Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Set up a self-hosted Landscape Server
on Ubuntu

Minimum requirements for landscape server

  • Ubuntu 20.04 LTS (Focal Fossa) or Ubuntu 22.04 LTS (Jammy Jellyfish)
  • For hardware: a dual core 2 Ghz processor, 4 GB of RAM, and 20 GB of disk space
  • For networking: an IP address and FQDN, with TCP communication allowed for SSH (typically port 22), HTTP (port 80), and HTTPS (port 443)

3 ways to install landscape server

Automated install using Juju

Install 15 mins

Config 15 mins

Quickstart install

Install 15 mins

Config 30 mins

Manual install

Install 30 mins

Config time varies

Installation type Install time Config time
Juju (Recommended) 15 minutes 15 minutes
Quickstart 15 minutes 30 minutes
Manual 30 minutes 30 hours

The goal of these installation guides is to provide the fastest installation and configuration experience possible. Juju provides the fastest path to a fully configured Landscape installation. Juju is the preferred deployment method for more complex Landscape deployments, such as installations requiring high availability.

Install Landscape Server to manage machines and containers

The entire installation and configuration can be automated with Cloud Init, using this cloud-init.yaml file.

Install

  1. Install prerequisites

    sudo apt update && sudo apt install -y snapd ubuntu-advantage-tools curl

  2. Install Juju

    sudo snap install juju --channel latest/stable && mkdir -p ~/.local/share

  3. Install LXD

    sudo snap install lxd --channel latest/stable && sudo snap refresh lxd --channel latest/stable

  4. Bootstrap Juju

    juju bootstrap localhost landscape-controller

  5. Add Juju Model

    juju add-model landscape-model

  6. State your CPU architecture

    juju set-model-constraints arch=$(dpkg --print-architecture)

  7. Deploy Landscape

    juju deploy landscape-scalable

  8. Identify the HAProxy IP

    read -r HAPROXY_UNIT_IP < <(juju run --unit haproxy/0 'network-get public --ingress-address=true')

  9. Identify the HAProxy instance ID

    read -r HAPROXY_INSTANCE_ID < <(juju status haproxy --format=json | sed -n 's/.*"instance-id":"\([^"]*\).*/\1/p')

  10. Route ports 80 and 443 to HAProxy

    for PORT in 443 80; do lxc config device add $HAPROXY_INSTANCE_ID tcp${PORT}proxyv4 proxy listen=tcp:0.0.0.0:${PORT} connect=tcp:${HAPROXY_UNIT_IP}:${PORT}

Configure SSL

If you have the fullchain.pem and privkey.pem files for your SSL certificate already, skip to Step 3

  1. Install Certbot

    sudo snap install certbot --classic

  2. Set an FQDN variable

    Replace landscape.yourdomain.com with the FQDN pointing to your server.

    FQDN=landscape.yourdomain.com

  3. Get a valid SSL certificate

    sudo certbot -d $FQDN --manual --preferred-challenges dns certonly

  4. base64 encode the full certificate chain with no line breaks

    FULLCHAIN=$(sudo base64 -w 0 /etc/letsencrypt/live/${FQDN}/fullchain.pem)

  5. base64 encode the private key file with no line breaks

    Replace landscape.yourdomain.com with the FQDN pointing to your server.

    PRIVKEY=$(sudo base64 -w 0 /etc/letsencrypt/live/${FQDN}/privkey.pem)

  6. Update HAProxy with your certificate

    juju config haproxy ssl_cert="$FULLCHAIN" ssl_key="$PRIVKEY"

Configure postfix for email

The SMTP example in Step 1 uses SendGrid as an example, replace it with your own SMTP information

  1. Set SMTP information in variables

    SMTP_HOST='smtp.sendgrid.net'
SMTP_PORT='465'
SMTP_USERNAME='apikey'
SMTP_PASSWORD='YOUR_API_KEY_GOES_HERE'

  2. Deploy the postfix-relay subordinate charm

    juju deploy postfix-relay --config smtp_auth_password="$SMTP_PASSWORD" --config smtp_auth_username="$SMTP_USERNAME" --config ssl_ca=$(curl -s https://www.thawte.com/roots/thawte_Primary_Root_CA.pem | base64 | tr -d '\n') --config relayhost="[${SMTP_HOST}]:${SMTP_PORT}"

  3. Add charm relations

    juju add-relation postfix-relay landscape-server

Install

  1. Install prerequisites

    sudo apt update && sudo apt install -y wget software-properties-common

  2. Set your hostname using variables

    Replace landscape.yourdomain.com with the FQDN pointing to your server, and set the HOSTNAME and DOMAIN variables based on the FQDN.

    FQDN=landscape.yourdomain.com
HOSTNAME=landscape
DOMAIN=yourdomain.com
PRETTY_HOSTNAME="My Landscape Server"
sudo hostnamectl set-hostname "$FQDN" --static
sudo hostnamectl set-hostname "$FQDN" --transient
sudo hostnamectl set-hostname "$HOSTNAME"
sudo hostnamectl set-hostname "$PRETTY_HOSTNAME" --pretty

  3. Add the Landscape PPA

    sudo add-apt-repository ppa:landscape/self-hosted-23.03

  4. Install Landscape

    sudo apt update && sudo apt install landscape-server-quickstart

Configure SSL

If you have the fullchain.pem and privkey.pem files for your SSL certificate, skip these steps and configure Apache manually.

  1. Install certbot

    sudo snap install certbot --classic

  2. Get and install your certificate

    sudo certbot --apache

Configure postfix for email

Detailed information is available for Postfix in the Ubuntu Server documentation.

  1. Set SMTP information in variables

    SMTP_HOST='smtp.sendgrid.net'
SMTP_PORT='465'
SMTP_USERNAME='apikey'
SMTP_PASSWORD='YOUR_API_KEY_GOES_HERE'

  2. Download an SSL CA file

    sudo wget https://www.thawte.com/roots/thawte_Primary_Root_CA.pem -O /etc/postfix/thawte_Primary_Root_CA.pem

  3. Set appropriate permissions

    sudo chmod 400 /etc/postfix/thawte_Primary_Root_CA.pem

  4. Install postfix

    sudo DEBIAN_FRONTEND=noninteractive apt-get install -y postfix

  5. Configure postfix

    sudo postconf -e myhostname="$FQDN"
sudo postconf -e mydomain="$DOMAIN"
sudo postconf -e default_transport=smtp
sudo postconf -e relay_transport=smtp
sudo postconf -e relayhost="[${SMTP_HOST}]:${SMTP_PORT}"
sudo postconf -e smtp_tls_security_level=encrypt
sudo postconf -e smtp_sasl_auth_enable=yes
sudo postconf -e smtp_sasl_password_maps=hash:/etc/postfix/sasl_passwd
sudo postconf -e header_size_limit=4096000
sudo postconf -e smtp_sasl_security_options=noanonymous
sudo postconf -e smtp_tls_CAfile=/etc/postfix/thawte_Primary_Root_CA.pem
sudo postconf -e smtp_use_tls=yes

  6. Write sasl_passwd

    sudo sh -c "echo \"[$SMTP_HOST]:$SMTP_PORT $SMTP_USERNAME:$SMTP_PASSWORD\" > /etc/postfix/sasl_passwd"

  7. Generate sasl_passwd.db

    sudo postmap /etc/postfix/sasl_passwd

  8. Secure sasl_passwd.db

    sudo chmod 600 /etc/postfix/sasl_passwd.db

  9. Remove sasl_passwd

    sudo rm /etc/postfix/sasl_passwd

  10. Restart postfix

    sudo /etc/init.d/postfix restart

Set aside some time

Read the Manual Installation documentation

Install Landscape

Follow the Manual Installation documentation

4 ways to install landscape client

Install Landscape Client
to manage machines and containers

Landscape Client can be installed from Ubuntu's main repository. The latest version can be obtained from the Landscape 23.03 PPA. The latest features, including awareness of Ubuntu Pro, is only available in Landscape Client hosted in the 23.03 PPA for Ubuntu versions 18.04 (Bionic Beaver), 20.04 (Focal Fossa), and 22.04 (Jammy Jellyfish). The latest features are available in the main repository for 23.04 (Lunar Lobster).

The main repository and PPA installation methods are suitable when performing the installation through a terminal or shell scripting. Cloud Init is suitable if it is available during a machine's provisioning stage, and the subordinate charm is most appropriate when using charmed operators.

Install

  1. Install the package

    sudo apt update && sudo apt install -y landscape-client

Configure

  1. Define parameters in variables

    Self-hosted Landscape users should set LANDSCAPE_ACCOUNT_NAME as standalone, Landscape SaaS customers should specify their account name.

    LANDSCAPE_ACCOUNT_NAME='standalone'
LANDSCAPE_FQDN='landscape.yourdomain.com'
LANDSCAPE_COMPUTER_TITLE='My Computer'

  2. Configure

    sudo landscape-config --silent --account-name="${LANDSCAPE_ACCOUNT_NAME}" --computer-title="${LANDSCAPE_COMPUTER_TITLE}" --tags="" --script-users='nobody,landscape,root'

Install

  1. Install prerequisites

    sudo apt update && sudo apt install -y software-properties-common

  2. Add the PPA

    sudo add-apt-repository -y ppa:landscape/self-hosted-23.03

  3. Install

    sudo apt update && sudo apt install -y landscape-client

Configure

  1. Define parameters in variables

    Self-hosted Landscape users should set LANDSCAPE_ACCOUNT_NAME as standalone, Landscape SaaS customers should specify their account name.

    LANDSCAPE_ACCOUNT_NAME='standalone'
LANDSCAPE_FQDN='landscape.yourdomain.com'
LANDSCAPE_COMPUTER_TITLE='My Computer'

  2. Configure

    sudo landscape-config --silent --account-name="${LANDSCAPE_ACCOUNT_NAME}" --computer-title="${LANDSCAPE_COMPUTER_TITLE}" --tags='' --script-users='nobody,landscape,root' --ping-url="http://${LANDSCAPE_FQDN}/ping" --url="https://${LANDSCAPE_FQDN}/message-system"

Install

  1. Deploy the charm

    juju deploy landscape-client --config account-name='standalone' --config tags='' --config script-users='nobody,landscape,root' --config ping-url="http://${LANDSCAPE_FQDN}/ping" --config url="https://${LANDSCAPE_FQDN}/message-system"

Configure

  1. Relate the charm

    juju relate landscape-client <charm-name>

Define variables using Jinja

# LANDSCAPE_ACCOUNT_NAME: self-hosted Landscape users can leave this as `standalone`
# Landscape SaaS users can find the account name here: https://landscape.canonical.com/settings
{% set LANDSCAPE_ACCOUNT_NAME = 'standalone' %}

# LANDSCAPE_FQDN: `landscape.canonical.com` is only for Landscape SaaS users
# Fully Qualified Domain Name of your Landscape instance
{% set LANDSCAPE_FQDN = 'landscape.canonical.com' %}

# LANDSCAPE_COMPUTER_TITLE: default value is fine
# human readable name in Landscape
{% set LANDSCAPE_COMPUTER_TITLE = "dedicated server" %}

Install within the runcmd section of Cloud Init

landscape-config --silent --account-name='{{ LANDSCAPE_ACCOUNT_NAME }}' --computer-title="{{ LANDSCAPE_COMPUTER_TITLE }}" --tags="{{ VPROJECT }}" --script-users='nobody,landscape,root' --ping-url="http://{{ LANDSCAPE_FQDN }}/ping" --url="https://{{ LANDSCAPE_FQDN }}/message-system"