Migrating solace configuration from one environment to another

Naga
Naga Member Posts: 58

I am creating a cli script using the command in Dev environment and sftp the file to target env . Then execute the script to create VPN and all other objects. To perform all these tasks I am using my admin credentials and sftp user. Is there a way we can achieve this without using admin credentials ?
solace> show current-config message-vpn myVPN > cliscripts/myVPN.cli

Comments

  • uherbst
    uherbst Member, Employee Posts: 121 Solace Employee

    Hi Naga,
    To execute myVPN.cli on a broker, you need admin permissions on that broker... and for that you need admin credentials.
    There are at least 2 comments about easier handling, if your are using a docker container as software broker (that is: not an solace appliance, no solace cloud instance):
    1. If your docker container maps its volumes somewhere into the host filesystems, you can just copy your cli-scripts in the host... no need to do this inside the container or with the filetransfer user.
    2. you can also start your cli with "docker exec -it solace cli" from your host shell (because host-root has admin permission in the docker container and in the cli) - and with that, you haven't to give your admin credentials.

    Uli

  • swenhelge
    swenhelge Member, Employee Posts: 77 Solace Employee

    As Uli wrote - you always need to authenticate against the broker when you do not have direct access to the host system. You can configure authorized keys for accounts on the broker if that is a more acceptable approach than using username and password see "Adding SSH Keys to User Accounts" at https://docs.solace.com/Configuring-and-Managing/Configuring-Multiple-Shell-Users.htm