Help Center/ Cloud Bastion Host/ Getting Started/ Step 3: Add Resources to the CBH System
Updated on 2024-11-12 GMT+08:00

Step 3: Add Resources to the CBH System

Scenarios

A bastion host allows you to centrally manage cloud resources as well as their accounts and permissions. Before you start, ensure resources are added to the CBH system for centralized O&M management.

A host or application resource may have multiple accounts for login. CBH allows you to log in to managed resources through managed accounts without having to repeatedly enter the usernames and passwords.

The default account for each managed resource is Empty. If you use the Empty account, enter the account username and password for accessing the host resource.

Prerequisites

Procedure

Table 1 Methods of adding resources

Resource Type

How to Add

Description

Host resources

Adding a Host Resource

Add host resources one by one.

After you add the basic information of the host resource, add accounts to the host resource. If no account is added, account Empty is generated for the host resource by default.

Importing Host Resources from an Excel File

Configure basic information as well as accounts of a host based on the Excel template.

If an account is configured for a host resource, the CBH system will no longer generate the Empty account for the host resource.

Importing Host Resources from a Cloud Platform

Select a cloud platform that can communicate with the CBH system and import the basic information and account information of the hosts on the cloud platform into the CBH system.

All accounts of the hosts in the cloud platform will be imported into the CBH system. The CBH system will no longer generate the Empty account.

Automatic Host Discovery

The CBH system automatically discovers hosts that can communicate with the CBH system through IP addresses or IP address ranges.

In this method, only basic information of discovered hosts is added to the CBH system. You are required to add the accounts to them manually.

Application resources

Adding An Application Resource to CBH

Add application resources one by one.

After you add the basic information of the application resource, add an account to the application resource. If no account is added, Account Empty is generated for the application resource by default.

Importing Application Resources from an Excel File

Configure basic information as well as accounts of application resources using the Excel template.

If an account is configured for an application resource, the CBH system will no longer generate the Empty account for the application resource.

Configuration Description

The settings of Protocol and Host Address must be unique. So, the host resource managed in the CBH system must be unique.

Table 2 Basic information about managed host resources

Parameter

Description

Host Name

User-specified name of a host resource. The host name must be unique in the CBH system.

Protocol

Type of the protocol used for the host.

In CBH professional editions, you can configure SSH, RDP, VNC, Telnet, FTP, SFTP, DB2, MySQL, SQL Server, Oracle, SCP, and Rlogin for a host.

In the CBH standard editions, you can configure SSH, RDP, VNC, Telnet, FTP, SFTP, SCP, and Rlogin for a host.

Host Address

Host IP address that can be used to establish connection with the bastion host.

  • Select the EIP or private IP address of the host. A Private IP address is recommended.
  • By default, the IPv4 address of a host is required.
  • You can enter either an IPv4 address or IPv6 address of a host as long as an IPv6 address is enabled for the host and the IPv6 network interface is enabled in system configuration in the CBH system.
NOTE:
  • CBH manages host resources on the same VPC network. Therefore, private IP addresses are not restricted by external security policies or access control policies based on network stability and proximity. It is recommended that you set the Host Address to a private IP address on the same VPC network.
  • Using an EIP of a host may result in login failure because EIP is an independent public IP address, which may be blocked by the access restrictions on the port.

port

Port number of the managed host.

OS Type

(Optional) Type of the host OS or device OS.

  • The following OS types are supported by default: Linux, Windows, Cisco, Huawei, H3C, DPtech, Ruijie, Sugon, Digital China sm-s-g 10-600, Digital China sm-d-d 10-600, ZTE, ZTE5950-52tm, Surfilter, and ChangAn.
  • In addition, system administrator admin can customize OS types.
  • For details, see OS Type.

Terminal Speed

Terminal rate. Different terminal speeds can be selected for Rlogin hosts.

Encode

Code used on the host O&M UI. SSH and Telnet hosts support Chinese code.

You can select UTF-8, Big5, or GB18030.

Terminal Type

Terminal type for O&M. For O&M of SSH and Telnet hosts, different terminal types are available.

You can select Linux or Xterm.

Options

(Optional) You can select File Manage, Clipboard, or X11 forward.

  • File Manage: This option is supported only by SSH, RDP, and VNC hosts.
  • Clipboard: This option is supported only by RDP hosts.
  • X11 forward: This option is supported only by SSH hosts.

Department

Department to which the host belongs.

Label

(Optional) You can customize a label or select an existing one.

Remarks

(Optional) Provides the description of the host.

Table 3 Basic information about managed application resources

Parameter

Description

App Name

Name of an application resource. The value of App Name must be unique in the CBH system.

AppServer

Select a created application publishing server.

Department

Select the department of the application.

APP Address

(Optional) Enter the address of the application. You can enter an IP address or domain name.

  • If the application is released as a browser, enter the URL of the web page. If the address has a corresponding port, enter the address in the format of URL:Port number.
  • If the application is released as a database or client, enter the address of the database server.

APP Port

(Optional) Enter the application access port.

  • If the application is released as a database or client, enter the database access port.
  • If the application is released as other resource types instead of a database, leave this parameter blank.

Param

(Optional) Set application parameters.

  • If the application is released as a database, enter the database instance name.
  • If the application is released as other resource types instead of a database, leave this parameter blank.

Options

(Optional) You can select File Manage or Clipboard.

Label

(Optional) You can customize a label or select an existing one.

Remarks

(Optional) Provides the description of the application.