Instance Setup in Oracle Cloud:

Step 1: Create an instance with Ubuntu 22.04(Oracle Linux ) image, 2 core OCPU, and 16GB RAM

Step 2: Download the private key file associated with the instance.

Step 3: Create a Storage Bucket

Go to the Oracle Cloud console and create a bucket with default configurations.

Step 4: Generate Config File in Oracle Cloud

Login to the Oracle Cloud account and navigate to the profile section

Generate a new key pair in the API keys section and download the private key file

Copy the content of the configuration file for future use

Upload the API Key File to the cQube Server:

• Connect to the cQube server using SSH.

• Copy the Oracle API private key file to the server using the command:

scp -i <pem_file_of_server> <private_key_of_oracle_api> ubuntu@<ip>:~/

• Switch to the root user:

sudo su

• Move the private key file to the .oci directory:

mkdir /root/.oci && cd /root/.oci

mv /home/<system_user_name>/<private_key_of_oracle_api> .

• Verify the presence of the file in the current directory:

ls -ltr

• Exit from the root user and continue with the cQube installation.

Instructions to fill the Oracle config variables during installation:

• Copy the config file to the desired location (/root/.oci/config).

• Open the config file and replace the following placeholders with actual values from the API key config file:

User OCID

Tenancy OCID

Region (by index or name)

• Decide whether to generate a new API Signing RSA key pair.

If declining, provide the path to an existing key.

• Specify the location for the API Signing private key file (/root/.oci/<private_key_of_oracle_api>).

(Note: Bucket should be created manually before installation process starts)

Oracle bucket policy creation steps

(Note : These policies are applicable for NVSK data pull)

Step 1: Initially, log in to the Oracle Cloud using the credentials, as illustrated in the screenshot below.

Step 2: Following the guidance from the above screenshot, please type “policies” into the search bar, as depicted in the screenshot below.

Step 3: Simply click on the policies option and proceed to create new policies, as shown in the screenshot below.

Step 4: We already have some existing policies. Please refer to the attached screenshot for more details.

Primary Steps:

Step 1: A SSL certificate must be uploaded if you are opting for the public mode of installation where you want to access cQube using a public API endpoint.

Note : You can ignore the above step if you are opting for localhost installation (single desktop).

Connect to the cqube Oracle instance

ssh -i <path_to_the_pem_file> <user_name>@<public_ip_of_the_instance>

Ex: ssh -i poc_key.pem -o ServerAliveInterval=60 ubuntu@13.200.12.31

Step 2: Clone the cqube-devops repository using following command

git clone https://github.com/Sunbird-cQube/cqube-devops.git

Step 3: Navigate to the directory where cQube is cloned or downloaded and checkout to the desired branch

cd cqube-devops/

git checkout release-v5.0.5(latest release branch)

Step 4: Navigate to the directory cqube-devops/ansible/ssl_certificates.

Copy the certificate and private key inside this cqube- devops/ansible/ssl_certificates folder.

Step 5 : If you are opting to pull the data from the NVSK instance, then make sure to upload the dimension files. If you do not want to pull the data, then you can ignore this step. (Applicable if you choose access type VSK).

If you are opting to pull data from an NVSK instance, then make sure to copy the dimension files inside cqube-devops/ansible/dimension_files

Once all the primary steps of uploading SSL certificates and dimensions are done, we can check prerequisites using the script.

Navigate back to cqube-devops directory

Step 6: Give the following permissions to the pre_requisites.sh file

sudo chmod u+x shell_scripts/pre_requisites.sh

Step 7: Run the pre_requisites script with non root user with sudo privileges

sudo ./shell_scripts/pre_requisites.sh

Step 8 : When steps 6 and 7 are done, you will see the feedback from status checks.

Step 9: Go through the feedback provided, and if you find any issues in red resolve them by following the hints provided. If everything is good then proceed with cqube deployment.

Deployment Process:

Step 1:Refer to the prerequisites checklist section before starting the cqube deployment.- Link

Step 2: Navigate to cqube-devops directory and give the executable permissions to the install.sh file

sudo chmod u+x install.sh

Step 3: Install cQube with non root user with sudo privileges

sudo ./install.sh

Install.sh file contains a shell script where it will run shell scripts and ansible-playbook to setup the cQube

Step 4: Generation of domain specific configuration file - Please refer to the Hints provided and enter the values accordingly.

• access_type: Enter VSK, NVSK, or others.

a) VSK: To set up VSK for a state

b) NVSK: To establish a nationwide cQube deployment

c) Others: To set up cQube for other purposes.

• state_name: Enter the required state code by referring to the state list provided (this variable needs to be filled if you are opting for access_type as VSK; otherwise, it will get filled as NA by default).

• loginpage_status: Enter true if you want to enable the login screen for the CQUBE instance. Otherwise, enter false.

• data_pull_status: Enter true if you want to pull data from an NVSK instance, or else enter false. (You need to fill this variable if you have selected access_type as VSK; otherwise, it will get auto-filled with NA.)

• nvsk_api_endpoint: Enter the NVSK instance api endpoint if you selected true for data_pull_status; otherwise, it will get autofilled with NA.

Once all the above variables are filled, you get prompted with a preview of the domain-specific config file. Review the entered variables. If everything is correct, then type ‘no’ and proceed further, or else enter ‘yes’ and re-enter the variables correctly.

Step 5: Generation of a generic config file: refer to the hints provided and enter the config file accordingly.

• mode_of_installation: Enter public as you have opted for setting up cqube in AWS. (Possible values are public and localhost.)

• storage_type: Enter storage type as oracle. (Possible values are aws, azure, oracle, and local.)

• api_end_point: Enter the url in which the clock is to be configured.

• nginx_cert_file: Enter the name of the SSL certificate file that you uploaded in the SSL_certificates folder.

• nginx_key_file: Enter the name of the private key file that you uploaded in the ssl_certificates folder.

  • Db_credentials: You will be prompted with default database credentials. If you want to continue with the same, enter no; otherwise, enter yes and proceed to enter your database credentials.

    db_user_name ( Enter the postgres database username )

    db_name ( Enter the postgres database name )

    db_password ( Enter the postgres password )

    • Readonly_db_credentials: You will be prompted with default read-only database credentials. If you want to continue with the same, enter no; otherwise, enter yes and proceed to enter your read-only database credentials.

      read_only_db_user_name ( Enter the postgres database username )

      read_only_db_password ( Enter the postgres password )

    • Keycloak_credentials: You will be prompted with the default keycloak admin dashboard credentials. If you want to continue with the same, enter no; otherwise, enter yes and proceed to enter your keycloak credentials.

    Keycloak_adm_name (Enter the keycloak admin name eg: admin)

    Keycloak_adm_password (enter the keycloak admin password eg: Admin@123)

  Step 6: Once the config file is generated, a preview of the config file is displayed, followed by a question where the user gets the option to re-enter the configuration values by choosing ‘yes’. If option ‘no’ is selected, then the install.sh moves to the next section.

• Enter a location for your config [/home/basha/.oci/config]: /root/.oci/config (enter)

• Enter a user OCID

• Enter a tenancy OCID

• Enter a region by index or name: ap-mumbai-1

• Do you want to generate a new API Signing RSA key pair? (If you decline you will be asked to supply the path to an existing key.) [Y/n] : <Click n> n

• Enter the location of your API Signing private key file

Ex: /root/.oci/itadmin@tibilsolutions.com_2023-04-18T10_08_35.916Z.pem

Step 7: A preview of the program_selector.yml file is displayed, followed by a question where the user gets an option to enable or disable the programs by choosing 'yes'. If option 'no' is selected, then the install.sh moves to the next section.

1. If access_type is selected as VSK, the following programs will be displayed: by default, all programs are selected, and the programs are publicly visible.

Note: If you are willing to select the programs, type yes, select the programs you want, and enter public or private for each program to enable or disable the login screen for programs (follow the hints provided).

2. If access_type is selected as NVSK, the following programs will be displayed: By default, all programs are selected, and the programs are publicly visible.

Note: If you are willing to select the programs, type yes, select the programs you want, and enter public or private for each program to enable or disable the login screen for programs (follow the hints provided).

Step 8: Once all the configuration files are generated, the script moves further to clone the cQube microservice repositories and deploy cQube

Step 9: If you selected data_pull_status as true, then you will see the data pulling APIs where the data gets pulled from the NVSK instance and processed in the VSK cQube Once installation is done, we need to wait 20 minutes to visualize the data on the cQube dashboard.

Step 10: Once the installation is completed, you will be prompted with the following messages and required reference urls:

(Note: The installation process is expected to take approximately 30-40 minutes.)

cQube Installed Successfully