Skip to main content
Skip table of contents

Initial setup

Overview

Delphix runs as a virtual appliance deployed in various types of platforms, as outlined in these Deployment articles. When first logging into an instance, the setup wizard will help with initial configurations for network, storage, authentication, and more. This article describes each step in the setup process and will outline and the different options available.

When first connecting to the Delphix Engine via any supported browser, enter the default sysadmin login; username: sysadmin, password: sysadmin. On the first login, there will be a prompt to change the default password for security purposes.

A login failure issue could occur if the Delphix Engine clock is not in sync with the IdP (identity provider) clock. To resolve the issue, either use the NTP (network time) clock or set up the skew time property in the SSO (Single Sign-On) configuration.

Anti-virus programs can impact both performance and operation. Delphix recommends anti-virus scanning exclude folders where Delphix files are maintained, in addition to the normal exclusions put in place for MSSQL operation. This is largely applicable to Windows machines.

Welcome

The Welcome section asks users to select the engine type being setup, whether Continuous Data or Continuous Compliance. This article explains the Continuous Data setup, the Continuous Compliance version can be found at First time setup.

Administrators

Each Continuous Data engine has two default accounts:

  • System Administrator: sysadmin with a user-defined password. This will be the system administrator for the instance.

  • Engine Administrator: admin with a user-defined password. This is typically a DBA who will administer all the data managed by the instance.

Provide an email address and password for both users in the Administrator section.

Each Continuous Compliance engine has this default account:

  • Masking Administrator: admin with a user-defined password. This will be the user responsible for setting up other users and handling administrative actions.

Time

The Delphix engine leverages its time setting to determine policies and actions that take place within the application. Manually set the time or choose from an NTP server, an explanation of these options are shown below.

Option

Notes

Set NTP Server (recommended)

After selecting this option, select an NTP server from the list, or select Add NTP Server to manually enter one or more server(s).

When configuring a Delphix Engine on VMware, be sure to configure the NTP client on the host to use the same servers that are entered here.

Manually Select Time and Date

Select the Use browser time and date option to set the system time, or select the date and time by using the calendar and clock icons.

If this option is selected, the date and time will persist as the local time, even if time zones are changed.

Network

The initial network configuration will be pre-populated based on the deployment platform used for Delphix. For VMware deployments, Delphix defaults to the VMXNET3 network adapter.

Select Settings for each Network interface to manage the following options:

Option

Notes

DHCP or Static network addressing

For Static addressing, enter an IP Address and Subnet Mask. The static IP address must be specified in CIDR notation (for example, 192.168.1.2/24).

Jumbo Frames

This setting is highly recommended. VMXNET3 supports Ethernet jumbo frames, which can be used to maximize throughput and minimize CPU utilization.

Routing

A default gateway will be specified in this section.

DNS Services

Enter a DNS Domain Name and DNS Server to be used for this engine.

Network security

Delphix installs certificates signed by the engine’s Certificate Authority. Users have the ability to manage their own certificates for HTTPS and DSP (Delphix Session Protocol) connections to and from the Delphix Engine. You can add or modify certificates and certificate signing requests (CSRs) via the ... option.

When you update the Certificate Authority certificate, your HTTPS and DSP certificates will be automatically updated.

For more information please refer to Certificate management in the Security section of this documentation.

Storage

Storage for engines backed by block devices

The Delphix Continuous Data Engine automatically discovers and displays storage devices. For each device, confirm that Usage Assignment is set to Data. 

You can associate additional storage devices with the Continuous Data Engine after initial configuration, as there are two options for storage disk usage assignment:

  1. Enabled: Once you set the storage unit assignment for a disk and save the configuration, it cannot be changed again.

  2. Unassigned: These are disks being held for later use.

Configure at least four disks for the storage of user data. This makes the Continuous Data Engine storage manager function more efficient, since duplicated metadata can be distributed across multiple disks.

Storage for Elastic Data Engines backed by object storage

Elastic Data Engines require a valid NTP server configured to ensure communication between the engine and the object storage.

Outbound connectivity

Web proxy

If a Web Proxy Server is necessary for your environment, select Configure web proxy, then enter the hostname and credentials for that server.

Phone home (service)

The support and phone home bundles contain metadata from the Delphix Engine, but do not include the customer data that has been ingested into the Continuous Data Engine. Redaction of known PII data (i.e., names and email addresses for Delphix users) is done on-engine, before and after bundles are uploaded to Delphix, to ensure the latest redaction rules are applied to each bundle without requiring the engine to be continually upgraded. There may be some limited environment data in the bundle (i.e., IP addresses and database names) that are needed for debugging purposes. Support bundles are automatically deleted within 30 days after the support case is closed, or 30 days after upload, whichever comes later.

Enabling/disabling phone home

Enabling this service sends information to Delphix periodically over HTTPS (SSL). This data is securely managed by the internal team for product analysis and improvements. This feature requires a connection to the internet and will use the Web Proxy Server configuration.

Perform the following steps to enable/disable phone home.

  1. Login to the Delphix Continuous Data Engine setup using the sysadmin credentials.

  2. From the Outbound Connectivity widget, click Modify.

  3. To enable phone home, select the checkbox before the Enable phone home service option. If enabled, this service will automatically send a stream of anonymous, non-personal metadata describing user interaction with the product's user interface.

  4. To disable, deselect the checkbox before the Enable phone home service option.

  5. Click Save to save for the settings.

User-click analytics

User-click analytics is a lightweight method to capture how users interact with Delphix product UIs, allowing Delphix to collect browser-based, user-click data. Delphix does not collect, transmit, or store any personally identifiable information (PII) such as email addresses, IP addresses, usernames, etc.

SMTP server

Select Use an SMTP Server and enter the server name or IP address to enable email notifications for events and alerts. When a critical fault occurs with the Delphix Engine, it will automatically send an email alert to the admin user. Make sure to configure the SMTP server so that alert emails can be sent to this user. See System Faults for more information.

Authentication

On the Authentication page, configure authentication protocols such as LDAP and SAML/SSO. See User and authentication management for further details.

LDAP

To avoid configuration issues, consult with the lightweight directory access protocol (LDAP) administrator before attempting to set up LDAP authentication of users for the Delphix engine. When configuring LDAP, provide an LDAP Server. Two authentication methods are currently supported: SIMPLE and DIGEST_MD5.

Select to Protect LDAP traffic with SSL/TLS if desired. This option requires an import of the server certificate. If LDAP has been set up as an authentication service for the Delphix Engine, add new users with LDAP as their authentication mechanism. For more information, see the User groups article.

SAML/SSO

To enable SAML/SSO, there are two properties to set:

  1. Audience Restriction: The audience restriction must be set to the entity id configured in the Delphix Server via the Delphix Setup. Its default value is https://Delphix Server ID, where Delphix Server ID is a 36-character hexadecimal string of the form xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx.

    1. See Determining the Delphix server ID and host name for more on the Delphix Server ID. If the Continuous Data Engine does not exist or is unreachable, enter a temporary value (such as delphix-sp-id), which must later be replaced by the actual Delphix Server ID.

  2. IdP Metadata: an XML document that must be exported from the application created in the IdP. Paste its contents into the provided field.

Kerberos

The Kerberos page allows for Kerberos authentication to communicate between hosts connected with Continuous Data. Enabling this option will allow Kerberos key-based authentication when adding new environments to Continuous Data.

  1. Realm: the domain over which a Kerberos authentication server has the authority to authenticate a user, host, or service.

  2. Principal: a unique identity to which Kerberos can assign tickets.

  3. Keytab: a file containing pairs of Kerberos principals and encrypted keys (which are derived from the Kerberos password).

Registration

As described in Registration management, registration allows Delphix Support to access the engine, properly diagnose, and identify any issues during support cases. If the Continuous Data Engine has access to the internet, auto-register the engine with Delphix Support credentials in the Online Registration section.

If external connectivity is not immediately available, perform the manual registration.

  1. Copy the Delphix Engine registration code displayed.

  2. Transfer the Delphix Engine's registration code to a workstation with access to the external network Internet. For example, e-mail the registration code to an externally accessible email account.

  3. On a machine with access to the internet, use a browser to navigate to the Delphix Registration Portal at http://register.delphix.com.

  4. Log in with Delphix support credentials.

  5. Paste the Registration Code.

  6. Click Register.

The Continuous Data Engine will work without registration, but it is recommended to register each engine as part of the setup. Failing to register the Continuous Data Engine will impact its supportability.

Summary

The final Summary section will enable a review of the configurations for each page in the setup tutorial. Confirm that everything looks correct, and click submit to complete the setup.

After Setup

  • After the configuration is complete, the Continuous Data Engine will restart and launch the browser-based Delphix Management application.

  • After the Delphix Management application launches, the admin can log in using the initial default username admin and the initial default password Delphix. On the first login, there will be a prompt to change the initial password.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.