Hello all,
On this first part of the blog, I will show you how to install DWP Catalog 19.11 on a cluster, as a non-root user, using an advanced-options.txt file having custom install directory, and Openjdk11 on:
- Red Hat Enterprise Linux Server release 7.4 (Maipo)
- Oracle Database 12c Enterprise Edition Release 12.1.0.1.0 - 64bit Production
Prerequisites: Basic Linux and Oracle Knowledge/Background.
NOTE - If you are upgrading to 19.11 and you have SSL in place, put the certs on a different directory (out of dwpcatalog install directory) and update the jetty-http.xml with the new path prior running the upgrade.
Use the installer and upgrade file realesed on EPD on December 9th of 2019
EXTRA - If you want to install DWP Catalog as root user on a Linux Server and on a MSSQL Database, check Vinay's post!
BMC Digital Workplace Catalog Installation - The Run Book
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
We will cover the following topics on the first part of this blog:
AGENDA
PRE-INSTALL STEPS
- Getting the server ready for the install - root
- Installing dependencies and additional software
- Configure Firewall - if any
- Installing and Configuring OpenJDK11 for the Catalog and creating a soft-link to /user/java/latest
- UPDATING JAVA References in case of a Java Update
- Creating the non-root user
- Creating custom install directory
- Updating File/Directories permissions for non root user
- Editing hosts file (for DWP Catalog Clulster only)
- Downloading the Installation files from EPD and installing JQ and XMLstartlet - root
- Downloading the right files
- Handling the installation files
- Installing JQ and XMLstartlet
- Configuring Oracle for the installation: New Oracle Dump File process-- sysdba account needed
- Restoring dump
- Creating Tenant Schema
- Creating options.txt for custom install directory - dwpadmin
- File example
INSTALL STEPS
- Running the installer - dwpadmin
POST INSTALL STEPS
- Loading the Tenant Schema - dwpadmin
- Creating a tenant.txt file
- Installing additional nodes (ServerGroup Configuration will be covered on the second part of this blog)
We will cover the following topics in the second part of this blog (see more details at the end of this blog):
DWP Catalog 19.11 | From First To Last: Initial Set Up Guide - PART II
Second part will be published on the first week of December.
POST CONFIGURATION STEPS
- Setting up a Midtier for DWP Catalog.
- Configuring RSSO for DWP Catalog and the rest of the applications - dwpadmin and rssoadmin
- ignore-tenant=true setting explained
- Disabling RSSO for DWP Catalog
- RSSO external, internal (agents), ar sever config file url, and backchannel url's should match. --don't use aliases.
- Configuring SSL on the Catalog:
- Creating a new self-signed certificate for the DWP Catalog - root
- Importing self-certificate certificates to JAVA cacerts - root
- CA signed certs and Java ca-certs
- Creating a cron entry for the user_group_sync.sh script - dwpadmin in crontab
- Updating user_group_sync.sh for SSL - dwpadmin
- Configuring ServerGroup environment for the Catalog - dwpadmin and Demo
- Configuring FTS on a DWP Server Group - dwpadmin and Demo
- Primary DWP Catalog Server
- Secondary DWP Catalog Server
- Configuring FTS on a DWP Server Group - dwpadmin and Demo
- Integrating with ITSM, DWP and SmartIT - dwpadmin and Demo
- User permissions needed for SmartIT and DWP Catalog Integration : sbe-agents
- Remedy Connector
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
PRE-INSTALL
Getting the server ready for the install
Installing dependencies
As root, perform these steps in all the DWP Nodes in the cluster.
- Enable optional rpm's (we need this to install OpenJDK11)
yum-config-manager --enable rhel-7-server-optional-rpms
- Install dependencies. Note: You can do it with the script that comes with DWP Catalog too, but we don't have the file on the server at this point yet.
yum install -y glibc nspr libgcc libstdc++ unzip tar compat-libstdc++-33 compat-libstdc++-33.i686 glibc.i686 libgcc.i686 libstdc++.i686 net-tools python-setuptools php-pear
- run the below command to improve DWP Catalog node performance
ulimit -n 16384
Getting Firewall Ready - if any
- As root, check if firewall is running or not, if not skip this section.
- Handling firewall > https://linuxconfig.org/how-to-stop-start-and-disable-enable-firewall-on-redhat-7-linux-system
systemctl status firewalld
Not running
Running
- If it is running run below commands
firewall-cmd --zone=public --permanent --add-port=8008/tcp
firewall-cmd --zone=public --permanent --add-port=8443/tcp
firewall-cmd --zone=public --permanent --add-port=443/tcp
firewall-cmd --zone=public --permanent --add-port=9988/tcp
firewall-cmd --zone=public --permanent --add-port=80/tcp
firewall-cmd --zone=public --permanent --add-port=8080/tcp
firewall-cmd --zone=public --permanent --add-port=9977/tcp
firewall-cmd --zone=public --permanent --add-port=40001/tcp
firewall-cmd --zone=public --permanent --add-port=61617/tcp
firewall-cmd --zone=public --permanent --add-port=8009/tcp
firewall-cmd --zone=public --permanent --add-port=8005/tcp
firewall-cmd --reload
(hit enter)
- All the commands above should throw a success message
Installing and Configuring OpenJDK11 for the Catalog and creating a soft-link to /usr/java/latest
As root, install OpenJDK11 on the server
- Install OpenJDK11
yum install java-11-openjdk-devel
Successful install
- Set OpenJDK11 as your default Java Provider. Select the OpenJDK11 option
alternatives --config java
- Create a softlink for OpenJDK called /usr/java/latest - This way, JAVA updates shouldn't be a headache in future occasions.
ln -s /usr/lib/jvm/java-11-openjdk-11.0.4.11-1.el7_7.x86_64 /usr/java/latest
- if you get a problem when creating the soft link, try creating the /usr/java/latest directory, removing and try again -
mkdir -p /usr/java/latest
rm -rf /usr/java/latest
ln -s /usr/lib/jvm/java-11-openjdk-11.0.4.11-1.el7_7.x86_64 /usr/java/latest
- Confirm soft link was created by running ls -l /usr/lib/jvm/java-11-openjdk-11.0.4.11-1.el7_7.x86_64 /usr/java/latest
- Set JAVA_HOME and confirm JAVA_HOME was set
export JAVA_HOME=/usr/java/latest
echo $JAVA_HOME
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
UPDATING JAVA References in case of a Java Update
- From now on, on each java update, you have to update the soft links. How?
Say you upgrade to OpenJDK13
unlink /usr/java/latest -- This will remove the link between the OpenJDK11 and the symbolic link
ln -s /usr/lib/jvm/java-11-openjdk-13 /usr/java/latest -- This will recreate the symbolic link and will point OpenJDK13 (the new java) to it.
More info below
DWP Catalog - Configuring/Upgrading JAVA and JAVA Best Practices
- That's all, no more headaches!
NOTE: If you need ORACLE JRE, please check the below documentation:https://docs.bmc.com/docs/digitalworkplaceadvanced/1908/creating-oracle-tablespaces-871980124.html?src=search
Setting up the installation environment - Documentation for BMC Digital Workplace Advanced 19.08 - BMC Documentation
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Creating the non-root user
Log onto the DWP Catalog Server node(s) as root:
- Create the dwpcatalog group
groupadd dwpcatalog
- Create the user dwpadmin - this will create a directory under /home/dwpadmin
useradd -g dwpcatalog -m dwpadmin
- Set a password for dwpadmin
passwd dwpadmin
Creating custom install directory
Log onto the DWP Catalog Server node(s) as root:
- Create custom directory
mkdir -p /app
- Change permissions for dwpcatalog grouplist which contains dwpadmin user
chown -R root:dwpcatalog /app
chown -R dwpadmin /app
chmod g+rwx /app
(hit enter)
Updating File/Directories permissions for non root user
As root, run the below commands:
BE SURE TO BE USING YOUR JAVA DIRECTORY
chown -R root:dwpcatalog /opt/bmc
chmod g+rwx /opt/bmc
mkdir -p /etc/arsystem
chown -R root:dwpcatalog /etc/arsystem
chmod g+rwx /etc/arsystem
chown root:dwpcatalog /tmp
chmod g+rwx /tmp
chown root:dwpcatalog /usr/java/latest/bin
chmod g+rwx /usr/java/latest
chown root:dwpcatalog /usr/java/latest/lib
chmod g+rwx /usr/java/latest
chown root:dwpcatalog /usr/lib/jvm/java-11-openjdk-11.0.4.11-1.el7_7.x86_64/bin
chmod g+rx /usr/lib/jvm/java-11-openjdk-11.0.4.11-1.el7_7.x86_64/bin
chown root:dwpcatalog /usr/lib/jvm/java-11-openjdk-11.0.4.11-1.el7_7.x86_64/lib
chmod g+rwx /usr/lib/jvm/java-11-openjdk-11.0.4.11-1.el7_7.x86_64/lib
chown root:dwpcatalog /etc/profile
chmod g+w /etc/profile
chown root:dwpcatalog /dev/console
chmod g+w /dev/console
chown root:dwpcatalog /home/dwpadmin
chmod g+wrx /home/dwpadmin
(HIT ENTER)
Editing hosts file
- Log in as root
- Edit /etc/hosts
vim /etc/hosts
- Add the desired hosts/aliases/dns entries.
Use case: I have a servergroup/loadbalancer called catalog-cluster-americas.domain.com and it has two servers behind it: catalog1.domain.com and catalog2.domain.com
NOTE:
Below configuration could be different in you system: ask your sysadmin/network team what the right configuration for this would be.
This is what I have in my system and works.
Primary DWP Catalog Hosts Files
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 catalogcluster-americas.domain.com catalog1.domain.com catalog2.domain.com
172.20.x.13x catalogcluster-americas.domain.com catalog1.domain.com
172.20.x.13x catalogcluster-americas.domain.com catalog2.domain.com
Secondary DWP Catalog Hosts Files
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 catalogcluster-americas.domain.com catalog2.domain.com catalog1.domain.com
172.20.x.13x catalogcluster-americas.domain.com catalog2.domain.com
172.20.x.13x catalogcluster-americas.domain.com catalog1.domain.com
- Hit ESC twice then hit :
- Then, type wq!
- Hit Enter
- That should save above changes
- To confirm type cat /etc/hosts and that should return the above changes
- Type exit
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Downloading the Installation files from EPD and installing JQ and XMLstartlet
Downloading the right files
- The first thing we need to do is download DWP Catalog 19.11 from EPD.
- This is under MyIT/ MyIT Service broker
- Files that we need are higlighted below
- digital-workplace-catalog-fresh19.11.00.tar.gz -- DWP Catalog Installer
- 20191114_DWPCSaaSAdmin.dpdmp -- Oracle Dump
- DWPCatalog1911forITSM1808Patch001_19.11 -- That goes on the AR Server and it needs to be installed via Deployment Package Console
Handling the installation files
- I'm assuming you are not allowed to upload files via ftp/scp as a non-root user. If you do, you can skip the permission steps.
- Log in as root
- Upload the file digital-workplace-catalog-fresh19.11.00.tar.gz to the Linux server using any scp/ftp tool and put it under /tmp
- Change the file permissons as follows
chown dwpadmin digital-workplace-catalog-fresh19.11.00.tar.gz
- Move the files to /home/dwpadmin
mv digital-workplace-catalog-fresh19.11.00.tar.gz /home/dwpadmin
- switch to dwpadmin
su - dwpadmin
- Go to directory
cd /home/dwpadmin
- Unzip installation files
tar -zxvf digital-workplace-catalog-fresh19.11.00.tar.gz
Installing JQ and XMLstartlet
- Switch back to root by running:
exit
- Go to /home/dwpadmin/install_files
cd /home/dwpadmin/install_files
- Install the xmlstartlet and
rpm -Uvh xmlstarlet*
- Copy jq from the install directory to the /usr/bin and update the permissions.
cp /home/dwpadmin/install_files/jq /usr/bin
chmod +x /usr/bin/jq
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Configuring Oracle for the installation: New Oracle Dump File process
From 19.08/19.11 and beyond, we introduced a new feature. You can use an Oracle Dump to precreate the Schema and the DWP Catalog install should be faster.
If you don't want to use this dump, follow the old Oracle instructions in the docs.
ORACLE TUNING
Restoring dump
Remember, this dump has a precreated Schema Database which is called DWPCSAAS.
There is no need to create a Schema Database.
- Download the Oracle dump file from:
http://iamslite.bmc.com/smbufs1/build_myitsb/backup/oracle/20190917_DWPCSaasAdmin.dmp
- Put the file under '/data1/oracle/product/admin/ORA121DB/dpdump' using scp or any other protocol.
Note: Directory might be different in your system
- Make sure file is owned by oracle user and not root by running
ls -lrth
-rw-rwxr-- 1 oracle dba 471M Nov 24 10:03 20190917_DWPCSaasAdmin.dmp
If this is owned by root, then you won't be able to import the dumpfile.
Solution: need to change the file permissions as follows:
chown oracle 20190917_DWPCSaasAdmin.dmp
- Log onto sqlplus with an admin user
sqlplus / as sysdba
- Run below command
CREATE OR REPLACE DIRECTORY DATA_PUMP_DIR as '/data1/oracle/product/admin/ORA121DB/dpdump'; - this is the directory where you put the dump file
NOTE:
DATA_PUMP_DIR this is not a physical value, is more like a soft-link value.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Creating Restoring APP Schema, now called DWPCSAAS
Run the following queries via sqlplus as sysadmin.
DROP USER DWPCSAASADMIN cascade;
COMMIT;
DROP TABLESPACE "DWPCSAAS" INCLUDING CONTENTS AND DATAFILES CASCADE CONSTRAINTS;
COMMIT;
CREATE ROLE DWPCSAASADMINROLE NOT IDENTIFIED;
COMMIT;
GRANT ALTER SESSION, CREATE CLUSTER, CREATE DATABASE LINK, CREATE SEQUENCE, CREATE SESSION, CREATE SYNONYM, CREATE TABLE, CREATE VIEW, CREATE PROCEDURE, CREATE TRIGGER, QUERY REWRITE TO DWPCSAASADMINROLE;
COMMIT;
CREATE TABLESPACE DWPCSaas DATAFILE 'DWPCSaas.dbf' SIZE 500M REUSE AUTOEXTEND ON;
COMMIT;
!impdp system/bmcAdm1n directory=DATA_PUMP_DIR dumpfile=20190917_DWPCSaasAdmin.dmp logfile=import.log full=y; -- THIS NEEDS TO BE RUN VIA SQLPLUS
COMMIT;
alter user DWPCSAASADMIN identified by password;
COMMIT;
GRANT DWPCSAASADMINROLE TO DWPCSAASADMIN;
COMMIT;
NOTE:
the dump command cannot be run on Oracle SQL Developer, the rest can be.
Creating Tenant Schema, now called DWPCTenant
- Run the following queries via sqlplus as sysadmin.
CREATE TABLESPACE DWPCTenant DATAFILE ' DWPCTenant.dbf' SIZE 2000M REUSE AUTOEXTEND ON;
COMMIT;
#Below will create a dedicated temporary a tablespace for both Users
CREATE TEMPORARY TABLESPACE DWPCTemp TEMPFILE 'DWPCTemp.dbf' SIZE 4000M REUSE AUTOEXTEND ON;
COMMIT;
CREATE USER DWPCTENANTADMIN IDENTIFIED BY password DEFAULT TABLESPACE DWPCTenant TEMPORARY TABLESPACE DWPCTemp QUOTA UNLIMITED ON DWPCTenant;
COMMIT;
GRANT DWPCSAASADMINROLE TO DWPCTenantADMIN;
COMMIT;
alter user DWPCSAASADMIN temporary tablespace DWPCTemp;
COMMIT;
ORACLE Developer Studio-
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
INSTALL
Running the installer
- Log onto DWP Catalog Server as dwpadmin user
su -dwpadmin
- Go to /home/dwpadmin
cd /home/dwpadmin
- Create a new custom options.txt file
touch custom-options.txt
- Open it up
vim custom-options.txt
- Insert below values and update required fields so they match your environment details
- NOTE: Use the hostname for this custom-optionts.txt file, you can set the server group name later and that will be covered on the second section of the blog.
-P installLocation=/app/dwpcatalog this will be our advanced option
Example
-P installLocation=/app/dwpcatalog
-J BMC_DWP_SERVER_ROLE=master
-J BMC_JAVA_JRE_64_BIT_HOME_PATH=/usr/java/latest
-J BMC_MIDTIER_PASSWORD=password
-J BMC_DWP_SERVER_NAME=dwpc-node-1
-J BMC_DWP_SERVER_HOST_NAME=dwpc-node-1.domain.com
-J BMC_DATABASE_LOGIN=DWPCSAASADMIN
-J BMC_DATABASE_PASSWORD=password
-J BMC_DATABASE_TYPE=ORACLE
-J BMC_DATABASE_HOST=catalogoracle.domain.com
-J BMC_DATABASE_PORT=1521
-J BMC_DATABASE_INSTANCE=ORA121DB
-J BMC_DATABASE_ORACLE_SID_OR_SERVICE=true
-J BMC_DATABASE_DBA_TABLESPACE_NAME=DWPCSaas
- Save it
- run the installer as dwpadmin
./install-digitalworkplace.sh -o custom-options.txt
- A successful install should show the below output:
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
POST INSTALL STEPS
Loading the Tenant Data
Creating a tenant.txt file
- Log onto the DWP Catalog as dwpadmin
- Go to /app/dwpcatalog/sb directory
cd /app/dwpcatalog/sb
- Create a new tenant.txt file
touch tenant.txt
- Add below values vi editing tenant.txt using vi
vi tenant.txt
Demo
password
DWPCTENANTADMIN
bmc.com
dwpc-oracle.bmc.com
DWPCTENANTADMIN
password
- Save and close
- Run the script
./post_install.sh create_tenant < tenant.txt
- A successful run should throw the below
- That should perform a DWP Catalog Restart when done
- Confirm you can now log onto the DWP Catalog - using hannah_admin@yourdomain.com and the password is: Passw0rd!
- In order to restart the DWP Catalog, you need to run the next commands:
- ./dwpcontroller stop
- ./dwpcontroller start -u Demo -p password
Installing additional nodes (Server Group Configuration will be covered on the second part of this blog)
- Repeat all of the above, just skip the Database Creation Steps and the Create Tenant Steps and use the secondary catalog hostname for the custom-options.txt file.
- We will configure the Server Group environment on the second part of the blog.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
We will cover the following topics on the second part of this blog
DWP Catalog 19.11 | From First To Last: Initial Set Up Guide - PART II
Second part will be published on the first week of December.
POST CONFIGURATION STEPS
- Setting up a Midtier for DWP Catalog.
- Configuring RSSO for DWP Catalog and the rest of the applications - dwpadmin and rssoadmin
- ignore-tenant=true setting explained
- Disabling RSSO for DWP Catalog
- RSSO external, internal (agents), ar sever config file url, and backchannel url's should match. --don't use aliases.
- Configuring SSL on the Catalog:
- Creating a new self-signed certificate for the DWP Catalog - root
- Importing self-certificate certificates to JAVA cacerts - root
- CA signed certs and Java ca-certs
- Creating a cron entry for the user_group_sync.sh script - dwpadmin in crontab
- Updating user_group_sync.sh for SSL - dwpadmin
- Configuring ServerGroup environment for the Catalog - dwpadmin and Demo
- Configuring FTS on a DWP Server Group - dwpadmin and Demo
- Primary DWP Catalog Server
- Secondary DWP Catalog Server
- Configuring FTS on a DWP Server Group - dwpadmin and Demo
- Integrating with ITSM, DWP and SmartIT - dwpadmin and Demo
- User permissions needed for SmartIT and DWP Catalog Integration : sbe-agents
- Remedy Connector
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Hope this helps, and thanks for making it this far.
Please, leave your feedback/comments/concerns below.
Cheers,
Daniel Soto