Pre-requisite
Deploy Portworx in DC/OS Strict Mode - Once you have install portworx you can proceed further.
Enable Sudo Access on all Private Nodes:
- Login to all private nodes and make the following changes in /etc/sudoers
Defaults:nobody !requiretty nobody ALL=(ALL) NOPASSWD: ALL
Grant the following permissions
Permissions
Install Enterprise docs cli
dcos package install dcos-enterprise-cli
Create a Service Account which will be used to install portworx
dcos security org service-accounts keypair elastic-temp-priv.pem elastic-temp-pub.pem
dcos security org service-accounts create -p elastic-temp-pub.pem -d “Portwrox elastic service account” portworx-elastic-principal
dcos security secrets create-sa-secret --strict elastic-temp-priv.pem portworx-elastic-principal portworx-elastic/mesos-auth-secret
Grant required permission for portworx
dcos security org users grant dcos_marathon dcos:mesos:master:task:user:root create
dcos security org users grant portworx-elastic-principal dcos:mesos:master:framework:role:slave_public/portworx-elastic-role create
dcos security org users grant portworx-elastic-principal dcos:mesos:master:framework:role:slave_public/portworx-elastic-role delete
dcos security org users grant portworx-elastic-principal dcos:mesos:master:framework:role:portworx-elastic-role create
dcos security org users grant portworx-elastic-principal dcos:mesos:master:framework:role:portworx-elastic-role delete
dcos security org users grant portworx-elastic-principal dcos:mesos:master:task:user:root create
dcos security org users grant portworx-elastic-principal dcos:mesos:master:task:user:nobody create
dcos security org users grant portworx-elastic-principal dcos:mesos:master:volume:role:portworx-elastic-role create
dcos security org users grant portworx-elastic-principal dcos:mesos:master:volume:role:portworx-elastic-role delete
dcos security org users grant portworx-elastic-principal dcos:mesos:master:volume:role:slave_public/portworx-elastic-role create
dcos security org users grant portworx-elastic-principal dcos:mesos:master:volume:role:slave_public/portworx-elastic-role delete
dcos security org users grant portworx-elastic-principal dcos:mesos:master:volume:principal:portworx-elastic-role create
dcos security org users grant portworx-elastic-principal dcos:mesos:master:volume:principal:portworx-elastic-role delete
dcos security org users grant portworx-elastic-principal dcos:mesos:master:reservation:role:portworx-elastic-role create
dcos security org users grant portworx-elastic-principal dcos:mesos:master:reservation:role:portworx-elastic-role delete
dcos security org users grant portworx-elastic-principal dcos:mesos:master:reservation:role:slave_public/portworx-elastic-role create
dcos security org users grant portworx-elastic-principal dcos:mesos:master:reservation:role:slave_public/portworx-elastic-role delete
dcos security org users grant portworx-elastic-principal dcos:mesos:master:reservation:principal:portworx-elastic-principal create
dcos security org users grant portworx-elastic-principal dcos:mesos:master:reservation:principal:portworx-elastic-principal delete
dcos security org users grant portworx-elastic-principal dcos:secrets:default:/portworx-elastic/* full
dcos security org users grant portworx-elastic-principal dcos:secrets:list:default:/portworx-elastic read
dcos security org users grant portworx-elastic-principal dcos:adminrouter:ops:ca:rw full
dcos security org users grant portworx-elastic-principal dcos:adminrouter:ops:ca:ro full
Open the Catlog and search for portworx-elastic, select and proceed with following changes
Service Account : portworx-elastic Service Account Secret : portworx-elastic/mesos-auth-secret User: nobody
Review & Run
Once your done with changes, go hit Review & Run and wait for all Elastic to come up.