A Step-By-Step Guide to Configuring a WebSphere Portal v8.0.0.1

A Step-By-Step Guide to Configuring a WebSphere Portal v8.0.0.1
A Step-By-Step Guide to Configuring a WebSphere Portal v8.0.0.1
Dynamic Cluster
Hunter Tweed
WebSphere Portal Level 2 Support Technical Lead
IBM Raleigh Lab
August, 2013
© Copyright International Business Machines Corporation 2013. All rights reserved.
This guide describes a comprehensive procedure for installing, configuring, and building an
IBM® WebSphere® Portal v8.0.0.1 dynamic cluster using:
•
•
•
•
•
IBM WebSphere Portal 8.0.0.1 CF7
IBM WebSphere Application Server 8.5.5 – 64-bit
Red Hat Enterprise Linux 5.0 update 8
DB2 v9.7 fixpack 4
IBM Tivoli Directory Server v6.3
1
Table of Contents
A Step-By-Step Guide to Configuring a WebSphere Portal v8.0.0.1 Dynamic Cluster..............1
Introduction.............................................................................................................................3
Cluster Concepts....................................................................................................................4
Using this Guide......................................................................................................................5
Before you begin.....................................................................................................................8
Main Guide..................................................................................................................................9
1 – Install IBM WebSphere Portal on the Primary node.........................................................9
2 – Configure the Primary Portal node to an external database..........................................25
3 – Create the WebSphere Portal profile template...............................................................30
4 – Install the Deployment Manager.....................................................................................32
5 – Configure the Deployment Manager...............................................................................43
6 – Federate the Primary Node............................................................................................47
7 – Creating the Dynamic Cluster.........................................................................................49
8 – Configure the Portal Cluster for Federated LDAP Security............................................61
9 – Install IBM WebSphere Portal on an additional node.....................................................67
10 – Federate and Cluster an Additional Portal node...........................................................84
11 – Create the On Demand Router.....................................................................................89
12 – What to do next.............................................................................................................94
Appendix A – Alternate Setup Paths.........................................................................................95
A-1 – Installing WebSphere Portal and Deployment Manager on the same server.............95
A-2 – Creating a Deployment Manager profile on an existing Portal installation...............112
A-3 – Federating Portal to a Deployment Manager that has LDAP security enabled........118
Appendix B – Supplemental Information................................................................................123
B-1 – Script to create and setup DB2 databases...............................................................123
B-2 – Adding a Vertical Cluster Member.............................................................................127
B-3 – Updating Dynamic Cluster settings...........................................................................131
B-4 – Extracting the media.................................................................................................132
About The Author....................................................................................................................138
Change History.......................................................................................................................138
2
Introduction
Higher Versions of Portal and WebSphere Application Server
Although this guide is specifically written for 64-bit Portal v8.0.0.1 CF7 and WebSphere
Application Server (WAS) v8.5.5, the same approach will apply to any Portal v8.0.0.1 with
CF7 or higher and any WAS v8.5.5.x version higher than 8.5.5, 32 or 64-bit.
It is important to note that in order to use WebSphere Application Server v8.5.5 with
WebSphere Portal, you must use WebSphere Portal v8.0.0.1 CF7 at a minimum.
Windows/Unix Differences
This guide was written using Linux as the base operating system, however the steps/concepts
listed in this guide are independent of operating system.
The only significant difference is that for Windows, you must use the batch file commands
instead of the UNIX shell commands listed in this guide. For example:
UNIX: ./startServer.sh WebSphere_Portal
Windows: startServer.bat WebSphere_Portal
or
UNIX: ./ConfigEngine.sh cluster-node-config-dynamic-cluster-setup
Windows: ConfigEngine.bat cluster-node-config-dynamic-cluster-setup
Database and LDAP examples
In the instructions for configuring Portal with the database and LDAP, screens
shots show valid examples. Use values which are appropriate for your database
and LDAP.
Hostnames Used in this Guide
To avoid confusion with my own hostnames, I've replaced each instance of the hostnames of
my servers with a sample value that corresponds to the server it belongs to so that it may be
easier to understand which server I'm referring to in my examples.
I use the following values:
Primary Portal Node - myprimaryportal.ibm.com
Secondary Portal Node – mysecondaryportal.ibm.com
Deployment Manager – mydmgr.ibm.com
Database Server – mydbserver.ibm.com
LDAP Server – myldapserver.ibm.com
3
Cluster Concepts
Server – A Java Virtual Machine (JVM) that manages user applications (such as WebSphere
Portal and Web Content Management).
Node – A logical grouping of one or more application servers. A node does not necessarily
mean a single physical server.
Cell – A logical grouping of one more nodes.
Cluster – A logical grouping of one or more servers across one or more nodes. The servers
are managed together and participate in workload management. Servers in a cluster share
resources, such as applications. Multiple clusters can exist in a single cell, but a single
cluster cannot exist across multiple cells.
Dynamic Cluster – The same as a standard cluster, however cluster members in a dynamic
cluster are controlled by autonomic managers that can optimize performance in a cluster.
In order to build a dynamic cluster in previous versions of WebSphere Portal and WebSphere
Application Server, you were required to have an additional component, WebSphere Virtual
Enterprise, installed and configured.
Starting with WebSphere Application Server 8.5, the functionality from WebSphere Virtual
Enterprise is included within WebSphere Application Server by default, so it is much easier to
create dynamic clusters than in previous versions.
For more information about dynamic clusters, please visit the WebSphere Application Server
8.5 Information Center here:
http://pic.dhe.ibm.com/infocenter/wasinfo/v8r5/index.jsp?topic=
%2Fcom.ibm.websphere.wve.doc%2Fae%2Fcwve_odrdynamiccluster.html
4
Using this Guide
There are many different ways to build a WebSphere Portal cluster. In this guide, I use what I
consider the easiest approach to building a dynamic cluster with a remote Deployment
Manager (DMGR) from scratch. This process includes all of the following chapters:
1. Installing the Primary Portal node
2. Configuring the Primary node for a remote database
3. Enabling Portal profiles
4. Installing the Deployment Manager on a separate server
5. Configuring the Deployment Manager
6. Federate the Primary Node
7. Creating the Dynamic Cluster
8. Enabling LDAP Security
9. Installing an additional Portal Node
10. Federating and Clustering an additional Portal node
11. Create the On Demand Router
This approach however, may not be appropriate for everyone. What if you need to put your
Deployment Manager on the same server as your Primary Portal node? What if you already
have LDAP security enabled on your Deployment Manager prior to creating a cluster? What
if you want vertical cluster members instead?
Each of these variations require an alternate set of steps to follow. To accommodate this, I
have included appendixes describing a few of the more common 'alternate paths'. This guide
is designed so that you may seamlessly swap out an irrelevant section of the main guide, and
replace it with the relevant Appendix.
For example, suppose you already have a Deployment Manager setup and configured with
your LDAP. There is no need for you to follow Chapter 4 for installing the Deployment
Manager; you already have one. There is also no need to re-enable LDAP security; it's
already enabled in your DMGR. Instead you would take this approach using these chapters:
1. Installing the Primary Portal node
2. Configuring the Primary node for a remote database
3. Enabling Portal profiles
A-3. Federating Portal to a Deployment Manager that has LDAP security enabled
7. Create the Dynamic Cluster
9. Installing an additional Portal Node
10. Federating and Clustering an additional Portal node
11. Create the On Demand Router
You would skip Chapters 4 for installing the DMGR, 5 for configuring the DMGR, and 8 for
enabling LDAP Security. You would replace Chapter 6 with Appendix A-3 for Federating and
Clustering the Primary Node when DMGR LDAP Security is enabled.
5
The following scenarios are covered in this Guide (along with the order of Chapters you need
to swap or remove):
Building a WebSphere Portal cluster using a remote DMGR all from scratch?
Use these chapters:
1 – Install IBM WebSphere Portal v8 on the Primary node
2 - Configure the Primary Portal node to an external database
3 - Create the WebSphere Portal profile template
4 - Install the Deployment Manager
5 - Configure the Deployment Manager
6 - Federate the Primary Node
7 - Creating the Dynamic Cluster
8 - Configure the Portal Cluster for Federated LDAP Security
9 - Install an additional Portal Node
10 - Federate and Cluster an additional Portal node
11 - Create the On Demand Router
Building a WebSphere Portal cluster using a local DMGR all from scratch?
NOTE: This is the quickest way to build a cluster if you are not concerned with using a
remote Deployment Manager.
Use these chapters:
A-1 - Installing WebSphere Portal and Deployment Manager on the same server
2 - Configure the Primary Portal node to an external database
3 - Create the WebSphere Portal profile template
6 - Federate the Primary Node
7 - Creating the Dynamic Cluster
8 - Configure the Portal Cluster for Federated LDAP Security
9 - Install an additional Portal Node
10 - Federate and Cluster an additional Portal node
11 - Create the On Demand Router
6
Using an existing Deployment Manager that already has LDAP security enabled?
Use these chapters:
1 - Installing the Primary Portal node
2 - Configuring the Primary node for a remote database
3 - Enabling Portal profiles
A-3 - Federating Portal to a Deployment Manager that has LDAP security enabled
7 - Creating the Dynamic Cluster
9 - Installing an additional Portal Node
10 - Federate and Clustering an additional Portal Node
11 - Create the On Demand Router
Adding a local Deployment Manager after installing Portal?
Use these chapters:
1 - Installing the Primary Portal node
2 - Configuring the Primary node for a remote database
3 - Enabling Portal profiles
A-2 - Creating a DMGR profile on an existing Portal installation
6 - Federate the Primary Node
7 - Creating the Dynamic Cluster
8 - Configure the Portal Cluster for Federated LDAP Security
9 - Installing an additional Portal Node
10 - Federating and Clustering an additional Portal node
11 - Create the On Demand Router
7
Before you begin
This guide does NOT cover the following:
−
−
−
−
−
−
Installing DB2
Installing IBM Tivoli Directory Server
Configuring the cluster with Web Content Management (such as syndication, authoring,
etc)
Creating multiple clusters in a single cell
Advanced Security configuration (such as SSL, property extension database, SSO)
Configuring the cluster with a web server
For more information on these and other topics, please visit the IBM WebSphere Portal v8.0
Product Documentation:
http://www-10.lotus.com/ldd/portalwiki.nsf/xpViewCategories.xsp?lookupName=IBM
%20WebSphere%20Portal%208%20Product%20Documentation
To perform the tasks described in this document, you need basic WebSphere Portal and
WebSphere Application Server knowledge and administration skills. Some steps might
require the assistance of another system administrator, such as the database administrator or
LDAP administrator.
The following references to WebSphere Portal and WebSphere Application Server file paths
will be used throughout the guide:
<AppServer root> - The root path of the AppServer directory, for example:
/opt/WebSphere/AppServer
<PortalServer root> - The root path of the PortalServer directory, for example:
/opt/WebSphere/PortalServer
<wp_profile> - The root path of the wp_profile directory, for example:
/opt/WebSphere/wp_profile
<dmgr_profile> - The root path of the dmgr profile directory, for example:
/opt/WebSphere/AppServer/profiles/Dmgr01
8
Main Guide
1 – Install IBM WebSphere Portal on the Primary node
In this section, you will install IBM Installation Manager, WebSphere Application Server, and
WebSphere Portal on the server you intend to use as your primary portal server.
Before installing WebSphere Portal, please ensure you review the Planning documentation:
http://www-10.lotus.com/ldd/portalwiki.nsf/dx/Planning_to_install_WebSphere_Portal_wp8
In this guide, the installation was completed as the 'root' user using installation images on a
network drive.
BEFORE YOU BEGIN: We will be installing WebSphere Application Server 8.5.5 and
WebSphere Portal Enable v8.0.0.1 CF7 in this section. You need to have access to the
following repositories for use with IBM Installation Manager:
•
WebSphere Application Server v8.5.5
•
IBM WebSphere SDK Java Technology Edition V7.0 (bundled with WAS v8.5.5)
•
WebSphere Portal Server v8.0.0.0 (Including the Setup and Portal media files)
•
Optional: WebSphere Portal <Offering> v8.0.0.0, where Offering is Enable, Extend, etc.
•
WebSphere Portal Server v8.0.0.1 fixpack
•
WebSphere Portal <Offering> v8.0.0.1 fixpack
•
WebSphere Portal Server v8.0.0.1 Cumulative Fix 7
NOTE: If you have downloaded the Portal media from Passport Advantage, refer to
Appendix B-4 for instructions on how to properly extract the downloaded images.
1. Open a terminal window and enter:
ping yourserver.yourcompany.com
where yourserver.yourcompany.com is your actual fully qualified hostname.
2. In the same terminal window, enter:
ping localhost
to verify the “localhost” network settings are configured properly on your machine.
9
3. Linux/UNIX environments only. Ensure ulimit -n is set to 10240 or higher.
ulimit -n 10240
4. Download IBM Installation Manager 1.6.2 (IIM) from the following link:
http://www-01.ibm.com/support/docview.wss?uid=swg24033586
Download whichever package is applicable to your environment. In my case, I am
running on a 64-bit Linux platform, so I downloaded "agent.installer.linux.gtk.x86_64".
5. Copy the downloaded file to your primary Portal server.
6. Extract the contents of the downloaded IIM zip file into a temporary directory.
7. Launch the IIM installer by executing the following command from within the temp
directory:
./install
8. You will see the following screen. Click Next.
10
9. Accept the license agreement and click Next.
10. Select the directory you wish to install IIM to and click Next.
11. Click Install to install IIM v.1.6.2.
12. When the installation completes, click Restart Installation Manager.
13. When IIM relauches, select File → Preferences → Repositories
11
14. Add the repository for the following packages:
- WebSphere Application Server 8.5.5
- IBM WebSphere SDK Java Technology Edition V7.0
Note: If you are using Passport Advantage, then you will not need to add these
repositories.
15. Click OK to close the preferences.
16. From the main IIM screen, click Install.
12
17. Select WebSphere Application Server Network Deployment v8.5.5 and IBM
WebSphere SDK Java Technology Edition 7.0:
NOTE: If you are using Passport Advantage, you may see many editions of
WebSphere Application Server to install. Ensure you select “WebSphere Application
Server Network Deployment”. Otherwise, the Portal installation may not recognize
the WAS installation as valid.
18. Accept the license agreement and click Next.
19. Select a location for the IMShared directory and click Next.
13
20. Select an installation directory for WebSphere Application Server, then click Next.
21. Select any translations you might want, and click Next.
14
22. On the Features page, do not change any features.
NOTE: We will configure for Java 7 after the WebSphere Application Server
installation completes.
23. Click Install to begin installing WebSphere Application Server V8.5.5 and Java 7.
24. When the installation completes, select the radio button for None. We will create a
profile when WebSphere Portal installed. Click Finish to exit the installer.
25. You should be taken back to the IIM home screen. Leave this window open for now.
15
Next we must configure WebSphere Application Server to create profiles using Java 7.
26. Open a terminal window and change directories to the <AppServer root>/bin directory.
27. Execute the following commands, depending on your bit architecture:
64-bit:
./managesdk.sh -setCommandDefault -sdkName 1.7_64
./managesdk.sh -setNewProfileDefault -sdkName 1.7_64
32-bit
./managesdk.sh -setCommandDefault -sdkName 1.7_32
./managesdk.sh -setNewProfileDefault -sdkName 1.7_32
28. Back on the IIM Home screen, go to File → Preferences → Repositories.
29. Add the repositories for all of the following packages:
- WebSphere Portal v8.0.0.0 (<Setup>/eimage/repository.config)
- WebSphere Portal Server v8.0.0.1
- WebSphere Portal <Offering> v8.0.0.1 (where Offering is Enable, Extend, etc).
Note: You can add the Portal v8001CF7 repository now if you'd like, however we
cannot install it with the base Portal product. It has to be applied after initial installation
completes.
Note: If you are using Passport Advantage, then you will not need to add these
repositories.
16
30. Click OK to close the preferences.
31. From the main IIM screen, click Install.
32. Select WebSphere Portal Server v8.0.0.1, and if you have a Portal Offering (like
Extend in my case), then select it as well:
NOTE: If you added the Portal v8000 Setup repository like I did, then you will see
WebSphere Application Server v8.0.0.3 in your list. Do NOT select it for this
installation.
NOTE: If you added a Portal Cumulative Fix to your list of repositories, do NOT select
it at this time. It is not possible to install a cumulative fix until AFTER the base product
is installed.
33. Accept the license agreement and click Next.
17
34. Select an installation directory for WebSphere Portal and click Next.
35. On the features screen, expand “IBM WebSphere Portal Server 8.0.0.1” and review
the features to be installed. Leave the defaults selected. Click Next.
NOTE: This section does not cover installing the Deployment Manager profile now. If
you would like to do this, refer to Appendix A-1 instead.
18
36. On the next screen, select the existing WAS v8.5.5 installation and click Next.
37. Choose the profile template you would like to use and click Next. In this guide, I am
using the Base template:
19
38. For Profile Configuration Details, set the Node Name, Cell Name, Administrator User
ID and Administrator User Password, and click Next.
Optional: If you select the Advanced Configuration radio button at the top of this
screen (not shown), you can also set the Context Root, Default Home, Personalized
Home, starting Port range, Profile Name, and Profile Path. For this guide, these were
all left as the defaults but you are welcome to configure these as you see fit.
39. On the summay screen, click Install to launch the installation process.
40. Once the installation completes, click the radio button for None and click Finish to
exit the installer.
20
You should be taken back to the main screen for IBM Installation Manager. Now we
need to upgrade WebSphere Portal v8001 to v8001CF7. The Portal installation
leaves the WebSphere_Portal started, so we must stop it before proceeding with the
upgrade.
41. From a terminal window, change directories to <wp_profile root>/bin and execute the
following command to stop the WebSphere_Portal server:
./stopServer.sh WebSphere_Portal -user <WAS user> -password <WAS password>
NOTE: You will use the user ID and password you set during installation.
42. Back on the main IIM screen, if you downloaded 8001CF7, go to File → Preferences
→ Repositories and add the repository for CF7, then click OK:
NOTE: You can remove the other repositories if you'd like, we won't need them.
NOTE: If you leave the “Search service repositories during installation” box checked,
then IIM will automatically attempt to connect to Fix Central to find the latest cumulative
fixes. Use this if your server has an internet connection and you want to get the latest
Portal cumulative fix, but haven't downloaded it yet.
21
43. On the main IIM screen, click Update.
44. Select IBM WebSphere Portal in the list of packages and click Next.
45. On the packages screen, your results here may vary depending on whether you're
using Passport Advantage, the Live Service Repositories or downloaded media, but
ensure you select 8.0.0.1 CF7 or higher (if anything higher than CF7 is available),
then click Next.
46. Accept the license agreement and click Next.
47. The next screen will show you the existing features for the WebSphere Portal
package. Do not change anything here. Click Next.
22
48. You will be prompted for whether or not you have a local DMGR on the system. At this
stage of the cluster setup process, we do not, so select No and click Next.
23
49. Enter the administrator credentials for your WebSphere Application Server and
WebSphere Portal Server, then click Validate Credentials.
NOTE: The validation process will take several minutes to complete. A script runs in
the background that starts the WebSphere_Portal server and runs a couple of tests
against it, then shuts the server down again.
NOTE: Use the same credentials that you set during the initial installation.
50. Once credential validation completes, click Next.
51. Click Update to begin the upgrade process.
52. When the upgrade finishes, click Finish and exit IBM Installation Manager.
53. Verify you can access your Portal in a web browser:
http://myprimaryportal.ibm.com:10039/wps/portal
At this point, you have successfully installed WebSphere Application Server v8.5.5,
WebSphere Portal v8.0.0.1, and upgraded WebSphere Portal to v8.0.0.1 CF7.
24
2 – Configure the Primary Portal node to an external database
In this section, Portal will be configured to use an external database. For the purposes of this
document, DB2 will be used as the external database with Type 4 drivers. This may vary in
your environment. For more information about other databases that can be used with Portal,
please visit the WebSphere Portal v8.0 Product Documentation for configuring external
databases at this link and follow the instructions there as appropriate:
http://www10.lotus.com/ldd/portalwiki.nsf/dx/Linux_clustered_server_Configuring_your_portal_to_use_a
_database_wp8
In the environment used for this guide, 6 databases were created following the instructions in
the Product Documentation:
RELDB
COMDB
CUSDB
JCRDB
FDBKDB
LMDB
In addition, the database administrator user “db2inst1” will be used as both the Configuration
and Runtime user ID for each database.
If you choose to use DB2, the contents of the SQL file used to create and prepare the
databases is included in Appendix B-1.
NOTE: In order to create the databases in DB2, you must be logged into the system as the
database administrator.
1. From the primary Portal node, ensure the WebSphere_Portal server is stopped by
executing the following command from the terminal window in the <wp_profile>/bin
directory:
./stopServer.sh WebSphere_Portal -user <WAS user> -password <WAS password>
2. Ensure the database client is installed and configured on the node. Since we are using
Type 4 drivers for DB2, all that is needed is to copy the db2jcc4.jar and
db2jcc_license_cu.jar files from the DB2 server to some directory on the primary
Portal server.
NOTE: For Portal v8.0.0.1, it is recommended that you place the Type 4 drivers into
the following directory:
<wp_profile>/PortalServer/dbdrivers/
25
You will need to create a directory called 'dbdrivers'. This will save you the step of
manually copying drivers over when adding future secondary nodes to your cluster.
3. Ensure the remote DB2 server is started.
4. From the <wp_profile>/ConfigEngine/properties directory, make a backup of the
following files:
wkplc.properties
wkplc_dbtype.properties
wkplc_dbdomain.properties
5. Edit the wkplc_dbtype.properties file and make the following changes:
db2.DbDriver=com.ibm.db2.jcc.DB2Driver
db2.DbLibrary=/opt/IBM/WebSphere/wp_profile/PortalServer/dbdrivers/db2jcc4.ja
r:/opt/IBM/WebSphere/wp_profile/PortalServer/dbdrivers/db2jcc_license_cu.jar
db2.JdbcProviderName=wpdbJDBC_db2
NOTE: The entry for db2.DbLibrary is an example only. Please ensure this is a valid
path on your system.
NOTE: If using Windows, ensure the jar files in the DbLibrary path are separated by a
semi-colon. Linux/Unix requires a colon.
6. Edit the wkplc_dbdomain.properties file and make the following changes:
feedback.DbType=db2
feedback.DbName=fdbkdb
feedback.DbSchema=FEEDBACK
feedback.DataSourceName=wpdbDS_feedback
feedback.DbUrl=jdbc:db2://mydbserver.ibm.com:50000/fdbkdb:returnAlias=0;
feedback.DbUser=db2inst1
feedback.DbPassword=password
feedback.DbRuntimeUser=db2inst1
feedback.DbRuntimePassword=password
likeminds.DbType=db2
likeminds.DbName=lmdb
likeminds.DbSchema=likeminds
likeminds.DataSourceName=wpdbDS_likeminds
likeminds.DbUrl=jdbc:db2://mydbserver.ibm.com:50000/lmdb:returnAlias=0;
likeminds.DbUser=db2inst1
likeminds.DbPassword=password
likeminds.DbRuntimeUser=db2inst1
likeminds.DbRuntimePassword=password
26
release.DbType=db2
release.DbName=reldb
release.DbSchema=release
release.DataSourceName=wpdbDS_release
release.DbUrl=jdbc:db2://mydbserver.ibm.com:50000/reldb:returnAlias=0;
release.DbUser=db2inst1
release.DbPassword=password
release.DbRuntimeUser=db2inst1
release.DbRuntimePassword=password
community.DbType=db2
community.DbName=comdb
community.DbSchema=community
community.DataSourceName=wpdbDS_community
community.DbUrl=jdbc:db2://mydbserver.ibm.com:50000/comdb:returnAlias=0;
community.DbUser=db2inst1
community.DbPassword=password
community.DbRuntimeUser=db2inst1
community.DbRuntimePassword=password
customization.DbType=db2
customization.DbName=cusdb
customization.DbSchema=customization
customization.DataSourceName=wpdbDS_customization
customization.DbUrl=jdbc:db2://mydbserver.ibm.com:50000/cusdb:returnAlias=0;
customization.DbUser=db2inst1
customization.DbPassword=password
customization.DbRuntimeUser=db2inst1
customization.DbRuntimePassword=password
jcr.DbType=db2
jcr.DbName=jcrdb
jcr.DbSchema=jcr
jcr.DataSourceName=wpdbDS_jcr
jcr.DbUrl=jdbc:db2://mydbserver.ibm.com:50000/jcrdb:returnAlias=0;
jcr.DbUser=db2inst1
jcr.DbPassword=password
jcr.DbRuntimeUser=db2inst1
jcr.DbRuntimePassword=password
In steps 7 thru 15, we will set up Collation Support for the JCR database. This is only
needed for DB2, and is recommended when the language locales of your users do not
natively collate correctly in the DB2 database.
7. Copy the following files from the WebSphere Portal server to a temporary directory on
the DB2 server:
<PortalServer>/jcr/wp.content.repository.install/lib/wp.content.repository.in
stall.jar
<wp_profile root>/PortalServer/jcr/config/registerCollationUDFTemplate.sql
27
8. From the DB2 server, open a terminal window and change directories to:
<db2 instance home>/sqllib/function
9. From the DB2 server, Execute the following command:
<db2 instance home>/sqllib/java/jdk/bin/jar -xvf <temporary
location>/wp.content.repository.install.jar
10. From the DB2 server, edit the <temporary location>/registerCollationUDFTemplate.sql
file in a text editor.
11. Change all SCHEMA references in this file to the value you set for jcr.DbSchema in
wkplc_dbdomain.properties. In this case, the schema value is 'jcr'.
12. Save the registerCollationUDFTemplate.sql file
13. From the DB2 server, connect to the JCR database by executing the following
command in a terminal window:
db2 connect to jcrdb user <DBuserID> using <password>
For example: db2 connect to jcrdb user db2inst1 using password
14. From the same terminal window, execute the SQL script by running the following
command:
db2 -tvf <temporary location>/registerCollationUDFTemplate.sql
Review the output to ensure the commands in the sql file executed successfully.
15. Disconnect from the JCRDB and restart the DB2 instance.
16. Switch over to the Primary Portal node, and from a terminal window, change
directories to <wp_profile root>/ConfigEngine
17. Execute the following ConfigEngine scripts to validate the database properties:
./ConfigEngine.sh validate-database -DWasPassword=<password>
18. Execute the following ConfigEngine script to transfer the database from Derby to DB2:
./ConfigEngine.sh database-transfer -DWasPassword=<password>
28
19. DB2 only. After the database-transfer script completes, connect to each database
and perform a reorg check to improve performance. You can do that following these
steps:
a. From the DB2 server, connect to the release database and execute the following
command:
db2 reorgchk update statistics on table all > reorgchk.txt
b. Review the reorgchk.txt file and note any table names that have an * set in the
REORG column.
c. Execute the following command for each table name that has an * set:
db2 reorg table <tablename>
d. After you have completed running reorg against all the marked tables for this
database, execute the following DB2 commands to rebind the database:
db2 terminate
db2rbind <database name> -l db2rbind.out -u <db2admin ID> -p <db2admin
password>
e. Repeat a-d for community, customization, jcr, likeminds and feedback.
20. Back on the Portal server, change directories to <wp_profile>/bin and execute the
following command to start the Portal server:
./startServer.sh WebSphere_Portal
21. Verify that you can render Portal successfully in a web browser.
http://myprimaryportal.ibm.com:10039/wps/portal
At this point, you have successfully configured WebSphere Portal to use an external
database.
29
3 – Create the WebSphere Portal profile template
In this section, you will create a backup of the primary node's wp_profile. You will also enable
the Portal profile templates within the WebSphere Application Server Profile Management
tool. This will allow you to create new Portal profiles in the future.
Do not skip this section. Completing this step is a prerequisite for configuring the
Deployment Manager and secondary nodes, which we will do later in this guide.
WARNING: The ConfigEngine scripts in this section will write to the PortalServer root
directory. By default, this directory is read/execute only (550). If you are using a non-root
user, then this script may fail as a result. Before executing as a non-root user, give temporary
Write access to the PortalServer root directory for this user. You can reset permissions after
the scripts are completed.
1. Start the WebSphere_Portal server from the wp_profile/bin directory if it is not already
started:
./startServer.sh WebSphere_Portal
2. Log in to the WebSphere Portal server and go to Administration → Search
Administration → Manage Search → Search Collections
3. Click the Delete icon (trash can) for each search collection listed here.
30
4. Log out of WebSphere Portal
5. Stop the WebSphere_Portal server from the wp_profile/bin directory:
./stopServer.sh WebSphere_Portal -user <WAS user> -password <WAS password>
6. Navigate to the <wp_profile root>/PortalServer/jcr/lib/com/ibm/icm directory and edit
the icm.properties file.
7. Change this property:
jcr.textsearch.enabled=true
to
jcr.textsearch.enabled=false
8. Save icm.properties.
9. From a terminal window on the primary node, navigate to the <wp_profile
root>/ConfigEngine directory.
10. Execute the following ConfigEngine script:
./ConfigEngine.sh enable-profiles -DWasPassword=<password>
NOTE: This script will create a backup of your wp_profile configuration named
Portal.car and save it to the following directory:
<PortalServer root>/profileTemplates/default.portal/configArchives
If you placed your database drivers within the wp_profile/PortalServer directory, then
they will be automatically collected.
11. Execute the following ConfigEngine script to package all of the profile templates into a
single zip file:
./ConfigEngine.sh package-profiles -DWasPassword=<password>
NOTE: This will create a zip file called profileTemplates.zip in the following directory:
<PortalServer root>/profileTemplates
At this point, the primary node has been installed and the profile templates have been
created.
31
4 – Install the Deployment Manager
In this section, you will install the Deployment Manager on a separate server. All of the
following steps will be completed on the server you intend to use as your deployment
manager.
BEFORE YOU BEGIN: We will be installing WebSphere Application Server 8.5.5 in this
section. You need to have access to the following repositories for use with IBM Installation
Manager:
•
WebSphere Application Server v8.5.5
•
IBM WebSphere SDK Java Technology Edition V7.0 (bundled with WAS v8.5.5)
1. Download IBM Installation Manager 1.6.2 (IIM) from the following link:
http://www-01.ibm.com/support/docview.wss?uid=swg24033586
Download whichever package is applicable to your environment. In my case, I am
running on a 64-bit Linux platform, so I downloaded "agent.installer.linux.gtk.x86_64".
2. Copy the downloaded file to your Deployment Manager server if needed.
3. Extract the contents of the downloaded IIM zip file into a temporary directory.
4. Launch the IIM installer by executing the following command from within the temp
directory:
./install
32
5. You will see the following screen. Click Next.
6. Accept the license agreement and click Next.
7. Select the directory you wish to install IIM to and click Next.
33
8.
Click Install to install IIM v.1.6.2.
9.
When the installation completes, click Restart Installation Manager.
10. When IIM relauches, select File → Preferences → Repositories
11. Add the repositories for the following packages:
- WebSphere Application Server v8.5.5 media
- IBM WebSphere SDK Java Technology Edition V7.0
NOTE: If you are installing from Passport Advantage, you will not need to add these
repositories.
12. Click OK to close the preferences.
13. From the main IIM screen, click Install.
34
14. Select 'WebSphere Application Server Network Deployment - Version 8.5.5.0' and
'IBM WebSphere SDK Java Technology Edition'. Click Next.
NOTE: If you are using Passport Advantage, you may see many editions of
WebSphere Application Server to install. Ensure you select “WebSphere Application
Server Network Deployment”. Otherwise, the Portal installation may not allow you to
proceed.
15. Accept the license agreement and click Next.
16. Set a directory location for the IMShared directory and click Next.
35
17. Select an installation directory for WebSphere Application Server and click Next.
18. Select additional translations if you'd like and click Next.
19. Do NOT change any features. Click Next.
36
20. Click Install to begin the installation.
21. When the installation completes, select the radio button for None and click Finish. We
will create a DMGR profile shortly, but first we have to configure WAS to use Java 7.
22. From a terminal window, change directories to <AppServer root>/bin and execute the
following commands:
64-bit:
./managesdk.sh -setCommandDefault -sdkName 1.7_64
./managesdk.sh -setNewProfileDefault -sdkName 1.7_64
32-bit
./managesdk.sh -setCommandDefault -sdkName 1.7_32
./managesdk.sh -setNewProfileDefault -sdkName 1.7_32
23. Launch the Profile Management Tool by navigating to <AppServer
root>/bin/ProfileManagement and executing the following command:
./pmt.sh
24. When the Profile Management Tool launches, click Create.
37
25. Select the Management profile type and click Next.
26. Select the radio button for Deployment Manager and click Next.
38
27. Select 'Advanced Profile Creation' and click Next. This allows you to customize the
node name, cell name, profile name and profile location (among other items).
28. Check the box to deploy the administrative console and click Next.
29. Set the DMGR profile name and profile directory and click Next.
39
30. Select a Node Name, Hostname and Cell Name, then click Next:
NOTE: Do NOT use the same cell name or node name that you used for the Portal
node/cell. If you do, you will be unable to federate the Portal node the DMGR cell and
must recreate the DMGR profile with unique values for Node and Cell name.
40
31. IMPORTANT. Select the checkbox to Enable Administrative security and use the
exact same user ID and password you used when installing Portal on your
primary node. Doing this will save you some headaches when creating your cluster.
The cluster setup steps in this guide assume you have used the same ID. If you do
NOT use the same ID, you may see unexpected problems when creating your cluster
related to the user IDs..
41
32. Select your security certificates on the next two screens. For this guide, the defaults
were used. Click Next on each screen.
33. Change the port numbers if you'd like. For this guide, the port numbers were not
changed.
NOTE: Make note of the Administrative Console port and the SOAP port. Both of these
ports will be used later in this guide.
34. Windows/Linux only. Select whether to run the DMGR as a service. For this guide,
this option was not selected.
35. Click CREATE on the summary screen.
36. Click Finish to complete the DMGR profile creation.
37. Exit out of the Profile Management Tool.
At this point, the Deployment Manager has been installed and the DMGR profile has been
created. The default URL for the Deployment Manager's Administrative Console is:
http://mydmgr.ibm.com:9060/ibm/console
42
5 – Configure the Deployment Manager
In this section, you will configure the Deployment Manager and prepare it for the future Portal
cluster.
1. From a terminal window on your Deployment Manager, navigate to <dmgr_profile>/bin
2. Ensure the Deployment Manager is stopped by executing the following command:
./stopManager.sh -user <WAS user> -password <WAS password>
3. From the primary Portal node, copy the following zip file over to a temporary location
on your DMGR server:
<PortalServer root>/filesForDmgr/filesForDmgr.zip
4. Back on the DMGR server, extract the filesForDmgr.zip that you just copied over into a
temporary directory (<temp>).
5. Remote DMGR only. Copy the
<temp>/bin/ProfileManangement/plugins/com.ibm.wp.dmgr.pmt_7.0.5 directory to the
<DMGR AppServer root>/bin/ProfileManagement/plugins directory.
NOTE: If you do not have a plugins directory here, then create it manually.
6. Remote DMGR only. Copy the <temp>/lib/wkplc.comp.registry.jar and wp.wire.jar to
the <DMGR AppServer root>/lib directory.
7. Remote DMGR only. Copy the <temp>/plugins/com.ibm.patch.was.plugin.jar, and the
com.ibm.wp.was.plugin.jar files to the <DMGR AppServer root>/plugins directory.
8. Remote DMGR only. Copy the <temp>/profileTemplates/management.portal.augment
directory to the <DMGR AppServer root>/profileTemplates directory.
9. Copy the <temp>/profiles/Dmgr01/config/.repository/metadata.wkplc.xml file to the
<DMGR profile root>/config/.repository directory.
NOTE: The “.repository” directory is a hidden directory.
43
In steps 10 and 11, we will augment the DMGR profile. This process automatically
makes the following changes to your DMGR profile:
- Increases the HTTP connection timeouts for the DMGR server
- Increases the SOAP connector timeout for JMX in the DMGR server
- Increases the JVM Maximum Heap size for the DMGR server
- Enables Application Security
- Creates a 'wpsadmins' group in the default file repository
- Adds your administrative user to the 'wpsadmins' group.
- Increases the soap timeout in the soap.client.props file.
IMPORTANT: If you created a Deployment Manager profile locally using the IIM
feature during Portal installation, then the DMGR profile is already augmented. You
do not need to follow steps 10 and 11 in this case.
10. From a terminal window on your DMGR server, change directories to <DMGR
AppServer root>/bin
11. Execute the following command to augment the DMGR profile:
./manageprofiles.sh -augment -templatePath <DMGR AppServer
root>/profileTemplates/management.portal.augment -profileName
<dmgr_profile_name>
Where <DMGR AppServer root> is the root path of AppServer on your DMGR server,
and <dmgr_profile_name> is the name of your Deployment Manager profile, Dmgr01
for example.
12. Start the Deployment Manager from <DMGR profile root>/bin directory:
./startManager.sh
13. Launch the Deployment Manager administrative console and login. Default port is
9060:
http://mydmgr.ibm.com:9060/ibm/console
44
14. Navigate to Security → Global Security
15. Under 'User Account Repository', click 'Configure':
45
16. In the 'Primary administrative user name' field, change this value to the full
distinguished name of the user using the following format:
uid=<user id>,o=defaultWIMFileBasedRealm
In my example, my user ID is “wpsadmin”, therefore my full distinguished name will be:
uid=wpsadmin,o=defaultWIMFileBasedRealm
NOTE: This change will help prevent user ID conflicts when we add the federated
LDAP.
17. Before saving, enter the administrative user password, then click Save to save
changes.
18. Restart the deployment manager for the changes to take effect.
At this point, your deployment manager is configured and ready for Portal federation.
IMPORTANT: This cluster guide uses the out of the box file repository for the security
configuration to set up the cluster. If your Portal server is configured for a different type of
security (such as an LDAP), then you must configure your Deployment Manager to use the
exact same user repository as your Portal node. Once the Portal node is added to the
Deployment Manager's cell, it will begin using the Deployment Manager's user repository. If
your Portal is configured for an LDAP and your DMGR is not, then your Portal will not function
after adding it to the DMGR. If you need to configure your DMGR for LDAP security, please
do so now. This guide does not cover enabling the DMGR for LDAP at this stage of the
cluster creation process.
We will configure the cluster to use an LDAP repository in a later section of this guide.
46
6 – Federate the Primary Node
The next step is to federate the WebSphere Portal node. In this section, we will add the
primary Portal node to the Deployment Manager cell.
1. Ensure the time on your Portal primary node is within 5 minutes of the time on your
Deployment Manager (DMGR). Failure to do so will cause the addNode process to
fail.
2. Ensure the DMGR is started. On the DMGR server, execute the following command
from the <dmgr_profile>/bin directory:
./startManager.sh
3. Stop WebSphere_Portal on the primary node by executing the following commands
from the <wp_profile root>/bin directory:
./stopServer.sh WebSphere_Portal -user <WAS user> -password <WAS pwd>
4. Execute the following command from the <wp_profile root>/bin to add the Portal node
to the DMGR cell :
./addNode.sh <dmgr_hostname> <dmgr soap port> -username <dmgr admin ID>
-password <dmgr user password> -includeapps
For example:
./addNode.sh mydmgr.ibm.com 8879 -username wpadmin -password wppassword
-includeapps
NOTE: If you are not sure what your DMGR's soap port is, you can obtain it by logging
into the DMGR and navigating to System Administration → Deployment Manager →
Ports.
IMPORTANT: If the addNode script fails for any reason, you must complete the
following steps before running addNode again:
a) Remove the node from the DMGR cell in case AddNode successfully completed
that step before failing.
b) Login to the DMGR and do the following (these may not exist, depending on
where the failure occurred):
i. Remove all Enterprise applications
ii. Remove the WebSphere_Portal server definition
iii. Remove the JDBC Provider information for WebSphere_Portal
47
5. Stop the deployment manager by issuing the following command from the <dmgr
profile>/bin directory:
./stopManager.sh -user <WAS user> -password <WAS pwd>
6. Start the deployment manager by issuing the following command from the <dmgr
profile root>/bin directory:
./startManager.sh
At this point, your WebSphere Portal server has been federated to the Deployment Manager.
It is not yet in a cluster. It has also inherited the Deployment Manager's security
configuration.
Running Portal in a federated-only environment is not officially supported by IBM, so next we
must build a cluster.
48
7 – Creating the Dynamic Cluster
In this section, we will create the dynamic cluster using the primary node we just federated to
the deployment manager. After you complete this section, you will have a fully functional
one-node dynamic cluster.
1. On the primary node, edit the <wp_profile>/ConfigEngine/properties/wkplc.properties
file and ensure all of the following properties are set appropriately for your
environment:
WasUserid=<DMGR admin user ID>
WasPassword=<DMGR admin password>
PortalAdminPwd=<password>
WasRemoteHostName=<fully qualified hostname of DMGR>
WasSoapPort=<soap port for DMGR; default is 8879>
ServerName=WebSphere_Portal
PrimaryNode=true
ClusterName=PortalCluster
NOTE: For the primary node, you must leave ServerName as WebSphere_Portal. Do
not change it to any other value.
2. Edit <wp_profile>/ConfigEngine/properties/wkplc_dbdomain.properties and ensure all
database user IDs and passwords are accurate.
3. Update the deployment manager configuration for the new WebSphere Portal server
by executing the following ConfigEngine script:
./ConfigEngine.sh cluster-node-config-post-federation
-DWasPassword=<password>
49
4.
5.
Log into the Deployment Manager administrative console.
Navigate to Servers → Server Types → WebSphere Application Servers →
WebSphere_Portal → Ports
6. On the Ports page, check to see if OVERLAY_TCP_LISTENER_ADDRESS exists. If
it does not, click New.
7. Set the following options:
- Select the radio button for “User-defined Port” and give it the following name:
OVERLAY_TCP_LISTENER_ADDRESS
- For Host, use *
- For Port, use any unique port to the environment.
50
8. Click OK and Save changes.
9. Still on the Ports page, check to see if OVERLAY_UDP_LISTENER_ADDRESS exists.
If it does not, click New again.
10. Set the following options:
- Select the radio button for “User-defined Port” and give it the following name:
OVERLAY_UDP_LISTENER_ADDRESS
- For Host, use *
- For Port, use any unique port to the environment.
11. Navigate to System Administration → Node Groups
12. Click New.
51
13. In the “Name” field, type in any name you'd like, for example “PortalNodeGroup”. You
may add a description too if you'd like. Click OK.
14. Save all changes.
15. Still on the Node Groups page, click the link for your newly created Node Group.
16. Click Node Group Members.
17. Click Add.
52
18. Check the box next to your primary node name, and click Add.
19. Save all changes.
20. Still in the Deployment Manager administrative console, navigate to Servers →
Clusters → Dynamic Clusters
21. Click New.
53
22. From the Server Type drop-down menu, select WebSphere Application Server and
click Next.
23. Select the radio button 'Automatically define cluster members with rules' and type in
the name of the Dynamic Cluster. This should be the same value you set for
ClusterName in wkplc.properties. For example, PortalCluster. Click Next.
Note: You do not need to check the “Create a replication domain for this cluster”
option. This will be created later by the ConfigEngine script 'cluster-node-configdynamic-cluster-setup”.
54
24. On the “Define dynamic cluster members screen”, remove the default text that
appears in the Membership Policy field, then click Subexpression builder.
25. In the window that pops up, set all of the following:
Logical Operator = and
Select operand = Nodegroup
Operator = Equals (=)
Value = <The node group you created earlier>
then click Generate subexpression. This will automatically populate the
Subexpression field.
55
26. Click Append.
27. Click Close to close the Subexpression builder window.
28. Click Next to continue with the dynamic cluster setup.
29. Click the 'Create the cluster member with an existing server as a template” radio
button and select WebSphere_Portal from the drop down list. Click Next.
56
30. On the next screen, you can configure rules for how the dynamic cluster will manage
your cluster members. This includes the following options:
Minimum number of cluster instances – Set this to indicate the minimum number of
cluster members that should be running at any given time in this cluster.
Maximum number of cluster instances – Set this to indicate the maximum number
of cluster members that should be running at any given time in this cluster.
Vertical stacking of instances on a node – Set this to allow the dynamic cluster to
start more than one vertical cluster member on the node. A vertical cluster member is
any additional cluster member that exists on the same node as your main cluster
member (WebSphere_Portal in this case). Checking this option will automatically
generate vertical cluster members. I left this unchecked but you can certainly do
this now if you would like. See Appendix B-2 for full instructions for creating vertical
cluster members.
Isolation preference – Set this if you have more than one dynamic cluster running on
a single node and want to restrict the number of clusters running on a node at any
given time.
For the purposes of this guide, I am leaving all of the defaults. You can change these
settings after cluster creation if you need to. Refer to Appendix B-3 for instructions on
how to do this. Click Next.
57
31. Click Finish to build the dynamic cluster.
32. Save all changes.
33. Still logged in to the DMGR, navigate to Servers → Clusters → Dynamic Clusters
→ <your Cluster> → Dynamic Cluster Members.
Note the name of the member. This will be your new WebSphere_Portal server.
We will be using this name in the next couple of steps. In my case, the server name is
“PortalCluster_wp8Node1”.
NOTE: You may notice that the original WebSphere_Portal server still exists, but is not
part of the cluster. With static clusters, the WebSphere_Portal server is moved into the
cluster. With dynamic clusters however, the server is NOT moved. Instead a new
server is created based on a template of the server you specify during cluster creation.
At this point, the cluster is created, but it has not been configured with WebSphere
Portal yet.
58
34. Navigate to Servers → Server Types → WebSphere Application Servers → <your
new cluster member> → Ports
Note the value for WC_defaulthost. This is the new port you will eventually use to
access the WebSphere Portal server.
35. Log out of the DMGR.
36. On the primary node, edit the <wp_profile>/ConfigEngine/properties/wkplc.properties
file and update the ServerName property with the new server name of the cluster
member. In my case this is PortalCluster_wp8Node1, so I set:
ServerName=PortalCluster_wp8Node1
37. From the <wp_profile>/ConfigEngine directory, execute the following ConfigEngine
command to configure the dynamic cluster for WebSphere Portal:
./ConfigEngine.sh cluster-node-config-dynamic-cluster-setup
-DWasPassword=<yourpassword>
59
38. IMPORTANT. If you already had LDAP security enabled in the DMGR before
federating the WebSphere Portal node, you need to update the WebSphere Portal
configuration to recognize a valid user ID and a valid group ID for the environment.
From the <wp_profile root>/ConfigEngine directory, execute the following command:
./ConfigEngine.sh wp-change-portal-admin-user -DnewAdminId=<full DN of the
new Portal Admin ID> -DnewAdminPw=<newPwd> -DnewAdminGroupId=<full DN of the
new group ID>
Synchronize the node after this step completes.
39. Stop and start the new Portal cluster member by executing the following commands
from the <wp_profile>/bin directory:
./stopServer.sh <new cluster member> -user <WAS user> -password <WAS
password>
./startServer.sh <new cluster member>
For example, my commands were:
./stopServer.sh PortalCluster_wp8Node1 -user wpsadmin -password wpsadmin
./startServer.sh PortalCluster_wp8Node1
40. Now you should be able to access your new cluster member in a web browser.
Remember to use the new port we got from earlier in this section. In my case, it is
10050:
http://myprimarynode.ibm.com:10050/wps/portal
At this point, you have successfully created a one node dynamic cluster using a remote
database. Remember the following points:
•
A new server was created based on the name of your cluster and node. You will use this
going forward instead of “WebSphere_Portal”
•
A new port will be used to access the new Portal server.
•
The 'WebSphere_Portal' server still exists in the configuration, but will no longer be used.
You can delete the original WebSphere_Portal server at this point if you'd like, it will not
be used again.
60
8 – Configure the Portal Cluster for Federated LDAP Security
This section covers adding a federated LDAP Server to the cluster's security configuration.
For more details about LDAP/Security configuration, please refer to the Product
Documentation:
http://www10.lotus.com/ldd/portalwiki.nsf/dx/Configuring_WebSphere_Portal_to_use_a_user_registry_o
n_Linux_in_a_clustered_environment_wp8
In this guide, we will configure security in our cluster to a non-SSL federated ldap server using
IBM Tivoli Directory Server v6.3.
1. From the primary node, edit the wp_add_federated_ids.properties file in the
<wp_profile>/ConfigEngine/config/helpers directory.
NOTE: Helper files for other LDAP types exist in this directory as well.
2. Modify the following properties in this helper file to match your LDAP configuration.
The values used in this guide are listed below:
federated.ldap.id=PortalLdap
federated.ldap.host=myldapserver.ibm.com
federated.ldap.port=389
federated.ldap.bindDN=uid=wpbind,cn=users,dc=ibm,dc=com
federated.ldap.bindPassword=wpbind
federated.ldap.ldapServerType=IDS
federated.ldap.baseDN=dc=ibm,dc=com
NOTE: The remaining properties were left as the default values for the purposes of this
guide. If you need to modify these to suit your environment, please do so and refer to
the Product Documentation link above as needed.
NOTE: If your LDAP supports a membership attribute, such as ibm-allGroups for IBM
Tivoli Directory Server, fill in one additional property as follows:
federated.ldap.gc.name=ibm-allGroups
Not all LDAPs support a membership attribute. This is an optional parameter, but one
that can offer a significant performance enhancement if available in your LDAP. Check
with your LDAP administrator to determine if your LDAP supports a membership
attribute.
61
3. From a terminal window, change directories to the <wp_profile>/ConfigEngine directory
and execute the following ConfigEngine script to validate the properties:
./ConfigEngine.sh validate-federated-ldap
-DparentProperties=<wp_profile>/ConfigEngine/config/helpers/wp_add_federated_
ids.properties -DSaveParentProperties=true -DWasPassword=<password>
NOTE: By using the
-DparentProperties=<wp_profile>/ConfigEngine/config/helpers/wp_add_federated_
ids.properties -DSaveParentProperties=true flags, ConfigEngine will automatically
save the properties from the helper file into the wkplc.properties file.
4. Execute the following ConfigEngine script to add the federated LDAP to the cluster
security configuration:
./ConfigEngine.sh wp-create-ldap -DWasPassword=<current password>
NOTE: This script does not remove or replace the out-of-the-box file user registry.
Instead, it adds the ldap to the security configuration, so that both it and the file user
registry are in use. Your Portal Administrator User ID, Portal Administrator Group ID
and WAS User ID are still in the default out-of-the-box file user registry.
5. Restart the DMGR, the nodeagent on the primary node, and the WebSphere_Portal
server on the primary node.
6. IMPORTANT: If you happen to have a user in your ldap that shares the same
shortname as your current Portal/WAS Administrator from the out-of-the-box-file
registry, you will need to execute the following ConfigEngine script before proceeding
with the remaining steps:
./ConfigEngine.sh wp-modify-realm-enable-dn-login -DWasPassword=<password>
Failure to run this script now can cause authentication problems for the remainder of
these steps. Again this is only needed if you have duplicated shortname IDs.
For example, your original ID is:
uid=wpadmin,o=defaultWIMFileBasedRealm
and you have another 'wpadmin' ID in your LDAP:
uid=wpadmin,o=users,dc=mycompany,dc=com
If you try to login to Portal, you will be unable to login to Portal using the shortname.
This will only be temporary and will be corrected at the end of these steps.
62
7. Execute the following ConfigEngine script to verify that all defined attributes are
available in your newly added ldap:
./ConfigEngine.sh wp-validate-federated-ldap-attribute-config
-DWasPassword=<current password>
NOTE: To manage the attributes, please refer to the following documentation:
http://www10.lotus.com/ldd/portalwiki.nsf/dx/Linux_cluster_Adapting_the_attribute_configuration_
wp8
8. At this stage, your WebSphere Portal environment is using two user repositories: the
out-of-the-box file registry, and the newly configured LDAP user registry. The
WebSphere Application Server Administrator ID, the Portal Administrator User ID, and
the Portal Administrator Group ID, are all configured for the file registry.
Execute the following ConfigEngine script to reassign the WebSphere Application
Server ID as a user within your LDAP:
./ConfigEngine.sh wp-change-was-admin-user -DWasPassword=<current password>
-DnewAdminId=<full distinguished name from ldap> -DnewAdminPw=<ldap ID
password>
For example, this is the exact command I executed:
./ConfigEngine.sh wp-change-was-admin-user -DWasPassword=wpadmin
-DnewAdminId=uid=wpadmin,cn=users,dc=ibm,dc=com -DnewAdminPw=wpadmin
NOTE: If the full distinguished name of your user has a space in it, then add the
'newAdminId' and 'newAdminPw' values to your wkplc.properties file instead of passing
them through the command line.
NOTE: After running this script, the WasUserid value in wkplc.properties will be
updated to reflect the new WAS User ID you specified for “newAdminId”.
63
9. Restart the DMGR, NodeAgent and WebSphere_Portal server for the change to take
effect.
NOTE: When you stop these servers, you will need to pass in the user ID/pwd of the
original WAS admin user. The new user will not take effect until the servers have been
restarted.
NOTE: If you ran the 'wp-modify-realm-enable-dn-login' script, then you will be
required to pass in the full distinguished name of the WAS admin user (since the
servers are now using it) in order for authentication to succeed. For example:
./stopManager.sh -user uid=wpadmin,o=defaultWIMFileBasedRealm -password
<password>
After the servers are restarted, the WasUserid and WasPassword will be the ldap user.
10. Execute the following ConfigEngine script to reassign the WebSphere Portal
Administrator ID and Group ID to a user and group within your LDAP:
./ConfigEngine.sh wp-change-portal-admin-user -DWasPassword=<password>
-DnewAdminId=<full distinguished name from ldap> -DnewAdminPw=<ldap ID
password> -DnewAdminGroupId=<full distinguished name from ldap>
For example, this is the exact command I executed:
./ConfigEngine.sh wp-change-portal-admin-user -DWasPassword=wpadmin
-DnewAdminId=uid=wpadmin,cn=users,dc=ibm,dc=com -DnewAdminPw=wpadmin
-DnewAdminGroupId=cn=wpadmins,cn=groups,dc=ibm,dc=com
NOTE: If the full distinguished name of your user has a space in it, then add the
'newAdminId', 'newAdminPw', and 'newAdminGroupId' values to your wkplc.properties
file instead of passing them through the command line.
NOTE: After running this script, the PortalAdminId value in wkplc.properties will be
automatically updated to reflect the ID value specified for 'newAdminId' and the
PortalAdminGroupId value will be automatically updated to reflect the
'newAdminGroupId'.
64
11. Restart the Deployment Manager, nodeagent, and WebSphere_Portal server on the
primary node.
NOTE: At this point, your WasUserid, WasPassword, PortalAdminId, PortalAdminPwd,
and PortalAdminGroupId values will be your ldap user and group values.
NOTE: If you ran the 'wp-modify-realm-enable-dn-login' script, then you will be
required to pass in the full distinguished name of the new LDAP WAS admin user
(since the servers are now using it) in order for authentication to succeed. For
example:
./stopManager.sh -user uid=wpadmin,cn=users,dc=ibm,dc=com -password
<password>
12. Execute the following ConfigEngine script to list the current user repositories:
./ConfigEngine.sh wp-query-repository -DWasPassword=<password>
You should see output similar to this:
[wplc-query-federated-repository] Existing Federated Repositories
[wplc-query-federated-repository] Repository Name : {Details}
[wplc-query-federated-repository] *******************************
[wplc-query-federated-repository] InternalFileRepository :
{repositoryType=File, host=LocalHost}
[wplc-query-federated-repository] PortalLdap : {repositoryType=LDAP,
specificRepositoryType=IDS, host=myldapserver.ibm.com}
[wplc-query-federated-repository] Status = Complete
In this example, I have two repositories:
InternalFileRepository – The default file user registry
PortalLdap – The newly added federated ldap
13. In the next steps, we will remove the default file user registry. This is required for
production environments. While optional for other environments, it is strongly
recommended you remove the file user registry anyway.
First, we need to ensure that new users and groups are created in your LDAP.
Edit the wkplc.properites file in <wp_profile root>/ConfigEngine/properties and set the
following values (these examples are from my own environment. Ensure you use
values that match your LDAP environment):
personAccountParent=cn=users,dc=ibm,dc=com
groupParent=cn=groups,dc=ibm,dc=com
personAccountRdnProperties=uid
groupRdnProperties=cn
65
14. Execute the following ConfigEngine script to ensure that new users and groups are
created in your LDAP:
./ConfigEngine.sh wp-set-entitytypes -DWasPassword=<password>
15. Edit wkplc.properties again and set the following properties:
federated.delete.baseentry=o=defaultWIMFileBasedRealm
federated.delete.id=InternalFileRepository
16. Execute the following ConfigEngine script to remove the default file repository:
./ConfigEngine.sh wp-delete-repository -DWasPassword=<password>
17. If you executed the 'wp-modify-realm-enable-dn-login' script earlier, run the following
ConfigEngine script to disable it and allow shortname logins to be functional again:
./ConfigEngine.sh wp-modify-realm-disable-dn-login -DWasPassword=<password>
18. Stop the NodeAgent and WebSphere_Portal server on this node.
19. Ensure the node is synchronized by executing the following command from the
wp_profile/bin directory:
./syncNode.sh <dmgr hostname> <dmgr soap port> -user <WAS admin ID> -password
<WAS admin password>
For example:
./syncNode.sh mydmgr.ibm.com 8879 -user wpadmin -password wppassword
20. Restart the DMGR, NodeAgent, and WebSphere Portal servers.
At this point, you have completed building a single node cluster using a remote
database and federated LDAP server.
66
9 – Install IBM WebSphere Portal on an additional node
In this section, you will install the IBM Installation Manager, WebSphere Application Server,
and WebSphere Portal on the server you intend to use as an additional Portal node.
Before installing WebSphere Portal, please ensure you review the Planning documentation:
http://www-10.lotus.com/ldd/portalwiki.nsf/dx/Planning_to_install_WebSphere_Portal_wp8
In this guide, the installation was completed as the 'root' user using installation images on a
network drive.
BEFORE YOU BEGIN: We will be installing WebSphere Application Server 8.5.5 and
WebSphere Portal Enable v8.0.0.1 CF7 in this section. You need to have access to the
following repositories for use with IBM Installation Manager:
•
WebSphere Application Server v8.5.5
•
IBM WebSphere SDK Java Technology Edition V7.0 (bundled with WAS v8.5.5)
•
WebSphere Portal Server v8.0.0.0 (Including the Setup and Portal media files)
•
Optional: WebSphere Portal <Offering> v8.0.0.0, where Offering is Enable, Extend, etc.
•
WebSphere Portal Server v8.0.0.1 fixpack
•
WebSphere Portal <Offering> v8.0.0.1 fixpack
•
WebSphere Portal Server v8.0.0.1 Cumulative Fix 7
NOTE: If you have downloaded the Portal media from Passport Advantage, refer to
Appendix B-4 for instructions on how to properly extract the downloaded images.
1. Open a terminal window and enter:
ping yourserver.yourcompany.com
where yourserver.yourcompany.com is your actual fully qualified hostname.
2. In the same terminal window, enter:
ping localhost
to verify the “localhost” network settings are configured properly on your machine.
67
3. Linux/UNIX environments only. Ensure ulimit -n is set to 10240 or higher.
ulimit -n 10240
4. Download IBM Installation Manager 1.6.2 (IIM) from the following link:
http://www-01.ibm.com/support/docview.wss?uid=swg24033586
Download whichever package is applicable to your environment. In my case, I am
running on a 64-bit Linux platform, so I downloaded "agent.installer.linux.gtk.x86_64".
5. Copy the downloaded file to your primary Portal server if needed.
6. Extract the contents of the downloaded IIM zip file into a temporary directory.
7. Launch the IIM installer by executing the following command from within the temp
directory:
./install
8. You will see the following screen. Click Next.
68
9. Accept the license agreement and click Next.
10. Select the directory you wish to install IIM to and click Next.
11. Click Install to install IIM v.1.6.2.
12. When the installation completes, click Restart Installation Manager.
13. When IIM relauches, select File → Preferences → Repositories
69
14. Add the repositories for the following packages:
- WebSphere Application Server 8.5.5
- IBM WebSphere SDK Java Technology Edition V7.0
Note: If you are using Passport Advantage, then you will not need to add this
repository.
15. Click OK to close the preferences.
16. From the main IIM screen, click Install.
70
17. Select WebSphere Application Server Network Deployment v8.5.5 and IBM
WebSphere SDK Java Technology Edition. Click Next.
NOTE: If you are using Passport Advantage, you may see many editions of
WebSphere Application Server to install. Ensure you select “WebSphere Application
Server Network Deployment”. Otherwise, the Portal installation may not recognize
the WAS installation as valid.
18. Accept the license agreement and click Next.
19. Select a location for the IMShared directory and click Next.
71
20. Select an installation directory for WebSphere Application Server, then click Next.
21. Select any translations you might want, and click Next.
72
22. Do NOT change any features. Click Next.
NOTE: We will configure for Java 7 after the WebSphere Application Server
installation completes.
23. Click Install to being installing WebSphere Application Server V8.5.5.
24. When the installation completes, select the radio button for None. We will create a
profile after WebSphere Portal is installed. Click Finish to exit the installer.
25. You should be taken back to the IIM home screen. Leave this window open for now.
73
Next we must configure WebSphere Application Server to create profiles using Java 7.
26. Open a terminal window and change directories to the <AppServer root>/bin directory.
27. Execute the following commands, depending on your bit architecture:
64-bit:
./managesdk.sh -setCommandDefault -sdkName 1.7_64
./managesdk.sh -setNewProfileDefault -sdkName 1.7_64
32-bit
./managesdk.sh -setCommandDefault -sdkName 1.7_32
./managesdk.sh -setNewProfileDefault -sdkName 1.7_32
28. Back on the IIM Home screen, go to File → Preferences → Repositories.
29. Add the repositories for all of the following packages:
- WebSphere Portal v8.0.0.0 (<Setup>/eimage/repository.config)
- WebSphere Portal Server v8.0.0.1
- WebSphere Portal <Offering> v8.0.0.1 (where Offering is Enable, Extend, etc).
Note: You can add the Portal v8001CF7 repository now if you'd like, however we
cannot install it with the base Portal product. It has to be applied after initial installation
completes.
Note: If you are using Passport Advantage, then you will not need to add these
repositories.
74
30. Click OK to close the preferences.
31. From the main IIM screen, click Install.
32. Select WebSphere Portal Server v8.0.0.1, and if you have a Portal Offering (like
Extend in my case), then select it as well:
NOTE: If you added the Portal v8000 Setup repository like I did, then you will see
WebSphere Application Server v8.0.0.3 in your list. Do NOT select it for this
installation.
NOTE: If you added a Portal Cumulative Fix to your list of repositories, do NOT select
it at this time. It is not possible to install a cumulative fix until AFTER the base product
is installed.
33. Accept the license agreement and click Next.
75
34. Select an installation directory for WebSphere Portal and click Next.
35. On the features screen, expand “IBM WebSphere Portal Server 8.0.0.1” and review
the features to be installed. De-select the 'Portal Server Profile' feature. We will
create a Portal profile later. Click Next.
76
36. On the next screen, select the existing WAS v8.5.5 installation and click Next.
37. On the summay screen, click Install to launch the installation process.
IMPORTANT: Double check the features to be installed and ensure that Portal Server
Profile is NOT listed. If it is, go back and remove the feature.
38. Once the installation completes, click the radio button for None and click Finish to
exit the installer.
77
You should be taken back to the main screen for IBM Installation Manager. Now we
need to upgrade WebSphere Portal v8001 to v8001CF7.
39. Go to File → Preferences → Repositories and add the repository for CF7, then click
OK:
NOTE: You can remove the other repositories if you'd like, we won't need them.
NOTE: If you leave the “Search service repositories during installation” box checked,
then IIM will automatically attempt to connect to Fix Central to find the latest cumulative
fixes. Use this if your server has an internet connection and you want to get the latest
Portal cumulative fix, but haven't downloaded it yet.
40. On the main IIM screen, click Update.
41. Select IBM WebSphere Portal in the list of packages and click Next.
78
42. On the packages screen, your results here may vary depending on whether you're
using Passport Advantage, the Live Service Repositories or downloaded media, but
ensure you select 8.0.0.1 CF7 or higher (if anything higher than CF7 is available),
then click Next..
43. Accept the license agreement and click Next.
44. The next screen will show you the existing features for the WebSphere Portal
package. Do not change anything here. Click Next.
79
45. You will be prompted for whether or not you have a local DMGR on the system. At this
stage of the cluster setup process, we do not, so select No and click Next.
46. On the Credentials screen, we do not yet have a profile so there are no credentials to
validate. Click Next.
80
47. Click Update to begin the upgrade process.
48. When the upgrade finishes, click Finish and exit IBM Installation Manager.
49. Copy <PortalServer root>/profileTemplates/profileTemplates.zip from the Primary
Portal node to the newly created <PortalServer root>/profileTemplates directory on the
additional node.
NOTE: If you are using a non-root user, give this user temporary write access to the
PortalServer directory.
50. Unzip the profileTemplates.zip file into the <PortalServer root>/profileTemplates
directory on the additional node. Overwrite any duplicated files.
51. Update permissions on the profileTemplates directory by running the following
command from the <PortalServer root> directory:
chmod 755 -R profileTemplates
NOTE: The 'chmod' command is only needed for Linux/Unix environments. It does
not apply to Windows.
52. From the <PortalServer root>/profileTemplates directory, execute the following
command:
./installPortalTemplates.sh <AppServer root>
where <AppServer root> is the WebSphere Application Server root path on your
system. For example:
./installPortalTemplates.sh /opt/IBM/WebSphere/AppServer
81
53. On the WebSphere Portal additional node, execute the following command from the
<AppServer root>/bin/ directory to create the WebSphere Portal profile on this node:
./manageprofiles.sh -create -templatePath <PortalServer
root>/profileTemplates/managed.portal -profileName <my_portal_profile>
-profilePath <full path to profile> -cellName <cell_name> -nodeName
<node_name> -hostName <hostname>
For example, if I wanted to create a profile called wp_profile with a cell name of
wp8Node2Cell and a nodename of wp8Node2, I would run this command:
./manageprofiles.sh -create -templatePath
/opt/IBM/WebSphere/PortalServer/profileTemplates/managed.portal -profileName
wp_profile -profilePath /opt/IBM/WebSphere/wp_profile -cellName wp8Node2Cell
-nodeName wp8Node2 -hostName mysecondaryportal.ibm.com
NOTE: Do NOT use the same node name as your primary node or any other node
that may already be part of the DMGR cell. You will be unable to add this node to the
DMGR cell if the node names are identical.
NOTE: Do NOT use the same cell name as the DMGR cell.
IMPORTANT: Do NOT use the manageprofiles option to Federate the profile now.
This results in an unusable Portal profile.
NOTE: A WebSphere_Portal server will NOT be created during the profile creation.
The WebSphere_Portal server will be created after the node is added to the existing
cluster.
54. After creating the profile, edit the <PortalServer root>/wps.properties file on the
system and add the ProfileName and ProfileDirectory properties to this file:
ProfileName=<your profile name>
ProfileDirectory=<your profile directory including the profile name>
For example:
ProfileName=wp_profile
ProfileDirectory=/opt/IBM/WebSphere/wp_profile
NOTE: You may need to temporarily give the OS user write access to this file.
NOTE: For reference, you can compare this file to the same file on your primary node,
but do NOT copy the file from the primary node.
82
55. If you did NOT place your database drivers in the wp_profile/PortalServer directory on
your primary node BEFORE running the 'enable-profiles' script there, or if you are
using Type 2 drivers, copy the database drivers to the new Portal node.
At this point, you have successfully installed WebSphere Application Server v8.5.5,
WebSphere Portal v8.0.0.1, and upgraded WebSphere Portal to v8.0.0.1 CF7 on an
additional node.
A Portal profile was manually created on the node, but it does not contain a
WebSphere_Portal server so it is not yet functional.
83
10 – Federate and Cluster an Additional Portal node
This section covers adding the additional node to the Deployment Manager cell and adding a
new WebSphere_Portal server as a horizontal dynamic cluster member to the previously
created dynamic cluster. Once this section is completed, you will have a functional two-node
horizontal dynamic cluster using the federated LDAP security.
1. Ensure the Deployment Manager is started by running this command from the
<dmgr_profile root>/bin directory:
./startManager.sh
2. Ensure that the time on the Deployment Manager server and the time on the additional
Portal node server are no more than 5 minutes apart.
3. From the <wp_profile root>/bin directory, execute the following command:
./addNode.sh <dmgr_hostname> <dmgr soap port> -username <dmgr admin ID>
-password <dmgr user password>
For example:
./addNode.sh mydmgr.company.com 8879 -username wpadmin -password wppassword
4. Edit the wkplc.properties file in the <wp_profile root>/ConfigEngine/properties directory
and ensure all of the following properties are set:
WasUserid=<DMGR admin user ID>
WasPassword=<DMGR admin password>
PortalAdminPwd=<password>
WasRemoteHostName=<fully qualified hostname of DMGR>
WasSoapPort=<soap port for DMGR; default is 8879>
PrimaryNode=false
ClusterName=PortalCluster
NOTE: Ensure ClusterName matches the value of the existing cluster.
IMPORTANT: Do not forget to set PrimaryNode=false.
5. Edit the wkplc_dbdomain.properties file in the <wp_profile
root>/ConfigEngine/properties directory and ensure that the database password values
are all set correctly.
NOTE: This file should be pre-populated with your database information from running
the 'enable-profiles' script on the primary node earlier.
84
6. Edit the wkplc_dbtype.properties file in the <wp_profile root>/ConfigEngine/properties
directory and ensure that the <dbType>.DbLibrary value is valid for this system.
7. To confirm the database properties are set up correctly on this node, execute the
following ConfigEngine script from the <wp_profile>/ConfigEngine directory:
./ConfigEngine.sh validate-database -DWasPassword=<password>
8. Ensure the NodeAgent is started on this node by running the following command from
the <wp_profile>/bin directory:
./startNode.sh
9. Execute the following ConfigEngine script from the <wp_profile root>/ConfigEngine
directory:
./ConfigEngine.sh cluster-node-config-post-federation
-DWasPassword=<password>
10. Log in to the Deployment Manager administative console.
11. Navigate to System Administration → Node Groups
12. Click the name of your NodeGroup and click Node Group Members.
85
13. Click Add.
14. Check the box next to your new node and click Add.
NOTE: This action creates a new server that is automatically added to your dynamic
cluster.
15. Save all of your changes.
86
16. Navigate to Servers → Server Types → WebSphere Application Servers and note
the name of your server. In my case, it is PortalCluster_wp8Node2.
17. Click the name of your new server and and expand the Ports section. Note the value
of WC_defaulthost. This the port you will use to access the new Portal server.
NOTE: Do not attempt to access the Portal server just yet. We have not finished
configuring it for the dynamic cluster.
87
18. Log out of the deployment manager.
19. Back on your additional node, change directories to the <wp_profile
root>/ConfigEngine/properites directory and edit wkplc.properties.
20. Set ServerName to the new cluster member name. In my case, it is
PortalCluster_wp8Node2, so I set:
ServerName=PortalCluster_wp8Node2
21. From the <wp_profile root>/ConfigEngine directory, execute the following command
to complete the configuration for the additional dynamic cluster member:
./ConfigEngine.sh dynamic-cluster-setup-additional -DWasPassword=<password>
22. From the <wp_profile root>/bin directory, execute the following commands to restart
the new cluster member:
./stopServer.sh <new cluster member> -user <WAS user> -password <WAS
password>
./startServer.sh <new cluster member>
For example, in my case my new cluster member is "PortalCluster_wp8Node2":
./stopServer.sh PortalCluster_wp8Node2 -user <WAS user> -password <WAS
password>
./startServer.sh PortalCluster_wp8Node2
23. Verify you can access the new cluster member in a web browser using the port we
identified earlier:
http://mysecondaryserver.ibm.com:10050/wps/portal
At this point, you have successfully created a two-node dynamic cluster. The cluster uses a
remote database and is configured with federated ldap security.
88
11 – Create the On Demand Router
This section is OPTIONAL. In this section, we will create an On Demand Router (ODR) to
manage requests to the dynamic cluster members. This can be used as an alternative to a
Web Server, or it can be used in conjuction with a web server if you wish.
For more information about ODR, please refer to the WebSphere Application Server 8.5
Information Center here:
http://pic.dhe.ibm.com/infocenter/wasinfo/v8r5/index.jsp?topic=
%2Fcom.ibm.websphere.wve.doc%2Fae%2Ftwve_odr.html
1. Log in to your Deployment Manager
2. Navigate to Servers → Server Types → On Demand Routers
3. Click New.
4. Select an existing node and create a server name for the On Demand Router. Click
Next.
89
5. Select the supported protocols you'd like for your environment.
IMPORTANT: WebSphere Application Server does not recommend SIP ports for
production environments that require high availability. Because of this, I have
unchecked SIP ports.
If you require SIP High Availability, you should consider configuring a SIP proxy server
instead. See the WAS Information Center for more information here:
http://pic.dhe.ibm.com/infocenter/wasinfo/v8r5/index.jsp?topic=
%2Fcom.ibm.websphere.nd.multiplatform.doc%2Fae%2Ftjpx_setupps.html
NOTE: I have unchecked Generate Unique Ports. The ODR listens on port 80 by
default but if Generate Unique Ports is left checked, this may change to 81, 82, etc. If
that happens, you then have to add an entry to the "Default Host" virtual hosts for that
port.
6. On the next screen, select the default ODR template and click Next.
7. Click Finish to create the ODR and Save all changes.
90
8. Navigate to Servers → Server Types → On Demand Routers → <Your ODR> →
Ports. Check the values of PROXY_HTTP_ADDRESS and
PROXY_HTTPS_ADDRESS. If they are not '80' and '443' respectively, then you can
either:
a) Change the values to '80' and '443'
or
b) Add the ports to Environment → Virtual Hosts → default_host.
'80' and '443' are set in default_host by default.
91
9. Navigate to System Administation → Nodes and ensure the node that you created
the ODR on has synchronized with the DMGR. If it has not, sync it now by checking
the box next to your node and clicking the Synchronize button.
10. Navigate to Servers → Server Types → On Demand Routers. Click the checkbox
next to your ODR name and click Start.
92
11. Once the ODR has started, you should be able to access your Portal cluster though it.
Access the URL:
http://myODRserver.ibm.com/wps/portal
where <myODRserver.ibm.com> is the hostname of the node where you created the
ODR.
The ODR will route incoming requests to your cluster members. It does this based on
a default rule to route incoming requests that go to the "default_host" virtual host.
For additional configuration options and more about the On Demand Router, please
visit the WebSphere Application Server v8.5 Information Center here:
http://pic.dhe.ibm.com/infocenter/wasinfo/v8r5/index.jsp?topic=
%2Fcom.ibm.websphere.wve.doc%2Fae%2Ftwve_odr.html
At this point, you have configured an On Demand Router to handle incoming requests to your
dynamic Portal cluster.
Conclusion
In this guide, you saw how to build a fully functional WebSphere Portal v8.0.0.1 CF7 dynamic
cluster running on WebSphere Application Server v8.5.5. You configured Portal to use an
external database and federated LDAP for security. You also saw how to configure an On
Demand Router to route requests to the members of your dynamic cluster.
93
12 – What to do next
After you have completed building the dynamic cluster, you may considering doing any of the
following:
•
Adding Vertical Cluster members. This is covered in Appendix B-2 of this guide.
•
Adding mulitple dynamic clusters to your cell. You can add additional WebSphere
Portal clusters to a single cell if you'd like. See the WebSphere Portal product
documentation for instructions, for example on Linux:
http://www-10.lotus.com/ldd/portalwiki.nsf/xpDocViewer.xsp?
lookupName=IBM+WebSphere+Portal+8+Product+Documentation#action=openDocume
nt&res_title=Setting_up_multiple_clusters_on_Linux_wp8&content=pdcontent
Ensure that you also understand the limitations of multiple Portal clusters in a single cell:
http://www-10.lotus.com/ldd/portalwiki.nsf/xpDocViewer.xsp?
lookupName=IBM+WebSphere+Portal+8+Product+Documentation#action=openDocume
nt&res_title=Planning_for_multiple_clusters_wp8&content=pdcontent
•
Adding features to a base installation. If you installed a Base Portal profile instead of a
Full profile, you can add any of the Full features following the instructions in the
WebSphere Portal product documentation:
http://www-10.lotus.com/ldd/portalwiki.nsf/xpDocViewer.xsp?
lookupName=IBM+WebSphere+Portal+8+Product+Documentation#action=openDocume
nt&res_title=Adding_features_to_a_base_installation_wp8&content=pdcontent
•
Adding a Web Server. To add a Web Server to the environment, refer to the WebSphere
Application Server v8.5 information center:
http://pic.dhe.ibm.com/infocenter/wasinfo/v8r5/index.jsp?topic=
%2Fcom.ibm.websphere.nd.multiplatform.doc%2Fae%2Ftwsv_plugin.html
IMPORTANT: If you configured an ODR and want to add a Web Server, you must add
the Web Server as a trusted proxy server. See the WAS v8.5 Information Center for
instructions.
http://pic.dhe.ibm.com/infocenter/wasinfo/v8r5/index.jsp?topic=
%2Fcom.ibm.websphere.wve.doc%2Fae%2Ftwve_ccgodrscen.html
94
Appendix A – Alternate Setup Paths
A-1 – Installing WebSphere Portal and Deployment Manager on the same
server
In this section, you will install the IBM Installation Manager, WebSphere Application Server,
and WebSphere Portal on the server you intend to use as your primary portal server, as well
as creating a local Deployment Manager profile.
This appendix replaces chapters 1, 4, and 5 from the main guide.
Before installing WebSphere Portal, please ensure you review the Planning documentation:
http://www-10.lotus.com/ldd/portalwiki.nsf/dx/Planning_to_install_WebSphere_Portal_wp8
In this guide, the installation was completed as the 'root' user using installation images on a
network drive.
BEFORE YOU BEGIN: We will be installing WebSphere Application Server 8.5.5 and
WebSphere Portal Enable v8.0.0.1 CF7 in this section. You need to have access to the
following repositories for use with IBM Installation Manager:
•
WebSphere Application Server v8.5.5
•
IBM WebSphere SDK Java Technology Edition V7.0 (bundled with WAS v8.5.5)
•
WebSphere Portal Server v8.0.0.0 (Including the Setup and Portal media files)
•
Optional: WebSphere Portal <Offering> v8.0.0.0, where Offering is Enable, Extend, etc.
•
WebSphere Portal Server v8.0.0.1 fixpack
•
WebSphere Portal <Offering> v8.0.0.1 fixpack
•
WebSphere Portal Server v8.0.0.1 Cumulative Fix 7
NOTE: If you have downloaded the Portal media from Passport Advantage, refer to
Appendix B-4 for instructions on how to properly extract the downloaded images.
1. Open a terminal window and enter:
ping yourserver.yourcompany.com
where yourserver.yourcompany.com is your actual fully qualified hostname.
95
2. In the same terminal window, enter:
ping localhost
to verify the “localhost” network settings are configured properly on your machine.
3. Linux/UNIX environments only. Ensure ulimit -n is set to 10240 or higher.
ulimit -n 10240
4. Download IBM Installation Manager 1.6.2 (IIM) from the following link:
http://www-01.ibm.com/support/docview.wss?uid=swg24033586
Download whichever package is applicable to your environment. In my case, I am
running on a 64-bit Linux platform, so I downloaded "agent.installer.linux.gtk.x86_64".
5. Copy the downloaded file to your primary Portal server if needed.
6. Extract the contents of the downloaded IIM zip file into a temporary directory.
7. Launch the IIM installer by executing the following command from within the temp
directory:
./install
8. You will see the following screen. Click Next.
96
9. Accept the license agreement and click Next.
10. Select the directory you wish to install IIM to and click Next.
11. Click Install to install IIM v.1.6.2.
12. When the installation completes, click Restart Installation Manager.
13. When IIM relauches, select File → Preferences → Repositories
97
14. Add the repositories for all of the following packages:
- WebSphere Application Server 8.5.5
- IBM WebSphere SDK Java Technology Edition V7.0
Note: If you are using Passport Advantage, then you will not need to add these
repositories.
15. Click OK to close the preferences.
16. From the main IIM screen, click Install.
98
17. Select WebSphere Application Server Network Deployment v8.5.5 and IBM
WebSphere SDK Java Technology Edition. Click Next.
NOTE: If you are using Passport Advantage, you may see many editions of
WebSphere Application Server to install. Ensure you select “WebSphere Application
Server Network Deployment”. Otherwise, the Portal installation may not allow you to
proceed.
18. Accept the license agreement and click Next.
19. Select a location for the IMShared directory and click Next.
99
20. Select an installation directory for WebSphere Application Server, then click Next.
21. Select any translations you might want, and click Next.
100
22. Do NOT change any featues. Click Next.
NOTE: We will configure for Java 7 after the WebSphere Application Server
installation completes.
23. Click Install to being installing WebSphere Application Server V8.5.5.
24. When the installation completes, select the radio button for None. We will create a
profile when WebSphere Portal installed. Click Finish to exit the installer.
25. You should be taken back to the IIM home screen. Leave this window open for now.
101
Next we must configure WebSphere Application Server to create profiles using Java 7.
26. Open a terminal window and change directories to the <AppServer root>/bin directory.
27. Execute the following commands, depending on your bit architecture:
64-bit:
./managesdk.sh -setCommandDefault -sdkName 1.7_64
./managesdk.sh -setNewProfileDefault -sdkName 1.7_64
32-bit
./managesdk.sh -setCommandDefault -sdkName 1.7_32
./managesdk.sh -setNewProfileDefault -sdkName 1.7_32
28. Back on the IIM Home screen, go to File → Preferences → Repositories.
29. Add the repositories for all of the following packages:
- WebSphere Portal v8.0.0.0 (<Setup>/eimage/repository.config)
- WebSphere Portal Server v8.0.0.1
- WebSphere Portal <Offering> v8.0.0.1 (where Offering is Enable, Extend, etc).
Note: You can add the Portal v8001CF7 repository now if you'd like, however we
cannot install it with the base Portal product. It has to be applied after initial installation
completes.
Note: If you are using Passport Advantage, then you will not need to add these
repositories individually.
102
30. Click OK to close the preferences.
31. From the main IIM screen, click Install.
32. Select WebSphere Portal Server v8.0.0.1, and if you have a Portal Offering (like
Extend in my case), then select it as well:
NOTE: If you added the Portal v8000 Setup repository like I did, then you will see
WebSphere Application Server v8.0.0.3 in your list. Do NOT select it for this
installation.
NOTE: If you added a Portal Cumulative Fix to your list of repositories, do NOT select
it at this time. It is not possible to install a cumulative fix until AFTER the base product
is installed.
33. Accept the license agreement and click Next.
103
34. Select an installation directory for WebSphere Portal and click Next.
35. On the features screen, expand “IBM WebSphere Portal Server 8.0.0.1” and ensure
that all features are selected, including “Deployment Manager augmented with
WebSphere Portal”. Click Next.
104
36. On the next screen, select the existing WAS v8.5.5 installation and click Next.
37. For the profile template type, choose either Full or Base, then click Next. For this
guide, I am using Base.
105
38. For Profile Configuration Details, set the Node Name, Cell Name, Administrator User
ID and Administrator User Password, and click Next.
Optional: If you select the Advanced Configuration radio button at the top of this
screen (not shown), you can also set the Context Root, Default Home, Personalized
Home, starting Port range, Profile Name, and Profile Path. For this guide, these were
all left as the defaults but you are welcome to configure these as you see fit.
106
39. On the Dmgr Profile Configuration screen, set HostName, Node Name, Cell Name,
Administrative User ID, Admnistrative Password, DMGR Profile Name and DMGR
profile Path, then click Next.
IMPORTANT: Use the exact same user ID and password that you used for the Portal
profile.
IMPORTANT: Do NOT use the same Cell Name or Node Name as your Portal profile.
Doing so will prevent you from being able to add the Portal node to the DMGR cell
later.
40. On the summay screen, click Install to launch the installation process.
41. Once the installation completes, click the radio button for None and click Finish to
exit the installer.
107
You should be taken back to the main screen for IBM Installation Manager. Now we
need to upgrade WebSphere Portal v8001 to v8001CF7. The Portal installation
leaves the WebSphere_Portal started though, so we must stop it before proceeding
with the upgrade.
42. From a terminal window, change directories to <wp_profile root>/bin and execute the
following command to stop the WebSphere_Portal server:
./stopServer.sh WebSphere_Portal -user <WAS user> -password <WAS password>
NOTE: You will use the user ID and password you set during installation.
43. Back on the main IIM screen, if you downloaded 8001CF7, go to File → Preferences
→ Repositories and add the repository for CF7, then click OK:
NOTE: You can remove the other repositories if you'd like, we won't need them.
NOTE: If you leave the “Search service repositories during installation” box checked,
then IIM will automatically attempt to connect to Fix Central to find the latest cumulative
fixes. Use this if your server has an internet connection and you want to get the latest
Portal cumulative fix, but haven't downloaded it yet.
108
44. On the main IIM screen, click Update.
45. Select IBM WebSphere Portal in the list of packages and click Next.
46. On the packages screen, your results here may vary depending on whether you're
using Passport Advantage, the Live Service Repositories or downloaded media, but
ensure you select 8.0.0.1 CF7 or higher (if anything higher than CF7 is available),
then click Next..
47. Accept the license agreement and click Next.
48. The next screen will show you the existing features for the WebSphere Portal
package. Do not change anything here. Click Next.
109
49. You will be prompted for whether or not you have a local DMGR on the system. At this
stage of the cluster setup process, we do have a local Deployment Manager, BUT this
Portal is not yet part of the cluster so select No and click Next.
50. Enter the administrator credentials for your WebSphere Application Server and
WebSphere Portal server, the click Validate Credentials.
NOTE: The validation process will take several minutes to complete. A script runs in
the background that starts the WebSphere_Portal server and runs a couple of tests
against it, then shuts the server down again.
NOTE: Use the same credentials that you set during the initial installation.
110
51. Once credential validation completes, click Next.
52. Click Update to begin the upgrade process.
53. When the upgrade finishes, click Finish and exit IBM Installation Manager.
54. Verify you can access your Portal in a web browser:
http://myprimaryportal.ibm.com:10039/wps/portal
At this point, you have successfully installed WebSphere Application Server v8.5.5,
WebSphere Portal v8.0.0.1, and upgraded WebSphere Portal to v8.0.0.1 CF7. A local
Deployment Manager was created and has been automatically augmented in preperation for
WebSphere Portal.
This appendix replaces chapters 1, 4 and 5, of the main guide.
111
A-2 – Creating a Deployment Manager profile on an existing Portal
installation
Suppose you have already installed WebSphere Portal and have decided to put the DMGR
on the same server. You could create a Deployment Manager profile manually and configure
it following Chapter 5 of this guide.
However, you can use Installation Manager to add and configure a Deployment Manager
profile at the same time. This section will cover how to do that. These instructions assume
that because you already have WebSphere Portal v8001CF7 installed, you also have
Installation Manager installed.
1. Ensure that WebSphere_Portal is stopped from the wp_profile/bin directory:
./stopServer.sh WebSphere_Portal -user <WAS user> -password <WAS password>
2. Launch IBM Installation Manager. From the <Installation Manager root>/eclipse
directory, run this command:
./IBMIM
3. When Installation Manager launches, you should see this screen:
4.
Go to File → Preferences → Repositories
112
5. Add the repository for the Portal v8.0 media if it is not already there:
Portal/repository.config
You can add the Setup, WAS, and <Offering> repositories if you'd like, but they will not
be used for this section. You also will not need the 8001 or CF7 repositories.
6. Click OK to save changes.
7. Click the 'Modify' button on the Installation Manager main screen.
8. Select the WebSphere Portal package and click Next:
113
9. On the next screen, expand 'IBM WebSphere Portal Server 8.0.0.1 CF7' and select the
checkbox for 'Deployment Manager augmented with WebSphere Portal':
NOTE: Do NOT de-select the Portal Server profile.
10. Set the DMGR hostname, nodename, cellname, user ID, password, profile name and
profile Path.
NOTE: To make things easier on you when you create your cluster, use the exact
same user ID and password that you used for the Portal installation.
NOTE: Use a unique nodename and cellname. Do NOT use the same nodename or
cellname that you used for the Portal installation. This will cause the addNode process
to fail later.
114
11. Review the summary screen. Make sure you are NOT inadvertently removing any
features, such as your WebSphere Portal profile. If you see this, THIS IS BAD AND
YOUR PROFILE WILL BE REMOVED!
This is what you should see:
If anything looks incorrect, go back and make any necessary corrections. If everything
is correct, click Modify.
115
12. When the installation finishes, start the Deployment Manager from the <dmgr profile
root>/bin directory:
./startManager.sh
13. Launch the Deployment Manager administrative console and login. Default port when
the DMGR is installed on the same server as Portal is 9061:
http://myprimaryportal.ibm.com:9061/ibm/console
NOTE: Remember the DMGR is now installed on the primary Portal server, so the
hostname is the same as Portal's.
14. Navigate to Security → Global Security
15. Under 'User Account Repository', click 'Configure':
116
16. In the 'Primary administrative user name' field, change this value to the full
distinguished name of the user using the following format:
uid=<user id>,o=defaultWIMFileBasedRealm
In my example, my user ID is “wpadmin”, therefore my full distinguished name will be:
uid=wpadmin,o=defaultWIMFileBasedRealm
NOTE: This change will help prevent user ID conflicts when we add the federated
LDAP.
17. Before saving, enter the password for this user when prompted, then save all
changes.
18. Restart the Deployment Manager for the changes to take effect.
You have successfully created and augmented a Deployment Manager profile on a
WebSphere Portal server. This appendix replaces chapters 4 for installing the Deployment
Manager and 5 for Configuring the Deployment Manager.
117
A-3 – Federating Portal to a Deployment Manager that has LDAP security
enabled
In the main guide, we enable LDAP security after federating the primary Portal node. This
section covers the steps needed if your DMGR already has LDAP security enabled before
you add your primary Portal node to it.
This appendix replaces chapters 4, 5, 6 and 8. This section assumes you know how to
create a DMGR profile and enable LDAP security within it, as those steps are not covered
here.
These steps can be applied to a DMGR with Standalone LDAP security or Federated LDAP
security, it does not matter.
1. Standalone LDAP security only. If your DMGR has Standalone LDAP security
enabled, you need to update Portal's wkplc.properties with the standalone ldap
information. To do that, I used the helper file located here:
<wp_profile root>/ConfigEngine/config/helpers/wp_security_ids.properties
These were the properties I used:
standalone.ldap.id=PortalLdap
standalone.ldap.host=myldapserver.ibm.com
standalone.ldap.port=389
standalone.ldap.bindDN=uid=wpbind,cn=users,dc=ibm,o=com
standalone.ldap.bindPassword=wpbind
standalone.ldap.ldapServerType=IDS
standalone.ldap.userIdMap=*:uid
standalone.ldap.groupIdMap=*:cn
standalone.ldap.groupMemberIdMap=ibmallGroups:member;ibmallGroups:uniqueMember
standalone.ldap.userFilter=(&(uid=%v)(objectclass=inetOrgPerson))
standalone.ldap.groupFilter=(&(cn=%v)(objectclass=groupOfUniqueNames))
standalone.ldap.serverId=uid=wpbind,cn=users,dc=ibm,o=com
standalone.ldap.serverPassword=wpbind
standalone.ldap.realm=PortalRealm
standalone.ldap.primaryAdminId=uid=wpadmin,cn=users,dc=ibm,o=com
standalone.ldap.primaryAdminPassword=wpadmin
standalone.ldap.primaryPortalAdminId=uid=wpadmin,cn=users,dc=ibm,o=com
standalone.ldap.primaryPortalAdminPassword=wpadmin
standalone.ldap.primaryPortalAdminGroup=cn=wpsadmins,cn=groups,dc=ibm,o=com
standalone.ldap.baseDN=dc=ibm,o=com
standalone.ldap.et.group.searchFilter=
standalone.ldap.et.group.objectClasses=groupOfUniqueNames
standalone.ldap.et.group.objectClassesForCreate=
standalone.ldap.et.group.searchBases=cn=groups,dc=ibm,o=com
118
standalone.ldap.et.personaccount.searchFilter=
standalone.ldap.et.personaccount.objectClasses=inetOrgPerson
standalone.ldap.et.personaccount.objectClassesForCreate=
standalone.ldap.et.personaccount.searchBases=cn=users,dc=ibm,o=com
standalone.ldap.gm.groupMemberName=uniqueMember
standalone.ldap.gm.objectClass=groupOfUniqueNames
standalone.ldap.gm.scope=direct
standalone.ldap.gm.dummyMember=uid=dummy
standalone.ldap.personAccountParent=cn=users,dc=ibm,o=com
standalone.ldap.groupParent=cn=groups,dc=ibm,o=com
standalone.ldap.personAccountRdnProperties=uid
standalone.ldap.groupRdnProperties=cn
I also altered one 'Advanced Properties' in the helper file and left the rest as the
defaults, but you may find that you need to alter more for your LDAP.
standalone.ldap.gc.name=ibm-allGroups
2. Standalone LDAP only. Import the helper file contents into the wkplc.properties file
by executing this ConfigEngine script from the <wp_profile root>/ConfigEngine
directory:
./ConfigEngine.sh -DparentProperties=<wp_profile
root>/ConfigEngine/config/helpers/wp_security_ids.properties
-DSaveParentProperties=true
3. From a terminal window on your Deployment Manager, navigate to <dmgr_profile>/bin
4. Ensure the Deployment Manager is stopped by executing the following command:
./stopManager.sh -user <WAS user> -password <WAS password>
5. From the primary Portal node, copy the following zip file over to a temporary location
on your DMGR server:
<PortalServer root>/filesForDmgr/filesForDmgr.zip
6. Back on the DMGR server, extract the filesForDmgr.zip that you just copied over into a
temporary directory.
7. Remote DMGR only. Copy the
<temp>/bin/ProfileManangement/plugins/com.ibm.wp.dmgr.pmt_7.0.5 directory to the
<DMGR AppServer root>/bin/ProfileManagement/plugins directory.
119
8. Remote DMGR only. Copy the <temp>/lib/wkplc.comp.registry.jar and wp.wire.jar to
the <DMGR AppServer root>/lib directory.
9. Remote DMGR only. Copy the <temp>/plugins/com.ibm.patch.was.plugin.jar and the
com.ibm.wp.was.plugin.jar files to the <DMGR AppServer root>/plugins directory.
10. Remote DMGR only. Copy the <temp>/profileTemplates/management.portal.augment
directory to the <DMGR AppServer root>/profileTemplates directory.
11. Copy the <temp>/profiles/Dmgr01/config/.repository/metadata.wkplc.xml file to the
<DMGR profile root>/config/.repository directory.
NOTE: The “.repository” directory is a hidden directory.
In steps 12 and 13, we will augment the DMGR profile. This process automatically
makes the following changes to your DMGR profile:
- Increases the HTTP connection timeouts for the DMGR server
- Increases the SOAP connector timeout for JMX in the DMGR server
- Increases the JVM Maximum Heap size for the DMGR server
- Enables Application Security
- Increases the soap timeout in the soap.client.props file.
12. From a terminal window on your DMGR server, change directories to <DMGR
AppServer root>/bin
13. Execute the following command to augment the DMGR profile:
./manageprofiles.sh -augment -templatePath <DMGR AppServer
root>/profileTemplates/management.portal.augment -profileName
<dmgr_profile_name>
Where <DMGR AppServer root> is the root path of AppServer on your DMGR server,
and <dmgr_profile_name> is the name of your Deployment Manager profile, Dmgr01
for example.
14. Ensure the time on your Portal primary node is within 5 minutes of the time on your
Deployment Manager (DMGR). Failure to do so will cause the addNode process to
fail.
120
15. Ensure the DMGR is started. On the DMGR server, execute the following command
from the <dmgr_profile>/bin directory:
./startManager.sh
16. Stop WebSphere_Portal by executing the following command from the <wp_profile
root>/bin directory:
./stopServer.sh WebSphere_Portal -user <WAS user> -password <WAS password>
17. Execute the following command from the <wp_profile root>/bin to add the Portal node
to the DMGR cell :
./addNode.sh <dmgr_hostname> <dmgr soap port> -username <dmgr admin ID>
-password <dmgr user password> -includeapps
For example:
./addNode.sh mydmgr.ibm.com 8879 -username wpadmin -password wppassword
-includeapps
NOTE: If you are not sure what your DMGR's soap port is, you can obtain it by logging
into the DMGR and navigating to System Administration → Deployment Manager →
Ports.
IMPORTANT: If the addNode script fails for any reason, you must complete the
following steps before running addNode again:
a) Remove the node from the DMGR cell in case AddNode successfully completed
that step before failing.
b) Login to the DMGR and do the following (these may not exist, depending on where
the failure occurred):
i. Remove all Enterprise applications
ii. Remove the WebSphere_Portal server definition
iii. Remove the JDBC Provider information for WebSphere_Portal
121
18. Stop the deployment manager by issuing the following command from the <dmgr
profile>/bin directory:
./stopManager.sh -user <WAS user> -password <WAS password>
19. Start the deployment manager by issuing the following command from the
<dmgr profile root>/bin directory:
./startManager.sh
NOTE: Now that the node has been federated, it has inherited the DMGR's security
configuration. The WebSphere Portal server will not function correctly yet so do not be
surprised if you try to start Portal and cannot access it.
At this point, you have successfully federated a WebSphere Portal node into a Deployment
Manager that already had LDAP Security enabled.
This appendix replaces chapters 4, 5, 6 and 8. You will still need to follow Chapter 7 to create
the dynamic cluster.
IMPORTANT: A step is included at the end of Chapter 7 for users that already have LDAP
security enabled, asking you to run wp-change-portal-admin-user. Ensure you do not skip
this. Failure to do so will prevent your Portal server from functioning.
122
Appendix B – Supplemental Information
B-1 – Script to create and setup DB2 databases
NOTE: The script provided is based on the DB2 commands found on this page in the
Product Documentation:
http://www10.lotus.com/ldd/portalwiki.nsf/dx/Linux_clustered_server_Creating_a_remote_or_local_DB2_
database_manually_wp8
The following section contains the contents of the SQL script used to create the WebSphere
Portal DB2 databases. To use this script, complete the following steps:
1. Copy the contents of this section into a text file
2. Edit the database names, user names and passwords in the file to match those of your
intended environment. Do NOT change the JCR bufferpool or tablespace names.
These must be the values listed here.
3. Save the file as a .sql file (for example CreateDatabases.sql)
4. Copy the file to a temporary directory on the DB2 server.
5. As the database administrator, execute the script:
db2 -tvf <temporary location>/CreateDatabases.sql
This script does all of the following:
− Creates and updates six databases (you may change these names): reldb, comdb,
cusdb. jcrdb, lmdb, fdbkdb
− Creates bufferpools for jcrdb. DO NOT change these names: ICMLSFREQBP4,
ICMLSVOLATILEBP4, ICMLSMAINBP32, CMBMAIN4.
− Creates tablespaces for jcrdb. DO NOT change these names: ICMLFQ32,
ICMLNF32, ICMVFQ04, ICMSFQ04, CMBINV04, ICMLSSYSTSPACE32,
ICMLSSYSTSPACE4, ICMLSUSRTSPACE4
IMPORTANT: After executing the script, double check the output to ensure that none of the
DB2 commands failed! If any failed, correct the problem and re-execute as needed.
123
=======BEGIN COPY HERE===DO NOT INCLUDE THIS LINE==========
CREATE DB reldb using codeset UTF-8 territory us PAGESIZE 8192;
UPDATE DB CFG FOR reldb USING applheapsz 4096;
UPDATE DB CFG FOR reldb USING app_ctl_heap_sz 1024;
UPDATE DB CFG FOR reldb USING stmtheap 32768;
UPDATE DB CFG FOR reldb USING dbheap 2400;
UPDATE DB CFG FOR reldb USING locklist 1000;
UPDATE DB CFG FOR reldb USING logfilsiz 4000;
UPDATE DB CFG FOR reldb USING logprimary 12;
UPDATE DB CFG FOR reldb USING logsecond 20;
UPDATE DB CFG FOR reldb USING logbufsz 32;
UPDATE DB CFG FOR reldb USING avg_appls 5;
UPDATE DB CFG FOR reldb USING locktimeout 30;
UPDATE DB CFG FOR reldb using AUTO_MAINT off;
CREATE DB comdb using codeset UTF-8 territory us PAGESIZE 8192;
UPDATE DB CFG FOR comdb USING applheapsz 4096;
UPDATE DB CFG FOR comdb USING app_ctl_heap_sz 1024;
UPDATE DB CFG FOR comdb USING stmtheap 32768;
UPDATE DB CFG FOR comdb USING dbheap 2400;
UPDATE DB CFG FOR comdb USING locklist 1000;
UPDATE DB CFG FOR comdb USING logfilsiz 4000;
UPDATE DB CFG FOR comdb USING logprimary 12;
UPDATE DB CFG FOR comdb USING logsecond 20;
UPDATE DB CFG FOR comdb USING logbufsz 32;
UPDATE DB CFG FOR comdb USING avg_appls 5;
UPDATE DB CFG FOR comdb USING locktimeout 30;
UPDATE DB CFG FOR comdb using AUTO_MAINT off;
CREATE DB cusdb using codeset UTF-8 territory us PAGESIZE 8192;
UPDATE DB CFG FOR cusdb USING applheapsz 4096;
UPDATE DB CFG FOR cusdb USING app_ctl_heap_sz 1024;
UPDATE DB CFG FOR cusdb USING stmtheap 32768;
UPDATE DB CFG FOR cusdb USING dbheap 2400;
UPDATE DB CFG FOR cusdb USING locklist 1000;
UPDATE DB CFG FOR cusdb USING logfilsiz 4000;
UPDATE DB CFG FOR cusdb USING logprimary 12;
UPDATE DB CFG FOR cusdb USING logsecond 20;
124
UPDATE DB CFG FOR cusdb USING logbufsz 32;
UPDATE DB CFG FOR cusdb USING avg_appls 5;
UPDATE DB CFG FOR cusdb USING locktimeout 30;
UPDATE DB CFG FOR cusdb using AUTO_MAINT off;
CREATE DB jcrdb using codeset UTF-8 territory us PAGESIZE 8192;
UPDATE DB CFG FOR jcrdb USING applheapsz 4096;
UPDATE DB CFG FOR jcrdb USING app_ctl_heap_sz 1024;
UPDATE DB CFG FOR jcrdb USING stmtheap 32768;
UPDATE DB CFG FOR jcrdb USING dbheap 2400;
UPDATE DB CFG FOR jcrdb USING locklist 1000;
UPDATE DB CFG FOR jcrdb USING logfilsiz 4000;
UPDATE DB CFG FOR jcrdb USING logprimary 12;
UPDATE DB CFG FOR jcrdb USING logsecond 20;
UPDATE DB CFG FOR jcrdb USING logbufsz 32;
UPDATE DB CFG FOR jcrdb USING avg_appls 5;
UPDATE DB CFG FOR jcrdb USING locktimeout 30;
UPDATE DB CFG FOR jcrdb using AUTO_MAINT off;
CREATE DB lmdb using codeset UTF-8 territory us PAGESIZE 8192;
UPDATE DB CFG FOR lmdb USING applheapsz 4096;
UPDATE DB CFG FOR lmdb USING app_ctl_heap_sz 1024;
UPDATE DB CFG FOR lmdb USING stmtheap 32768;
UPDATE DB CFG FOR lmdb USING dbheap 2400;
UPDATE DB CFG FOR lmdb USING locklist 1000;
UPDATE DB CFG FOR lmdb USING logfilsiz 4000;
UPDATE DB CFG FOR lmdb USING logprimary 12;
UPDATE DB CFG FOR lmdb USING logsecond 20;
UPDATE DB CFG FOR lmdb USING logbufsz 32;
UPDATE DB CFG FOR lmdb USING avg_appls 5;
UPDATE DB CFG FOR lmdb USING locktimeout 30;
UPDATE DB CFG FOR lmdb using AUTO_MAINT off;
CREATE DB fdbkdb using codeset UTF-8 territory us PAGESIZE 8192;
UPDATE DB CFG FOR fdbkdb USING applheapsz 4096;
UPDATE DB CFG FOR fdbkdb USING app_ctl_heap_sz 1024;
UPDATE DB CFG FOR fdbkdb USING stmtheap 32768;
125
UPDATE DB CFG FOR fdbkdb USING dbheap 2400;
UPDATE DB CFG FOR fdbkdb USING locklist 1000;
UPDATE DB CFG FOR fdbkdb USING logfilsiz 4000;
UPDATE DB CFG FOR fdbkdb USING logprimary 12;
UPDATE DB CFG FOR fdbkdb USING logsecond 20;
UPDATE DB CFG FOR fdbkdb USING logbufsz 32;
UPDATE DB CFG FOR fdbkdb USING avg_appls 5;
UPDATE DB CFG FOR fdbkdb USING locktimeout 30;
UPDATE DB CFG FOR fdbkdb using AUTO_MAINT off;
CONNECT TO jcrdb USER db2inst1 USING password;
CREATE BUFFERPOOL ICMLSFREQBP4 SIZE 1000 PAGESIZE 4 K;
CREATE BUFFERPOOL ICMLSVOLATILEBP4 SIZE 16000 PAGESIZE 4 K;
CREATE BUFFERPOOL ICMLSMAINBP32 SIZE 16000 PAGESIZE 32 K;
CREATE BUFFERPOOL CMBMAIN4 SIZE 1000 PAGESIZE 4 K;
CREATE REGULAR TABLESPACE ICMLFQ32 PAGESIZE 32 K MANAGED BY SYSTEM USING
('ICMLFQ32') BUFFERPOOL ICMLSMAINBP32;
CREATE REGULAR TABLESPACE ICMLNF32 PAGESIZE 32 K MANAGED BY SYSTEM USING
('ICMLNF32') BUFFERPOOL ICMLSMAINBP32;
CREATE REGULAR TABLESPACE ICMVFQ04 PAGESIZE 4 K MANAGED BY SYSTEM USING
('ICMVFQ04') BUFFERPOOL ICMLSVOLATILEBP4;
CREATE REGULAR TABLESPACE ICMSFQ04 PAGESIZE 4 K MANAGED BY SYSTEM USING
('ICMSFQ04') BUFFERPOOL ICMLSFREQBP4;
CREATE REGULAR TABLESPACE CMBINV04 PAGESIZE 4 K MANAGED BY SYSTEM USING
('CMBINV04') BUFFERPOOL CMBMAIN4;
CREATE SYSTEM TEMPORARY TABLESPACE ICMLSSYSTSPACE32 PAGESIZE 32 K MANAGED BY SYSTEM
USING ('icmlssystspace32') BUFFERPOOL ICMLSMAINBP32;
CREATE SYSTEM TEMPORARY TABLESPACE ICMLSSYSTSPACE4 PAGESIZE 4 K MANAGED BY SYSTEM
USING ('icmlssystspace4') BUFFERPOOL ICMLSVOLATILEBP4;
CREATE USER TEMPORARY TABLESPACE ICMLSUSRTSPACE4 PAGESIZE 4 K MANAGED BY SYSTEM
USING ('icmlsusrtspace4') BUFFERPOOL ICMLSVOLATILEBP4;
UPDATE DB CFG FOR jcrdb USING DFT_QUERYOPT 2;
UPDATE DB CFG FOR jcrdb USING PCKCACHESZ 16384;
DISCONNECT jcrdb;
TERMINATE;
=======END COPY HERE===DO NOT INCLUDE THIS LINE==========
126
B-2 – Adding a Vertical Cluster Member
After creating your cluster, you may need to add additional members to the cluster. This
section will describe how to properly add a vertical cluster member to your cluster.
A 'vertical cluster member' is an additional WebSphere Portal JVM on an existing federated
Portal node. You are not required to install an additional WebSphere Portal installation or
profile on any server to create a vertical cluster member.
1. From a command window, navigate to <dmgr_profile root>/bin and execute the
following command to start the DMGR:
./startManager.sh
2. Launch a web browser and access the DMGR Administrative Console:
http://mydmgr.ibm.com:9060/ibm/console
3. Navigate to Servers → Server Types → Dynamic Clusters → <your cluster name>
4. At the bottom of the page, select the checkbox for Allow more than one instance to
start on the same node and set a number. The default number is 2, and this means
you will have 2 total JVMs running on each node. For the purposes of this guide, I will
just use 2.
NOTE: This action adds an additional cluster member to ALL nodes in your cluster.
For example, if you have two nodes in your cluster, and you use the exact same
settings I have above, then each node will have one additional JVM created on it.
5. Click OK and Save all changes.
6. Navigate to Servers → Server Types → WebSphere Application Servers
127
7. Here you should see a list of all servers:
The new cluster members will have _1, _2, etc appended to them. Note the names of
the new cluster members as well as what nodes they are on, we will need that
information momentarily.
8. For each new server, navigate to <ServerName> → Container Service → Dynamic
Cache Service.
9. Change the following settings:
- Set Cache Size to 3000
- Check the box for Enable Cache Replication
- Set Replication Type to 'Not Shared'.
128
10. Click OK and save all changes. Repeat for each new server.
11. Back at Servers → Server Types → WebSphere Application Servers, for each
new server, navigate to <ServerName> → Ports
12. Note the following ports:
WC_defaulthost
WC_defaulthost_secure
These ports need to be added to the Virtual Host list.
NOTE: The WC_defaulthost port is the port you will use should you ever need to
access that particular server directly.
IMPORTANT: Repeat steps 8-12 for each new cluster member.
13. Navigate to Environment → Virtual Hosts → default_host → Host Aliases
14. For each port you got for WC_defaulthost and WC_defaulthost_secure, click Add
and enter the following information:
Host: *
Port: <the port number>
15. Save all changes.
16. Log out of the Deployment Manager.
17. On the primary node, open a terminal window and change directories to <wp_profile
home>/ConfigEngine.
129
18. For each new cluster member, execute the following ConfigEngine command to
update the new cluster member for WebSphere Portal:
./ConfigEngine.sh cluster-node-config-vertical-cluster-setup
-DServerName=<vertical cluster member name> -DNodeName=<the node that
contains that server> -DWasPassword=<password>
For example, in my case I had two new servers created, one for each node:
PortalCluster_wp8Node1_1 on node wp8Node1
PortalCluster_wp8Node2_1 on node wp8Node2
So I ran each of these commands:
./ConfigEngine.sh cluster-node-config-vertical-cluster-setup
-DServerName=PortalCluster_wp8Node1_1 -DNodeName=wp8Node1
-DWasPassword=password
./ConfigEngine.sh cluster-node-config-vertical-cluster-setup
-DServerName=PortalCluster_wp8Node2_1 -DNodeName=wp8Node2
-DWasPassword=password
19. The servers are now ready for use. You can start them by running the following
command from the <wp_profile root>/bin directory on each node:
./startServer.sh <serverName>
for example:
./startServer.sh PortalCluster_wp8Node1_1
20. Verify you can access each new server in a web browser using the port you noted
earlier:
http://nodehostname.ibm.com:10068/wps/portal
You have successfully added vertical cluster members to your cluster.
130
B-3 – Updating Dynamic Cluster settings
After using your dynamic cluster, you may decide that the JVM rules set during cluster
creation are not sufficient. This section will show you how to update those settings.
1. Start the Deployment Manager if it is not already started by executing the following
command from the <dmgr_profile>/bin directory:
./startManager.sh
2. Log in to your Deployment Manager.
3. Navigate to Servers → ServerTypes → Dynamic Clusters → <ClusterName>
4. On this page, you can adjust the rules for how many JVMs should be running at any
given time, etc.
5. Make any changes you'd like, and click OK. Save all changes.
131
B-4 – Extracting the media
In this section, you learn how to properly extract the WebSphere Application Server and
Portal media if downloaded from Passport Advantage and Fix Central.
WebSphere Portal v8.0.0.0 Media
1. First, refer to this link in the product documentation to understand what images you will
need to download from Passport Advantage:
http://www-10.lotus.com/ldd/portalwiki.nsf/dx/Electronic_images_wp8
There are 6 editions of the WebSphere Portal Media: Server, Enable, Extend, Express, Web
Content Management, and Web Content Management Standard.
Each edition has a set of Required Software and a set of Optional Software.
These instructions are purely for the Required Software.
2. In this guide, I used WebSphere Portal Extend, so looking at this link:
http://www-10.lotus.com/ldd/portalwiki.nsf/xpDocViewer.xsp?
lookupName=IBM+WebSphere+Portal+8+Product+Documentation#action=openDocu
ment&res_title=Getting_WebSphere_Portal_Extend_software_wp8&content=pdcontent
There are 10 images I need to download (listed in Tables 2, 3, and 4).
NOTE: Table 1 includes a quick start guide. This is just documentation and is not
actually used by the installer. It can be skipped if you'd like.
3. On the server that will hold the Portal Installation media, create a directory anywhere
you'd like. For example:
/opt/media/Portal8
4. Extract each zip file you downloaded into the directory you created.
NOTE: While extracting the images, you may be prompted to overwrite existing
directories. Select OK or YES to overwrite any existing directories. This is normal and
ok.
132
5. When this is complete, you should end up with the following directory structure (using
my /opt/Portal8Media as an example):
/opt/media/Portal8/Setup
/opt/media/Portal8/WAS
/opt/media/Portal8/Portal
/opt/media/Portal8/Extend
NOTE: If you are installing Portal Server, you will only have three directories: Setup, WAS,
Portal. For every other edition, you will have four directories: Setup, WAS, Portal, and your
Offering (Extend for example).
WebSphere Application Server v8.5.5
1. Refer to this link in the product documentation to understand what images you will
need to download from Passport Advantage:
http://www-01.ibm.com/support/docview.wss?uid=swg27038624
2. On the server that will hold the installation media, create a directory. For example:
/opt/media/WAS855
133
3. Download all required parts from Passport Advantage and store them in the directory
you created. There are three parts.
4. Extract each zip file you downloaded into the directory you created.
5. When this is complete, you should end up with the following directory structure:
IBM WebSphere SDK Java Technology Edition V7.0
1. Refer to this link in the product documentation to understand what images you will
need to download from Passport Advantage:
http://www-01.ibm.com/support/docview.wss?uid=swg27038624
2. On the server that will hold the installation media, create a directory. For example:
/opt/media/JDK7
3. Download all required parts from Passport Advantage and store them in the directory
you created. There are three parts.
4. Extract each zip file you downloaded into the directory you created.
134
5. When this is complete, you should end up with the following directory structure:
WebSphere Portal v8001 Fixpack
1. Refer to this link to get the fixpack:
http://www-01.ibm.com/support/docview.wss?uid=swg24031246
NOTE: If you have a Portal Offering besides 'Server', then you will download TWO zip
files. One will be for 'Server' and the other will be for your offering (e.g., Extend).
2. On the server that will hold the installation media, create a temporary directory for the
zip file(s).
3. Download the zip file(s) into that temporary directory.
135
4. Extract the downloaded zip file(s) into the temporary directory. This will result in a new
zip file:
WP8001_Server.zip
If you have an Offering like Enable or Extend, then you will have a second zip file:
WP8001_Enable.zip
5. Create a new directory on the server that will hold the installation media. For example:
/opt/media/Portal8001/Server
6. Extract the WP8001_Server.zip file into this directory.
7. If you have an additional offering, then create a directory for it. For example:
/opt/media/Portal8001/Extend
8. Extract the Offering zip file into this directory.
9. When this is complete, you should end up with the following directory structure:
136
WebSphere Portal v8001 Cumulative Fixes
1. Refer to this link to get the latest cumulative fix:
http://www-01.ibm.com/support/docview.wss?uid=swg24031246
The minimum cumulative fix needed in order to be supported on WAS v8.5.5 is CF7
(PM91269), so that is what I will download.
2. On the server that will hold the installation media, create a directory. For example:
/opt/media/8001CF7
3. Download the zip file for the cumulative fix from Fix Central. It should be the zip file for
Portal Server.
4. Inside of the zip file you download will be another zip file with the naming convention of
PMnnnnn_Server.zip, where Pmnnnnn corresponds to the PM number associated with
the cumulative fix. For CF7, this is PM91269, so the zip file is PM91269_Server.zip.
5. Extract the second zip file (PM91269_Server.zip) into the directory you created. You
should end up with this directory structure:
137
About The Author
Hunter Tweed works with the IBM WebSphere Portal Level 2 Support organization and is the
technical lead for WebSphere Portal support. He has authored many other Step-By-Step
guides for various Portal deployment scenarios.
If you have any questions about the content of this guide, Hunter can be reached at:
httweed@us.ibm.com.
If you encounter any failures following the steps in this guide, you may open a PMR with
WebSphere Portal Level 2 support.
Change History
Version
Date
What Changed
1
08/16/13
Published
138
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising