NGINX

Onboarding NGINX

  1. Go to (Menu) > CERT+ > ADMINISTRATION > Device Management.
    By default, the ADC tab opens.
  2. Click the Server tab.
  3. Click the (Add) icon.
    The Device details page is displayed.
  4. Select Nginx (Green N icon) from the Vendors list.
  5. In the Server details section, select/enter the details as follows.
    Table 1. Server Details - Field Description Table
    Fields Description
    *Server name Enter a unique name for the designated Nginx server to be onboarded.
    *IP address/FQDN Enter the IP address or the fully qualified domain name (FQDN) of the server that is to be onboarded.
    Data center Choose the desired data center. r.
    Onboarding Group Select the onboarding group to assign the device.
    Note: Devices without an assigned group are automatically mapped to the Default group during migration, onboarding, and when edited without existing group mappings.
    Communication mode Select the SSH or SSM protocol to be used for communication between the AppViewX node and the Nginx server. SSH is the preferred communication mode.
    *SSH Port Retain the value 22; it is the default port used for the SSH communication mode. (The field is not displayed for SSM communication mode.)
    Cert Sync Choose from any of the following:
    • Managed - AppViewX performs the config fetch operations and the certificates are discovered and managed in the inventory. CLM actions (push & bind, rollback etc.) can be performed on them.
    • Monitored - AppViewX performs the config fetch operations and the certificates are downloaded in the inventory in the read-only state. CLM actions cannot be performed on them.
    • Ignored - AppViewX only performs the config fetch operations for the devices. There is no certificate discovery performed.
    *: Mandatory fields
  6. In the Credentials section, select/enter the details as indicated below. The credentials entered in this section are used to authenticate the session between the AppViewX node and the Nginx server device.
    If Communication mode = SSH the fields are as follows:
    Table 2. Credentials - Field Description Table
    Fields Description
    *Credential Type Select the credential type from the dropdown.
    • Manual entry (default)
    • Credential List - Appviewx
    • SSH
    Note:
    • If Credential list - Appviewx is selected, the *Credentials list dropdown field is displayed. Select any of the preconfigured credential values.
    • If SSH is selected, enter the *Username, *Upload key file, and enter the Passphrase for authentication.
    *Username Enter the designated username for authentication.. (field displayed for manual entry and SSH)
    *Password Enter the secure password. (field displayed for manual entry only)
    *: Mandatory fields
    If Communication mode = SSM the fields are as follows:
    Table 3. Credentials - Field Description Table
    Fields Description
    *Credential Type Select the credential type from the dropdown.
    • Manual entry (default)
    • Credential List - cloudAccount
    Note: If Credential list - cloudAccount is selected, the *Account name dropdown field is displayed. Select any of the preconfigured credential values.
    *Access key Enter the access key to login to the EC2 instance of the AWS cloud machine.
    *Secret key Enter the secret key to login to the EC2 instance of the AWS cloud machine.
    *: Mandatory fields
  7. In the Vendor Specific Details section, select/enter the details as indicated below.
    If Communication mode = SSH the fields are as follows:
    Table 4. Vendor Specific Details - Field Description Table
    Fields Description
    Access Elevation Select from the following:.
    • sudo - to execute with root privileges using sudo access
    • dzdo - to execute with root privileges using dzdo access
    • None
    Note: SSH key-based authentication doesn't support password enabled sudo/dzdo.
    *: Mandatory fields
    If Communication mode = SSM the fields are as follows:
    Table 5. Vendor Specific Details - Field Description Table
    Fields Description
    *Region Enter the geographic region of the AWS instance.

    Example: us-east-2
    *Instance id Enter the unique identifier for an EC2 instance in AWS.

    It is required to perform actions or execute commands on a specific EC2 instance

    Example: i-02573cafcftext
    *SSM document name Enter the name of the SSM document that contains the script or action to be executed on the EC2 instance.

    Example: AWS-RunShellScript is an SSM document that allows you to execute shell scripts on EC2 instances.
    *SSM document version Specify the version of the SSM document to be executed.

    Example: 1
    *S3 bucket name Enter the S3 bucket name used to store command output or logs executed in the EC2 instance.

    Example: avxdiscoverydocument-c2
    Proxy required Select the checkbox to enable the secure proxy service.
  8. Click Save.
    The Nginx device is onboarded successfully.

Validating the Device

After the device is onboarded successfully, follow the steps to validate the device communication with AppViewX:
  1. Go to ADMINISTRATION > Device Management.
    By default, the ADC tab opens.
  2. Click the Server tab.
    The Server Inventory page is displayed.
  3. Check that the device name appears in the inventory (Name column) with the specified status in the status column.
    The status column will have the value Managed/Monitored/Ignored if the connection is successful or displays Failed/Unresolved in case of failure.
  4. From the Status column, click the Managed/Monitored/Ignored/Failed/Unresolved.
    Device Status Log pop-up is displayed.
  5. Expand each value in the pop-up to know the Device communication, Device Version, Instance Information, and Certificate Discovery From Device.

What's Next

Once you have onboarded and validated the device connection, you are ready to proceed with the any of the following certificate actions: