Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

Version 1 Next »

Objective 

The document aims to offer a comprehensive overview of Adeptia-managed Karmak FTP, including its relevance, design, setup, and essential details.

  1. Karmak FTP Design and Setup

Karmak, a customer of Adeptia's AC Cloud service, needs to use traditional FTP because one of their integrated applications does not support the SFTP protocol. FTP plays a vital role in the Karmak solution, as all workflows and transactions depend on FTP for processing.

To address this need, we have set up a traditional FTP system using a Virtual Machine in Azure. The FTP server of choice is WS_FTP, which comes with PostgreSQL embedded as its database.

In this setup, we have acquired the WS_FTP license from Karmak under a "BYOL" model. Additionally, we have painstakingly replicated the settings previously used by Karmak in their legacy AIS system.

Key Information

  • FTP Tool: WS_FTP

  • Hosting: Adeptia Hosted VM named “ftpkarmak1”

  • VM Type: Standard B2as v2 (2 vCPUs, 8 GiB memory) 

  • Operating System: Windows (Windows Server 2022 Datacenter)

  • Availability Zone: East US 2 (Zone 3)

  • Public IP Address: 40.75.122.71

  • Private IP Address: 10.0.3.5

  • Virtual Machine is monitored via “BlueMetador” tool by Connectira as a hosted service.

Network Security Group: karmak1-bastion-vm-nsg

  • Karmak's entire VNet is permitted.

  • RDP (port 3389) access is granted for US and India office IP addresses.

  • FTP (port 21) access is permitted for Karmak IPs.

  • Outbound traffic is unrestricted by default.

FTP Storage: 1 additional disk attached to VM “ftpkarmak1”

  • Disk Name: ftpkarmak1_FTP

  • Storage type: Premium SSD LRS

  • Size: 128 GBs

  • Encryption type: Platform-managed (Microsoft) key

  • Backup: Daily

  • Back Retention: 1 Month

  1. VM Access to see FTP details:

Steps to connect to the FTPKarmak1 VM and access the FTP drive, WS_FTP Application, and Database details:

  1. Launch the "MSTSC" command by typing it in the Run dialog and pressing Enter.

  2. Input the Public IP Address of the VM, which is "40.75.122.71", and then click on Connect.

  3. Use the credentials stored in "MyGlue" under Password → Karmak → ftpkarmak1, and then click OK.

  4. Navigate to This PC to view the FTP Drive (E:).

  1. The folder structure within this directory is a replica of the one found on the Karmak AIS FTP server.

  1. Each directory or folder is "NFS mounted" to be utilized within Linux-based AC Cloud containers (Pod).

By accessing any Pod Shell in the Karmak Prod or Sanbox namespace within Lens, you can observe the following folder paths: "/mnt/development" for AC Sandbox and "/mnt/production" for AC Production. For detailed instructions on mounting, refer to the documentation.

  1. WS_FTP: WS_FTP Server is set up on Virtual Machine “ftpkarmak1” as an FTP Server application. The installation and configuration process followed the WS_FTP Online Documentation available at https://docs.ipswitch.com/WS_FTP_Server2020/Installation/index.htm‌.

    Additionally, Postgre SQL Version 14 was integrated into this application to serve as its database. This database was automatically installed alongside WS_FTP. All pertinent information, including the Master Admin credentials, is securely stored in “PostgreSQL Master Admin” within “MyGlue”.

Key Points:

  • The WS_FTP license, provided by Karmak under a "BYOL" model, is utilized.

  • This license is renewed annually.

  • Current License Activation Date: 11/22/2023

  • License Expiry Date: 11/21/2024 (Reminder set on Google for 1st November 2024).

  • The backup from the Karmak AIS FTP setup has been imported, and the setup in Adeptia-hosted FTP mirrors the AIS setup in terms of folder structure and users.

  • The AIS FTP backup is now operational in the Adeptia-hosted FTP.

  • AIS Notifications are active in the Adeptia-hosted FTP.

We have a site-to-site VPN setup with our client Karmak from AC4 in Azure (VNG name: karmak1vng) with two connections (karmak1 & karmak2-dev). Their Prod network is completely isolated from Non-Prod, which is the reason for the two connections. In PROD connection, we are using NATing as well (10.0.0.0/20 → 10.100.16.0/20). 

For Adeptia Hosted AC Connection to FTP Servers, we had to add many IP addresses of Karmak’s partners to Local Network Gateway (karmak1-lng).

WS_FTP can be found by searching WS_FTP in searchbox in “karmak1” VM

It will open WS_FTP Web Management Console with URL http://127.0.0.1/WSFTPSVR/login.asp (in local machine). Generally it is accessible using http://10.0.3.5/wsftpsvr/login.asp 

User credentials are stored in “MyGlue” under the Karmak folder → Karmak_WS_FTP.

Host Details, Users, Folders and all other information can be seen in the console. Since all the settings are imported from Karmak hosted WS_FTP so avoid making any changes without any reason and be very careful.

Karmak users are also given access to the WS_FTP using the web console (NOT VM Itself). They access it via the URL below using admin@admin user. (Credentials were shared with them).

Non-NATed VPN Connection: http://10.0.3.5/wsftpsvr/login.asp 

NATed VPN Connection: http://10.100.19.5/wsftpsvr/login.asp

This access is necessary for them to regularly update their partner data, configuration, folder during adding, removing and modifying partners.

  1. Network Diagram

  1. Customer Points of Contact for WS_FTP license renewal

                                                                                                                                                                                                

  • No labels