Contents

Prerequisites

The Charon-SSP VE License Server has a number of prerequisites:

The VE license server package
A suitable Linux cloud instance in a supported cloud environment to be used as the VE license server
Correct firewall settings
The VE-capable Charon-SSP emulator software running on a Charon host with appropriate network access to the VE license server

These items are described below.

VE License Server Package

The Charon-SSP VE License Server package is delivered as an RPM package. Stromasys or your Stromasys VAR will provide you with the software or a download link.

Package name:

license-server-<version>.rpm

Where <version> indicates the version of the software, for example, 1.0.35.

Linux Cloud Instance for License Server

The license server package must be installed on a Linux cloud instance.

Currently supported cloud providers:

Amazon AWS
Oracle Cloud Infrastructure (OCI)
Microsoft Azure
Google Cloud Platform (GCP)

Please refer to your cloud provider's documentation for configuring and launching an appropriate instance. A description of the basic steps of launching an instance can be found in Additional Information.

Depending on the cloud environment, Stromasys may offer a prepackaged Charon-SSP VE image on the cloud marketplace. This image includes the Charon-SSP emulator software (already installed) and the VE License Server RPM package (can be installed optionally). An instance launched from such a prepackaged image can also be used as a VE license server.

Software requirements for License Server:

Red Hat, CentOS, or Oracle Linux (64-bit) versions 7.x or 8.x

Basic hardware requirements (the shape or instance type capabilities) for running only the license server:

Must be sufficient for the selected Linux operating system.

Additional hardware requirements (the shape or instance type capabilities) for running the emulator software on the same system:

If the license server is combined with the Charon-SSP emulator software on the same instance, the instance used must satisfy the requirements of the Charon-SSP host and all instances that will run on it. If this requirement exists, please refer to your Charon-SSP user's guide for details.

Additional general requirements:

In the AWS cloud, an IAM role allowing the ListUsers action (IAMReadOnlyAccess in the example below) must be attached to the instance. This can be done during the launch of the instance as shown in the sample below.

Alternatively, the role can be set/changed by selecting the instance, right-clicking on it, and selecting Security > Modify IAM Role (in the older AWS console, use the Action menu). If such a role has not yet been defined, please refer to Creating and Attaching an AWS IAM Role and to the documentation provided by AWS for additional information.

Firewall Settings

Communication Between License Server and Client System

Any intermediate firewall as well as the cloud-specific subnet and instance security settings must permit the following ports for the appropriate source systems:

TCP/8083: must be permitted on the license server for the client system to enable the use of the license by the client.
TCP/8084: must be permitted by the license server for any system that should access the web interface to display information about licenses and active clients (currently not encrypted, hence should not be run across the Internet without a VPN).

See Cloud-Specific Firewall Information for information about the traffic filtering mechanisms used in the different cloud environments.

Simplified sample commands if firewalld is used on the Linux system:

# firewall-cmd --permanent --zone=public --add-port=8084/tcp

# firewall-cmd --permanent --zone=public --add-port=8083/tcp

# firewall-cmd --reload

The default zone name can be found with the command firewall-cmd --get-default-zone, a list of all zones can be displayed with the command firewall-cmd --get-zones.
The parameter --permanent writes the command to the respective firewalld configuration files. To add the command to the running firewall, re-run it without the parameter --permanent.
The simplified sample above does not limit the source IP address to the addresses of the license clients. This would require a more sophisticated configuration. Please refer to the documentation of your Linux system.

Communication Between License Server and Cloud Infrastructure

The license server must be able to access information provided by the cloud infrastructure. In particular, it must be able to communicate with the following addresses/systems:

The metadata server of the cloud environment (169.254.169.254) on AWS, Azure, OCI, and GCP.
If running on AWS, the host iam.amazonaws.com
If running on GCP, the host www.googleapis.com
Once support has been implemented for IBM cloud, the license server will need to communicate with the hosts iam.cloud.ibm.com and resource-controller.cloud.ibm.com.

Any intermediate firewall as well as the cloud-specific subnet and instance security settings must permit communication with these systems for the VE license server to function properly. See Cloud-Specific Firewall Information for information about the mechanisms used in the different cloud environments, and your Linux firewall documentation for any Linux specific questions.

Charon-SSP VE-Capable Emulator and Management Software

The VE license server software requires matching Charon-SSP emulator software. The necessary features are available in Charon-SSP 4.2.x and later. Stromasys or your Stromasys VAR will provide you with the software or a download link. In certain cloud environments, Stromasys may offer a prepackaged Charon-SSP VE image on the cloud marketplace. This image includes the Charon-SSP emulator software (already installed) and the VE License Server RPM package (can be installed optionally). If you use a Charon host in the cloud and the instance was launched from such a prepackaged image, the required VE-capable emulator software is already installed (refer to the respective cloud-specific Getting Started Guide for more information).

Please note: The protocol versions used by the emulator software and the license server must be compatible. The software checks for compatible protocol versions and reports an error should there be a mismatch.

The Charon-SSP packages to be installed are the following RPM packages:

Management components (not VE-specific):
- charon-agent-ssp-<version>-x86_64.rpm
- charon-director-ssp-<version>.rpm
- charon-manager-ssp-<version>.rpm
VE-capable emulator software:
- charon-ssp-<architecture>-<version>.ve.el7-x86_64.rpm
- charon-ssp-<architecture>-<version>.ve.el8-x86_64.rpm

In the above list, the placeholders have the following meaning:

<version> indicates the software version (e.g., 4.2.5).
<architecture> indicates the type of emulated SPARC covered by the software (currently it can have the values 4m, 4u, 4v, 4u+, or 4v+).
The string ve in the package containing the Charon emulator software indicates that this version of the emulator requires a VE license server.
The string el7 denotes packages intended for Red Hat/CentOS/Oracle Linux 7.x.
The string el8 denotes packages intended for Red Hat/CentOS/Oracle Linux 8.x.
Charon Agent, Manager, and Director are not license-model specific.

Please note:

Unless there is GUI access to the Charon-SSP host system (or an option to use X11-Forwarding via SSH), Charon Manager and Charon Director must be installed on a remote management system that will be used to configure and manage the Charon-SSP software. The Charon-SSP emulator software can also be run from the command-line, in which case Charon Manager and Director are not required.
The Charon Agent package contains the RPM and Debian packages for the Charon Manager on Linux and a ZIP file for the Charon Manager on Microsoft Windows (charon-manager-ssp-<version>.zip).
The Charon-SSP VE emulator software can run on the same system as the license server or on a separate system with appropriate network access to the VE License Server.

VE License Server Software Installation

If you are not familiar with the installation of RPM packages, please refer to the regular user's guide or your Linux system documentation.

Please note:

In versions before 1.0.17, the license server will not start automatically after the initial installation. It will be started once a valid license has been installed (see Installing a License on the VE License Server).
When upgrading to version 1.0.24 from an older version of the license server, a license update is required due to a change in the license schema.
If you plan to use a primary and a backup license server, the license server software must be installed on both systems.

VE License Server Installation Steps

Perform the following steps to install the VE License Server software:

Copy the license server software package to the cloud instance (if still required):
1. Use sftp to connect to the cloud instance.
  # sftp -i ~/.ssh/<mykey> <user>@<cloud-instance-ip>
  where
  1. <mykey> is the private key of the key-pair you associated with your cloud instance
  2. <user> is the user associated with your cloud instance (e.g., opc on OCI, or centos for a CentOS instance on AWS; for an instance installed from a prepackaged Charon-SSP VE image, use the SFTP user charon)
  3. <cloud-instance-ip> the ip address of your cloud instance
2. Copy the software package to the cloud instance using the following sftp command:
  > put <local-path-to-license-server-package>
Use ssh to log in on the cloud instance.
# ssh-i ~/.ssh/<mykey> <user>@<cloud-instance-ip>where
1. <mykey> is the private key of the key-pair you associated with your cloud instance
2. <user> is the user for interactive login associated with your cloud instance (e.g., opc on OCI, or centos for a CentOS instance on AWS; for an instance installed from a prepackaged Charon-SSP VE image, use sshuser)
3. <cloud-instance-ip> the ip address of your cloud instance
As a privileged user (root) go to the directory where you stored the installation package and install the package:
1. Become the root user: # sudo -i
2. Go to the package location: # cd <path-to-package-directory>On an instance installed from a prepackaged Charon-SSP VE image, the installation package is stored under /charon/storage)
3. Install the package:
  1. Linux 7.x: # yum install license-server*.rpm
  2. Linux 8.x: # dnf install license-server*.rpm

Below, you find the sample output of an installation:

# yum install license-server-1.0.35.rpm
Loaded plugins: fastestmirror, langpacks
Examining license-server-1.0.35.rpm: license-server-1.0.35-1.x86_64
Marking license-server-1.0.35.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package license-server.x86_64 0:1.0.35-1 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package            Arch       Version         Repository                  Size
================================================================================
Installing:
 license-server     x86_64     1.0.35-1        /license-server-1.0.35      79 M

Transaction Summary
================================================================================
Install  1 Package

Total size: 79 M
Installed size: 79 M
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : license-server-1.0.35-1.x86_64                               1/1 
  Verifying  : license-server-1.0.35-1.x86_64                               1/1 

Installed:
  license-server.x86_64 0:1.0.35-1                                              

Complete!

Charon-SSP VE-Capable Emulator Software Installation

General Information

The Charon-SSP packages are RPM packages that are installed using the yum (Linux 7.x), dnf (Linux 8.x), or rpm command. They can be copied to the Charon host system using SFTP as shown in the example for copying the license server RPM.

At least the required emulator packages (charon-ssp-4*.rpm) and the agent (charon-agent*.rpm) must be installed for the system to run emulated SPARC systems and to allow remote management by the Charon Manager. If local management with graphical tools is required, then the Charon Manager and the Charon Director packages must also be installed.

For detailed host system requirements and for the management of the Charon-SSP software, please refer to the regular Charon-SSP documentation on the Stromasys Product Documentation and Knowledge Base pages.

Please note: To use the graphical user interface (Charon Manager for SSP) the Charon Manager package typically is installed on your local Linux or Windows PC that will be used for management purposes. Running the Charon Manager in a non-graphical cloud instance and export it via X11-Forwarding is possible, but will require additional configuration and installation steps (with access to a package repository) - this is outside the scope of this document. It is also possible to manage Charon-SSP via the command-line only. This is described in the general Charon-SSP user's guide.

Possible Additional Requirements

Many Linux server instances are missing packages that are typically available on workstation installations. Such packages may have to be installed, for example, if Charon-SSP graphics device emulation or audio emulation are to be used. The same applies to the Charon-SSP Manager, the Server JIT feature, and some non-critical functions of the Charon Agent. On prepackaged Charon-SSP cloud marketplace images, the necessary packages are preinstalled.

The following table provides an overview of the packages that may be missing:

RPM Package	Graphics and audio emulation	Charon Manager*	Server JIT feature	Charon Agent
libX11	x	x
xorg-x11-server-utils	x	x
alsa-plugins-pulseaudio	x
gtk2		x
xorg-x11-xauth (only required for X11-Forwarding)		x
libicu (version 50 for Linux 7.x, version 60 for Linux 8.x)			x
pciutils				x

* If you install the Charon Manager with the yum (or dnf) command, these packages (except for xorg-x11-xauth) and any dependencies that these packages themselves may have, are resolved automatically if a package repository is available.

If you suspect problems caused by missing packages and the emulator was started via the Charon Manager, check the emulator crash-log file in addition to the emulator log file. If starting the emulator from the command-line, review the command-line output.

The packages above have their own dependencies. Install the above packages with the yum (or dnf) command in order to have their dependencies automatically installed. If your server does not have access to the standard operating system repositories, refer to this document for instructions on setting up a local repositories.

Sample Installation

Only the Charon-SSP emulator packages (4M, 4U(+), 4V(+)) are specific to the license model used. The packages required for managing Charon-SSP (Charon Agent, Manager, and Director) are the same as in the conventional product of the same version.

For detailed host system requirements and for the management of the Charon-SSP software, please refer to the regular Charon-SSP documentation on the Stromasys Product Documentation and Knowledge Base pages.

The log output below shows a sample Charon-SSP emulator and management package installation on a Linux 7 system:

# yum install charon*.rpm

(lines removed)

Resolving Dependencies
--> Running transaction check

(lines removed)

Dependencies Resolved

================================================================================
 Package                 Arch   Version     Repository                    Size
================================================================================
Installing:
 charon-agent-ssp        x86_64 4.2.5-1     /charon-agent-ssp-4.2.5-x86_64 32 M
 charon-director-ssp     x86_64 4.2.5-1     /charon-director-ssp-4.2.5     287 k
 charon-manager-ssp      x86_64 4.2.5-1     /charon-manager-ssp-4.2.5      5.8 M
 charon-ssp-4m           x86_64 4.2.5.ve.el7-1  /charon-ssp-4m-4.2.5.ve.el7-x86_64 6.1 M
 charon-ssp-4u+          x86_64 4.2.5.ve.el7-1  /charon-ssp-4u+-4.2.5.ve.el7-x86_64 54 M
 charon-ssp-4v+          x86_64 4.2.5.ve.el7-1  /charon-ssp-4v+-4.2.5.ve.el7-x86_64 54 M

Installing for dependencies:
 
(lines removed)
 
Transaction Summary
================================================================================
Install  6 Packages (+32 Dependent packages)

Total size: 161 M
Total download size: 8.9 M
Installed size: 183 M
Is this ok [y/d/N]: y
Downloading packages:

(lines removed)

Running transaction check
Running transaction test
Transaction test succeeded
Running transaction

(lines removed)

Installed:
  charon-agent-ssp.x86_64 0:4.2.5-1      charon-director-ssp.x86_64 0:4.2.5-1   
  charon-manager-ssp.x86_64 0:4.2.5-1    charon-ssp-4m.x86_64 0:4.2.5.ve.el7-1      
  charon-ssp-4u+.x86_64 0:4.2.5.ve.el7-1 charon-ssp-4v+.x86_64 0:4.2.5.ve.el7-1     

(lines removed)                                 

Complete!

Browser not supported