open a command prompt and type:
service csa restart -
After the service has restarted on
csa_node1, copy theCSA_HOME/elasticsearch-1.6.1/searchguard_node_key.keyfile fromcsa_node1to all other nodes in the cluster. Copy the file to the same directory (CSA_HOME/elasticsearch-1.6.1/) and use the same file name on the other nodes. -
On all nodes in the cluster except
csa_node1, complete the following steps:Windows:
Restart the the Elasticsearch 1.6.1 service:
- On all nodes in the cluster except
csa_node1, navigate to the Services screen (Control Panel > Administrative Tools > Services). - Right-click on the Elasticsearch 1.6.1 service and select Restart.
Linux:
Restart CSA on all nodes in the cluster except
csa_node1. Open a command prompt and type:service csa restart - On all nodes in the cluster except
-
-
Complete the following steps:
Windows:
Stop the HPE Search Service and CSA services and then start them:
- Navigate to the Services screen (Control Panel > Administrative Tools > Services).
- Right-click on the HPE Search Service service and select Stop.
- Right-click on the HPE Cloud Service Automation service and select Stop.
- Right-click on the HPE Search Service service and select Start.
- Right-click on the HPE Cloud Service Automation service and select Start.
Linux:
Restart CSA. Open a command prompt and type:
service csa restart -
If you changed the
cluster.name, you must create new indexes. Do the following:Note On Windows, the Elasticsearch 1.6.1 service or on Linux, CSA must be running.
-
Open a command prompt and navigate to
CSA_HOME/csa-search-service/bin/. -
Run the following command:
Windows:
"CSA_HOME\node.js\node.exe" create-index.jsLinux:
CSA_HOME/node.js/bin/node create-index.jsIf displayed, ignore the following errors:
ERROR: Error connecting to Elasticsearch server. Cannot create index catalog. Error: DEPTH_ZERO_SELF_SIGNED_CERT
ERROR: Error connecting to Elasticsearch server. Cannot create index inventory. Error: DEPTH_ZERO_SELF_SIGNED_CERTIt may take a few minutes for the first CSA artifact to be indexed.
-
We welcome your comments!
To open the configured email client on this computer, open an email window.
Otherwise, copy the information below to a web mail client, and send this email to clouddocs@hpe.com.
Help Topic ID:
Product:
Topic Title:
Feedback: