Axon Server Google Marketplace Installation Guide
Installing Axon Server using Google Marketplace
Axon Server Enterprise is now listed in Google GCP Marketplace. This allows your team to deploy a single instance or a 3-node cluster Axon Server in your Google Project.
Purpose and intended audience
This guide is intended for engineers, developers, and system administrators who want to install Axon Server on the Google Marketplace.
The guide covers
-
Requirements for your Google Project
-
An overview of required and recommended fields
-
How to secure your Axon Server installation
-
Basic maintenance guide for your cluster
Pre-requisites
The network is the backbone for communication between Axon Server Enterprise nodes and applications.
During the installation process, a DNS entry is created for each Axon Server node: this is used to configure and set up communication between the nodes.
VPC Network and Subnetwork
Your Google project must have an existing VPC Network and Subnetwork configured for the zones in where you want to install your cluster: you can define one using the Google Console UI
Cloud DNS Zone
Your Google project must have a Cloud DNS Zone configured: you can define one using the Google Console UI.
Write down the name of your Cloud DNS Zone : it will be requested in a form field during the installation process.
Cloud Resource Manager API
The deployment uses Cloud Resource Manager API, therefore this API must be enabled before proceeding with the installation.
Secret manager API
If you plan to store your sensitive data in Google Secret Manager, you must enable the API first.
Required and recommended fields overview
The following is a list of fields that you will be prompted to fill in during your installation.
Deployment name
This is used in the installation to give the deployment a name and to distinguish it from other deployments in the same Google project.
It is also used as a PREFIX to name resources used by the deployment.
Deployment Service Account / Service account ID / Service Account description
Used by Google as the user to run Terraform: it requires several admin roles because they are used to create resources in the project itself.
Cloud DNS Zone of your network domain (mandatory / prerequisite)
This is a prerequisite that must be created in the project beforehand. It is used to create DNS entries for instances, for example axonserver-1.mydomain.net
, axonserver-2.mydomain.net
axonserver-3.mydomain.net
.
These addresses are used by the configuration for internal calls and can be used by the user to connect to the VM from a running Axon Framework application.
Internal Network Domain
This is the domain to append to the hostname of the VM’s. It should match the value the user entered in the DNS zone details
(for example, mydomain.net
).
Enable Google Ops Agent This is a non-mandatory option, but recommended. You may incur in additional charges from Google for using this service.
Google Ops Agent is the Google way to collect logs and metrics, and is displayed in the dashboard / log explorer.
Use Google Secret Manager
This is a non-mandatory option, but recommended. You may incur in additional charges from Google for using this service.
If selected, sensitive data such as the admin password (randomly generated during the installation) will be stored in the Google Secrets Manager, where only accounts with specific permissions can access and read/change the value.
If not selected these values will be stored in the VM Metadata : these values can be read by anyone who has access to the Google Dashboard, even users with lower permissions (such as editor
role).
Basic maintenance of your cluster
After the installing Axon Server Enterprise three new VMs will be available in your project.
You can gather the list of available VMs using the following command
gcloud compute instances list --project=YOUR_PROJECT_ID
If you want to adjust some properties for your cluster, you can ssh
into your machine with the following command
gcloud compute ssh YOUR_INSTANCE_NAME-0 --project=YOUR_PROJECT_ID --zone=YOUR_ZONE
You can connect to the AxonServer UI by opening a tunnel on port 8024 to one of the instances in your cluster, and then opening http://localhost:8024 in your browser.
gcloud compute start-iap-tunnel YOUR_INSTANCE_NAME-0 --project=YOUR_PROJECT_ID --zone=YOUR_ZONE 8024 --local-host-port=localhost:8024
Check logs and VMs resources
If you enabled Google Ops Agent during the installation, you can check the logs by going to Google Logs Explorer and selecting axonserver
in the _Select log names dropdown.
The Observability panel of your VMs will display important information such as CPU Utilization, Memory Utilization, Disk Space Utilization, Disk IOPS and details of running processes
If you haven’t enabled the Google Ops Agent option, you can check the logs and VM resources using Axonserver UI or by opening an ssh
connection to the VM.
Update your Axon Server
Axon Server is installed as a Linux package in your VM instance. You can then update it as a regular package, using sudo apt update axonserver -y
After the update process, you will need to stop and restart the process.
sudo systemctl stop axonserver
sudo systemctl start axonserver
As a regular Axon Server cluster, we recommend that you update and restart a single instance at a time to ensure that your cluster is running with zero downtime. After each restart, you need to check the health of your cluster. You can do this by looking at one of your AxonServer UIs that is not restarting.
Secure your AxonServer installation
By default, your cluster is installed without TLS/SSL enabled.
To secure your AxonServer installation and prepare it for production, please consult the Security section of the Axon Server reference guide.