/
Installing the VE License Server and the Charon-SSP Packages

Installing the VE License Server and the Charon-SSP Packages

Jan 26, 2021

Contents

Prerequisites

The Charon-SSP VE License Server has a number of prerequisites:

  • The VE license server package

  • A suitable Linux cloud instance in a supported cloud environment to be used as the VE license server

  • Correct firewall settings

  • The VE-capable Charon-SSP emulator software running on a Charon host with appropriate network access to the VE license server

These items are described below.

VE License Server Package

The Charon-SSP VE License Server package is delivered as an RPM package. Stromasys or your Stromasys VAR will provide you with the software or a download link.

Package name:

license-server-<version>.rpm

Where <version> indicates the version of the software, for example, 1.0.35.

Linux Cloud Instance for License Server

The license server package must be installed on a Linux cloud instance.

Currently supported cloud providers:

  • Amazon AWS

  • Oracle Cloud Infrastructure (OCI)

  • Microsoft Azure

  • Google Cloud Platform (GCP)

Please refer to your cloud provider's documentation for configuring and launching an appropriate instance. A description of the basic steps of launching an instance can be found in Additional Information.

Depending on the cloud environment, Stromasys may offer a prepackaged Charon-SSP VE image on the cloud marketplace. This image includes the Charon-SSP emulator software (already installed) and the VE License Server RPM package (can be installed optionally). An instance launched from such a prepackaged image can also be used as a VE license server.

Software requirements for License Server:

Red Hat, CentOS, or Oracle Linux (64-bit) versions 7.x or 8.x

Basic hardware requirements (the shape or instance type capabilities) for running only the license server:

Must be sufficient for the selected Linux operating system.

Additional hardware requirements (the shape or instance type capabilities) for running the emulator software on the same system:

  • If the license server is combined with the Charon-SSP emulator software on the same instance, the instance used must satisfy the requirements of the Charon-SSP host and all instances that will run on it. If this requirement exists, please refer to your Charon-SSP user's guide for details.

Additional general requirements:

  • In the AWS cloud, an IAM role allowing the ListUsers action (IAMReadOnlyAccess in the example below) must be attached to the instance. This can be done during the launch of the instance as shown in the sample below.


    Alternatively, the role can be set/changed by selecting the instance, right-clicking on it, and selecting Security > Modify IAM Role (in the older AWS console, use the Action menu). If such a role has not yet been defined, please refer to Creating and Attaching an AWS IAM Role and to the documentation provided by AWS for additional information.

Firewall Settings

Communication Between License Server and Client System

Any intermediate firewall as well as the cloud-specific subnet and instance security settings must permit the following ports for the appropriate source systems:

  • TCP/8083: must be permitted on the license server for the client system to enable the use of the license by the client.

  • TCP/8084: must be permitted by the license server for any system that should access the web interface to display information about licenses and active clients (currently not encrypted, hence should not be run across the Internet without a VPN).

See Cloud-Specific Firewall Information for information about the traffic filtering mechanisms used in the different cloud environments.

Simplified sample commands if firewalld is used on the Linux system:

# firewall-cmd --permanent --zone=public --add-port=8084/tcp

# firewall-cmd --permanent --zone=public --add-port=8083/tcp

# firewall-cmd --reload

  • The default zone name can be found with the command firewall-cmd --get-default-zone, a list of all zones can be displayed with the command firewall-cmd --get-zones.

  • The parameter --permanent writes the command to the respective firewalld configuration files. To add the command to the running firewall, re-run it without the parameter --permanent.

  • The simplified sample above does not limit the source IP address to the addresses of the license clients. This would require a more sophisticated configuration. Please refer to the documentation of your Linux system.

Communication Between License Server and Cloud Infrastructure

The license server must be able to access information provided by the cloud infrastructure. In particular, it must be able to communicate with the following addresses/systems:

  • The metadata server of the cloud environment (169.254.169.254) on AWS, Azure, OCI, and GCP.

  • If running on AWS, the host iam.amazonaws.com

  • If running on GCP, the host www.googleapis.com

  • Once support has been implemented for IBM cloud, the license server will need to communicate with the hosts iam.cloud.ibm.com and resource-controller.cloud.ibm.com.

Any intermediate firewall as well as the cloud-specific subnet and instance security settings must permit communication with these systems for the VE license server to function properly. See Cloud-Specific Firewall Information for information about the mechanisms used in the different cloud environments, and your Linux firewall documentation for any Linux specific questions.

Charon-SSP VE-Capable Emulator and Management Software

The VE license server software requires matching Charon-SSP emulator software. The necessary features are available in Charon-SSP 4.2.x and later. Stromasys or your Stromasys VAR will provide you with the software or a download link. In certain cloud environments, Stromasys may offer a prepackaged Charon-SSP VE image on the cloud marketplace. This image includes the Charon-SSP emulator software (already installed) and the VE License Server RPM package (can be installed optionally). If you use a Charon host in the cloud and the instance was launched from such a prepackaged image, the required VE-capable emulator software is already installed (refer to the respective cloud-specific Getting Started Guide for more information).

Please note: The protocol versions used by the emulator software and the license server must be compatible. The software checks for compatible protocol versions and reports an error should there be a mismatch.

The Charon-SSP packages to be installed are the following RPM packages:

  • Management components (not VE-specific):

    • charon-agent-ssp-<version>-x86_64.rpm

    • charon-director-ssp-<version>.rpm

    • charon-manager-ssp-<version>.rpm

  • VE-capable emulator software:

    • charon-ssp-<architecture>-<version>.ve.el7-x86_64.rpm

    • charon-ssp-<architecture>-<version>.ve.el8-x86_64.rpm

In the above list, the placeholders have the following meaning:

  • <version> indicates the software version (e.g., 4.2.5).

  • <architecture> indicates the type of emulated SPARC covered by the software (currently it can have the values 4m, 4u, 4v, 4u+, or 4v+).

  • The string ve in the package containing the Charon emulator software indicates that this version of the emulator requires a VE license server.

  • The string el7 denotes packages intended for Red Hat/CentOS/Oracle Linux 7.x.

  • The string el8 denotes packages intended for Red Hat/CentOS/Oracle Linux 8.x.

  • Charon Agent, Manager, and Director are not license-model specific.


© Stromasys, 1999-2025  - All the information is provided on the best effort basis, and might be changed anytime without notice. Information provided does not mean Stromasys commitment to any features described. 
Need fast, reliable migration? We have done it countless times. Talk to an expert