close
Productsdrop-down
Headspin EnterpriseAudio-Visual PlatformRegression IntelligenceCreate Your Own Lab
Resourcesdrop-down
DocumentationGlobal Device InfrastructureRepositoryFAQsIntegrationsWebinars & EventsPodcastsConvergeBlogsWhitepapersTutorialsCase StudiesLatest Feeds
Companydrop-down
About HeadSpinHeadSpin & Appium ProPartnersLeadership TeamCareersPress Resources
Pricing
Log inBook Free Trial
Login
Products
Resources
Company
Pricing
Log inConnect Now
HeadSpin Platform
Automated & manual testing made easy through data science insights.
Differentiating capabilities:
  • Extensive end-to-end automation of QA process
  • Comparative analysis of app performance against peers
  • Continuous monitoring of app performance using synthetic data for higher availability of apps
  • Easy-to-use developer friendly platform

ADD-ON PRODUCTS

Audio Visual Platform
Audio-Visual Platform
One Platform For All Your Media Testing
CYOL
Create Your Own Lab
Utilize Your Own Device Infrastructure With HeadSpin

ENTERPRISE ADDON PRODUCTS

Regression
Regression Intelligence
Automated Solution To Solve Regression Issues

SUPPORT

Documentation
Documentation
Global Device Infrastructure
Global Device Infrastructure
Repository
Repository
FAQS
FAQS
Integrations
Integrations

RESOURCE CENTER

Webinars
Webinars & Events
Podcast
Podcast
Converge
Converge
Blogs
Blogs
Whitepapers
Whitepapers

Resource Center

Tutorials
Tutorials
Case Study
Case Studies
News
Latest Feeds

ABOUT US

About Headspin
About HeadSpin
Appium Pro
HeadSpin & Appium Pro

ABOUT US

Global Device Infrastructure
Partners
Leadership Team
Leadership Team

ABOUT US

Careers
Careers
News
Press Resources
HeadSpin Documentation
Documentation
Changes
Changelog
Getting Started
UI Master Guide
A/V Box
Additional Reference Links
User Roles and Access Permissions
Using Espresso
Using XCTest
Supported Devices and OS Versions in HeadSpin
Integrations
Katalon Studio - Using Katalon with HeadSpin Devices
Tosca - Using Tricentis' Tosca with HeadSpin
Using ACCELQ and HeadSpin
iOS 17 Compatibility and Support
Platform
Unlocking Devices with Pintap
Using the Cookie Tool
Using the HS Tunnel Tool
Remote Functional Testing
Configuring Single Sign-On
Remote Debugging
Platform Command Line Interface
Bring Your Own Device
API Reference
API for Automation Configuration
Basic Device API
App Management
Android Device API
iOS Device API
Using Reservation API
Device Cleaning API
Data Lifecycle Policy API
Session API
Session Annotation API
Session Analysis API
Measuring Visual Load Time in Sessions
Performance Monitoring API
Regression Intelligence API
Providing Feedback
Device Selectors API
Session Status Reliability API
Usage Report
Team API
Network Config API
Auth API
Analysis Config API
Admin API
API for Hardware and Grafana
Using the bluetooth API
Using Audio API
Using A/V Box API
Replica Database API
Grafana API
API for Biometric Testing
PBox Enclosure API
Mini Remote
Using Mini Remote
Automation
Getting Started with Appium
API Tokens
Browser Automation
Chrome DevTools
Recommended network_security_config.xml for network capture
Appium Load Balancer
Appium Capabilities
Migrating to Appium 2
Selenium Capabilities
Appium Inspector Integration
Audio
Audio Setup - Bluetooth Setup and Limitations
Audio Use Cases and Troubleshooting with HeadSpin
Biometrics SDK
Testing biometric authentication in Android
Testing Touch and Face ID in iOS
Performance Analysis
Waterfall UI
Burst UI
AI-based Issue Detection Engine
AI-based Quality of Experience Monitoring
Video Quality MOS
Providing Feedback on HeadSpin Performance Sessions
Annotating Your Session
Image Matching Methods Explained
Performance Monitoring
Performance Monitoring UI
Replica DB
Replica DB UI
Grafana
Grafana Dashboards
Grafana UI Overview
On-Premise Deployments
User Management
Architecture
PBox Data Sheet
PBox Rack Installation
On-Premise Deployment Options
On-Premise Fully Managed Network Admin
iOS Provisioning
New Devices
Upgrade
Pusher
File Layout
Android Network Capture Setup
Network Requirements and Audio Configuration Options
Deprecated Documentation
App API
iOS and Android Device API
Instrumentation API
TestProject - Using Tricentis' TestProject with HeadSpin
Legal Matters
Downloadable Components License Agreement
Home
>
Documentation
>
On-Premise Fully Managed Network Admin

On-Premise Fully Managed Network Admin

Network Admin

DNS Setup

Map the following host IP addresses to DNS A records in {domain}:


{env}-unifiedcontroller-{geo-index}
{env}-{geo}-{city}-{geo-index}-proxy-{server-index}-lin
{env}-{geo}-{city}-{geo-index}-proxy-{server-index}-mac
{env}-{geo}-{city}-{geo-index}-display-{index}

The following hosts need to be an alias of the unifiedcontroller <code class="dcode">({env}-unifiedcontroller-{index})</code>:


{env}.headspin.io
{env}-api.headspin.io
{env}-appium.headspin.io
{env}-data.headspin.io
{env}-eventend.headspin.io
{env}-grafana.headspin.io
{env}-hubble.headspin.io
{env}-internal-api.headspin.io
{env}-liveend.headspin.io
{env}-mysql.headspin.io
{env}-postgres.headspin.io
{env}-redis.headspin.io
{env}-uiend.headspin.io
{env}-ulb.headspin.io

Deploying dnsmasq instead of replacing the *.headspin.io

The on-premise unit comes with a wildcard certificate for <code class="dcode">*.headspin.io</code> issued by DigiCert. This requires that the hostnames of all the hosts are under <code class="dcode">.headspin.io</code>, for example <code class="dcode">&lt;env>-unifiedcontroller.headspin.io</code>. The headspin.io zone is controlled by HeadSpin and not exposed for customers to modify; however, if customers want to keep the default certificate, they will need to be able to add the IPs for their hosts to the DNS zone. The solution is to use dnsmasq as the DNS server in the deployed subnet that overrides the customer host entries.

Install dnsmasq on a host on the subnet (call it <code class="dcode">&lt;env>-dnsmasq.headspin.io)</code>. This can be done on the subnet router. This can also be done on the unifiedcontroller. Add this config to <code class="dcode">/etc/dnsmasq.conf</code>:


no-resolv
interface=
no-dhcp-interface=
server=
DNSMASQ_EXCEPT=lo

Now in the DHCP server, set the DNS IP to that of dnsmasq host. At this point restart all the hosts (or refresh their leases with <code class="dcode">dhclient</code>) to update their DNS servers. dnsmasq is now deployed.

On the dnsmasq host, all overrides are places in <code class="dcode">/etc/hosts</code>. Add the entries there described by the <code class="dcode">dns_setup</code> guide.

Change the domain

The on-premise unit comes by default under the headspin.io domain. You are expected to mask the DNS entries listed in network_setup_checklist on the DNS server for the subnet, e.g. dnsmasq.

The next step is to move the unit into your domain. This affects the TLS certificates and SSH certificates, which will need to be re-deployed after changing the domain.

The TLS certificate needs to be isssued by a trusted root cert on each of the hosts. See the last section for setting up a custom root cert on each host for an in-house authority.

SSL Certificates and SSH Keys

SSL certs need to be wildcard, for <code class="dcode">*.&lt;domain></cod>, e.g. *.headspin.io for hosted, or <code class="dcode">*.headspin.&lt;customer></code> for on-premise.

<code class="dcode">{env}</code> below means the customer env.

The host role comes from the hostname, e.g. <code class="dcode">proxy-&lt;env>-&lt;geo></code> has role <code class="dcode">proxy</code>. Each role is set up with a template with a different file layout than the other roles.

Service Host Roles Type OS Certificate Files Notes
Controlfreak proxy SSL macOS 10.15 /Users/hs/.controlfreak/nginx/cert.pem
/Users/hs/.controlfreak/nginx/cert.key
STF proxy SSL Ubuntu 16.04 /srv/stf/nginx/cert.pem
/srv/stf/nginx/cert.key
Janus (Media) proxy SSL Ubuntu 16.04 /opt/janus/share/janus/certs/cert.pem
/opt/janus/share/janus/certs/cert.key
Usage Scraper unifiedcontroller SSH Ubuntu 16.04 /home/ubuntu/headspinio-root/ To be deprecated
Platform Endpoints unifiedcontroller SSL Ubuntu 16.04 /etc/nginx/cert.pem
/etc/nginx/cert.key
SSH proxy RSA Public Ubuntu 16.04 /home/hs/.ssh/authorized_keys deprecated in v1 setup
SSH proxy RSA Public macOS 10.15 /Users/hs/.ssh/authorized_keys deprecated in v1 setup
SSH unifiedcontroller RSA Public Ubuntu 16.04 /home/ubuntu/.ssh/authorized_keys
SSH proxy RSA Public Ubuntu 16.04 /etc/ssh/
SSH proxy RSA Public Ubuntu 16.04 /etc/ssh/

Replacement

Generate a new signed SSL certificate (private, public, CA) and SSH key pair. Then replace the files above with the new files.

Configuring the email system

The emailer can be configured to use an SMTP server or Mailgun. The config is on the unifiedcontroller at $HEADSPIN_HOME/keys-{env}/email.yml. Below are the keys for email.yml.


# email.yml
mail_service: smtp | mailgun
default_headspin_email_address: from_addr, e.g. Company <support@company.com>
smtp_host: e.g. smtp.gmail.com
smtp_port: e.g. 587 (tls default)
smtp_mode: tls | ssl | plain
smtp_user: e.g. ops@headspin.io
smtp_pass: e.g. a1234567889
mailgun_api_key: key-b123456789
mailgun_domain: e.g. customer.com

After changing the email config, restart all services on the unifiedcontroller.


$ sudo supervisorctl restart all
Home
>
Docs
>
On-Premise Fully Managed Network Admin

Discover how HeadSpin can empower your business with superior testing capabilities

Our Platform enables you to:
accelerate time-to-market
Accelerate time-to-market, gaining a competitive edge
faster development cycles
Boost developer/QA productivity with faster development cycles
automated buil-over-build regression testing
Automate build-over-build regression testing for consistent results
gain better visibility into functional & performance issues
Gain better visibility into functional and performance issues
reduce mean time
Reduce mean time to identify/resolve during test, QA, and production
evaluate audio, video & qoe
Evaluate audio, video, and content quality of experience (QoE) effortlessly
The trusted choice for global enterprises
Close