Deploy a Conductor on the Google Cloud Platform (GCP)

You can deploy a Tempered Networks Conductor on GCP and manage physical, virtual, and cloud HIPservices, and HIPclients. Use the following steps to deploy a Conductor on the Google Cloud platform.

Note: A downloadable PDF of this topic is available in the Documentation Downloads section.

Prerequisites

To get started, make sure you have access to your Google Cloud account. If you don't have an account, you can create a free Google Cloud account and upgrade it to a full account later. If you have an existing Google Cloud account, make sure your billing information is set up. You cannot create a project until you are able to link your billing information to your newly created project.

Note: You should be familiar with using Google Cloud before attempting to deploy a Tempered Networks Conductor or HIPswitch on the platform. To get started, we recommend you review the following content offered by Google:

A Conductor license voucher is necessary at the end of this procedure if you want to start the Conductor and verify it is set up correctly. Fulfillment will provide this to you in an email after your purchase is complete.

Log in to Google Cloud

From a Web browser, navigate to https://console.cloud.google.com. You will see one of two pages, the Getting Started page if you have no projects or the Home page if you have existing projects.

Create and configure a project

A Google Cloud project organizes all of your resources into a logical group for easier management. You will add the Tempered Networks Conductor to a new or existing project, so you need to have a project created before you deploy the Conductor.
Note: If you are adding the Conductor to an existing project, you can skip step 2 and proceed directly to step 3 in this document.
  1. On the top bar of the Google Cloud page, click Select a project.


  2. On the upper-right corner of the Select a project dialog, click New Project.


  3. In the Project Name field, enter a name for your new project. By default, your new project is assigned a default ID, which you can change by clicking Edit to the right of the Project ID field.
  4. Optional: If you want to add your project to an organization you have already created, select it in the Location field by clicking Browse to the right. For more information about organizations, see Quickstart Using Organizations in the Google Cloud documentation.


  5. Once you are finished, click Create.
It will take a moment to set up your project. A notification window will indicate when the operation is complete. You can then select Home in the Google Cloud sidebar to access your dashboard.

Set up firewall rules

GCP firewall rules will manage the traffic coming into your instance on a network. By default, you have a network with a default set of firewall rules for your region, and you will need to make a few changes to set up your environment so the Conductor can function correctly.

Note: This step assumes you are using the default network for your region. If you would like to create a separate virtual private cloud (VPC) network, please review the topic Virtual Private Cloud (VPC) Network Overview in the Google Cloud documentation.

To set up firewall rules:

  1. In the Google Cloud sidebar, navigate to the Networking section, hover over VPC network, and select Firewall rules.


  2. Click Create Firewall Rule.


  3. Fill in the Create firewall rule page with the following information:
    Name
    You can use any name you choose, but it must be lowercase with no spaces.
    Description
    This can be anything you like. We recommend something descriptive such as Firewall access rules for Tempered Networks Conductor.
    Network
    Select default from the drop-down unless you are using a different network.
    Direction of traffic
    Select the Ingress radio button.
    Action on match
    Select the Allow radio button.
    Targets
    Select Specific target tags from the drop-down.
    Target tags
    Enter tempered-conductor-rules
    Note: Remember this tag. You will need it later in this procedure.
    Source filter
    Select IP ranges from the drop-down.
    Source IP ranges
    Enter 0.0.0.0/0.
    Protocols and ports

    Select the Specified protocols and ports radio button and enter 443,8096.

    Note: Do not check the box next to tcp and then select the field to enter your ports – the box will revert to unchecked and disable both fields. Click only on the field to enter your ports.

    Leave all other fields as is.

    Your page should look similar to the image below:

  4. Click Create. It will take a moment to finish the operation. Once complete, you should see the following in your rules list:


Add a Conductor Image

A Conductor image must be available to your project so you can create an instance. This is done in the Compute Engine section of the GCP dashboard.

To add an image:

  1. In the Google Cloud sidebar, navigate to the Compute section, hover over Compute Engine, and select Images.


  2. Click Create Image.


  3. Fill in the Create an image page with the following information:
    Name
    Enter conductor-r216-1144
    Description
    Enter Tempered Networks Conductor version 2.1.6
    Source
    Select Cloud Storage file from the drop-down
    Cloud Storage File

    Enter tempered-image-storage/conductor-r216-1144.tar.gz

    You can leave all other fields as is.

  4. Click Create. It will take a moment to finish the operation.

    Once complete, you should see the following in your images list:



    Note: If you have multiple projects, make sure the image is associated with your desired project, listed in the Created by column.

Create a Conductor Instance

The Conductor image can now be used to create a virtual machine instance. The image supplied by Tempered Networks contains the Conductor and is relatively small in size. Configuration information and storage requires a second hard disk, which you will set up as part of the instructions below. This image must be a minimum of 120 GB.

To create a Conductor instance:

  1. Select the image in the list by clicking on its name. You have several options available: Select Create Instance.


  2. Fill in the Create an instance page with the following information:
    Name

    Enter a name of your choice, but it must be lower case and without spaces.

    Region
    Select the region of your choice from the drop-down.
    Zone
    Select the zone of your choice from the drop-down.

    You can leave all other fields as is.



  3. Click Management, security, disks, networking, sole tenancy.
  4. On the Disks tab, leave all settings as is and click + Add new disk.


  5. In the New disk dialog enter the following:
    Name

    You can leave this field as disk 1, otherwise enter a name of your choice.

    Type

    Select Standard persistent disk from the drop-down.

    Source type

    Select Blank disk.

    Deletion rule

    Select the Delete disk radio button

    Size (GB)

    Enter the value 200

    You can leave all other settings as is.



  6. Click Done. The dialog will close, and you should see the following:


  7. Click the Networking tab to the right of the Disk tab and enter the tag name you created for your firewall rules in step 3.


  8. Click Create. It will take a moment to finish the operation. Once complete, you should see the following:


    Note: The External IP for your instance is the address you will use to connect to the Conductor.

Verify the install

At this point the Conductor instance is running in Google Cloud. You should verify it is installed correctly by logging in and licensing the Conductor. It may take several minutes for the Conductor to become available after it starts, so if you attempt to access it and your browser appears to stop responding, please try again in a few minutes.
Note: When running the Conductor for the first time, you may receive notifications indicating the connection is not private. Once you have finished configuring the Conductor, you can install a customer certificate on the Conductor that will prevent these notifications in the future.

To verify the install:

  1. Point your web browser to the external IP address for your Conductor. Make sure you begin the address with https://.
  2. An unlicensed Conductor will display the initial Provisioning page for you to enter your license voucher.


  3. Enter the voucher code you received from Tempered Networks in the Voucher code field.
  4. Click Provision now. It will take a moment to finish the operation. Once complete, you should see a confirmation.
  5. Select Click here to start using the Conductor.
  6. Enter the default username and password at the log in dialog and click Sign in.
    Username
    admin
    Password
    admin123
  7. You are prompted to enter a new password. Enter the default password in the Current password field and a new password of your choosing in the New password and Confirm new password fields.
  8. Click Update.
  9. On the System Configuration dialog, leave all the fields as is and click Configure.
  10. It will take a moment to complete the operation. Once finished, click Return to settings.
You should see the Conductor Settings page. On the right side in the Network adapter 1 section, the IP address should match the Internal IP of your instance in the GCP portal.

Additional Information

Once your Conductor is installed, you can configure and manage it as you would a physical Conductor. For additional help, you can search the Online Documentation by using the search bar at the top of the page or the navigation links to the left.