Embed Size (px)
Citation preview
www.ics.ug #icsug
The Silence of the Installers
How silent installers help you automate IBM Connections deployments
Klaus Bild WebGate Consulting AG
www.ics.ug #icsug
About me
» System Architect@WebGate » Specialized in IBM Connections and Sametime » Swiss Bavarian » Scripting Lover, Blogger » Speaker at:
www.ics.ug #icsug
Goal
» Give you an idea on how to automatea single box installation (Linux)
www.ics.ug #icsug
Prerequisites for the Automation
» Needed Linuxlibraries alreadyinstalled
» All source fileson target system
www.ics.ug #icsug
Property File
www.ics.ug #icsug
Connections Prerequisites» IBM Installation Manager (IIM) » IBM WebSphere Applications Server 8.5.5.3 (including IHS
and needed Fix) » Configure WAS (Dmgr, LDAP, security…) » IBM DB2 10.1 FP4 » Create users and DBs » IBM TDI 7.1.1 (including Fixpack 3) » Configure LDAP-‐Profile mapping » Populate Profiles
www.ics.ug #icsug
Connections Installation» IBM Connections 5 » IBM Connections 5 CR2 » Post Installation Steps
www.ics.ug #icsug
Installation WorkflowStart
Install TDI and Fixpack
Install Installation Manager
Install DB2
Create DBs
Populate DBs
Install WebSphere and Fixpacks, Fixes
Install HTTP Server and Fixpacks, Fixes
Install Connections and CR2
Configure WebSphere
Post Installation Steps
www.ics.ug #icsug
Silent Installs» Command Line » Define all install parameters through:
» Command line arguments/options
» Templates/Response Files
» Combination
Example: ./imcl -input /opt/InstallFiles/ResponseFiles/install_conn5.xml -log /opt/InstallFiles/log/Conn5.xml -silent -acceptLicense -showProgress
www.ics.ug #icsug
How to install IIM silently» We only want to define Installation Directory and log path » Can be easily done with command line arguments
http://www-‐01.ibm.com/support/knowledgecenter/api/content/SSDV2W_1.8.0/com.ibm.silentinstall12.doc/topics/r_silent_inst_cmd_arg.html
./installc -log /opt/InstallationFiles/log/IIM.log -acceptLicense -installationDirectory /opt/IBM/IIM –showProgress
Always use the latest 32bit IIM version (1.8.2 as of today)
www.ics.ug #icsug
How to install WAS silently» Has to be installed with IIM » A lot of parameters have to be defined
(paths, install files, …) » Not all of them can be provided by command line
arguments -‐> We will use a response file
» But first we have to create the response file
www.ics.ug #icsug
Create a response file for WASCan only be done through GUI /opt/IBM/IIM/eclipse/IBMIM -record /opt/InstallFiles/ResponseFiles/install_WAS.xml -skipInstall /opt/InstallFiles/Skipped
Add all WAS, FPs and Fixes repos
www.ics.ug #icsug
Create a response file for WAS» Define what should be installed (WAS will directly be
installed with FP3)
www.ics.ug #icsug
Create a response file for WAS» Select the fix
www.ics.ug #icsug
Create a response file for WAS» Define all paths… in the following screens
www.ics.ug #icsug
Create a response file for WAS» Define all paths… in the following screens
www.ics.ug #icsug
Create a response file for WAS» Open the response file and identify all variables which
should be customisable
<?xml version='1.0' encoding='UTF-8'?> <agent-input> <variables> <variable name='sharedLocation' value='/opt/IBM/IMShared'/> </variables> <server> <repository location='/opt/InstallFiles/extracted/WAS/Server'/> <repository location='/opt/InstallFiles/extracted/WAS/FP0000003'/> <repository location='/opt/InstallFiles/extracted/WAS_Suppl/Server'/> <repository location='/opt/InstallFiles/extracted/WAS_Suppl/FP0000003'/> <repository location='/opt/InstallFiles/8.5.0.0-WS-WASJavaSDK-LinuxX64-IFPI28920.zip'/> </server>
www.ics.ug #icsug
Create a response file for WAS <profile id='IBM HTTP Server V8.5' installLocation='/opt/IBM/HTTPServer'>
<data key='eclipseLocation' value='/opt/IBM/HTTPServer'/>
<data key='user.import.profile' value='false'/>
<data key='cic.selector.os' value='linux'/>
<data key='cic.selector.arch' value='x86'/>
<data key='cic.selector.ws' value='gtk'/>
<data key='user.ihs.http.server.service.name' value='none'/>
<data key='user.ihs.httpPort' value='80'/>
<data key='user.ihs.installHttpService' value='false'/>
<data key='cic.selector.nl' value='en'/>
</profile>
<install modify='false'>
<!-- 8.5.0.0-WS-WASJavaSDK-LinuxX64-IFPI28920 -->
<offering profile='IBM HTTP Server V8.5' id='8.5.0.0-WS-WASJavaSDK-LinuxX64-IFPI28920'/>
<!-- IBM HTTP Server for WebSphere Application Server 8.5.5.3 -->
<offering profile='IBM HTTP Server V8.5' id='com.ibm.websphere.IHS.v85' version='8.5.5003.20140730_1249' features='core.feature,arch.64bit' installFixes='none'/>
</install>
www.ics.ug #icsug
Create a response file for WAS <profile id='IBM WebSphere Application Server V8.5' installLocation='/opt/IBM/WebSphere/AppServer'>
<data key='eclipseLocation' value='/opt/IBM/WebSphere/AppServer'/>
<data key='user.import.profile' value='false'/>
<data key='cic.selector.os' value='linux'/>
<data key='cic.selector.arch' value='x86'/>
<data key='cic.selector.ws' value='gtk'/>
<data key='cic.selector.nl' value='en'/>
</profile>
<install modify='false'>
<!-- 8.5.0.0-WS-WASJavaSDK-LinuxX64-IFPI28920 -->
<offering profile='IBM WebSphere Application Server V8.5' id='8.5.0.0-WS-WASJavaSDK-LinuxX64-IFPI28920'/>
<!-- IBM WebSphere Application Server Network Deployment 8.5.5.3 -->
<offering profile='IBM WebSphere Application Server V8.5' id='com.ibm.websphere.ND.v85' version='8.5.5003.20140730_1249' features='core.feature,ejbdeploy,thinclient,embeddablecontainer,com.ibm.sdk.6_64bit' installFixes='none'/>
</install>
www.ics.ug #icsug
Create a response file for WAS <profile id='Web Server Plug-ins for IBM WebSphere Application Server V8.5' installLocation='/opt/IBM/WebSphere/Plugins'>
<data key='eclipseLocation' value='/opt/IBM/WebSphere/Plugins'/>
<data key='user.import.profile' value='false'/>
<data key='cic.selector.os' value='linux'/>
<data key='cic.selector.arch' value='x86'/>
<data key='cic.selector.ws' value='gtk'/>
<data key='cic.selector.nl' value='en'/>
</profile>
<install modify='false'>
<!-- 8.5.0.0-WS-WASJavaSDK-LinuxX64-IFPI28920 -->
<offering profile='Web Server Plug-ins for IBM WebSphere Application Server V8.5' id='8.5.0.0-WS-WASJavaSDK-LinuxX64-IFPI28920'/>
<!-- Web Server Plug-ins for IBM WebSphere Application Server 8.5.5.3 -->
<offering profile='Web Server Plug-ins for IBM WebSphere Application Server V8.5' id='com.ibm.websphere.PLG.v85' version='8.5.5003.20140730_1249' features='core.feature,com.ibm.jre.6_64bit' installFixes='none'/>
</install>
www.ics.ug #icsug
Create a response file for WAS <preference name='com.ibm.cic.common.core.preferences.eclipseCache' value='${sharedLocation}'/>
<preference name='com.ibm.cic.common.core.preferences.connectTimeout' value='30'/>
<preference name='com.ibm.cic.common.core.preferences.readTimeout' value='45'/>
<preference name='com.ibm.cic.common.core.preferences.downloadAutoRetryCount' value='0'/>
<preference name='offering.service.repositories.areUsed' value='true'/>
<preference name='com.ibm.cic.common.core.preferences.ssl.nonsecureMode' value='false'/>
<preference name='com.ibm.cic.common.core.preferences.http.disablePreemptiveAuthentication' value='false'/>
<preference name='http.ntlm.auth.kind' value='NTLM'/>
<preference name='http.ntlm.auth.enableIntegrated.win32' value='true'/>
<preference name='com.ibm.cic.common.core.preferences.preserveDownloadedArtifacts' value='true'/>
<preference name='com.ibm.cic.common.core.preferences.keepFetchedFiles' value='false'/>
<preference name='PassportAdvantageIsEnabled' value='false'/>
<preference name='com.ibm.cic.common.core.preferences.searchForUpdates' value='false'/>
<preference name='com.ibm.cic.agent.ui.displayInternalVersion' value='false'/>
<preference name='com.ibm.cic.common.sharedUI.showErrorLog' value='true'/>
<preference name='com.ibm.cic.common.sharedUI.showWarningLog' value='true'/>
<preference name='com.ibm.cic.common.sharedUI.showNoteLog' value='true'/>
</agent-input>
www.ics.ug #icsug
Create a response file for WAS» Replace all variables with placeholders and add them to
the beginning of the response file …<agent-input> <variables> <variable name='HTTP' /> <variable name='WAS_DIR' /> <variable name='WAS_PLUGIN_DIR' /> <variable name='WAS_TOOL_DIR' /> <variable name='IIM_SHARED' /> <variable name='INSTALL_PATH_EXT' /> <variable name='INSTALL_PATH' /> </variables>…
…<repository location='${INSTALL_PATH_EXT}WAS/Server'/>…
…<profile id='IBM HTTP Server V8.5' installLocation='${HTTP}'> <data key='eclipseLocation' value='${HTTP}'/>…
… <profile id='IBM WebSphere Application Server V8.5' installLocation='${WAS_DIR}'> <data key='eclipseLocation' value='${WAS_DIR}'/>…
www.ics.ug #icsug
Run a silent install of WAS» Now run a silent install with the template and provide all
needed variables (one line)
/opt/IBM/IIM/eclipse/tools/imcl -input /opt/InstallFiles/ResponseFiles/install_WAS.xml -acceptLicense -showProgress -variables HTTP=/opt/IBM/HTTPServer, WAS_DIR=/opt/IBM/WebSphere/AppServer, WAS_PLUGIN_DIR=/opt/IBM/WebSphere/Plugins, WAS_TOOL_DIR=/opt/IBM/WebSphere/Toolbox, IIM_SHARED=/opt/IBM/IMShared, INSTALL_PATH_EXT=/opt/InstallFiles/extracted/, INSTALL_PATH=/opt/InstallFiles/
www.ics.ug #icsug
Configure WAS» Create Cell (Dmgr, AppServer) » Configure LDAP » Define Admin » Enable Application security » Define SSO domain » Sync servers
Will be done with python scripts and wsadmin -‐> Use Connections Community Scripts to speed up installation, configuration and documentation
www.ics.ug #icsug
Configure WAS WorkflowWAS
Create Cell
LDAP Server
Configure LDAP
Define Admin
Enable Application Security
Define SSO HTTP Server
Sync Servers
create_dmgr.py
configure_dmgr_ldap.py
configure_dmgr.py
www.ics.ug #icsug
Configure -‐ Example, create_dmgr.pyprint 'Create Dmgr'
f = open(INSTALL_PATH + 'log/create_dmgr.log', "w")
subprocess.call(WAS_DIR + '/bin/manageprofiles.sh -create -profileName ' + PROFILE_NAME +' -profilePath ' + WAS_PROFILE_DIR + '/' + PROFILE_NAME + ' -templatePath ' + WAS_DIR + '/profileTemplates/cell/dmgr -nodeName ' + NODE_NAME + ' -cellName ' + CELL_NAME + ' -hostName ' + HOST + ' -adminUserName ' + ADMIN_USER + ' -adminPassword ' + ADMIN_PASSWORD + ' -appServerNodeName ' + APP_NODE_NAME + ' -enableAdminSecurity true -nodeProfilePath ' + WAS_PROFILE_DIR + '/' + NODE_PROFILE_NAME + ' -omitAction "samplesInstallandConfig defaultAppDeployAndConfig"', shell=True, stdout=f)
print 'Create Node'
subprocess.call(WAS_DIR + '/bin/manageprofiles.sh -create -profileName ' + NODE_PROFILE_NAME + ' -profilePath' + WAS_PROFILE_DIR + '/' + NODE_PROFILE_NAME + ' -templatePath ' + WAS_DIR + '/profileTemplates/cell/default -nodeName ' + NODE_NAME + ' -cellName ' + CELL_NAME + ' -hostName ' + HOST + ' -adminUserName ' + ADMIN_USER + ' -adminPassword ' + ADMIN_PASSWORD + ' -appServerNodeName ' + APP_NODE_NAME + ' -dmgrProfilePath ' + WAS_PROFILE_DIR + '/' + PROFILE_NAME + ' -enableAdminSecurity true -omitAction "samplesInstallandConfig defaultAppDeployAndConfig"', shell=True, stdout=f)
print 'Preparing the Scripts with variables'
shutil.copy2(INSTALL_PATH + 'InstallScripts/configure_dmgr_ldap_template.py', INSTALL_PATH + 'InstallScripts/configure_dmgr_ldap.py')
replaceText(INSTALL_PATH + 'InstallScripts/configure_dmgr_ldap.py','@LOGIN_PROPERTIES@', LOGIN_PROPERTIES)
replaceText(INSTALL_PATH + 'InstallScripts/configure_dmgr_ldap.py','@LDAP_HOST@', LDAP_HOST)
replaceText(INSTALL_PATH + 'InstallScripts/configure_dmgr_ldap.py','@LDAP_BIND_USER@', LDAP_BIND_USER)
replaceText(INSTALL_PATH + 'InstallScripts/configure_dmgr_ldap.py','@LDAP_BIND_PASSWORDR@', LDAP_BIND_PASSWORD)
shutil.copy2(INSTALL_PATH + 'InstallScripts/configure_dmgr_template.py', INSTALL_PATH + 'InstallScripts/configure_dmgr.py')
replaceText(INSTALL_PATH + 'InstallScripts/configure_dmgr.py','@ADMIN_DN@', ADMIN_DN)
replaceText(INSTALL_PATH + 'InstallScripts/configure_dmgr.py','@ADMIN_UID@', ADMIN_UID)
replaceText(INSTALL_PATH + 'InstallScripts/configure_dmgr.py','@SSO_DOMAIN@', SSO_DOMAIN)
replaceText(INSTALL_PATH + 'InstallScripts/configure_dmgr.py','@ADMIN_USER@', ADMIN_USER)
print 'starting DMGR for LDAP Configuration'
subprocess.call(WAS_DIR + '/bin/startManager.sh', shell=True, stdout=f)
subprocess.call(WAS_DIR + '/bin/wsadmin.sh -lang jython -username ' + ADMIN_USER + ' -password ' + ADMIN_PASSWORD + ' -f ' + INSTALL_PATH +'InstallScripts/configure_dmgr_ldap.py', shell=True, stdout=f)
print 'stopping DMGR'
subprocess.call(WAS_DIR + '/bin/stopManager.sh -username ' + ADMIN_USER + ' -password ' + ADMIN_PASSWORD, shell=True, stdout=f)
print 'starting DMGR to activate LDAP and configure security'
subprocess.call(WAS_DIR + '/bin/startManager.sh', shell=True, stdout=f)
subprocess.call(WAS_DIR + '/bin/wsadmin.sh -lang jython -username ' + ADMIN_USER + ' -password ' + ADMIN_PASSWORD + ' -f ' + INSTALL_PATH +'InstallScripts/configure_dmgr.py', shell=True, stdout=f)
print 'stopping DMGR'
subprocess.call(WAS_DIR + '/bin/stopManager.sh -username ' + ADMIN_USER + ' -password ' + ADMIN_PASSWORD, shell=True, stdout=f)
print 'starting DMGR to enable security'
subprocess.call(WAS_DIR + '/bin/startManager.sh', shell=True, stdout=f)
subprocess.call(WAS_PROFILE_DIR + '/' + NODE_PROFILE_NAME + '/bin/syncNode.sh ' + HOST + ' -username ' + ADMIN_USER + ' -password ' + ADMIN_PASSWORD, shell=True, stdout=f)
www.ics.ug #icsug
Create a response files for DB2» Can be done with DB2 Setup wizard » Remark: Start with the Fixpack from the beginning (don’t
forget to import license key!) /opt/InstallFiles/DB2/universal/db2setup
www.ics.ug #icsug
Create a response files for DB2
*-----------------------------------------------------
* Generated response file used by the DB2 Setup wizard
* generation time: 10/22/14 9:56 AM
*-----------------------------------------------------
* Product Installation
LIC_AGREEMENT = ACCEPT
PROD = ENTERPRISE_SERVER_EDITION
FILE = /opt/IBM/db2/V10.1
INSTALL_TYPE = TYPICAL
*-----------------------------------------------
* Das properties
*-----------------------------------------------
DAS_CONTACT_LIST = LOCAL
DAS_SMTP_SERVER = mail.localdomain
* DAS user
DAS_USERNAME = dasusr1
DAS_GROUP_NAME = dasadm1
DAS_HOME_DIRECTORY = /home/dasusr1
* ---------------------------------------------- * Instance properties * ---------------------------------------------- INSTANCE = inst1 inst1.TYPE = ese * Instance-owning user inst1.NAME = db2inst1 inst1.GROUP_NAME = db2iadm1 inst1.HOME_DIRECTORY = /home/db2inst1 inst1.PASSWORD = IBMConnect14 inst1.AUTOSTART = YES inst1.SVCENAME = db2c_db2inst1 inst1.PORT_NUMBER = 50000 inst1.FCM_PORT_NUMBER = 60000 inst1.MAX_LOGICAL_NODES = 4 inst1.CONFIGURE_TEXT_SEARCH = NO * Fenced user inst1.FENCED_USERNAME = db2fenc1 inst1.FENCED_GROUP_NAME = db2fadm1 inst1.FENCED_HOME_DIRECTORY = /home/db2fenc1 inst1.FENCED_PASSWORD = IBMConnect14 * Contact properties CONTACT = contact1 contact1.CONTACT_NAME = db2inst1 contact1.EMAIL = [email protected] contact1.PAGER = false contact1.NEW_CONTACT = YES contact1.INSTANCE = inst1 *----------------------------------------------- * Installed Languages *----------------------------------------------- LANG = EN
www.ics.ug #icsug
Run a silent install and configure DB2» Install DB2 (one line): /opt/InstallFiles/DB2/universal/db2setup -r /opt/InstallFiles/ResponseFiles/install_DB2.rsp -l /opt/IBM/log/db2.log
» Create local users and change codepage » Create Connections DBs » Enable Online Backup » Schedule Backups
www.ics.ug #icsug
Configure DB2 WorkflowDB2Create local user (lcuser)
Create backup dir
Create Cron Job for backups
create_DBs.py
createDBs.sh
cronjob_backup_DBs.sh
Run offline backups
Run online backups
Configure online backups
Create DBs
configureDBs.sh
www.ics.ug #icsug
Create a response file for TDI
» Can be done with TDI Setup wizard ./install_tdiv711_linux_x86_64.bin -r /opt/InstallFiles/ResponseFiles/install_TDI2.rsp
www.ics.ug #icsug
Run a silent install and configure TDI» TDI (one line): /opt/InstallFiles/TDI/Server/linux_x86_64/install_tdiv711_linux_x86_64.bin -i silent –f /opt/InstallFiles/ResponseFiles/install_TDI.rsp
» Extract TDIsol » Create sync mapping » Sync » Schedule sync
www.ics.ug #icsug
Configure TDI WorkflowTDICopy needed DB2 jars
Extract files from TDIsol.tar to dirconfigure_populate.py
Configure TDI (ibmdisrv, profiles_tdi.properties, map_dbrepos_from_source.properties)
Sync LDAP & Profiles DB
Create TDIsol dir
www.ics.ug #icsug
Create a response file for Connections
» Can be done with the IIM /opt/IBM/IIM/eclipse/IBMIM -record /opt/InstallFiles/ResponseFiles/install_Conn5.xml -skipInstall /opt/InstallFiles/Skipped
www.ics.ug #icsug
Run a silent install and configure Connections/Post Install
» Connections (one line): /opt/IBM/IIM/eclipse/tools/imcl -input /opt/InstallFiles/ResponseFiles/install_conn5_template.xml -log /opt/InstallFiles/log/Conn5.xml -silent -acceptLicense -showProgress
» Define IHS » File download through IHS » Heap Sizes » Max/Min datasources » J2EE security roles
www.ics.ug #icsug
Connections Post Install WorkflowConnections
Create Keystore & Certs and add them to IHSconfigure_postinstall.py
Enable SSL HTTP Server
Set JVM Heap sizes
Add IHS certs to WAS/Plugin
configure_was.pyAdd IHS to WAS and generate/
distribute plugin
www.ics.ug #icsug
Configure Connections WorkflowConnections
Edit Hostnames and remove ports
configure_connections.py Enable search dictionaries
Configure URL preview for restricted accessconfigure_conn_wsadmin.py
www.ics.ug #icsug
Install Connections CR2 Workflow
ConnectionsUpdate DBs
install_conn5_cr2.pyInstall CR2
Sync all nodes
www.ics.ug #icsug
Let put this all togetherCombine Steps » Create a Python script
for the menu which combines all scriptsinstallmenu.py
» Work with templates
» Replace placeholders in these templates through scripting and create an actual response file
» Execute silent installerswith command line argumentsand response files
www.ics.ug #icsug
Future?» Error handling » Create an open GitHub/OpenNTF project » Deploy on multiple servers » Create multi-‐node environment » Install Connections Addons (i.e. Kudos Boards) » Create themes (Customer logo, colors) » Feedback?
www.ics.ug #icsug
www.ics.ug #icsug
Contactwebgate.biz
xing.com/profile/Klaus_Bild
ch.linkedin.com/in/kbild/
kbild.ch
twitter.com/kbild
