Versions Compared

Old Version 5

changes.mady.by.user Sarabjeet Kaur

Saved on

compared with

New Version Current

changes.mady.by.user NIDHI BHANDARI

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Verify desired number of BI server and QE are available on Kyvos Manager portal

  1. On Kyvos Manager Portal, there is a cluster dashboard that contains the instance’s IP along with its Role (BI Server, Query Engines, Kyvos Manager, Web Server).

  2. Check instances and number of BI and QE services along with its role & all services should be healthy (green)

  3. Ensure license has been uploaded and verified from both Kyvos Manager and Kyvos UI

  4. In the license, the allowed number of BI Servers and Query engines can be verified.

  5. License verification from Kyvos Manager: Managing Kyvos License.

Verify user can login to Kyvos Portal

  1. After successfully cluster creation login on Kyvos Portal

  2. Verify completed jobs on Activity Monitor on Kyvos Portal (With Support team)

  3. All activities of the Kyvos portal can be monitored from the Kyvos Portal.

  4. Login on Kyvos Portal > Monitor > Completed processes.

  5. Verify in KMS keys "DevOps AWS console user (Pramod, Humera, Vikas)" are added

  6. In the current CloudFormation Template, the member who creates the cluster only can start the cluster. Other team members can only stop the cluster. To provide the access to team member then their AWS login username should be added to the KMS key.

  7. Go to the AWS KMS (Key Management Service) console at Primary Region, then select customer-managed keys and select cluster KMS key and its key policy.

  8. Go to the AWS KMS console at Disaster Recovery Region, then select customer-managed keys and select cluster KMS key and verify its key policy.

  9. Verify Pem keys and EMR certificate are saved in central S3 bucket

  10. The PEM key and EMR certificate are used in the cluster. The PEM keys are used to login on Bastion host and Kyvos Manager host. These keys are used by DevOps & Support team members. The DevOps team is responsible for saving the keys.

  11. Following S3 bucket used to save the keys & EMR certificate
    Example: S3: kyvos-devops/<region-name>/customer_data/<Stack Name>

  12. Go to S3 bucket and search cluster name, verify PEM keys and EMR certificate in it.

  13. No Error in Application logs after enabling TLS

  14. When the cluster is deployed then application logs should be clear (without an error). To check application logs, login on BI. KM and Web server from terminal then verify the logs from following locations.
    Logs file Location:

Kyvos application Logs (KM Node & WS1 Node) 

...

Verify it from the Kyvos Manager and Kyvos Web portal.

Kyvos Manager Portal

Kyvos Web portal

Image RemovedImage AddedImage RemovedImage Added

Load Balancer Configuration and rules should be proper

...

For “Kyvos Manager ALB”, it should be associated with a separate security group and inbound rule as Protocol: TCP, Type: HTPPS, Port 443, Inbound: 103.250.170.125/32 (Impetus VLAN IP)
 
New KM-ALB SG:   sg-088fa4b571423b5a3

...

In Kyvos Manager, go to Java Options Configurationand append the below parameter in Additional Java Options.
-Dmail.smtp.starttls.enable=true -Dmail.debug=true -Dmail.smtp.ssl.protocols=TLSv1.2

...

 Under Under Security Configurations, update the LDAP values. Save it, apply, and then verify the same by logging in to Kyvos UI using support credentials.

...