CyberCity

CyberCity
Deployment Manual
ZHEJIANG DAHUA VISION TECHNOLOGY CO., LTD. V1.3.0

Deployment Manual
Foreword
General
This manual introduces the functions and operations of the CyberCity platform (hereinafter
referred to as "the Platform"). Read carefully before using the platform, and keep the manual
safe for future reference.
Safety Instructions
The following signal words might appear in the manual.
Signal Words Meaning
Indicates a high potential hazard which, if not avoided, will result

in death or serious injury.
Indicates a medium or low potential hazard which, if not

avoided, could result in slight or moderate injury.
Indicates a potential risk which, if not avoided, could result in
property damage, data loss, reductions in performance, or
unpredictable results.
Provides methods to help you solve a problem or save time.
Provides additional information as a supplement to the text.
Revision History
Version Revision Content Release Time
● Added hot standby verification during
system update. November 2023
V1.3.0
● Added intrusion detection to security
configuration.
V1.2.0 Added the deployment of the cloud database. June 2023
● Updated deployment procedures.
V1.1.0 ● Added the deployment of the independent November 2022
database.
V1.0.1 Added requirements. July 2022
V1.0.0 First release. April 2022
Privacy Protection Notice

As the device user or data controller, you might collect the personal data of others such as
their face, fingerprints, and license plate number. You need to be in compliance with your local
privacy protection laws and regulations to protect the legitimate rights and interests of other
people by implementing measures which include but are not limited: Providing clear and
visible identification to inform people of the existence of the surveillance area and provide
required contact information.
I
Deployment Manual
About the Manual

● The manual is for reference only. Slight differences might be found between the manual
and the product.
● We are not liable for losses incurred due to operating the product in ways that are not in
compliance with the manual.
● The manual will be updated according to the latest laws and regulations of related
jurisdictions. For detailed information, see the paper user’s manual, use our CD-ROM, scan
the QR code or visit our official website. The manual is for reference only. Slight differences
might be found between the electronic version and the paper version.
● All designs and software are subject to change without prior written notice. Product updates
might result in some differences appearing between the actual product and the manual.
Please contact customer service for the latest program and supplementary documentation.
● There might be errors in the print or deviations in the description of the functions,
operations and technical data. If there is any doubt or dispute, we reserve the right of final
explanation.
● Upgrade the reader software or try other mainstream reader software if the manual (in PDF
format) cannot be opened.
● All trademarks, registered trademarks and company names in the manual are properties of
their respective owners.
● Please visit our website, contact the supplier or customer service if any problems occur
while using the device.
● If there is any uncertainty or controversy, we reserve the right of final explanation.
II
Deployment Manual
Table of Contents
Foreword .................................................................................................................................................... I
1 Deployment Introduction ...................................................................................................................... 1
2 Deployment Types ................................................................................................................................ 6
2.1 Standard Deployment ................................................................................................................... 6
2.2 Non-standard Deployment ........................................................................................................... 6
3 Preparations......................................................................................................................................... 11
4 Deployment Process ........................................................................................................................... 15
4.1 Standalone Deployment ............................................................................................................. 15
4.1.1 Burning the USB Flash Drive ............................................................................................ 15
4.1.2 Configuring RAID ................................................................................................................ 17
4.1.3 BIOS Settings ...................................................................................................................... 25
4.1.4 Installing the System .......................................................................................................... 27
4.1.5 Initialization ......................................................................................................................... 29
4.1.6 Deployment Confirmation .................................................................................................. 31
4.1.7 Installing and Logging in to the Client ............................................................................. 31
4.1.8 Licensing ............................................................................................................................. 33
4.1.8.1 Applying for a License ............................................................................................... 33
4.1.8.2 Activating License ...................................................................................................... 33
4.1.8.2.1 Online Activation ................................................................................................ 34
4.1.8.2.2 Offline Activation ................................................................................................ 34
4.1.8.3 Changing License ....................................................................................................... 34
4.1.8.4 License Information ................................................................................................... 35
4.2 Independent Database Deployment .......................................................................................... 35
4.3 Hot Standby ................................................................................................................................. 36
4.3.1 Configuring Hot Standby in the Config System .............................................................. 36
4.3.2 Configuring Hot Standby by Using Rose ......................................................................... 38
4.4 Distributed Deployment ............................................................................................................. 55
4.5 N+M Deployment ......................................................................................................................... 56
4.6 Cloud Database Deployment ..................................................................................................... 58
4.6.1 Switch Configuration .......................................................................................................... 58
4.6.2 Preparing the System Image ............................................................................................. 59
4.6.3 Burning a USB Flash Drive ................................................................................................ 59
4.6.3.1 Preparations ................................................................................................................ 59
4.6.3.2 Writing the System Image ......................................................................................... 59
4.6.4 Configuring the Server ....................................................................................................... 60
4.6.4.1 Configuring HDD RAID1............................................................................................. 60
4.6.4.2 Configuring Non-RAID Mode..................................................................................... 65
III
Deployment Manual
4.6.4.3 Setting the Boot Device ............................................................................................. 68
4.6.4.4 Setting Boot Mode to BIOS ....................................................................................... 69
4.6.5 Installing the Cloud Database ........................................................................................... 70
4.6.6 Modifying IP Addresses ..................................................................................................... 72
4.6.7 Deploying the Cloud Database .......................................................................................... 73
4.6.8 Activating the License........................................................................................................ 76
4.6.9 Connecting the Cloud Database to CyberCity................................................................. 77
4.7 LAN/WAN Deployment ............................................................................................................... 81
4.7.1 Initializing the Router ......................................................................................................... 81
4.7.2 Configuring LAN/WAN ....................................................................................................... 81
4.7.3 Configuring Mapping IP ..................................................................................................... 82
4.8 Verification ................................................................................................................................... 83
5 Storage Configuration ........................................................................................................................ 84
5.1 Adding a Network Disk ............................................................................................................... 84
5.2 Changing the Disk Type ............................................................................................................. 85
6 Deployment Cases .............................................................................................................................. 86
6.1 Main Server (Hot Standby) + Sub Server (N+M) + Independent Database (Hot Standby) .. 86
6.2 Main Server (Hot Standby) + Sub Server (N+M) + Cloud Database....................................... 86
6.3 Configuring Hot Standby for the Main Server after Distributed Deployment ...................... 86
Appendix 1 Service Module Introduction ............................................................................................ 87
Appendix 2 Solutions to Abnormal Disk Status ................................................................................. 89
Appendix 3 Upgrading the Cloud Database ........................................................................................ 95
Appendix 3.1 Preparations ............................................................................................................... 95
Appendix 3.2 Upgrading Cloud Database Services ...................................................................... 95
Appendix 4 Cybersecurity Recommendations ................................................................................... 97
IV
Deployment Manual
1 Deployment Introduction
This manual introduces the methods and procedures to deploy the platform. For information
on how to deploy devices that will be added to the platform, see their deployment manuals.
You can select a deployment mode from standalone deployment, distributed deployment, hot-
standby deployment, LAN/WAN deployment, cascaded deployment, and N+M deployment. In
addition, you can deploy an independent database or a cloud database to meet ever-
increasing storage requirements. An independent database can store up to 300 million pieces
of data, and a cloud database can store up to 500 million or 2 billion pieces of data.
Standalone Deployment
Standalone deployment deploys only one server, applicable for use in towns.
Figure 1-1 Standalone deployment
Distributed Deployment
Applicable for use in cities. By expanding the sub server, the platform access, storage,
bandwidth, event concurrency and other performance can be expanded. The sub servers are
uniformly registered to the main server, which schedules and manages all the sub servers.
1
Deployment Manual
Figure 1-2 Distributed deployment
Hot Standby Deployment

It is suitable for scenarios that require high system stability. A standby server is prepared in
this deployment mode. When the main server cannot work due to problems such as power
failure, network disconnection and frozen computer, the standby server will take over the work
of the main server to ensure the system stays normal.
Figure 1-3 Hot standby deployment
N+M Deployment
To ensure the stable operation of the sub server, you can deploy a backup server for the sub
server. When abnormality occurs on one of the sub servers, the system selects an idle server
from the M backup servers of the sub server to take over.
2
Deployment Manual
Figure 1-4 N+M deployment
LAN/WAN Mapping Deployment

When the platform, client, and device are working together as follows, you need to set up
LAN/WAN mapping to realize intercommunication between them. Refer to the platform port
matrix for mapping.
● Scenarios where the platform and the device are deployed on the intranet, and the
management client is deployed on the public network. For external network clients to
access the intranet platform, the IP and port of the platform need to be mapped to the
public network.
● Scenarios where the platform is deployed on the intranet, and the device is deployed on
the public network. If the device is registered to the platform by active registration, the IP
and port of the platform (active registration port 9500, active registration redirection port
9005) need to be mapped to the public network. If the device is added to the platform by IP,
add the public network IP and port of the device.
Cascading Deployment
In the actual operating environment, devices such as access cameras, emergency phone
towers and lower-level encoders, and data storage service resources might not be deployed
on the same domain. Cascading deployment is helps solve the problem of cross-industry and
cross-regional access to data resources, achieving interconnection among multiple overseas
digital city platforms.
3
Deployment Manual
Figure 1-5 Cascading deployment
Independent Database Deployment

If module data such as passed vehicle records and GPS records of emergencies are too large
to be stored in the internal database, you can deploy an independent database to meet your
needs. All the above deployment modes support deploying an independent database, and the
following typology uses standalone deployment as an example.
Figure 1-6 Independent database deployment
4
Deployment Manual
Cloud Database Deployment

If the storage requirements still cannot be met after you deploy an independent database, you
can deploy a cloud database. All the above deployment modes support deploying a cloud
database, and the following typology uses standalone deployment as an example.
Figure 1-7 Cloud database deployment
5
Deployment Manual
2 Deployment Types
2.1 Standard Deployment

All standard project deliveries and demonstrations are considered as standard situations.
Standard Project
Follow this document to deploy the platform.
Table 2-1 Hardware requirements

Item Description
Main server Material number: 1.2.02.02.10418.
Prepare N servers as sub servers, and M servers as spare servers for
Sub server the sub servers.
Material number: 1.2.02.02.10433.
Independent
Material number: 1.2.02.02.10418.
database
Material number: 1.2.02.02.10451 (500 million pieces of data),
Cloud database
1.2.02.02.10450 (2 billion pieces of data)
Network A switch of gigabit and above is required.
We recommend you use a 16 or 32 GB USB flash drive manufactured
by SanDisk, Kingston, HP, or other famous brands.
USB flash drive The USB drive you use must be smaller than 100 GB. Otherwise, it will
be considered as a local disk that might cause the system installation to
fail.
2.2 Non-standard Deployment

Situations that use servers obtained from customers or other channels for project delivery are
considered as non-standard situations.
Non-standard Servers
Operation requirements:
● Use a new server whenever possible. An old server may have been configured with RAID
or disks, and the network port information may be incorrect, which will affect installation
and deployment.
● Make sure that the main server, the spare server for the main server, the sub server, and
the spare server for the sub server meet the following requirements, and follow this
document to deploy the platform.
6
Deployment Manual
Item Description
Performance requirements:
● Server architecture: X86.
● CPU: 16 threads or above, with clock rate above 1.8 GHz.
● Memory: DDR4 16 GB × 2.
● HDD: 1 TB to 30 TB. We recommend that you use two 1 TB HDDs to
create RAID1.
Main ● SSD: 480 GB to 3 TB. We recommend that you use two 480 GB SSDs to
server
create RAID1.
● Network port: 8 network ports.
● Dimensions: 728.23 mm × 482.0 mm × 42.8 mm.
The specifications described above are minimum requirements.
● CPU: 8 threads or more, with 1.8 GHz clock rate or above.
● Memory: 16 GB or more.
Sub ● Hard disk: HDD 1TB or more × 2, with read and write performance 400
server MB/s or above. Create RAID1.
● Network port: 1 or more. Both uplink speed and downlink speed must be
gigabit or above.
● Operating system: CentOS 7.7.
Independe
The performance requirements of the independent database are consistent
nt
with those of the main server.
database
We recommend you use a 16 GB or 32 GB USB flash drive manufactured by
SanDisk, Kingston, HP, or other famous brands.
USB flash
drive The USB drive you use must be smaller than 100 GB. Otherwise, it will be
considered as a local disk that might cause the system installation to fail.
Table 2-3 Partition recommendations

Description (using recommended configurations as an
Item
example)
Directory (HDD: 1
Partition size File system
TB)
/mnt/dom_bin 8 GB xfs
/mnt/dom_data 200 MB ext3
Main server
/ 100 GB xfs
/log 200 GB xfs
/tmp 20 GB xfs
/opt Remaining space xfs
7
Deployment Manual
Description (using recommended configurations as an

Item
example)
/bak 400 GB xfs
Directory (SSD: 480
GB)
/opt/mysql 480 GB xfs
Directory (HDD: 1
TB)
Sub server / 100 GB xfs

/log 200 GB xfs
/tmp 20 GB xfs
/bak 200 GB xfs
Directory (HDD: 1
TB)
/ 100 GB xfs
Independent /log 200 GB xfs

database /tmp 20 GB xfs
/bak 500 GB xfs
Directory (SSD: 1
TB)
/opt/mysql 1 TB xfs
The main platform and independent database platform need to set the /opt/mysql partition,
otherwise the data clearing service cannot run properly.
Virtualization
Please contact the person responsible for CyberCity virtualization deployment for more
information.
8
Deployment Manual
Item Description
● Server architecture: x86.
● CPU: 16 threads or above, with 1.8 GHz clock rate or above.
● Memory: 32 GB or above.
Main server ● Hard disk: system disk 1TB–30 TB. Data disk: 500 GB or above to
store up to 100 million data.
● Network port: 1 or above. Both uplink speed and downlink speed must
be gigabit or above.
● CPU: 8 threads or above, with 1.8 GHz clock rate or above.
● Memory: 16 GB or above.
● Hard disk: system disk 1TB or above, with read and write performance
Sub server
400 MB/s or larger.
● Network port: 1 or above. Both uplink speed and downlink speed must
be gigabit or above.
Network Gigabit or above.
POC Demo
Only POC demo deploys the POC mode with local disks as storage medium. Other modes do
not use local disks to store images, files, and videos. For details on adding network disks, see
"5.1 Adding a Network Disk".
The POC demo does not require you to prepare the main server standby and the sub server.
During the installation, select Auto Install CentOS 7 POC, and the system will generate 3
partitions and mountings by default: 10% for videos, 5% for pictures, and 5% for files. At least
1 HDD (1 TB–30 TB) is required. The larger the virtual disk (RAID0), the more data it can
store. For example, a 1 TB disk coming with the standard server will generate 3 partitions: 100
GB for videos, 50 GB for pictures, and 50 GB for files.
9
Deployment Manual
Data in the video disk and the picture disk will be cyclically overwritten after 95% of the
capacity is used.
Figure 2-1 Start installing POC

Item Description
● Material number: 1.2.02.02.10433.
● Performance requirement:
◇ Memory: DDR4 16 GB or above × 2.
◇ HDD: 1 TB × 2.
Server ◇ Network port: 4 network ports.
Network A switch of gigabit and above is required.

We recommend you use a 16 or 32 GB USB flash drive manufactured by
SanDisk, Kingston, HP, or other famous brands.
USB flash
drive The USB drive you use must be smaller than 100 GB. Otherwise, it will be
considered as a local disk that might cause the system installation to fail.
10
Deployment Manual
3 Preparations
Acquiring Software Version Information

Contact Chinese technical support specialists to obtain the system mirror and CyberCity
installation package.
Topology and Preparations

The following content introduces the topology and preparations for applying distributed
deployment and N+M deployment at the same time as an example. For different deployment
methods, you can make according changes to the preparations. For example:
● If you do not need standby servers in distributed deployment, you only need to prepare N
sub servers, M × 2 power cables, and M network cables.
● If you do not use distributed deployment, then no sub servers are needed, and you only
need to prepare (N+M) × 2 power cables, and N+M network cables.
● If you only use standalone deployment, you only need to prepare 1 server, 2 power cables,
and 3 network cables.
● If you use LAN/WAN deployment, preparations are the same as follows.
Figure 3-1 Topology for reference
11
Deployment Manual
Table 3-1 Preparations
Item Quantity Description Use
Burn the USB flash drive
and commission after
installation.
● CPU: Intel i5 or faster. Try to use a laptop or
Laptop 1
● RAM: 8 GB or larger. computer provided by
clients to make sure you
have the permission to
access their networks.
● CPU: Intel Core i5-
6500, 3.20 GHz or
faster.
● RAM: 16 GB or larger.
● Graphics card: Install, log in to, and
Comput
1 NVIDIA® GeForce® operate the management
er
GTX 1050. client.
● Network card; 1000
Mbps.
● Hard drive: 200 GB for
the management client.
Material number:
● Server that have been One is used as the main
Hardwar
Main configured: server, the other as the
e 2
server 1.2.02.02.10418-006 standby server to the
main server.
● New server:
1.2.02.02.10418
Material number:
N servers are used as
● Server that have been sub servers in distributed
Sub configured: deployment, and M
N+M
server 1.2.02.02.10433-001 servers as standby
servers to the sub
● New server: servers.
1.2.02.02.10433
We recommend you use a
Display 1 Connect to the servers.
19-inch display or bigger.
Networ A gigabit switch that is Connect the servers to a
1
k switch usually provided by clients. network.
One EVS for each sub
Material number:
EVS N server to store images
1.0.01.05.10172.
and videos.
VGA Connect the server and
1 -
cable the display.
Power (1+1+N+
- 2 cables for each server.
cable M) × 2
12
Deployment Manual

3 cables for the main
server: One to connect
the laptop or computer to
the main server or the
switch; 2 to connect the
main server to the
switch, and the length of
each cable depends on
the dimensions of the
Networ server racks in the server
3+1+N+
k Cat5e 1000 Mbps. room, and the
M+1
cables arrangement of servers,
the switch, and related
devices.
One cable for each
standby server to the
main server, sub server,
and standby server to
the sub server.
One for backup.
Mouse
Connect to the computer
and
1 set — to operate the
keyboar
management client.
d
We recommend you use a
16 or 32 GB USB flash
drive manufactured by
SanDisk, Kingston, HP, or
other famous brands.
Stores the installation

USB
The USB drive you use packages of the
flash 1
must be smaller than 100 operating system and
drive
platform.
GB. Otherwise, it will be
considered as a local disk
that might cause the
system installation to fail.
13
Deployment Manual

Install the operating
system and platform on
the servers and
commission after the
installation. It includes
navicat
● Download it at the GDP 160_mongodb_cs_x64,
MobaXterm_Portable
website.
Toolkit 1 v22.0, UltraISO9
● File number: Premiun V9.72, jdk
2.7.01.02.03149. 1.8.0_151.7z, wireshark
win64-3.6.3, Postman
win64-9.15.2, and rufus-
4.0. You can download
Softwar Rufus at
e http://rufus.ie/downloads/
.
IP 1+1+N+ Make sure that these IP One IP address for each
address M addresses are not in use. server.
● Download it at the GDP
The operating system to
ISO website.
1 be installed on the
image ● File number: servers.
2.4.01.01.12902.
● Download it at:
https://gdp.dahuatech.c
Applicat The platform to be
1 om.
ion installed on the server.
● File number:
2.7.01.02.03111.
14
Deployment Manual
4 Deployment Process
4.1 Standalone Deployment

Prerequisites
Prepare a server that meets the following requirements before deployment. If you need a
server different from the following specifications, we can also provide related services.
● DDR4 memory: 16 GB × 2
● SSD: 480 GB × 2
● HDD: 1 TB × 2
Background Information
For servers that have not been configured, follow the procedure below.
Figure 4-1 For servers not configured
For servers that have been configured, start reading from "4.1.5 Initialization".
Figure 4-2 For configured servers
4.1.1 Burning the USB Flash Drive

Procedure
Step 1 Insert the USB flash drive into the computer.
Step 2 Double-click on the desktop.
15
Deployment Manual
If there is no UltraISO software in the system, you need to get the installation
package from the Internet and then install it.
Figure 4-3 Operation page of UltraISO
Step 3 Select File > Open, select the image file DHI-CyberCity_20220309.iso, and then
click Open.
The name of the image file is for reference only. Contact the technical support from
the marketing department to get the image file.
Step 4 Write the image file.
1) Select Bootable > Write Disk Image.
2) Check whether the information of the hard disk drive is that of the USB flash drive
and then click Write.
The system will automatically write the mirror file into the USB flash drive with the
prompt of Burning Succeeded.
16
Deployment Manual
If there is data in the USB flash drive, click Formatting first. Click Write after the
formatting is complete.
Figure 4-4 Write disk image
Step 5 Decompress the CyberCity package to get the .BIN file, and then put it into the
\data\install_scripts\ path of the USB flash drive.
Contact the technical support from the marketing department to get the program file.
4.1.2 Configuring RAID

Notes for Configuration
● We recommend configuring on-site servers with RAID1 for data security. If not, make sure
that the customer is aware of the security risks.
● 2 HDDs are used for RAID1 and 2 SSDs are also used for RAID1. Insert the 2 HDDs
before the 2 SSDs.
17
Deployment Manual
● Set HDD as the boot disk (the system recognizes sda as the boot disk). In this case, sda is
for HDD and sdb is for SSD. You can execute lsblk to view it after installing the system.
Procedure
This section uses the configuration of Dell R440 server as an example.

1. Confirm disk information.
Figure 4-5 Confirm disk information
2. Insert the disks into the server.

Figure 4-6 Insert the disks into the server
3. Insert the prepared USB drive into the server, connect the power cord of the server, and
connect the monitor, keyboard and mouse to the server.
4. Press the power button on the server, wait for the server to finish loading, and then press
the F2 key. The system goes to the System Setup page.
In the following figure, we have already pressed F2. The system is entering System Setup.
Figure 4-7 System setup
5. Select Device Settings, and then press Enter.
18
Deployment Manual
Figure 4-8 Device settings
6. Select Integrated RAID Controller 1.., and then press Enter.
Figure 4-9 Integrated RAID controller
7. Select Main Menu, and then press Enter.
19
Deployment Manual
Figure 4-10 Main menu
8. Select Configuration Management, and then press Enter.

9. Clear the existing RAID.
a. Select Clear Configuration, and then press Enter.
Figure 4-11 Configuration management
b. Select Confirm, press Enter, select Yes, and then press Enter.
Figure 4-12 Confirm
c. Select OK, and then press Enter.
20
Deployment Manual
Figure 4-13 OK
10.Click Back or press Esc to go back to the Configuration Management page, select
Create Virtual Disk, and then press Enter.
Figure 4-14 Create virtual disk
11.Select RAID1, press Enter, and then select Select Physical Disks, press Enter.
Figure 4-15 Select physical disks
12.Select HDD and the 2 HDDs that were inserted, and then select Apply Changes, and
press Enter.
21
Deployment Manual
Figure 4-16 Apply changes
13.Select OK, and then name the RAID.

a. Enter the RAID name, and then drag the scroll bar on the right side to the bottom, select
Create Virtual Disk, and press Enter.
Figure 4-17 Name the RAID
b. Select Confirm, press Enter, and then select Yes, and press Enter.
22
Deployment Manual
Figure 4-18 Confirm the operation
Figure 4-19 OK
14.After you create RAID1 for the HDDs, the system will go back to the Create Virtual Disk
page by default. You can drag the scroll bar on the right side to the top, and then start
creating RAID1 for the SSDs.
Figure 4-20 Create RAID1 for SSD (1)
23
Deployment Manual
24
Deployment Manual
15.After you configure RAID1 for 4 disks, the system prompts that additional virtual disks
cannot be created.
Figure 4-25 Additional virtual disks cannot be created
16.Press Esc several times until the system goes back to the Configuration Management
page. Select View Disk Group Properties to view RAID properties. The information in the
following figure shows that the RAID was successfully created.
Figure 4-26 View RAID properties
4.1.3 BIOS Settings

The section uses DELL R440 as an example to describe how to modify BIOS settings.
Change BIOS Boot Options

1. After you configure RAID1 for HDD and SSD, press Esc multiple times to go back to the
System Setup page, select System BIOS, and then press Enter.
25
Deployment Manual
Figure 4-27 System BIOS
2. Select Boot Settings, and then press Enter.
Figure 4-28 Boot settings
3. Set Boot Mode to UEFI, and then press Enter.

Figure 4-29 Set boot mode
26
Deployment Manual
Change UEFI Boot Sequence

To avoid the system being repeatedly installed when the server is restarted, you need to set
RAID Controller startup as the prioritized boot option.
1. Select UEFI Boot Settings in the preceding figure, and then press Enter.
2. Select UEFI Boot Sequence, and then press Enter.
3. On the Change Order page, select RAID Controller in:..., click +, move RAID
Controller:... to the top, move PXE Device… to the bottom, and then click OK.
Figure 4-30 Hard-disk drive sequence
Select according to the actual conditions. For example, for first-time installation,
select …CentOS, click +. Anyway, make sure that …CentOS is at the top, and PXE
Device… is at the bottom, and then click OK.
4. Press Esc to exit the current page, and then press Esc to display the Saving Changes
page. Select Yes, and then press Enter.
5. Select OK, and then press Enter.
6. Press Esc, and then select Yes to restart the server.
4.1.4 Installing the System

Procedure
Step 1 Insert the USB drive into the server.
Step 2 Select One-shot UEFI Boot Menu, and then press Enter.
27
Deployment Manual
Figure 4-31 Start installation (1)
Step 3 Select Disk connected to back USB 1:DISK 3.0, and then press Enter.
Figure 4-32 Start installation (2)
Step 4 Select Auto Install CentOS 7 Main, and then press Enter.
It takes about 40 minutes to install the server.
28
Deployment Manual
● If multiple servers are being burned at the same time, you need to unplug the
network cable, and operate in a non-networked state. Otherwise, after the server
is burned, under normal circumstances, the system will automatically assign IP
addresses such as 192.168.1.118 to the NICs by default, resulting in a conflict of
IP addresses in the LAN, and the NICs cannot be enabled normally.
● Do not perform any operations during this period to avoid problems with the
automatic configuration script and cause the installation to fail. If the installation
process takes more than 1.5 hours, and the server did not automatically restart, it
can be the installation failed. You can try to install it again. If the problem is not
solved, contact technical support.
● If the page stays on installation disk and does not move on, see "Appendix 2
Solutions to Abnormal Disk Status" for solutions. If the problem still exists, reach
out to our technical support personnel.
Figure 4-33 Select Auto Install CentOS Main
4.1.5 Initialization
When logging in to the platform for the first time, you need to initialize the server.
Procedure
Step 1 Use a network cable to connect the eth0 port of the server and your computer.
29
Deployment Manual
Enter a command on the server, to quickly find the corresponding Ethernet port of
eth0, eth1, eth2, and eth3, so that you can plug in the network cable to the correct
port.
For example, enter ethtool -p eth0 30 on the server, and the Ethernet port of eth0
will flash for 30 seconds indicating its location.
Step 2 Change the IP address of your computer so that it can communicate with the server.
The default IP address of the server is 192.168.1.118.
For example, you can set your IP address as follows.
Figure 4-34 Change IP
Step 3 On your computer, go to platform IP address/config in the browser, and then log in to
the configuration system of the server.
For first-time login, the password reset page is displayed.
Step 4 Enter and confirm the password, and then click Next.
Step 5 Set security questions, and then click Next.
Step 6 Adjust the time and time zone according to your location, and then click Next.
● Setting the correct time and time zone for your PC, the platform, and the server
can avoid time related problems when using CyberCity.
● When there is more than one server, make sure their time are set the same.
Step 7 Configure network card, and then click Finish.
All services will be restarted, and you need to log in to the system again.
Step 8 Configure the parameters.
30
Deployment Manual
Table 4-1 Network parameter description
Parameter Description
Multiple network card mode. You can configure different network
parameters for different network cards (NICs) for scenarios where the
network needs to be highly stable and reliable. For example, the NIC 2
Multi-address is used to set the heartbeat IP of the standby server. This mode can
also be used in the iSCSI storage expansion solution. When setting
iSCSI storage expansion, NIC 1 is used for communication, NIC 2 is
reserved, and NIC 3 and NIC 4 are used for iSCSI storage.
Network Card
After NIC is selected or added, its information will be displayed.
Config
MAC Address Displays the MAC address of the server.
IP Address After selecting NIC, you can set its IP address, subnet mask, default
gateway and DNS server address.
Subnet Mask
Gateway
If you set the subnet mask of eth1 to 255.255.0.0, you need to change
Preferred DNS the IP of other Ethernet ports to make sure that the first two octets are
different. For example, you can change it to 192.168.xxx.xxx or
192.167.xxx.xxx. Otherwise, the system will take the IPs as in the
Alternate DNS
same network segment.
Select default NIC. This NIC will be used as a default NIC to forward
Default Network
data packages between non-consecutive network segments such as
Card
WAN or public networks.
4.1.6 Deployment Confirmation

Procedure
Step 1 Go to platform IP address/config in the browser, and then log in to the configuration
system of the server.
For first-time login, follow the on-screen instructions to complete initialization.
Step 2 Select System Status > Service Status.
Step 3 Check whether the services are working normally.
If not, check whether the deployment process is correctly complete. For example,
check whether the network configuration is correctly modified.
4.1.7 Installing and Logging in to the Client

Install and log in to the management client, and perform basic configuration of the platform,
such as activating licenses and adding network disks.
Prerequisites
Prepare a computer that meets the following requirements.
● CPU: Intel Core i5-6500, 3.20 GHz.
● Memory: 16 GB and larger.
● Graphic card: NVIDIA® GeForce® GTX 1050.
● NIC: 1000 Mbps.
31
Deployment Manual
● Hard disk: 200 GB (reserved for the management client)
Procedure
Step 1 Enter the IP address of the platform in a browser.
Step 2 Click Download to download the management client to the computer.
Step 3 Double-click the management client installation program, follow the on-screen
instructions to complete the installation.
Step 4 Double-click the shortcut of the management client.
Figure 4-35 Configure the platform
Step 5 For the first-time use of the management client, you need to configure the platform
information.
Click Fill in Server Information to configure the platform. You can also select the
platform discovered by the management client.
Step 6 Enter the IP and port of the platform and then click OK.
32
Deployment Manual
Figure 4-36 Enter the platform information
Step 7 When you log in to the platform for the first time, you need to initialize the password
of the system account and set security questions for resetting the password.
Follow on-screen instructions to log in to the management client.
4.1.8 Licensing
You can upgrade your license for more features and increased capacity.
● After deployment is complete, the status of the platform is unauthorized.

● Operations of License are done on the management client. For how to log in to the
management client, see "4.1.7 Installing and Logging in to the Client".
This section introduces license capacity, how to apply for a license, how to use the license to
activate the platform, and how to renew your license.
4.1.8.1 Applying for a License

A license is used to confirm the features and number of channels you purchased. To get a
formal license, contact our sales personnel. To apply for a trial license, visit our website and
find CyberCity, scroll to the bottom, click Apply, and then follow the instructions.
4.1.8.2 Activating License
The following images of the page might slightly differ from the actual pages.
33
Deployment Manual
4.1.8.2.1 Online Activation
Prerequisites
● You have received your license. If not, see "4.1.8.1 Applying for a License".
formal license, contact our sales personnel. To apply for a trial license, visit our website,
and then follow the application instructions.
● The platform server can access the Internet.
Procedure
Step 1 On the Home page, select Configuration > System Config > License.
Step 2 Click Activate Online.
Step 3 Enter your activation code.
Step 4 Click Activate Now.
4.1.8.2.2 Offline Activation
Prerequisites
You have received your license. If not, see "4.1.8.1 Applying for a License".
formal license, contact our sales personnel. To apply for a trial license, visit our website, and
then follow the application instructions.
Procedure
Step 2 Click Activate Offline.
Step 3 Enter your activation code.
Step 4 Click Export to export the license request file.
Step 5 Generate license file.
1) Move the request file to a computer with Internet access.
2) On that computer, open the system email that contains your license, and then
click the attached URL or click Click to go to License Management to go to the
license management page.
3) Select CyberCity > Activate License.
4) Click Upload, select the license request file, and then click Activate when you are
prompted uploaded successfully.
The success page is displayed, and then a download prompt is displayed asking
you to save the license activation file.
5) On the success page, click Save to save the file, and then move the file back to
the computer where you exported the license request file.
6) On the Activate Offline page, click Import, and then follow the on-screen
instructions to import the license activation file.
4.1.8.3 Changing License
Procedure
Step 2 Click Activate Online or Activate Offline.
34
Deployment Manual
Step 3 Enter the activation code to active the license. For details, see "4.1.8.2 Activating
License".
4.1.8.4 License Information

On the Home page, click , and then in System Config, select License to view the details
on about license on the right side.
4.2 Independent Database Deployment

Procedure
Step 1 Install the independent database.
Select Auto Install CentOS 7 Independent Database when installing the server.
Other procedures are the same as the main server, you can see "4.1 Standalone
Deployment" for reference.
Figure 4-37 Install the independent database
Step 2 Initialize the database on its configuration page.

The initialization process is also the same as the main server (see "4.1.5
Initialization" for reference). After initialization, the service mode page displays
database.
Step 3 Configure the database and the platform.
1) On the configuration page of the independent database, click Platform Config.
2) Enter the IP address of the main server of CyberCity, and then click Apply.
35
Deployment Manual
For a hot standby scenario, you need to fill in the virtual IP address of the hot
standby.
3) Log out of the configuration system of the independent database.
For a hot standby scenario, you also need to log out of the configuration system of
the standby server.
4) Log in to the configuration page of the main server, click Independent Database
Config.
Figure 4-38 Configure independent database
5) Enter the IP address of the independent database, and then click Apply and
Restart. The main server automatically starts migrating data. Restart the platform
and the database after the migration completes.
● The data migration takes time. The larger the amount of data, the longer it
takes.
● CyberCity is unavailable while the data is being migrated.
4.3 Hot Standby

Hot standby is a deployment method used to ensure the stable running of a system. In hot
standby mode, the sub server continues to provide services when the main server fails.
Refer to this chapter if you want to deploy hot standby for servers and independent database.
4.3.1 Configuring Hot Standby in the Config System

Prerequisites
● You have deployed 2 main servers and set the same password for the config system of the
2 servers. For details, see "4.1 Standalone Deployment".
● You have activated the hot standby license for the 2 servers. For details, see "4.1.8
36
Deployment Manual
Licensing".
Procedure
Step 1 Visit https:server IP address/config to log in to the config system of 2 servers.
For first-time login, follow the on-screen instructions to complete initialization, and
note to set the time of the servers as the same.
Step 2 Select Network Config > Network Adapter Config.
Step 3 Configure the network information of the eth0 and eth1 of the main and standby
server respectively, click Apply and Restart.
● The eth0 is used as a business network card. Configure it according to business
network requirements.
● The eth1 is used as a heartbeat network card. The eth1 network cards of the main
and standby server are directly connected with network cables, ensuring that they
can communicate with each other.
Table 4-2 Examples of network configuration
Network
Parameter 1 Parameter 2
adapter
Main server: 10.10.10.12
IP Address
Standby server: 10.10.10.14
Eth0 is the Main server: 255.255.252.0
Business Subnet Mask
Ethernet card Standby server: 255.255.252.0
Gateway
Main server: 192.168.2.204
IP Address
Eth1 is the Main server: 255.255.255.0
heartbeat Subnet Mask
Ethernet card Standby server: 255.255.255.0
Gateway
Step 4 Log in to the configuration system, and then select Mode Config > Hot Standby.
Step 5 Configure the parameters of the main and standby servers.
Before applying the configuration, you need to log out of the configuration system of
the standby server.
Table 4-3 Parameter description

After the virtual IP is set, the platform can be accessed through
the virtual IP.
Virtual IP Address The virtual IP is not used in the business network, so it cannot
be pinged before the hot standby is set up, and can be pinged
after the setup is complete.
37
Deployment Manual
Subnet Mask Same as the subnet mask of etho0.
Standby server business
The IP address of eth0.
IP
The IP address of eth1 that is directly connected to the network
Standby server cable of the active and standby servers.
heartbeat IP
Both IP addresses must be able to ping each other.
Config system username The login username and password of the configuration system.
(standby server)
Both servers need to keep the same login password of the
Config system password configuration system, and the password cannot be changed
(standby server) after the hot standby is set.
Click One-click Detection to check whether all connection

One-click detection
information is correct.
After the one-key detection, click this button to cancel the hot
standby relationship between the two servers.
Remove hot standby

Remove the hot standby from the standby server, and then
remove the hot standby from the host.
Step 6 Click Apply and Restart to save the configuration and restart the server.
Step 7 After a successful restart, you can use the virtual IP to access the configuration
system and management client.
The license for the standby server can be imported only when the hot standby setup
is complete, and the active and standby server have switched over.
4.3.2 Configuring Hot Standby by Using Rose

Prerequisites
You have configured hot standby in the config system.
When configuring the Rose tool, if the configuration is incorrect, clear the configuration first
and then reconfigure it, otherwise an error will be reported.
Procedure
Step 1 Visit IP address of a server.
Step 2 Click Rose Config Tool to download the installation package of Rose.
38
Deployment Manual
Figure 4-39 Rose config tool
Step 3 Double-click the installation package (CyberCityReplicatorPlus-5.8.0-3420-

WinUI.exe) to install the Rose client in the directory where the package resides.
Step 4 Open the installation directory (CyberCityReplicatorPlus-5.8.0-3420), and then
double-click the rcc.exe file.
Figure 4-40 Open the installation directory
Step 5 Switch the display language to English, as shown in the following figure.
39
Deployment Manual
Figure 4-41 Switch the display language
Step 6 Select System > Wizard > Config Wizard to open the Configuration Wizard page.
Figure 4-42 Configuration wizard
Step 7 Click Next to go to the Active Server page.

● Select a server: Select a server you have added.
● Add a new server: Enter the IP address of a deployed server. Keep the default
port 7330.
40
Deployment Manual
Figure 4-43 Active server
Step 8 Click Next, enter the login information, and then click OK.
You can select one of the following methods for login.
● Set Login Type to Built-in Account: the default username and password are
both admin.
● Set Login Type to Operating System Account: the username is root, and the
password is the login password of the server.
Figure 4-44 Login
Step 9 After login, repeat Step7 and Step8 to configure the sub server.
After you configure the main server and sub server, the License page is displayed.
41
Deployment Manual
Figure 4-45 License
Step 10 Register the 2 servers.

1) Copy and send the ID of the 2 servers to the technical support from the marketing
department.
The technical support from the marketing department returns the ID__*.lic file.
2) Click License (S) to register the 2 servers.
Step 11 Click Next to go to the Link Configuration page.
If the 2 servers share a name, set 2 different names.
Figure 4-46 Host alias
42
Deployment Manual
Figure 4-47 Link Configuration
Step 12 Click Add to go to the Net Config page.

Step 13 Configure the network, and then click OK.

● Check interval(s): 2
HBT
● Max miss package count: 2
● Check interval(s): 5
Data(K)
● Max miss package count: 3
43
Deployment Manual
Figure 4-48 Net Config
Step 14 Select Local-hbt > Modify > Net Config, and then set Local-hbt and Local-data as
the heartbeat IP address.
Both Local-data and Local-hbt are business IP address. Therefore, you need to set
Local-hbt and Local-data as the actual heartbeat IP address.
44
Deployment Manual
Figure 4-49 Set heartbeat IP address
Step 15 Click Next, and then set the resource group name.
45
Deployment Manual
Figure 4-50 Resource group name
Step 16 Click Next to go to the Local Bind Data page.

Select Bind data, Use Data Lock in Standby Server, Delete orphan files when
verifying or mirror, and Auto Snapshot.
46
Deployment Manual
Figure 4-51 Local bind data
Step 17 Click Modify to go to the Select Data Rule page.
Figure 4-52 Select data rule
47
Deployment Manual
Step 18 Select files displayed in the following table, and then click OK.
The files to be selected are different when you configure hot standby for the platform
and independent database.
Table 4-5 Hot standby for the platform

Directory Description
/opt/mysql/data/dss Basic data
/opt/mysql/data/dicp Government business data
MySQL metadata
/opt/mysql/data/mysql Do not select the following files: user.frm, user.MYI,

user.MYD.
/opt/mysql/data/ibdata1 MySQL metadata

/opt/mysql/data/ib_logfile0 MySQL metadata
/opt/tomcat_dicp/tomcat.keys
tomcat_dicp certificate
tore
/opt/tomcat/tomcat.keystore tomcat certificate
/opt/tomcat/webapps/upload Data uploaded by the client and app
/opt/tomcat/webapps/gisPack Offline map package
/opt/tomcat/webapps/app Backup directory of the app package
/opt/tomcat/webapps-
User-defined information
conf/userDefined
/opt/dss/VMS/XML_TV Client configurations such as video wall
/opt/encry.txt AK and SK
/opt/CERT Certificate path pointed by PaaS
/opt/activeMQ/conf/tomcat.ke
MQ certificate
ystore
/opt/OpenSSL/bin Certificate generated by OpenSSL
/opt/nginx/conf/ssl Nginx certificate path
/opt/nginx/conf/server.conf Nginx configuration file
/usr/ssl Service path of Linux OpenSSL
/bak/business_table Backup directory of business data
/bak/db_backup Backup directory of basic data
FTP file directory
/opt/ftp
Do not select the following file: file.disk.
48
Deployment Manual
Table 4-6 Hot standby for the independent database
Directory Description
/opt/mysql/data/dss Basic data
/opt/mysql/data/dicp Government business data
MySQL metadata
/opt/mysql/data/mysql Do not select the following files: user.frm, user.MYI,

user.MYD.
/opt/mysql/data/ibdata1 MySQL metadata

/bak/business_table Backup directory of business data
/bak/db_backup Backup directory of basic data
Step 19 Click Next to go to the IP Resource page.
Figure 4-53 IP resource
Step 20 Click Add, set the IP resource, and then click OK。
● Select eth0 in the NIC list.
● Select IPv4, and then enter the virtual IP address and subnet mask.
● Do not select Auto replace MAC, SkipasSource except ActiveIP, Replace IP
and Auto switch back IP.
49
Deployment Manual
Figure 4-54 Set IP resource
Step 21 Click Next to go to the Script Resource page.
50
Deployment Manual
Figure 4-55 Script resource
Step 22 Click Add, and then set script resources.
51
Deployment Manual
Figure 4-56 Script resource

Script Template Select UserDefine.
Start Script Click Set, select a script path, and then click OK.
Stop Script ● Start script path
◇ Hot standby for the platform: /opt/rose_startMain.sh
◇ Hot standby for the independent database:
/opt/rose_startDB.sh
● Stop script path
◇Hot standby for the platform: /opt/rose_stopMain.sh
Monitor Script ◇ Hot standby for the independent database:
/opt/rose_stopDB.sh
● Monitor script path
◇ Hot standby for the platform: /opt/rose_monitorMain.sh
◇ Hot standby for the independent database:
/opt/rose_monitorDB.sh
Set Listen Port Do not select the option.
Step 23 Click the Resource Parameter tab, set monitoring delay to 300, and then click OK.
52
Deployment Manual
Figure 4-57 Resource parameter
Step 24 Click Next to go to the Configuration Detail page, and then click Finish.
53
Deployment Manual
Figure 4-58 Configuration detail
Step 25 Right-click the main server, select Bring In, and then click Yes.
Figure 4-59 Hot standby completed
54
Deployment Manual
4.4 Distributed Deployment

Prerequisites
Prepare a server that meets the following requirements before deployment.
● Central server:
◇ DDR4 memory: 16 GB × 2
◇ SSD: 480 GB × 2
◇ HDD: 1 TB × 2
● Node server:
◇ DDR4 Memory: 16 GB
◇ HDD: 1 TB × 2
Procedure
Step 1 Install the main and sub servers.
Select Auto Install CentOS 7 Main when installing the main server, and Auto Install
CentOS 7 Sub when installing the sub server, and set the time of the main server
and sub server the same. For details, see "4.1 Standalone Deployment".
Make sure the program version of the main and sub servers is the same. Otherwise,
the sub server might not be working normally.
system of the sub server.
Step 3 Select Mode > Service.
Step 4 Enter the IP and port of the main server, and then click Apply and Restart.
● If you are logging in to the active server in hot standby, enter the virtual IP
address.
● The port is 443 by default.
Step 5 Log in to the client. On the Home page, select Configuration > System Config >
System Deployment.
Step 6 Click Distributed Config, and then click next to the sub server to enable it.
Double-click the server to see the details.

Step 7 (Optional) Configure the storage service.
55
Deployment Manual
Skip this step if no LAN & WAN mapping is needed under the distributed deployment
environment.

Service Steps Description
1. Use the SSH tool to connect and log in to the
server. For first-time login, contact technical
support to obtain the username and password.
If you are not logging in for the first time, use the
username and password that you configured to
log in.
2. Run /opt/dss/OSS/oss.xml.
3. Press i to start editing.
OSS If there are
4. Change the IP address in
multiple node
<OSSMAdr>127.0.0.1:8927</OSSMAdr> to the
servers in the
intranet IP address and port.
distribution, you
For example:
need to change
<OSSMAddr>192.168.1.202:8868</OSSMAddr
the IP
>
addresses and
5. Press Esc to stop editing and then execute
ports of the
the :wq command to save the changes.
WebOSS and
1. Run /opt/dss/WebOSS/oss.xml.
WebOSS OSS services of
2. Refer to the steps of configuring OSS.
them all, and
1. Use the SSH tool to log in to the central server,
record the IP
and configure the redirection IP address and
addresses and
port of the OSSM service.
ports of the
2. Run /opt/dss/OSSM/conf
intranets and
/MappingNet.EXT_NET.
extranets in the
3. Press i to start editing.
OSSM service
4. Add the intranet IP addresses and ports of the
configuration file
OSS and WebOSS services of all nodes in the
of the central
OSSM first column, and add the modified extranet IP
server.
addresses and ports in the second column.
For example:
// The first column is the intranet IP:port and the
second column is the redirected IP:port
.0.0.1:8925 60.12.11.53:9901
.0.0.1:8926 60.12.11.53:9911
5. Press Esc to stop editing and then execute
the :wq command to save the changes.
4.5 N+M Deployment

Enable the sub server on the main server, and confirm the relationship between the sub server
56
Deployment Manual
and the standby server to complete the N+M deployment.
Prerequisites
Make sure the deployment of all platforms in the networking is complete before configuration.
Procedure
Step 1 Install sub and backup servers.
Select Auto Install CentOS 7 Sub when installing the sub and main servers, and set
the time of the sub server and backup server as the same. For details, see "4.1
Standalone Deployment".
Make sure the program version of the sub and backup servers are the same.
Otherwise, the backup server might not be working normally.
Step 2 Log in to the client. On the Home page, select Configuration > System Config >
System Deployment.
Step 3 Click Distributed Config.
Step 4 Click next to the sub server in sequence to start all sub servers.
The status of the sub server changes to after enabling it. When it is not
enabled, the server running status is displayed as Offline. After enabling, if the
server is running normally, its status is displayed as Running.
Double-click the server to see the details.

Step 5 Set backup servers.
1) Click next to the sub server.
2) Set the Server Type to Backup Server, and then click OK.
Step 6 Configure the relationship between the sub server and the backup server.
The following two methods are supported:
● Go to the Distributed Configuration page of the sub server, and then select and
bind a backup server.
1. Click next to the sub server.
2. On the Select Backup Server list, select a backup server (multiple options are
available).
The selected backup server is displayed on the Selected list. If there are
multiple backup servers, you can click the arrow icon to adjust the priority of
them.
3. Click OK.
● Go to the Server Settings page of the backup server, and then select and bind a
sub server.
1. Click next to the backup server.
2. On the Select Sub Server list, select a sub server (multiple options are
available).
The selected sub server is displayed on the Selected list.
3. Click OK.
57
Deployment Manual
4.6 Cloud Database Deployment
4.6.1 Switch Configuration

Small Cluster
A cluster that consists of no more than 10 nodes is a small cluster.
Figure 4-60 Networking of a small cluster
Large Cluster (Stack)

A cluster that consists of 10 to 20 nodes is a large cluster.
Figure 4-61 Networking of a large cluster
58
Deployment Manual
Super-large Cluster
A cluster that consists of no less than 20 nodes is a super-larger cluster.
Figure 4-62 Networking of a super-large cluster
4.6.2 Preparing the System Image

Contact the technical support to obtain the system image of the cloud database.
4.6.3 Burning a USB Flash Drive

Before you burn a USB flash drive, check the version of the cloud database installed on the
server. If the version is V4.000.0000022.0.R.230512, you can directly deploy the cloud
database in the cloud database console after the network is configured.
Method of checking the version: Log in to the backend of the server, and then run cat
/home/hadoop/Installation/pkgs/version.txt.
● The operations described in this chapter only apply to the cloud database cluster (MPP +
ES) of V4.22.0_X86.
● You need to burn a USB flash drive in the Windows operating system.
● If you use a third-party server, you cannot burn a USB flash drive based on the following
operations.
4.6.3.1 Preparations
● A computer installed with the Windows operating system and Rufus (rufus-4.0.exe). You
can download Rufus at http://rufus.ie/downloads/.
● A USB 3.0 with a storage capacity of 16 GB or 32 GB. You must clear the USB in advance.
4.6.3.2 Writing the System Image
Procedure
Step 1 Insert the USB drive into your computer.
59
Deployment Manual
Step 2 Open Rufus.
Step 3 Click SELECT, and then select
DH_CCSCloudDB_Eng_USB_CLUSTER_V4.000.0000022.0.R.230612.iso.
Step 4 Click START.
Figure 4-63 Write the system image
Step 5 Right-click the USB drive, select Safely Remove, and then remove the USB drive
from your computer.
4.6.4 Configuring the Server
4.6.4.1 Configuring HDD RAID1

Step 1 Connect the server to a display, keyboard, mouse, and power supply.
Step 2 Power on the server, and then press the F2 key after initialization.
60
Deployment Manual
Figure 4-64 System setup
Step 3 Select Device Settings, and then press the Enter key.
Step 4 Select the RAID controller card (H330, H350, H355), and then press Enter.
61
Deployment Manual
Figure 4-66 Select the RADI controller card
Step 5 Select Main Menu, and then press Enter.
Step 6 Select Configuration Management, and then press Enter.
Step 7 Select Create Virtual Disk, and then press Enter.
62
Deployment Manual
Figure 4-69 Create RAID (1)
Step 8 Select disks used to create RAID1, and then select OK.
Step 9 Select Confirm, press Enter, select Yes, and then press Enter.
Step 10 Select RAID1, and then select Select Physical Disks.
63
Deployment Manual
Step 11 Select HDDs, select Apply Changes, and then press Enter.
Step 12 Select OK, and then name the RAID group.

1) Enter the RAID group name, select Fast, select Create Virtual Disk, and then
press Enter.
Figure 4-74 Name the RAID group
2) Select Confirm, press Enter, select Yes, and then press Enter.
64
Deployment Manual
3) Select OK, and then press Enter.
Step 13 After the RAID is configured, the system prompts that no disks can be used to create
RAID.
Figure 4-75 No disks can be used to create RAID
Step 14 Press the Esc key multiple times to go back to the Configuration Management
page. Select View Disk Group Properties.
Figure 4-76 View disk group properties
4.6.4.2 Configuring Non-RAID Mode

Step 1 After you configure RAID, press Esc multiple times to go back to the Configuration
Management page.
Step 2 Select Configuration Management, and then press Enter.
Step 3 Select Convert to Non-RAID Disk, and then press Enter.
Figure 4-78 Convert to Non-RAID disk
Step 4 Select SSDs, and then press OK.
65
Deployment Manual
Figure 4-79 Select SSDs
Step 5 Select Confirm, press Enter, select Yes, and then press Enter.
Figure 4-80 Confirmation
Step 6 Select OK.

Step 7 Press the F3 key, and then select Yes.
Figure 4-81 Save the configuration
Step 8 Press Esc multiple times to go back to the Configuration Management page, and
then select Physical Disk Management.
66
Deployment Manual
Figure 4-82 Physical disk management
Step 9 Check whether the configuration is successful.

Step 10 Configure the mode again if the configuration is incorrect.

1) Select Clear Configuration.
Figure 4-84 Clear configurations
2) Select Convert to Non-RAID Disk.
67
Deployment Manual
Figure 4-85 Convert to Non-RAID disk
3) Set disks that appear to Non-RAID mode. If no disks appear, check whether the
disks are already in Non-RAID mode.
4.6.4.3 Setting the Boot Device

Step 1 After you configure Non-RAID mode, press Esc multiple times to go back to the
System Setup page.
Step 2 Select Device Settings, and then press Enter.
Step 3 Select RAID Controller..., and then press Enter.
Figure 4-87 RAID controller
Step 4 Select Main Menu, and then press Enter.
68
Deployment Manual
Step 5 Select Controller Management, and then press Enter.
Figure 4-89 Controller management
Step 6 Set Select Boot Device to Virtual Disk..., RAID1..., Ready.
Figure 4-90 Set the boot device
4.6.4.4 Setting Boot Mode to BIOS

Step 1 After you set the boot device, press Esc multiple times to go back to the System
Setup page.
Step 2 Select System BIOS, and then press Enter.
69
Deployment Manual
Figure 4-91 System BIOS
Step 3 Select Boot Settings, and then press Enter.
Figure 4-92 Boot settings
Step 4 Set Boot Mode to BIOS, and then press Enter.
Figure 4-93 Set boot mode
4.6.5 Installing the Cloud Database

Step 1 Insert the USB drive into the server.
Step 2 Restart the server, and then press the F11 key.
Step 3 Select One-shot BIOS Boot Menu, and then press Enter.
70
Deployment Manual
Figure 4-94 One-shot BIOS Boot menu
Step 4 Select [Hard drive] Disk connected to..., and then press Enter.
Figure 4-95 [Hard drive] Disk connected to...
Step 5 Select Install CentOS 7, and then press Enter.

The installation takes about 30 minutes. After the installation is complete, the server
automatically restarts.
Figure 4-96 Select Install CentOS7
Step 6 Log in to the backend of the server.

The default username is root, and the default password is Dahuacloud@20!#.
Step 7 Run ll /cloud/service/services to check services.
71
Deployment Manual
Figure 4-97 Check services
Step 8 Run date -R to view the system time. If the system time is incorrect, run date -s to
modify the time and run hwclock -w to write the modified time to the server BIOS.
Step 9 Run df -h to view disks.
Figure 4-98 View disks
4.6.6 Modifying IP Addresses

Prerequisites
● All required cables are connected to the network.
● You have installed the cloud database.
● You have planned node IP addresses.
Table 4-9 IP planning example

Node Network Interface Example
Virtual IP address of MySQL bond0:11 20.xx.xx.137
Virtual IP address of MPP bond0:0 20.xx.xx.138
Virtual IP address of the console bond0:6 20.xx.xx.139
Virtual IP address of the query service bond0:3 20.xx.xx.140
Virtual Intranet IP address of the O&M
system
bond0:10 20.xx.xx.141
The IP address is not required if you deploy
the cloud database in the database console.
Procedure
Step 1 Run vim /etc/sysconfig/network-scripts/ifcfg-bond0, and then modify the IP
address of each node.
1) Press i to enter the editing mode.
72
Deployment Manual
2) Modify the network information, including IP address (IPADDR), subnet mask
(NETMASK), and the default gateway (GATEWAY).
3) Press Esc, enter :wq!, and then press Enter.
Figure 4-99 Modify the network information
Step 2 Run vim /etc/sysconfig/default-routes, and then modify the default route.
1) Press i to enter the editing mode.
2) Modify the default route (same as GATEWAY in the preceding step).
3) Press Esc, enter :wq!, and then press Enter.
Step 3 Run systemctl restart network to restart the network service.
Step 4 Run ping xx.xx.xx.xx to check whether the network is connected.
Figure 4-100 Check network connection
4.6.7 Deploying the Cloud Database

Prerequisites
You have installed the cloud database and configured the network.
Procedure
Step 1 Enter https://IP address of a cloud database node:9954 in the address bar of a
browser, and then press Enter.
Step 2 Set the parameters, and then click Configure Now.
73
Deployment Manual
Figure 4-101 Initialization

Node Selection Select required node IP addresses of the cloud database.
● Do not select Whether to associate with authentication
Service IP Config service.
● Enter the IP addresses as planned.
Select an appropriate time zone. If the service time is incorrect,
System Timing
modify Datetime.
Advanced Config Click Advanced Config, and then select all nodes.
Step 3 Set the password, and then click Next.
The username is admin.
74
Deployment Manual
Figure 4-102 Set the password
Step 4 Set the security questions, and then click Done.
Figure 4-103 Set the security questions
Step 5 Change the password of the root user and admin user for the server, and then click
OK.
75
Deployment Manual
Figure 4-104 Change the server password
Step 6 Select Resource Management > Services Overview to check whether the version
of the services is V4.000.0000022.0.R.230512.
4.6.8 Activating the License

Procedure
Step 1 Log in to the cloud database console, and then select System Management >
License Management.
Step 2 Click Export Device Info to download the sysinfo.dat file.
Figure 4-105 Download the sysinfo.dat file
Step 3 Send the sysinfo.dat file to the technical support.

The technical support returns the license file.
Step 4 Click Import License to import the license file.
76
Deployment Manual
Figure 4-106 Import the license file
Step 5 Restart the PaasVehicle-Retrieval service.

1) Select Resource Management > Services Overview.
2) Select the services to be restarted, and then click Started.
Figure 4-107 Restart the service
4.6.9 Connecting the Cloud Database to CyberCity

Prerequisites
● CyberCity has obtained the license of the cloud database service.
● You have deployed the cloud database and imported the cloud database license.
Procedure
Step 1 Log in to the cloud database console.
Step 2 Modify the time and time zone of the cloud database console.
The time and time zone of the cloud database console must be the same with that of
CyberCity. The accepted error range is within 1 minute.
1) Select System Management > System Timing.
2) Click to enable system timing.
77
Deployment Manual
Figure 4-108 Enable system timing
3) Modify the time and time zone, and then click OK.
The cloud database will restart after you click OK.
Figure 4-109 Modify the time and time zone
Step 3 Obtain the virtual IP of ConsoleWeb, the virtual IP of PaasVehicle-Retrieval, AK, and
SK.
1) Select Resource Management > Services Overview.
78
Deployment Manual
2) Click PaasVehicle-Retrieval to view the virtual IP of the service.
Figure 4-110 Virtual IP of PaasVehicle-Retrieval
3) Click ConsoleWeb to view the virtual IP of the service.
Figure 4-111 Virtual IP of ConsoleWeb
4) Select Service Management > Basic Business, and then click View AK/SK.
79
Deployment Manual
Figure 4-112 AK/SK
Step 4 Set the cloud database information in the config system of CyberCity.
1) Log in to the config system of CyberCity.
2) Select Database Config > Cloud Database Config.
3) Enter Virtual IP of PaaSVehicle-Retrieval, Virtual IP of Console-Web, AK, and
SK, and then click Apply and Restart.
Figure 4-113 Enter the information
80
Deployment Manual
After clicking Apply and Restart, you will be logged out of the config system and the
CyberCity business will restart. In this case, you can still log in to the config system.
However, if you perform other operations that will restart the CyberCity business,
CyberCity might report errors. If errors are reported, you can switch to the standby
server in hot standby mode. For standalone deployment, no error will be reported.
How to check whether the CyberCity business has been restarted?

Keep the client in the login state. If the client is off and then goes online again, the
business is restarted. In hot standby mode, wait 2 minutes after the client becomes
online again.
4.7 LAN/WAN Deployment
4.7.1 Initializing the Router

Procedure
Step 1 Press and hold the RESET button on the back of the router to initialize it.
Step 2 Connect the network port of the computer to the LAN port of the router with a network
cable.
Step 3 Access the router on a browser, and then reset the login password.
The router IP is generally 192.168.1.1. For details, see the label on the router or the
corresponding user manual.
4.7.2 Configuring LAN/WAN

This section explains the configurations you need to make. For detailed steps, see the user
manual of the router you are using.
Procedure
Step 1 Log into the web page of the router in the browser.
Step 2 Set the LAN IP to Manual, and then configure the IP address, subnet mask, and
gateway used by the router for connecting to the Internet.
Step 3 Configure the mapping information.
The IP address that needs to be mapped is the one of the server that is on the local
network.
The ports that need to be mapped and the corresponding services are shown below.
For stand-alone deployment, you only need to map the port of the central server. For
distributed deployment, the ports of the central server and the node server should be
mapped separately. When configuring mapping on the router or the switch, you must
select both TCP and UDP for each port.
● Central server
◇ 443 (NGINX: HTTPS)
81
Deployment Manual
◇444 (NGINX: HTTPS)
◇ 1883: MQ service connected to the mobile client.
◇ 61616: MQ service connected to the PC client.
◇ 9100 (MTS service: RTSP)
◇ 9320 (SS service: RTSP)
◇ 9911 (SubOSS service)
◇ 8082 (PTS HTTPS image server)
◇ 40000-50000 (PTS image stream)
◇ 9901 (OSS service: HTTPS)
◇ 9005 (admin service)
◇ 9500 (ARS service)
◇ 30000-34000 (RTP service)
◇ 5084 (SIP service)
◇ 9399 (FNode service)
◇ FTP mapping port configured by the client (FTP service)
● Node server
◇ 9100 (MTS service: RTSP)
◇ 9320 (SS service: RTSP)
◇ 8082 (PTS HTTPS image server)
◇ 40000-50000 (PTS image stream)
◇ 9901 (OSS service: HTTPS)
◇ 9500 (ARS service)
◇ 9911 (SubOSS service)
◇ 9399 (FNode service)
4.7.3 Configuring Mapping IP

Procedure
Step 1 Network cable connection.
1) Connect the network port of the server to the LAN port of the router with a network
cable.
2) Connect the WAN port of the router to an external switch with a network cable.
Step 3 Select Network Settings > Network Mode.
Step 4 Enter the extranet IP in Mapping IP|Domain, and then click Apply and Restart.
After restart you can access the platform through the extranet IP.
82
Deployment Manual
The extranet IP is Step2 in "4.7.2 Configuring LAN/WAN ".
4.8 Verification
Check service status and the functions to make sure that the deployment is successful.
Procedure
Step 1 After the server is restarted, log in to the configuration system, and then select
System Status > Service Status to check out whether the status of the services is
normal.
After the independent database is deployed, on its configuration system the MySQL
status is indicated in green, while that on the configuration system of the main server
is indicated in red.
Step 2 Log in to the client to check whether the functions are working.
83
Deployment Manual
5 Storage Configuration
5.1 Adding a Network Disk

● The storage server is required to be deployed.
● Only 1 user volume of the current network disk can be used with 1 server at the same time.
● User volume must be formatted when adding a network disk. Confirm whether you need to
back up the data.
Procedure
Step 1 Log in to the client. On the Home page, select Configuration > Basic Config >
Storage.
Step 2 Click Network Disk.
Step 3 Click Add.
Step 4 Select server name and mode, enter the IP address of the network disk, and click
Add.
● Normal mode: All volumes of the network disk will be added. The ones being used
by users will be red.
● User mode: Enter the username and password of a user. Only the volumes of the
network disk that are assigned to the user will be added.
Step 5 Restart the server.
1) Go to server IP address/config in the browser, and then log in to the configuration
● Server IP address: The server name selected in Step4.
● For first-time login, follow the on-screen instructions to complete initialization.
2) Select System Maintenance > Basic Maintenance.
3) Click Restart to restart the server.
Step 6 Initialize a disk, and then set the disk type.
Initialization will clear all data from the disk. Please be advised.
1) Select a user volume, and then click to initialize to initialize the volume.
2) Select the disk type, and then click OK.
● Picture: Stores the pictures from event alarms, ANPR, video metadata, and
other key functions.
● Video: Stores central recordings.
● Files: Stores face images, files from MPT and EEC devices, files related to
emergencies, and those uploaded for video analysis. Pictures uploaded for
person arming are also stored under this category. This type of files will not be
overwritten, and when full capacity is reached, storage stops.
84
Deployment Manual
A file disk must be configured to store face images when adding persons.
5.2 Changing the Disk Type

Procedure
Step 1 Log in to the client. On the Home page, select Configuration > Basic Config >
Storage.
Step 2 Click Network Disk.
Step 3 Click to show user volumes, select a user volume, and then click .
Step 4 Select the disk type, and then click OK.
When you change the disk type, the original data will be deleted. Proceed with
caution.
● Picture: Stores the pictures from event alarms, ANPR, video metadata, and other
key functions.
● Video: Stores central recordings.
● Files: Stores face images, files from MPT and EEC devices, files related to
emergencies, and those uploaded for video analysis. Pictures uploaded for
person arming are also stored under this category. This type of files will not be
overwritten, and when full capacity is reached, storage stops.
85
Deployment Manual
6 Deployment Cases
6.1 Main Server (Hot Standby) + Sub Server (N+M) +

Independent Database (Hot Standby)
Procedure
Step 1 Deploy 2 main servers, and then configure hot standby through the config system
and Rose tool. For details, see "4.1 Standalone Deployment" and "4.3 Hot Standby".
Step 2 Deploy N+M sub servers, and then set M servers as the standby servers of N sub
servers. For details, see "4.4 Distributed Deployment" and "4.5 N+M Deployment".
Step 3 Deploy 2 servers for the independent database, and then configure hot standby
through the config system and Rose tool. For details, see "4.2 Independent Database
Deployment" and "4.3 Hot Standby".
6.2 Main Server (Hot Standby) + Sub Server (N+M) +

Cloud Database
Procedure
Step 1 Deploy 2 main servers, and then configure hot standby through the config system
and Rose tool. For details, see "4.1 Standalone Deployment" and "4.3 Hot Standby".
Step 2 Deploy N+M sub servers, and then set M servers as the standby servers of N sub
servers. For details, see "4.4 Distributed Deployment" and "4.5 N+M Deployment".
Step 3 Deploy the cloud database, and then connect the main platform to the cloud
database. For details, see "4.6 Cloud Database Deployment".
After the connection, newly generated business data (face recognition data, video
metadata, vehicle data, and arming data) will be stored to the cloud database. For old
data, you can use C8902 to migrate them to the cloud database.
6.3 Configuring Hot Standby for the Main Server after

Distributed Deployment
If you want to configure hot standby for the main server after distributed deployment, modify
the IP address of the main server to the virtual IP address in the config system.
Prerequisites
You have configured hot standby for the main server after distributed deployment.
Procedure
Step 1 Visit IP address of sub server/config.
Step 2 Select Mode Config > Service Mode.
Step 3 Set the IP address of the main server to the virtual IP address.
86
Deployment Manual
Appendix 1 Service Module Introduction
Appendix Table 1-1 Service module introduction

Service Name Function Description
Reverses user requests to distributed system
NGINX Access Service
management services.
Emergency
Reports, dispatch, process, and archive
ALERT Management
emergencies.
Service
Traffic
Manages traffic event, traffic flow, and violation
TRAFFIC Management
data, and processes violations.
Service
System
Manages services and provides access to various
SMC Management
interfaces.
Service
Device Discovery Broadcasts platform information to discover
HRS
Service devices.
Data Cache
REDIS Platform temporary business data storage.
Service
MySQL Database Stores platform business data.
Message Queue
MQ Transfers messages between platforms.
Service
Device
Registers encoders, receives alarms, transfers
DMS Management
alarms and sends out the sync time command.
Service
Media Gets audio/video bit streams from front-end
MTS Transmission devices and then transfers the data to DSS, the
Service management client and decoders.
SS Storage Service Store, search and play back recordings.
Device Search
SOSO Search for device information.
Service
Video Matrix Log in to the decoder and send tasks to the
VMS
Service decoder to output on the TV wall.
Auto Register Listens, logs in, or gets bit streams to send to
ARS
Service MTS.
ProxyList Control Logs in to ONVIF device, and then gets the stream
PCPS
Proxy Service and transfers the data to MTS.
Alarm Dispatch Sends alarm information to different objects
ADS
Service according to defined plans.
Network Storage
WebOSS Manages and stores files, videos, and images.
Service
Object Storage Manages storage of face snapshots and intelligent
OSS
Service alarm pictures.
Picture Transfer
PTS Manages picture transmission.
Service
87
Deployment Manual
Service Name Function Description

MGW Media Gateway Sends MTS address to decoders.
88
Deployment Manual
Appendix 2 Solutions to Abnormal Disk

Status
Problem 1
There is no Create RAID 1 Volume option when configuring RAID.
Cause: RAID has been configured. This often happened to servers that were used before.
Solution: Clear the current RAID configuration. This section takes a Dell-R440 server as an
example:
1. Confirm the information of your disks.
Appendix Figure 2-1 Confirm the disk information
2. Insert the disks into the server.

Appendix Figure 2-2 Insert the HDD and SSD into different positions
3. Power on the server, and then press Enter to go to the system setup page.
89
Deployment Manual
Appendix Figure 2-3 System setup
Appendix Figure 2-4 Select the corresponding option (1)
5. Select Integrated RAID Controller 1： Dell PERC <PERC H330 Adapter>

Configuration Utility, and then press Enter.
7. Select View Disk Group Properties, press Enter, and view the RAID configuration.
90
Deployment Manual
8. If there is RAID configuration, you need to clear it and configure it again.

a. Select Clear Configuration, and then press Enter.
b. Select Confirm > Yes, and then press Enter.
91
Deployment Manual
d. Select View Disk Group Properties, press Enter, and then the RAID configuration will
be cleared.
9. Restart the server, and then configure RAID.
Problem 2
When installing the operating system on the server, the process is stuck at Installation Disk.
Cause: The status of one or more disk is Foreign. Follow step 1 to step 5 below to confirm
whether it is this problem. If it is, follow the remaining steps to try to solve it. If it is not, contact
technical support for help.
Solution: Restore the disks to their normal status. This section takes a Dell-R440 server as an
example:
1. Power on the server, and then press Enter to go to the system setup page.
Appendix Figure 2-12 System setup
3. Select Integrated RAID Controller 1： Dell PERC <PERC H330 Adapter>

Configuration Utility, and then press Enter.
92
Deployment Manual

The page will display the status of all disks. If one or more disks are Foreign, follow the
remaining steps. If there is no disk that is Foreign, contact technical support.
5. Go back to the Main Menu page, select Virtual Disk Management, and then press Enter.
6. Select Controller > Foreign Config > Import, press Enter, restart the server, and then
follow the steps in "4.1.4 Installing the System" to install the operating system of the
server..
93
Deployment Manual
Due to the difficulty to reproduce the exact environment where the problem occurred, slight
difference might be found between the screenshot and the actual pages, but the steps are
the same.
94
Deployment Manual
Appendix 3 Upgrading the Cloud Database
You can upgrade database services in the cloud database console. The upgrade order is MPP
Service > ES Service > Cloud Database Service.
● Before upgrade, disable the access service.

● You can upgrade database services in the console only when the cloud database is
deployed in the console.
Appendix 3.1 Preparations

Disable Firewalls
1. Log in to the cloud database console.
2. Select System Management > Security Center > Firewall Policies, and then click
Disable All.
Disable the Access Service

1. Log in to the cloud database console.
2. Select Resource Management > Services Overview > Realtime-Service.
3. Select services and click Stopped.
Obtain Upgrade Packages

● ES upgrade package:
DH_CCSCloudDB_Eng_ES_Upgrade_V4.000.0000022.0.R.230612.tar.gz.
● MPP5 upgrade package:
DH_CCSCloudDB_Eng_MPP5_Upgrade_V4.000.0000022.0.R.230612.tar.gz.
● MPP6 upgrade package:
DH_CCSCloudDB_Eng_MPP6_Upgrade_V4.000.0000022.0.R.230612.tar.gz.
● Cloud database upgrade package:
DH_CCSCloudDB_Eng_Upgrade_V4.000.0000022.0.R.230612.tar.gz.
Appendix 3.2 Upgrading Cloud Database Services

Procedure
Step 1 Log in to the cloud database console.
Step 2 Click Expansion.
Step 3 Upgrade the MPP service.
1) Click next to MPP Service.
2) Upload the upgrade package, and then click OK.
Step 4 Upgrade the ES service.
1) Click next to ES Service.
95
Deployment Manual
Step 5 Upgrade the cloud database service.
Make sure that the ES and MPP services have returned to a normal state.
1) Click next to Cloud Database Service.
96
Deployment Manual
Appendix 4 Cybersecurity Recommendations
Security Statement
● If you connect the product to the Internet, you need to bear the risks, including but not
limited to the possibility of network attacks, hacker attacks, virus infections, etc., please
strengthen the protection of the network, platform data and personal information, and take
the necessary measures to ensure the cyber security of platform, including but not limited
to use complex passwords, regularly change passwords, and timely update platform
products to the latest version, etc. Dahua does not assume any responsibility for the
product abnormality, information leakage and other problems caused by this, but will
provide product-related security maintenance.
● Where applicable laws are not expressly prohibited, for any profit, income, sales loss, data
loss caused by the use or inability to use this product or service, or the cost, property
damage, personal injury, service interruption, business information loss of purchasing
alternative goods or services, or any special, direct, indirect, incidental, economic,
covering, punitive, special or ancillary damage, regardless of the theory of liability (contract,
tort, negligence, or other) , Dahua and its employees, licensors or affiliates are not liable for
compensation, even if they have been notified of the possibility of such damage. Some
jurisdictions do not allow limitation of liability for personal injury, incidental or consequential
damages, etc., so this limitation may not apply to you.
● Dahua's total liability for all your damages (except for the case of personal injury or death
due to the company's negligence, subject to applicable laws and regulations) shall not
exceed the price you paid for the products.
Security Recommendations
The necessary measures to ensure the basic cyber security of the platform:
1. Use Strong Passwords
Please refer to the following suggestions to set passwords:
● The length should not be less than 8 characters.
● Include at least two types of characters; character types include upper and lower case
letters, numbers and symbols.
● Do not contain the account name or the account name in reverse order.
● Do not use continuous characters, such as 123, abc, etc.
● Do not use overlapped characters, such as 111, aaa, etc.
2. Customize the Answer to the Security Question
The security question setting should ensure the difference of answers, choose different
questions and customize different answers (all questions are prohibited from being set to
the same answer) to reduce the risk of security question being guessed or cracked.
Recommendation measures to enhance platform cyber security:
1. Enable Account Binding IP/MAC
It is recommended to enable the account binding IP/MAC mechanism, and configure the
IP/MAC of the terminal where the commonly used client is located as an allowlist to further
improve access security.
2. Change Passwords Regularly
We suggest that you change passwords regularly to reduce the risk of being guessed or
97
Deployment Manual
cracked.
3. Turn On Account Lock Mechanism
The account lock function is enabled by default at the factory, and it is recommended to
keep it on to protect the security of your account. After the attacker has failed multiple
password attempts, the corresponding account and source IP will be locked.
4. Reasonable Allocation of Accounts and Permissions
According to business and management needs, reasonably add new users, and
reasonably allocate a minimum set of permissions for them.
5. Close Non-essential Services and Restrict the Open Form of Essential Services
If not needed, it is recommended to turn off NetBIOS (port 137, 138, 139), SMB (port 445),
remote desktop (port 3389) and other services under Windows, and Telnet (port 23) and
SSH (port 22) under Linux. At the same time, close the database port to the outside or only
open to a specific IP address, such as MySQL (port 3306), to reduce the risks faced by the
platform.
6. Patch the Operating System/Third Party Components
It is recommended to regularly detect security vulnerabilities in the operating system and
third-party components, and apply official patches in time.
7. Security Audit
● Check online users: It is recommended to check online users irregularly to identify
whether there are illegal users logging in.
● View the platform log: By viewing the log, you can get the IP information of the attempt
to log in to the platform and the key operation information of the logged-in user.
8. The Establishment of a secure Network Environment
In order to better protect the security of the platform and reduce cyber security risks, it is
recommended that:
● Follow the principle of minimization, restrict the ports that the platform maps externally
by firewalls or routers, and only map ports that are necessary for services.
● Based on actual network requirements, separate networks: if there is no communication
requirement between the two subnets, it is recommended to use VLAN, gatekeeper,
etc. to divide the network to achieve the effect of network isolation.
More information
Please visit Dahua official website security emergency response center for security
announcements and the latest security recommendations.
98
Deployment Manual

CyberCity - Deployment Manual - V1.3.0

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CyberCity - Deployment Manual - V1.3.0

Uploaded by

Copyright:

Available Formats

ZHEJIANG DAHUA VISION TECHNOLOGY CO., LTD. V1.3.0

Indicates a high potential hazard which, if not avoided, will result

Indicates a medium or low potential hazard which, if not

Provides additional information as a supplement to the text.

Privacy Protection Notice

About the Manual

Figure 1-1 Standalone deployment

Hot Standby Deployment

Figure 1-3 Hot standby deployment

LAN/WAN Mapping Deployment

Independent Database Deployment

Figure 1-6 Independent database deployment

Cloud Database Deployment

Figure 1-7 Cloud database deployment

2.1 Standard Deployment

Table 2-1 Hardware requirements

2.2 Non-standard Deployment

The specifications described above are minimum requirements.

Table 2-3 Partition recommendations

Description (using recommended configurations as an

Sub server / 100 GB xfs

Independent /log 200 GB xfs

The specifications described above are minimum requirements.

Figure 2-1 Start installing POC

Table 2-5 Hardware requirements

The specifications described above are minimum requirements.

Network A switch of gigabit and above is required.

Acquiring Software Version Information

Topology and Preparations

Figure 3-1 Topology for reference

Item Quantity Description Use

Stores the installation

Item Quantity Description Use

4.1 Standalone Deployment

Figure 4-1 For servers not configured

Figure 4-2 For configured servers

4.1.1 Burning the USB Flash Drive

Step 2 Double-click on the desktop.

Figure 4-3 Operation page of UltraISO

Figure 4-4 Write disk image

4.1.2 Configuring RAID

This section uses the configuration of Dell R440 server as an example.

2. Insert the disks into the server.

Figure 4-7 System setup

5. Select Device Settings, and then press Enter.

6. Select Integrated RAID Controller 1.., and then press Enter.

Figure 4-9 Integrated RAID controller

7. Select Main Menu, and then press Enter.

8. Select Configuration Management, and then press Enter.

Figure 4-11 Configuration management

Figure 4-12 Confirm

c. Select OK, and then press Enter.

Figure 4-15 Select physical disks

13.Select OK, and then name the RAID.

Figure 4-17 Name the RAID

c. Select OK, and then press Enter.

Figure 4-20 Create RAID1 for SSD (1)

Figure 4-22 Create RAID1 for SSD (3)

Figure 4-23 Create RAID1 for SSD (4)

Figure 4-24 Create RAID1 for SSD (5)

Figure 4-25 Additional virtual disks cannot be created