LogoLogo
  • Documentation
  • PRODUCT REFERENCE
    • Introduction
    • Concepts and Terminology
      • Console
      • Servers (X Agents)
      • Projects
      • Configurations
      • Rules Editor
      • Rules, rule catalogue, protocol rules and rule sets
      • Test Data
      • Trace Data
      • Flight Recorders
      • Case Managers
      • Data Files
      • Content Files
      • Performance Data
      • Extensions
      • Protocols
      • Credential Vault
      • Custom Functions
      • Databases
      • Input Adaptors
      • Users
      • User Roles
      • Access Rules
      • Repositories
      • Audit Log
      • Proxies
    • Architectural Scenarios
      • Command and Control
      • Simplest Form
      • Servlet Filter
      • API Transformation
      • Active Web Proxy
      • Web Application Server
      • Active Proxy With Content
      • Mobile Application Server
      • Asynchronous Multi-Protocol
      • Data Loss Prevention Architecture
    • Getting Started
      • Login
      • Essential Things to do First
      • Keeping the Product Current
      • Common Console Management Tasks
      • Viewing Active Servers
    • Quick Product Introduction
      • Preparing the Browser Proxy
      • Setting up the Proxy in the Browser
      • Verifying the Browser Configuration
      • Understanding the Configuration
      • Understanding input and variables
      • Preparing a new repository
      • Locating the Page to Modify
      • Determining the Actions Required
      • Building the First Rule Set
      • Setting Rule Properties
      • Connecting up the First Rule
      • Getting a Server Result
      • Manipulating the Server Result
      • Returning the Result to the User
      • Creating a Configuration for the Rule Set
      • Selecting the Input Source
      • Deploying the New Configuration
      • Testing the Rules
    • X Agent details
      • Configuration Settings
      • Rule Sets
      • Tips and Techniques for Working with the Rules Editor
      • Web Application Rule Set Patterns
      • Building Rule Sets for Inclusion
      • Notes on Working with SOAP
      • Zero Installation Rules Testing
    • Data Files
    • Content Files
      • Previewing Content Files
      • Editing Content Files
      • Deploying Content Files
    • Test Data
      • Uploading and Downloading Test Data
    • Performance Data
      • Setting the Performance Collection Level
      • Retrieving the Performance Data
      • Viewing Transaction Counts
      • Viewing Transaction Counts and Inline Time
      • Viewing the Complete Performance Report
      • Understanding the URI Performance Information
      • Performance Benchmarks
    • Trace Data
      • Understanding the Trace
    • Tracing the Result of a System Failure
    • Conjoined Performance and Trace data
    • Live Performance Data and Probes
      • Setting Probes
      • Live Performance Impact Considerations
    • Accessing Server Logs
      • Viewing a log
    • Working with Flight Recorders
      • Searching Flight Recorder Information
      • Retrieving Flight Recorder Data
      • Graphing Flight Recorder Data
    • Working with Case Managers
      • Case Manager Definitions
      • Navigating the Case Managers
      • Creating a Case From Rules
      • Creating a Case From the Console
      • Viewing the Queues
      • Picking a Task
      • Case View
      • Completing a Task
      • Task History
      • Searching Tasks
      • Searching Cases
    • Managing Repositories
      • Moving Files Between Repositories
      • Copying Configurations and Rule Sets Together
      • Copying Dependent Rule Sets
      • Backing up
      • Moving Entire Repositories Between Consoles
      • Setting Repository Imports
      • Specifying Repository Rule Group Restrictions
    • Version Control and Restoring Files
    • Using the Portal UI
      • Using the Start Menu
      • Positioning Windows
      • Resizing Windows
      • Maximize, Restore and Minimize
      • Storing and Switching Desktops
    • Enterprise Level Projects
      • Creating a Project
      • Working with Tasks
      • Closing a Task
      • Closing a Project
      • Project Assistants and Work Output
    • Administration Functions
      • Extensions
      • Custom Function Setup
      • Setting up a Database
      • Input Adaptors
      • Credential Vault
      • Log Adaptors
      • Server Definitions
      • Managing Large Clusters
      • Setting up the Flight Recorder in the Console
      • Creating a Case Manager Definition
      • Work Output
      • Project Definition
      • Managing Users
      • Managing User Roles
      • Managing Access Rules
      • Authenticating via LDAP
      • Authenticating via SAML
      • Audit Log
    • Installation and Configuration
      • Installing on macOS
      • Installing on Red Hat Enterprise Linux
      • Installing on Windows - Quick Start
      • System Requirements
      • Server Installation
      • Understanding the Console Deployment Structure
      • Console Server Type Configuration
      • Console Server Configuration
      • Removing Other Unnecessary Components
      • Installing Inline with an Existing Application
      • Installing a Stand-alone Multi-Protocol Feed Server
      • Installing a Stand-alone Built in Forwarding Proxy
      • Creating a Cluster Slave Console Instance
      • Understanding the magic.properties Configuration Settings
      • Port Numbers and how to Change Them
      • Dealing with Internal Failures
      • Linking Multiple Applications Together into a Single Server
      • Monitoring by External Systems
      • Installation Considerations for Portals
      • Docker Configuration Guide
      • AWS User Deployment Guide
      • Google Cloud User Deployment Guide
    • Creating a Stand-alone Built in Forwarding Proxy
      • Installing with Ubuntu and mySQL
    • Setting up a DNS override for Data Loss Prevention
      • Deciding what to Override
      • Installing a DNS Server for the Overrides
      • Setting the Override
      • SSL Considerations
    • Backup and Restore
      • The Server Component
      • The Console Component
    • Third Party Software
      • Open Source Components
      • Closed Source Licensed Components
      • Licenses
  • PROGRAMMER'S GUIDE
    • Composable Agentic Platform Concepts
    • Setting up a Development Environment
    • Creating a Rule
    • The Kapow Extension - Example
    • Java Documentation
  • CONSOLE WIZARDS
    • Create REST with JSON service
    • Create JDBC database definitions
    • Create data set maintenance custom function
  • BEST PRACTICES
    • Naming Conventions
    • Comments & Descriptions
    • Application Configuration
    • Rules & Rule Sets
    • Repositories
    • Data Manipulation
    • Internationalization
    • Debugging
    • Performance Testing
    • Tag Replacement Techniques
    • Best Practices Repository
  • GUIDES
    • Hello, World!
    • TCL Script Writer Reference
    • Windows Automation Reference
    • Browser Certificate Installation Guide
    • Web Development Guide
    • Using the Push Notification Framework
    • Raspberry Pi with PiFace Reference
    • TomorrowX Portal User Guide
    • Examples
      • CSRF attack prevention
      • Two Factor Authentication
      • Frame Busting
      • Google Analytics
      • DNS Multi Protocol
      • Customer Satisfaction Survey
  • CHANGE HISTORY
    • New in Version 8
    • New in Version 7
    • New in Version 6
    • New in Version 5
    • New In Version 3.1
    • New In Version 3.0
  • 🌏TIME ZONES
  • ❓TROUBLESHOOTING
    • DB2 SQL error: SQLCODE: -443
    • Error 404 when trying to access the console
    • java.io.IOException: Too many open files
    • Accidental deploy to console server
  • ⚙️BROWSE COMPONENTS
  • EULSA
Powered by GitBook
On this page
  • Introduction
  • Installing the CAP Virtual Machine (VM)
  • Knowledge of Googe Cloud services
  • Knowledge of Red Hat Enterprise Linux
  • Architectural Design
  • Simple Solution Design (Marketplace default)
  • High Availability Solution Example
  • Getting started
  • Select a resource
  • Agree to CAP terms
  • Launch
  • Enable required APIs
  • Deploy
  • Create new deployment service account
  • Machine Type & Boot Disk
  • Network Configuration
  • Successful Deployment
  • Usage Instructions
  • Console Login
  • Connect to instance (SSH)
  • Observability & Monitoring
  • Ops Agent
  • Troubleshooting & Maintenance
  • Backup and Recovery
  • Manual Backups
  • Google Cloud Customer Care
Export as PDF
  1. PRODUCT REFERENCE
  2. Installation and Configuration

Google Cloud User Deployment Guide

PreviousAWS User Deployment GuideNextCreating a Stand-alone Built in Forwarding Proxy

Last updated 4 months ago

Introduction

This is a Getting Started guide supplementary to the reference documentation of Composable Agentic Platform (CAP), specifically to help Google Cloud customers with installation, setup, and production considerations when deploying CAP to Google Cloud Platform (GCP) from the available TomorrowX solutions listed on . If you are new to CAP, an introduction to CAP can be found . You can find the TomorrowX partner profile in the . For first time users click the GET STARTED button on the .\

Installing the CAP Virtual Machine (VM)

Knowledge of Googe Cloud services

Knowledge of Red Hat Enterprise Linux

Installed Java (JDK) Version

To determine the installed JDK version, SSH connect to the VM instance and use the command java -version You may need to set JAVA_HOME Example:

# export JAVA_HOME=/usr/lib/jvm/jdk-19 && export PATH=$JAVA_HOME/bin:$PATH
# java -version
openjdk version "19" 2022-09-20
OpenJDK Runtime Environment (build 19+36-2238)
OpenJDK 64-Bit Server VM (build 19+36-2238, mixed mode, sharing)

Architectural Design

Simple Solution Design (Marketplace default)

In this guide we are referencing the initial installation components as made available from the launch directly from Google Cloud marketplace. Using this solution deployment you will be free to adapt the architectural scenario for scale and most appropriate business use case.

High Availability Solution Example

For a better security posture, we provide a sample high availability example for high availability deployed within private subnet behind a load balancer for failover and administration access whereby the CAP Console instance is physically separated to Runtime (n) number of CAP Agents to be auto-scaled relative to anticipated traffic load, and availability requirements.

Getting started

Select a resource

Either select an existing project resource in your GCP organisation, or create a new project for the CAP installation. From the dropdown organisation field in the top banner you are prompted to select an existing resource as follows.

Alternatively you can create a new project by selecting the NEW PROJECT option in the top right where you'll be prompted to define the project name, organisation, and location.

When the new project has been created, it will shortly show as an available resource to select in the banner dropdown select field. You can then proceed to click the get started button.

Agree to CAP terms

Now that you've agreed to the terms, you can continue to launch or deploy

Once terms have been agreed the Getting Started button is replaced, and you are now ready to launch and a deploy CAP VM.

Launch

Enable required APIs

When you press launch for a new project, you will be prompted to enable following APIs required to deploy CAP VM product from Marketplace. Click ENABLE, and be patient for a few minutes whilst these services are enabled.

Deploy

Create new deployment service account

After successfully enabling APIs you will be presented with the deploy page, for a new project you will be required to create a new service account to run the deploy processes for CAP. A new service account will be created with the following roles:

roles/config.agent
roles/compute.admin
roles/iam.serviceAccountUser

Complete the required fields including selecting the compute zone where the CAP VM will be deployed.

Machine Type & Boot Disk

Scroll further down the deploy page, and a General Purpose E2-Standard VM is pre-selected as default (2vCPU 8GB Memory). This selection is ideal for a first time deployment to run the CAP Console and Proxy Servers on this single VM. Boot Disk size of 20GB is configurable depending on how much data you are planning to store on this single VM.

Network Configuration

The default networking confguration will create firewall rules to accept the following traffic.

Once the configuration has been defined for your selections, go ahead and click DEPLOY at the bottom of the page.

Successful Deployment

Once deployed, select the DETAILS tab to access the Admin Url which you can access via a browser.

Usage Instructions

Console Login

First time users can launch the console from the Admin Url as detailed on the Google Marketplace Solution Deployments Details page at https://{Instance IP/DNS}/console e.g. https://12.34.56.78/console

User ID: gcp-user
Password: [Instance ID]

To retrieve the password, select the Resources tab on the Solutions Deployment page, and click on the Compute Engine resource name of the VM instance that has been successfully deployed.

The Compute Engine VM Instances basic information page will open from this link, where you will be able to copy the Instance ID value which is used as the unique administrator password for first time login to the CAP console for User ID gcp-user.

Connect to instance (SSH)

Example gcloud command:

gcloud compute ssh --zone "europe-west3-a" "gcp-cap-vm" --project "cap-gcp-marketplace"

Customer Sensitive Data

When the instance has launched, the only sensitive data within the installation is the gcp-user password, that is initially set as the instance ID of the new VM Instance as detailed in Google Cloud Marketplace solution deployments details page. There is no customer sensitive data stored upon initial deployment.

Where PII or PHI sensitive data could be present you should always encrypt the relevant AWS datastore.

All 3rd party or external services that are utilised to store PII or PHI sensitive data should be encrypted.

Other Sensitive Data

After the VM instance successfully launches in Google Cloud Compute, CAP will auto-start as a running service callef tomorrowstart. When running, it will immediately invoke a token authenticated API GET request to retrieve the metadata instance-id as follows:

http://metadata.google.internal/computeMetadata/v1/instance/id

This is the only request made to the Instance Metadata Service, initiated from the VM instance itself, not externally.

Observability & Monitoring

Ops Agent

Troubleshooting & Maintenance

  • If the console login window does not load or does not log you in, you can check the log files by accessing the VM instance via SSH and navigating to the following location: opt/local/Tomorrow/server/logs - the logs will provide information about the issue preventing proper function.

  • If you can successfully log in to the Console, use the Servers window to check server health where your solutions are deployed to and run from.

  • Navigate to Administration -> Server Definitions area to correct Server definition and connectivity issues such as port definition, host name, and Server Encryption Key.

The tomorrowstart service restarts will also help restore the service application of both the console and server. You need to SSH connect to the instance to perform service restarts.

To stop the service use:service tomorrowstart stop To start the service use: service tomorrowstart start

It is good practice to routinely update the VM instance with available packages. For example, run the ​​sudo yum update command as root user to install RHEL patches and updates .

Backup and Recovery

CAP contains its own internal data store for storing user data, preferences, and the created solutions. There is no fixed backup strategy in place as part of the Google Cloud Marketplace deployment.

Manual Backups

If you wish to take a manual backup of the CAP installation:

  • SSH connect to the VM instance

  • Stop the tomorrowstart service using the command:

# service tomorrowstart stop
  • Zip the entire contents of the TomorrowX Platform installation directory. Default installation path is opt/local/Tomorrow where Tomorrow is the installation directory

  • Copy the zip file to the backup target location of choice

  • Start the tomorrowstart service using the command:

# service tomorrowstart start

You can restore this folder to your new VM instance location, ensuring the tomorrowstart service is reinstalled to the new instance whilst respecting hardware configuration of the original installation from where the backup has been taken.

Google Cloud Customer Care

Basic Support is included for all Google Cloud customers.

- required – required

At the time of writing, this guide has been created with an installation using a Red Hat Enterprise Linux (8.10) Google Cloud public image. Basic Linux commands are required to connect to your instance and perform operational tasks such as server updates, restarts, and SSH connection. Google Cloud's page covers frequently asked questions around support, migration and licenses when running Red Hat Enterprise Linux (RHEL) on Google Compute Engine. Optional suggested reading:

The CAP installation is shipped as single VM instance combining the console and server components. This ensures all available architectural deployment options can be considered as and when solutions are created and released through the development lifecycle into production. The instance may need to connect to various on-premise, hybrid, or external integration points (e.g., databases, CSV data files for processing, or 3rd party API services). Refer to the section for more details for architecting these scenarios.

For any advanced, or new scenarios not listed here, contact us directly for guidance as detailed on the tab of .

Before you deploy, you must check the agree to the CAP details and terms to deploy the CAP product, and AGREE.

Allow TCP port 22 traffic from the Internet (for SSH connection) Allow HTTP traffic from the Internet (port 80) Allow HTTPS traffic from the Internet (port 443 - note SSL certificate is not installed)

If you are planning to use the built in proxy (BIP) then a new firewall rule to allow TCP port 8080 traffic from the test client browser will additionally need to be created once the VM instance is running. This is to avoid security exposures for the default deploy configuration.

Please refer to the product reference section - in order to manage the default accounts and change passwords.

Connect via SSH to the new VM instance via the SSH dropdown options list on the Compute Engine VM Instances basic information page. Read more information about how to connect to Linux virtual machine (VM) instances:

Read more:

The returned instance-id value is used as the unique password to then auto-create the gcp-user credentials, which provides admin console access only to the GCP customer launching the instance. The Google Cloud Marketplace usage instructions then guide the user to the section, such as changing user password and setting user access roles post deployment.

The is the primary agent for collecting telemetry data from your Compute Engine instances. Combining the collection of logs, metrics, and traces into a single process. Ops Agent is not installed as default as a Marketplace Solution Deployment, if required you will be prompted to install Ops Agent on the observability tab on the Compute Engine VM Instances basic information page to capture and monitor this data for the VM instance.

If you install the Ops Agent, then you might be charged for the metrics, logs, or traces that the agent sends to your Google Cloud project. For pricing information read more

Read more in the section

about Google Cloud Basic Support or get more information to .

☑️
☑️
☑️
☑️
☑️
☑️
Google Cloud Compute Engine
Google Cloud Marketplace
Red Hat Enterprise Linux FAQ
Installing on Red Hat Enterprise Linux
Architectural Scenarios
Command and control
Simplest form
Servlet Filter
API transformation
Active web proxy
Web application server
Active proxy with content
Mobile application server
Asynchronous multi-protocol
Data loss prevention architecture
Support
Google Cloud Marketplace product details listing
Essential things to do first
Connect to Linux VMs
About Google Cloud SSH Connections
Essential things to do first
Ops Agent
here
Backup and Restore
Read more
Sign up for other Customer Care offerings
Google Marketplace
here
Google Cloud Partner directory
CAP Product Details page
browser proxy
Page cover image
CAP - High Availability Solution Design
Select a project resource
Create a new project
Agree to CAP terms
Successfully agreed to terms
Enable required APIs
Deploy create a new service account
Machine type & Boot disk size
Default networking configuration
Console Login
GCP Resources
SSH Connect
Ops Agent
TomorrowX
Google Cloud Marketplace Solutions by