Installing bh-gateway-client across different network scopes enables unified management of on-premises IDC assets, private network assets of other cloud platforms, and public network assets.
Operation Steps
Network Area Purchase
After the BH instance is purchased and deployed successfully, a default network domain is created, which is the VPC where the BH instance is deployed.
When users need to create additional networks, they first need to purchase a network domain extension pack.
2. In the left sidebar, select Activate Service > Service List.
3. On the service list page, select the instance that requires network domain adjustment, and click More > Adjust Network Domain to the right of the instance.
4. In the Adjust Network Domain pop-up window, purchase the number of network domains based on actual requirements.
2. In the left sidebar, select Activate Service > Network Domain.
3. On the Network Domain page, click New to pop up the New Network Domain window.
4. In the New Network Domain pop-up window, configure the relevant parameters and click OK.
Parameter Name
Details
Access BH resource ID.
The BH instance to which this network domain belongs. When assets are bound to this BH and this network domain, the BH will initiate connections via the client of this network domain.
Network area name.
The name displayed in the network domain and assets. It is recommended to use descriptive names to indicate the environment this network domain belongs to.
IP
The allowlist of public IP addresses that the network domain client (bh-gateway-client) can use to connect to the BH instance. You can configure a single IP or CIDR block, with one entry per line. Multiple IPs must belong to the same network (the same VPC or LAN).
Client installation
After the network domain is configured, it remains in a disconnected state. You need to download and install the script, and deploy it on one or more servers within the target network domain that can access the public IP addresses of the BH.
Note:
The client of a network domain can be installed on one or multiple servers within this network domain to provide services. It is recommended to configure at least two servers for high availability. Ensure that the client is not installed across different network domains, which may result in some servers being accessible while others are inaccessible
The client script must be installed on a Linux machine
2. In the left sidebar, select Activate Service > Network Domain.
3. Select the network domain that requires installation operations, and click Download Installation Script in the operation bar.
4. After uploading the installation script to the server, execute the script.
5. Use ps aux | grep bh_gateway_client to check whether it has started properly.
6. Check the /var/log/tsecbh/bh_gateway.log log file to determine whether the Client is properly connected to the BH instance.
7. Refresh the network domain page on the console and verify that its status displays as Enabled.
Asset Configuration
Note:
When binding assets to the BH instance, you must specify the associated network domain. If the asset and the BH instance reside in the same VPC, select the default network domain for the asset
When the asset belongs to another network domain, please configure the network domain as needed
