Versions Compared

Old Version 19

changes.mady.by.user Satoshi Asari

Saved on

compared with

New Version Current

changes.mady.by.user Satoshi Asari

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of contents:

Table of Contents

For all Luminoso on-site deployments

Minimum requirements

The minimum requirements for Luminoso deployments are 4vCPUs and 16 GiB of RAM. This requirement is for relatively low workloads. Please upgrade your instance size based on workload and performance expectations if needed. If you select an instance type below the specifications above Luminoso functionality will not work as intended.This configuration will not include Concept-Level Sentiment.

To access Concept-Level Sentiment in your Luminoso on-site virtual machine, you must at minimum attach a GPU that is appropriate for your instance type. 

Luminoso Compass instructions

Luminoso Compass install and update instructions have not changed from v2.3. Use the most recent credentials your CSM provides to you and follow the v2.3 instructions for your hosting type.

For AWS and Azure installations – Scale up or down your vCPU or GPU resources

You may change the amount of vCPU or GPU resources after your initial deployment depending on your organization’s needs by changing the hosting machine’s instance type. The method will be slightly different depending on if your organization uses Azure or AWS.

...

  1. Stop the Daylight application from running using the on-site menu.
    Note: If you skip this step, Daylight will not run properly after the vCPU or GPU scaling is changed. 

  2. Completely stop the machine that hosts Daylight. 

  3. Change the machine’s instance type to update the amount of available vCPU or GPU resources.

  4. Power on the machine. 

  5. Start the Daylight application using the on-site menu

Microsoft Azure

Install Luminoso Daylightc On-Site

Background 

To use Luminoso on-site for Azure, you must have a valid Azure subscription and Azure Command Line Interface (Azure CLI) installed on your machine. Luminoso provides on-site image(s) per contract, shared with the Azure tenant ID you provide.

Provide the deployment region and tenant ID

Before Luminoso can share an image to your organization, you must provide the following information to your Luminoso CSM: 

...

You must provide this information several business days before you plan to deploy the image provided by Luminoso, so these instructions are here for reference. Your tenant ID is a string of letters and numbers that is separate from your subscription ID. 

To find your tenant ID

  1. Inside the Azure Portal UI, open the home page. In the search bar, type “Azure Active Directory” and select it. The Overview page opens.

  2. Copy the tenant ID displayed under the organization name.

  3. Provide this ID to your Luminoso CSM. 

...

Set up the Azure Environment for Luminoso VM Deployment

  1. Open the Azure portal using the URL that your Luminoso CSM provided. The Permissions requested window opens.

  2. Remember the Luminoso-client-[client name] in this window. You will need this name to give Azure permission to build a virtual machine. You may wish to write this name down or take a screenshot of the Permissions requested window. If you forget, you can retrieve this name when you open your Azure Active Directory and select Enterprise Applications from the menu. 

  3. Click Accept and sign in to the Azure Portal UI.

  4. From the homepage, open Resource Groups and choose the resource group where you want to create the Luminoso on-site VM, select Access control (IAM), and click + Add. A dropdown menu opens. 

  5. Select Add role assignment. The Add role assignment menu opens:

    • Role — Type and select Contributor. 

    • Assign access to: — Leave this as Azure AD user, group, or service principal.

    • Select — Type the Luminoso-client-[client name] you saw in the Permissions requested window and select it when it shows up in the list. 

    • When you are done, select Save.

  6. To confirm that you successfully added the role, click Role assignments from the options under Access control (IAM). You should see the role that you added in the previous step on the list.  

Create a VM Using the Azure CLI

  1. Sign in the service principal for Luminoso using the <app_ID>, the <app_registration_password>, and the <Luminoso_tenant_ID> that your Luminoso CSM provided. Enter the commands like this:

    az account clear

    az login --service-principal -u '<app_ID>' -p '<app_registration_password>' --tenant '<Luminoso_tenant_ID>'

    az account get-access-token

    Note: your access token is only valid for an hour.

    For reference, your result will look something like this: 

  2. Sign in the service principal again, this time using the <customers_tenant_id> for the Azure account. Use the <app_ID>, the <app_registration_password>, and the <customers_tenant_id>.
    Note: <customers_tenant_id> is the same tenant ID that you provided to your Luminoso CSM as part of the image build request. 
    Enter the commands like this: 

...

  • Filled out, your command might look like this:

  • When the command finishes running, a message appears that displays relevant setup information, such as:

  • SSH to your newly created Luminoso Daylight on-site VM.

Azure Upgrade Instructions

When you begin the upgrade process, check that your tenant ID and deployment region have not changed. If they have, provide the new information to your Luminoso CSM. 

Prepare your environment for Azure Upgrade Deployment

  1. Shut down the previous on-site VM. 

  2. After confirming that the previous on-site VM is shut down, open the Azure Portal UI and click on the name of the old VM. 

  3. Click Disks under Settings. The Disks page opens. 

  4. Click on the name of the disk that you want to create a snapshot of under the Data disks section. The information for that disk opens. 

  5. Click Create snapshot. The Create snapshot page opens. 

  6. On the Create snapshot page, select the appropriate resource group

  7. In the Instance details section, add a name and select the appropriate options for your environment.

  8. Click Next and complete each section until you reach Review + create

  9. Confirm that the information is correct and click Create. A success page appears that says your deployment is underway. 

  10. When your deployment is complete, search for “disks” and select it. The Disks page opens. 

  11. Click + Add. TheCreate managed diskpage opens. 

  12. Fill out all appropriate fields. Pay special attention to: 

    • Source type  — Pick Snapshot from the menu. The source snapshot field appears. Use the menu to find and select the snapshot you just created. 

    • Size — Select a size that is either the same as or larger than your previous data disk. To change what type of storage your installation uses, click Change size

  13. Click Next and complete each section until you reach Review + create

  14. Confirm that your selections are correct and click Create. A success page appears saying that your deployment is underway.

Upgrade Luminoso On-Site for Azure

  1. Confirm that you have a Luminoso-client-[client name] given the contributor role for the resource group you are using for the upgrade process:

    • If you have used this resource group for Luminoso on-site before, use the Access control (IAM) menu to check that the role is present and correct.

    • If this is a new resource group for Luminoso on-site deployment, open the Access control (IAM) menu and add a role using steps 4-6 of “Set up the Azure Environment for Luminoso VM Deployment.” 

  2. Sign in the service principal for Luminoso using the <app_ID>, the <app_registration_password>, and the <Luminoso_tenant_ID> that your Luminoso CSM provided. Enter the commands like this:

    az account clear

    az login --service-principal -u '<app_ID>' -p '<app_registration_password>' --tenant '<Luminoso_tenant_ID>'

    az account get-access-token

    Note: your access token is only valid for an hour.
    For reference, your result will look something like this:

  3. Sign in the service principal again, this time using the <customers_tenant_id> for the Azure account. Use the <app_ID>, the <app_registration_password>, and the <customers_tenant_id>.
    Note: <customers_tenant_id> is the same tenant ID that you provided to your Luminoso CSM as part of the image build request. 
    Enter the commands like this: 

    az login --service-principal -u '<app_ID>' -p '<app_registration_password>' --tenant '<customers_tenant_id>'
    az account get-access-token

  4. Use the Azure CLI to deploy a VM using a command like the following template. Make sure that you have the <image_version_object_id> that your Luminoso CSM shared with you.

    az vm create --name <VM_NAME> --resource-group <YOUR_RESOURCE_GROUP> --image <image_version_object_id> --size <VM_SIZE> --attach-data-disks <NEW_DATA_DISK_NAME_CREATED_FROM_SNAPSHOT> --storage-sku <STORAGE_TYPE> --subnet <YOUR_SUBNET_OBJECT_ID_FOR_DEPLOYMENT> --subscription <YOUR_AZURE_SUBSCRIPTION_ID>.

    Note: You can use the following command to find <YOUR_SUBNET_OBJECT_ID_FOR_DEPLOYMENT>:
    az network vnet list

    • Filled out, your command might look like this:

    • You receive a success message like this one:  

  5. SSH to the upgraded VM deployed from the new Luminoso on-site image. It may take a few minutes to configure the application on the first boot. The Daylight on-site menu opens. 

  6. For configuration steps, refer to the appropriate Luminoso Daylight product documentation.

AWS AMI: Install Luminoso Daylight On-site

Background

Luminoso provides virtual appliances to run Luminoso Daylight in clients’ data center. Follow these instructions to install the virtual appliance so you can configure and use the product.

Launch a new instance from the AMI shared by Luminoso 

Luminoso offers several methods for delivering on-site images to clients. This document assumes you provided Luminoso with your AWS account number and that the AMI is shared with your account.

...

  1. Log into your AWS Account and navigate to EC2. The EC2 Dashboard opens. 

  2. Under Images select AMIs and search for the AMI using the AMI ID that Luminoso provided.

  3. Select the AMI that matches your build number and click Launch to open the Launch Wizard.

  4. Choose an Instance Type: 

    • To enable Concept-Level Sentiment in your Daylight instance, you must specify a g4dn.xlarge instance type for minimum processing requirements. 

    • For quicker Concept-Level Sentiment processing, choose g4dn.12xlarge.   

    • The minimum requirements for Luminoso deployments are 4vCPUs and 16 GiB of RAM. This requirement is for relatively low workloads. We recommend using the r family because it is memory-optimized and better for large amounts of text data. Please upgrade your instance size based on workload and performance expectations if needed. If you select an instance type below the specifications outlined above Luminoso functionality will not work as intended. This configuration will not include Concept-Level Sentiment. 

  5. Click Next: Configure Instance Details. The Step 3: Configure Instance Details page opens. 

  6. Use the options to configure your instance based on your company requirements.

  7. Click Add New Volume to add and configure the data disk.
    Warning: For installations with Concept-Level Sentiment, ignore the ephemeral0 volume. The ephemeral0 volume type cannot be treated as a data disk for Daylight, so you must still add a new volume.

    • For new installations, new disk size depends on the number of projects processed. Your Luminoso Account Manager is responsible for communicating the recommended size of the data disk

    • For upgrades, enter the Snapshot ID of the previous instances’ data volume snapshot so the new system starts with a data volume based off that snapshot.

  8. Select "Delete on Termination" or "Encryption" based on your company requirements for the data disk added in Step 7.

  9. Click Next: Add Tags. Step 5: Add Tags opens.

  10. Add tags as applicable to your organization. If you don’t need tags, skip this step. Within AWS, tags allow you to place arbitrary labels on resources that help you report. If you have a tagging policy that says “every resource needs to have a tag” then you can see what resources everyone is using 

  11. Click Next: Configure Security Groups

  12. Configure security groups as required by your organization.

  13. Click Review and Launch. The Review Instance Launch page opens. 

  14. Review the details and confirm that the settings you selected are correct. 

  15. Click Launch. A Select an existing key pair or create a new key pair window opens. 

  16. Select Proceed without a key pair. The Luminoso Daylight image is prepopulated with credentials that your CSM provides. 

  17. Click Launch Instances. Your instance begins the launch process. 

  18. For configuration steps, refer to the appropriate Luminoso Daylight On-site product documentation.

AWS AMI Upgrade Instructions

  1. Shut down the previous on-site VM.

  2. Click Volumes and select the data volume of your old instance.

  3. Go through the steps on the Create Snapshot page. Click Create Snapshot and record the snapshot ID provided on the page. 

  4. Follow the steps in the installation guide to create a new on-site VM. Instead of adding a new data disk, attach the snapshot from the previous on-site version.
    Note: If you are upgrading to use Concept-Level Sentiment, make sure to select an instance type that uses GPU. 

    1. On the Add Storage page, select a size that is either the same as or larger than your previous data disk. 

    2. You must change the device name when you add this disk. 

    3. In the Device column, use the menu to change /dev/sdb to /dev/sdf.

  5. Start the new VM and connect via ssh with admin credentials. The system runs any necessary data migrations. If the upgrade involves large schema changes, or if you have many existing projects, this may take a while. We recommend running it overnight.
    Note: The new admin password should work, so you don’t need to remember the admin password for the previous machine. 

  6. Check the configuration to ensure that your settings were imported correctly.

  7. Start the application.

VMware: Install Luminoso Daylight On-site

Upload the virtual appliance

This document assumes you have the most recent Luminoso on-site image(s) available in your environment. The upload process uses VMware’s vSphere product for transferring the image to vCenter. These instructions were developed using vCenter 6.7. If you’re using a different version of VCenter, your options may be slightly different. 

  1. Log into vCenter using vSphere. 

  2. Right click on the esxi host you would like to deploy to and select Deploy OVF Template... The Deploy OVF Template wizard opens. 

  3. Click Choose File and select the image file. File name format is [product name]_vmware-version-ID-[client]. For example, daylight_vmware-1.0-201602221217-acme. 

  4. Click Open

  5. Click Next and complete the wizard with information applicable to your environment.

  6. Review your choices and click Finish to close the wizard. The VM begins to deploy. View the build progress in the Recent Tasks pane. 

Create Data Disk

Luminoso’s software requires you to use a disk separate from the OS disk to store all Luminoso data and configuration files. As minimum requirements to run all Luminoso features except Concept-Level Sentiment, we recommend 4vCPUs and 16 GiB of RAM. This minimum is for relatively low workloads. Upgrade your instance size based on workload and performance expectations if needed. Luminoso functionality can only run properly if minimum requirements for the hosting machine are met. 

...

  1. Create a data disk and attach it to the Luminoso on-site virtual machine you just deployed.

Attach a GPU using the passthrough method 

The hardware and software that Luminoso used for Daylight deployment with GPU enabled:

...

  1. Click on the ESXi host name. 

  2. Open the Configure tab. 

  3. Expand the Hardware section and select PCI Devices.

  4. Open All PCI devices, locate your Nvidia GPU, and click Configure Passthrough. An Edit PCI Availability window opens. 

  5. Select both NVIDIA devices and click OK

  6. Under Hardware, click Graphics and select Host Graphics

  7. Click Edit. The Edit Host Graphics Settings window opens.

  8. Make sure your selections match the screenshot above. Click OK

  9. Reboot your ESXi host to make your NVIDIA device is available. 

  10. Either right click on your machine or click Actions and select Edit Settings. An Edit Settings window opens. 

  11. Click Add New Device and select PCI Device from the menu. 

  12. In the New PCI device row, select the NVIDIA PCI device. 

  13. Expand the New PCI device row and click Reserve all memory

  14. Open VM Options, expand Advanced, locate Configuration Parameters and select Edit Configuration… . The Configuration Parameters menu opens. 

  15. Click Add Configuration Params. In the editor, add: 

    • Name = hypervisor.cpuid.v0

    • Value = FALSE

  16. Click OK to close and save Configuration Parameters and click OK again to close and save your modifications to Edit Settings

Start the VM

  1. Right click the VM instance and select Power > Power on the virtual machine.

  2. Refer to the appropriate Luminoso Daylight on-site product documentation for the configuration steps. 

VMware Upgrade Instructions

  1. Shut down your old machine. 

  2. Deploy a new machine and keep both machines powered off. 

  3. In Storage, under the correct datastore, select the directory of your old virtual machine. 

  4. Select your data disk and click Copy to and copy the data drive from your old Luminoso virtual machine directory to the new one. The copy progress displays in the Recent Tasks pane. 

  5. Right click your new machine and select Edit Settings. The Edit Settings window opens. 

  6. Click Add New Device and select Add Hard Disk. A file explorer opens. 

  7. In the Datastores column, select your new virtual machine. In the Contents column, select the disk you copied from your previous machine. 

  8. Click OK. The File explorer closes. 

  9. Click OK. The Edit Settings window closes. 

  10. Power on your new machine. 

Luminoso Daylight On-site Configuration Guide

Getting Started

After installing the Luminoso Daylight On-site Virtual Appliance, connect to it via ssh using the username ‘admin’ and the associated password that Luminoso support provided. After you log in, a menu appears where you can configure various properties of the machine. 

Configuring the Virtual Appliance

The following steps configure the On-site Appliance to match your data center environment. For example, the network card defaults to DHCP. If your data center environment requires static IPs, you can change it using the Manage System menu in the On-site Menu.

Other system configuration options:

Manage System

Configure hostname


Configure interface


Configure inactivity timeout


Configure NTP


Change admin password


Configure root certificate


Configure SMTP


Configure system notifications


Configure application notifications


Configure HTTPS


Configure SAML


Configure rsylog server


Support Shell

Manage Users 

List Users


Create User


Delete User


Change User Access


Change User Password


Create Workspace


Delete Workspace


Rename Workspace

Manage Service

Start Daylight


Stop Daylight


Collect Support Logs

Quit

Update Luminoso Daylight Settings: 

To complete any of the following tasks, you must log in to the on-site virtual machine using admin credentials. 

Make system changes

  1. Select Manage System from the menu, select the appropriate menu option, and make any necessary changes, 

  2. Click OK.

Change Hostname 

  1. Open Manage System -> Configure Hostname

  2. Change the fully-qualified domain name to your preferred domain name.

  3. Select OK.
    Note: If you have DHCP and are changing the hostname, you will have to reboot the machine to report the new hostname to the DHCP server.

Change DHCP to Static IP

  1. Open: Manage System -> Configure Interface

  2. Change “DHCP” to “Static”.

  3. Enter the desired IP address, Netmask, Gateway, and DNS Server. These fields are only valid if you selected “Static” above.

  4. Select OK.

Change the Inactivity Timeout

  1. Open Manage System -> Configure Inactivity Timeout

  2. Update the Inactivity Timeout and Maximum session length values in seconds.

  3. Select OK.

Use an internal NTP server

  1. Open Manage System -> Configure NTP

  2. Change “DHCP” to “Static”.

  3. Enter the fully-qualified domain name of the NTP server you wish to use.

  4. Select OK.  

Note: You cannot use NTP via DHCP if you are not using DHCP to assign an IP address.

Change admin password

  1. Open Manage System -> Change admin password

  2. Change the admin password

  3. Select OK.

Note: You cannot log into the Daylight Web Interface as “admin”, but must log in as one of the created users (see “Workspaces and Users”).  

Configure root certificate

  1. Open Manage System -> Configure root certificate

  2. Upload your root certificate to the Virtual Machine via sftp using a command similar to
    sftp certcopy@[hostname]:ssl <<< '$put [/path/to/certificate.pem]'
    If prompted for a password, use the admin password.

  3. The new certificate should appear in the list below “Clear existing certificate”; select it.

  4. Select OK.

Configure SMTP

  1. Open Manage System -> Configure SMTP

  2. Enter the SMTP host name and the SMTP port.

  3. Select “Use StartTLS” and “Require valid certificate” if you would like to encrypt your connection to the SMTP server.

  4. Enter the SMTP username and the associated SMTP password, if required by your SMTP server.

  5. Select OK.

NOTE: In order to use TLS, you may need to configure your root certificate.

Configure System Notifications

  1. Open Manage System -> Configure system notifications

  2. Enter the email address *to* which system alerts should be sent (probably your own email address).

  3. Enter the email address *from* which system alerts should be sent.

  4. Select OK.

NOTE: In order to have the Virtual Machine send alert emails, you need to have configured SMTP.

Configure Application Notifications

  1. Open Manage System -> Configure application notifications

  2. Enter the email address from which application notifications (for instance, “forgot email” notifications) should be sent.

  3. Enter the URL for the Luminoso Daylight UI, so that links will work in application notification emails.

  4. Select OK.

NOTE: In order to have the Virtual Machine send alert emails, you need to have configured SMTP.

Configure HTTPS

  1. Open Manage System -> Configure HTTPS

  2. Select “Enable HTTPS”.

  3. Upload your certificate and key to the Virtual Machine via sftp using a command similar to
    sftp certcopy@[hostname]:https <<< $'put [/path/to/certificate.pem]'
    If prompted for a password, use the admin password.

  4. Your certificate and key should both appear in the lists below; select the certificate file in the “Select Certificate File” list and the associated key in the “Select Key File” list.

  5. Select OK.

Configure SAML

The Luminoso Daylight implementation of the SAML2 Single Sign-on Profile uses the HTTP Redirect (GET) and HTTP POST Bindings on our Single Login and Assertion Consumer Endpoints.

...

  1. Open Manage System -> Configure SAML andselect Use SAML.

  2. Select the SAML Response and Authentication Request signing and encryption options that match your policies and IDP configuration.
    Note: If you select “Support password authentication in addition to SAML” local accounts and SAML accounts can log in. If you deselect it, only SAML users can log in to the system.

  3. Enter the Identity Provider Entity ID, and Single Sign-on URLs.
    You can get this information from your Identity Providers SAML 2.0 Identity Provider Metadata by looking for:

    1. EntityDescriptor entityID="[IDP Entity ID]"

    2. SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="[IDP Single Signon URL]"

    3. dsig:X509Certificate 

  4. Generate a public certificate and private key in PEM format for SAML using a command similar to:
    openssl req -new -x509 -days 365 -nodes -out sp_cert.pem -keyout sp_key.pem

  5. Ensure that all the file are world readable before uploading them by running a command similar to:
    chmod 644 *.pem

  6. Upload your identity provider certificate, newly generated certificate and private key to the Virtual Machine via sftp using commands similar to:
    sftp certcopy@[hostname]:saml <<< $'put [/path/to/idp.cert|sp_cert.pem|sp_key.pem]'
    If the system prompts you for a password, use the admin password. The new certificates and key appear in the list below “IDP Certificate File”, “SP Certificate File”, and “SP Private Key File”

  7. Select the new certificate files and key.

  8. Select OK.

...

Send Logs to an rsyslog Server

  1. Open Manage System -> Configure rsyslog Server

  2. Enter the name of your rsyslog server.

  3. Select OK.

Start an instance of Daylight on-site

  1. Go to: Manage Service

  2. Select Start Daylight.

  3. Select OK from the popup, and then OK in the menu.
    Note: It may take up to five minutes for the application’s services to fully start.

Stop an instance of Daylight on-site

  1. Go to: Manage Service

  2. Select Stop Daylight.

  3. Select OK from the popup, and then OK in the menu.

Collect Support Logs

  1. Go to: Manage Service

  2. Select Collect Support Logs. After the logs are collected, instructions on how to download them from the appliance appear on screen.

Daylight on-site: Workspaces and Users

To complete any of these tasks, you must log in to the on-site virtual machine using admin credentials. 

...

Create a user

  1. Go to: Manage Users and Workspace -> Create User

  2. Enter a username and password.
    Note: As a best practice, create a username using the user’s email address. This ensures that the user receives the correct notifications and alerts. If you create a user without an email address, you must add them to all workspaces using the on-site menu. 

  3. Select OK.
    Note: Make sure you grant your users permissions (see next step). A user without permissions sees an empty page with no options upon login.  

Create a workspace

  1. Go to: Manage Users and Workspace -> Create Workspace

  2. Enter the human-readable name of the workspace you wish to create.

  3. Select OK.

Grant/Change user permissions

  1. Go to: Manage Users and Workspace -> Change User Access.

  2. Enter the username of the user whose permissions you wish to change.

  3. For each workspace, check the permissions you wish to give the user.

  4. To remove permissions, use the space bar instead of the enter key.

  5. Select OK.
    Note: Users with Organization roles have those permissions on all projects in all workspaces, though their permissions are not explicitly listed.  

Change a user’s password

  1. Go to: Manage Users and Workspace -> Change User Password

  2. Enter the username of the user whose password you wish to change, as well as the new password.

  3. Select OK.

Delete a user

  1. Go to: Manage Users and Workspace -> Delete User

  2. Enter the username of the user you wish to delete.

  3. Select OK.

Delete a workspace

  1. Go to: Manage Users and Workspace -> Delete Workspace

  2. Select the workspace you wish to delete.
    Note: To prevent accidental data loss, do not delete workspaces that contain projects. To delete this kind of workspace, start by deleting everything it owns through the UI.

  3. Select OK.

Rename a workspace

  1. Go to: Manage Users and Workspace -> Rename Workspace

  2. Select a workspace and enter the new name.

  3. Select OK.

Proxy Settings

If your deployment requires the use of one or more http reverse proxies in front of Luminoso On-site, Luminoso recommends configuring any and all proxies so that requests may be up to 200 MiB in size. 200 MiB is the limit Luminoso imposes internally.

...