Professional Documents
Culture Documents
1
Dynamic Cluster
Hunter Tweed
WebSphere Portal Level 2 Support Technical Lead
IBM Raleigh Lab
August, 2013
Copyright International Business Machines Corporation 2013. All rights reserved.
This guide describes a comprehensive procedure for installing, configuring, and building an
IBM WebSphere Portal v8.0.0.1 dynamic cluster using:
Table of Contents
A Step-By-Step Guide to Configuring a WebSphere Portal v8.0.0.1 Dynamic Cluster..............1
Introduction.............................................................................................................................3
Cluster Concepts....................................................................................................................4
Using this Guide......................................................................................................................5
Before you begin.....................................................................................................................8
Main Guide..................................................................................................................................9
1 Install IBM WebSphere Portal on the Primary node.........................................................9
2 Configure the Primary Portal node to an external database..........................................25
3 Create the WebSphere Portal profile template...............................................................30
4 Install the Deployment Manager.....................................................................................32
5 Configure the Deployment Manager...............................................................................43
6 Federate the Primary Node............................................................................................47
7 Creating the Dynamic Cluster.........................................................................................49
8 Configure the Portal Cluster for Federated LDAP Security............................................61
9 Install IBM WebSphere Portal on an additional node.....................................................67
10 Federate and Cluster an Additional Portal node...........................................................84
11 Create the On Demand Router.....................................................................................89
12 What to do next.............................................................................................................94
Appendix A Alternate Setup Paths.........................................................................................95
A-1 Installing WebSphere Portal and Deployment Manager on the same server.............95
A-2 Creating a Deployment Manager profile on an existing Portal installation...............112
A-3 Federating Portal to a Deployment Manager that has LDAP security enabled........118
Appendix B Supplemental Information................................................................................123
B-1 Script to create and setup DB2 databases...............................................................123
B-2 Adding a Vertical Cluster Member.............................................................................127
B-3 Updating Dynamic Cluster settings...........................................................................131
B-4 Extracting the media.................................................................................................132
About The Author....................................................................................................................138
Change History.......................................................................................................................138
Introduction
Higher Versions of Portal and WebSphere Application Server
Although this guide is specifically written for 64-bit Portal v8.0.0.1 CF7 and WebSphere
Application Server (WAS) v8.5.5, the same approach will apply to any Portal v8.0.0.1 with
CF7 or higher and any WAS v8.5.5.x version higher than 8.5.5, 32 or 64-bit.
It is important to note that in order to use WebSphere Application Server v8.5.5 with
WebSphere Portal, you must use WebSphere Portal v8.0.0.1 CF7 at a minimum.
Windows/Unix Differences
This guide was written using Linux as the base operating system, however the steps/concepts
listed in this guide are independent of operating system.
The only significant difference is that for Windows, you must use the batch file commands
instead of the UNIX shell commands listed in this guide. For example:
UNIX: ./startServer.sh WebSphere_Portal
Windows: startServer.bat WebSphere_Portal
or
UNIX: ./ConfigEngine.sh cluster-node-config-dynamic-cluster-setup
Windows: ConfigEngine.bat cluster-node-config-dynamic-cluster-setup
Database and LDAP examples
In the instructions for configuring Portal with the database and LDAP, screens
shots show valid examples. Use values which are appropriate for your database
and LDAP.
Hostnames Used in this Guide
To avoid confusion with my own hostnames, I've replaced each instance of the hostnames of
my servers with a sample value that corresponds to the server it belongs to so that it may be
easier to understand which server I'm referring to in my examples.
I use the following values:
Primary Portal Node - myprimaryportal.ibm.com
Secondary Portal Node mysecondaryportal.ibm.com
Deployment Manager mydmgr.ibm.com
Database Server mydbserver.ibm.com
LDAP Server myldapserver.ibm.com
Cluster Concepts
Server A Java Virtual Machine (JVM) that manages user applications (such as WebSphere
Portal and Web Content Management).
Node A logical grouping of one or more application servers. A node does not necessarily
mean a single physical server.
Cell A logical grouping of one more nodes.
Cluster A logical grouping of one or more servers across one or more nodes. The servers
are managed together and participate in workload management. Servers in a cluster share
resources, such as applications. Multiple clusters can exist in a single cell, but a single
cluster cannot exist across multiple cells.
Dynamic Cluster The same as a standard cluster, however cluster members in a dynamic
cluster are controlled by autonomic managers that can optimize performance in a cluster.
In order to build a dynamic cluster in previous versions of WebSphere Portal and WebSphere
Application Server, you were required to have an additional component, WebSphere Virtual
Enterprise, installed and configured.
Starting with WebSphere Application Server 8.5, the functionality from WebSphere Virtual
Enterprise is included within WebSphere Application Server by default, so it is much easier to
create dynamic clusters than in previous versions.
For more information about dynamic clusters, please visit the WebSphere Application Server
8.5 Information Center here:
http://pic.dhe.ibm.com/infocenter/wasinfo/v8r5/index.jsp?topic=
%2Fcom.ibm.websphere.wve.doc%2Fae%2Fcwve_odrdynamiccluster.html
The following scenarios are covered in this Guide (along with the order of Chapters you need
to swap or remove):
Building a WebSphere Portal cluster using a remote DMGR all from scratch?
Use these chapters:
1 Install IBM WebSphere Portal v8 on the Primary node
2 - Configure the Primary Portal node to an external database
3 - Create the WebSphere Portal profile template
4 - Install the Deployment Manager
5 - Configure the Deployment Manager
6 - Federate the Primary Node
7 - Creating the Dynamic Cluster
8 - Configure the Portal Cluster for Federated LDAP Security
9 - Install an additional Portal Node
10 - Federate and Cluster an additional Portal node
11 - Create the On Demand Router
Building a WebSphere Portal cluster using a local DMGR all from scratch?
NOTE: This is the quickest way to build a cluster if you are not concerned with using a
remote Deployment Manager.
Use these chapters:
A-1 - Installing WebSphere Portal and Deployment Manager on the same server
2 - Configure the Primary Portal node to an external database
3 - Create the WebSphere Portal profile template
6 - Federate the Primary Node
7 - Creating the Dynamic Cluster
8 - Configure the Portal Cluster for Federated LDAP Security
9 - Install an additional Portal Node
10 - Federate and Cluster an additional Portal node
11 - Create the On Demand Router
Using an existing Deployment Manager that already has LDAP security enabled?
Use these chapters:
1 - Installing the Primary Portal node
2 - Configuring the Primary node for a remote database
3 - Enabling Portal profiles
A-3 - Federating Portal to a Deployment Manager that has LDAP security enabled
7 - Creating the Dynamic Cluster
9 - Installing an additional Portal Node
10 - Federate and Clustering an additional Portal Node
11 - Create the On Demand Router
Adding a local Deployment Manager after installing Portal?
Use these chapters:
1 - Installing the Primary Portal node
2 - Configuring the Primary node for a remote database
3 - Enabling Portal profiles
A-2 - Creating a DMGR profile on an existing Portal installation
6 - Federate the Primary Node
7 - Creating the Dynamic Cluster
8 - Configure the Portal Cluster for Federated LDAP Security
9 - Installing an additional Portal Node
10 - Federating and Clustering an additional Portal node
11 - Create the On Demand Router
Installing DB2
Installing IBM Tivoli Directory Server
Configuring the cluster with Web Content Management (such as syndication, authoring,
etc)
Creating multiple clusters in a single cell
Advanced Security configuration (such as SSL, property extension database, SSO)
Configuring the cluster with a web server
For more information on these and other topics, please visit the IBM WebSphere Portal v8.0
Product Documentation:
http://www-10.lotus.com/ldd/portalwiki.nsf/xpViewCategories.xsp?lookupName=IBM
%20WebSphere%20Portal%208%20Product%20Documentation
To perform the tasks described in this document, you need basic WebSphere Portal and
WebSphere Application Server knowledge and administration skills. Some steps might
require the assistance of another system administrator, such as the database administrator or
LDAP administrator.
The following references to WebSphere Portal and WebSphere Application Server file paths
will be used throughout the guide:
<AppServer root> - The root path of the AppServer directory, for example:
/opt/WebSphere/AppServer
<PortalServer root> - The root path of the PortalServer directory, for example:
/opt/WebSphere/PortalServer
<wp_profile> - The root path of the wp_profile directory, for example:
/opt/WebSphere/wp_profile
<dmgr_profile> - The root path of the dmgr profile directory, for example:
/opt/WebSphere/AppServer/profiles/Dmgr01
Main Guide
1 Install IBM WebSphere Portal on the Primary node
In this section, you will install IBM Installation Manager, WebSphere Application Server, and
WebSphere Portal on the server you intend to use as your primary portal server.
Before installing WebSphere Portal, please ensure you review the Planning documentation:
http://www-10.lotus.com/ldd/portalwiki.nsf/dx/Planning_to_install_WebSphere_Portal_wp8
In this guide, the installation was completed as the 'root' user using installation images on a
network drive.
BEFORE YOU BEGIN: We will be installing WebSphere Application Server 8.5.5 and
WebSphere Portal Enable v8.0.0.1 CF7 in this section. You need to have access to the
following repositories for use with IBM Installation Manager:
IBM WebSphere SDK Java Technology Edition V7.0 (bundled with WAS v8.5.5)
WebSphere Portal Server v8.0.0.0 (Including the Setup and Portal media files)
Optional: WebSphere Portal <Offering> v8.0.0.0, where Offering is Enable, Extend, etc.
NOTE: If you have downloaded the Portal media from Passport Advantage, refer to
Appendix B-4 for instructions on how to properly extract the downloaded images.
1. Open a terminal window and enter:
ping yourserver.yourcompany.com
where yourserver.yourcompany.com is your actual fully qualified hostname.
4. Download IBM Installation Manager 1.6.2 (IIM) from the following link:
http://www-01.ibm.com/support/docview.wss?uid=swg24033586
Download whichever package is applicable to your environment. In my case, I am
running on a 64-bit Linux platform, so I downloaded "agent.installer.linux.gtk.x86_64".
5. Copy the downloaded file to your primary Portal server.
6. Extract the contents of the downloaded IIM zip file into a temporary directory.
7. Launch the IIM installer by executing the following command from within the temp
directory:
./install
10
11
12
17. Select WebSphere Application Server Network Deployment v8.5.5 and IBM
WebSphere SDK Java Technology Edition 7.0:
NOTE: If you are using Passport Advantage, you may see many editions of
WebSphere Application Server to install. Ensure you select WebSphere Application
Server Network Deployment. Otherwise, the Portal installation may not recognize
the WAS installation as valid.
18. Accept the license agreement and click Next.
19. Select a location for the IMShared directory and click Next.
13
20. Select an installation directory for WebSphere Application Server, then click Next.
21. Select any translations you might want, and click Next.
14
NOTE: We will configure for Java 7 after the WebSphere Application Server
installation completes.
23. Click Install to begin installing WebSphere Application Server V8.5.5 and Java 7.
24. When the installation completes, select the radio button for None. We will create a
profile when WebSphere Portal installed. Click Finish to exit the installer.
25. You should be taken back to the IIM home screen. Leave this window open for now.
15
Next we must configure WebSphere Application Server to create profiles using Java 7.
26. Open a terminal window and change directories to the <AppServer root>/bin directory.
27. Execute the following commands, depending on your bit architecture:
64-bit:
./managesdk.sh -setCommandDefault -sdkName 1.7_64
./managesdk.sh -setNewProfileDefault -sdkName 1.7_64
32-bit
./managesdk.sh -setCommandDefault -sdkName 1.7_32
./managesdk.sh -setNewProfileDefault -sdkName 1.7_32
16
NOTE: If you added the Portal v8000 Setup repository like I did, then you will see
WebSphere Application Server v8.0.0.3 in your list. Do NOT select it for this
installation.
NOTE: If you added a Portal Cumulative Fix to your list of repositories, do NOT select
it at this time. It is not possible to install a cumulative fix until AFTER the base product
is installed.
33. Accept the license agreement and click Next.
17
34. Select an installation directory for WebSphere Portal and click Next.
35. On the features screen, expand IBM WebSphere Portal Server 8.0.0.1 and review
the features to be installed. Leave the defaults selected. Click Next.
NOTE: This section does not cover installing the Deployment Manager profile now. If
you would like to do this, refer to Appendix A-1 instead.
18
36. On the next screen, select the existing WAS v8.5.5 installation and click Next.
37. Choose the profile template you would like to use and click Next. In this guide, I am
using the Base template:
19
38. For Profile Configuration Details, set the Node Name, Cell Name, Administrator User
ID and Administrator User Password, and click Next.
Optional: If you select the Advanced Configuration radio button at the top of this
screen (not shown), you can also set the Context Root, Default Home, Personalized
Home, starting Port range, Profile Name, and Profile Path. For this guide, these were
all left as the defaults but you are welcome to configure these as you see fit.
39. On the summay screen, click Install to launch the installation process.
40. Once the installation completes, click the radio button for None and click Finish to
exit the installer.
20
You should be taken back to the main screen for IBM Installation Manager. Now we
need to upgrade WebSphere Portal v8001 to v8001CF7. The Portal installation
leaves the WebSphere_Portal started, so we must stop it before proceeding with the
upgrade.
41. From a terminal window, change directories to <wp_profile root>/bin and execute the
following command to stop the WebSphere_Portal server:
./stopServer.sh WebSphere_Portal -user <WAS user> -password <WAS password>
NOTE: You will use the user ID and password you set during installation.
42. Back on the main IIM screen, if you downloaded 8001CF7, go to File Preferences
Repositories and add the repository for CF7, then click OK:
NOTE: You can remove the other repositories if you'd like, we won't need them.
NOTE: If you leave the Search service repositories during installation box checked,
then IIM will automatically attempt to connect to Fix Central to find the latest cumulative
fixes. Use this if your server has an internet connection and you want to get the latest
Portal cumulative fix, but haven't downloaded it yet.
21
22
48. You will be prompted for whether or not you have a local DMGR on the system. At this
stage of the cluster setup process, we do not, so select No and click Next.
23
49. Enter the administrator credentials for your WebSphere Application Server and
WebSphere Portal Server, then click Validate Credentials.
NOTE: The validation process will take several minutes to complete. A script runs in
the background that starts the WebSphere_Portal server and runs a couple of tests
against it, then shuts the server down again.
NOTE: Use the same credentials that you set during the initial installation.
50. Once credential validation completes, click Next.
51. Click Update to begin the upgrade process.
52. When the upgrade finishes, click Finish and exit IBM Installation Manager.
53. Verify you can access your Portal in a web browser:
http://myprimaryportal.ibm.com:10039/wps/portal
At this point, you have successfully installed WebSphere Application Server v8.5.5,
WebSphere Portal v8.0.0.1, and upgraded WebSphere Portal to v8.0.0.1 CF7.
24
2. Ensure the database client is installed and configured on the node. Since we are using
Type 4 drivers for DB2, all that is needed is to copy the db2jcc4.jar and
db2jcc_license_cu.jar files from the DB2 server to some directory on the primary
Portal server.
NOTE: For Portal v8.0.0.1, it is recommended that you place the Type 4 drivers into
the following directory:
<wp_profile>/PortalServer/dbdrivers/
25
You will need to create a directory called 'dbdrivers'. This will save you the step of
manually copying drivers over when adding future secondary nodes to your cluster.
3. Ensure the remote DB2 server is started.
4. From the <wp_profile>/ConfigEngine/properties directory, make a backup of the
following files:
wkplc.properties
wkplc_dbtype.properties
wkplc_dbdomain.properties
5. Edit the wkplc_dbtype.properties file and make the following changes:
db2.DbDriver=com.ibm.db2.jcc.DB2Driver
db2.DbLibrary=/opt/IBM/WebSphere/wp_profile/PortalServer/dbdrivers/db2jcc4.ja
r:/opt/IBM/WebSphere/wp_profile/PortalServer/dbdrivers/db2jcc_license_cu.jar
db2.JdbcProviderName=wpdbJDBC_db2
NOTE: The entry for db2.DbLibrary is an example only. Please ensure this is a valid
path on your system.
NOTE: If using Windows, ensure the jar files in the DbLibrary path are separated by a
semi-colon. Linux/Unix requires a colon.
6. Edit the wkplc_dbdomain.properties file and make the following changes:
feedback.DbType=db2
feedback.DbName=fdbkdb
feedback.DbSchema=FEEDBACK
feedback.DataSourceName=wpdbDS_feedback
feedback.DbUrl=jdbc:db2://mydbserver.ibm.com:50000/fdbkdb:returnAlias=0;
feedback.DbUser=db2inst1
feedback.DbPassword=password
feedback.DbRuntimeUser=db2inst1
feedback.DbRuntimePassword=password
likeminds.DbType=db2
likeminds.DbName=lmdb
likeminds.DbSchema=likeminds
likeminds.DataSourceName=wpdbDS_likeminds
likeminds.DbUrl=jdbc:db2://mydbserver.ibm.com:50000/lmdb:returnAlias=0;
likeminds.DbUser=db2inst1
likeminds.DbPassword=password
likeminds.DbRuntimeUser=db2inst1
likeminds.DbRuntimePassword=password
26
release.DbType=db2
release.DbName=reldb
release.DbSchema=release
release.DataSourceName=wpdbDS_release
release.DbUrl=jdbc:db2://mydbserver.ibm.com:50000/reldb:returnAlias=0;
release.DbUser=db2inst1
release.DbPassword=password
release.DbRuntimeUser=db2inst1
release.DbRuntimePassword=password
community.DbType=db2
community.DbName=comdb
community.DbSchema=community
community.DataSourceName=wpdbDS_community
community.DbUrl=jdbc:db2://mydbserver.ibm.com:50000/comdb:returnAlias=0;
community.DbUser=db2inst1
community.DbPassword=password
community.DbRuntimeUser=db2inst1
community.DbRuntimePassword=password
customization.DbType=db2
customization.DbName=cusdb
customization.DbSchema=customization
customization.DataSourceName=wpdbDS_customization
customization.DbUrl=jdbc:db2://mydbserver.ibm.com:50000/cusdb:returnAlias=0;
customization.DbUser=db2inst1
customization.DbPassword=password
customization.DbRuntimeUser=db2inst1
customization.DbRuntimePassword=password
jcr.DbType=db2
jcr.DbName=jcrdb
jcr.DbSchema=jcr
jcr.DataSourceName=wpdbDS_jcr
jcr.DbUrl=jdbc:db2://mydbserver.ibm.com:50000/jcrdb:returnAlias=0;
jcr.DbUser=db2inst1
jcr.DbPassword=password
jcr.DbRuntimeUser=db2inst1
jcr.DbRuntimePassword=password
In steps 7 thru 15, we will set up Collation Support for the JCR database. This is only
needed for DB2, and is recommended when the language locales of your users do not
natively collate correctly in the DB2 database.
7. Copy the following files from the WebSphere Portal server to a temporary directory on
the DB2 server:
<PortalServer>/jcr/wp.content.repository.install/lib/wp.content.repository.in
stall.jar
<wp_profile root>/PortalServer/jcr/config/registerCollationUDFTemplate.sql
27
8. From the DB2 server, open a terminal window and change directories to:
<db2 instance home>/sqllib/function
Review the output to ensure the commands in the sql file executed successfully.
15. Disconnect from the JCRDB and restart the DB2 instance.
16. Switch over to the Primary Portal node, and from a terminal window, change
directories to <wp_profile root>/ConfigEngine
17. Execute the following ConfigEngine scripts to validate the database properties:
./ConfigEngine.sh validate-database -DWasPassword=<password>
18. Execute the following ConfigEngine script to transfer the database from Derby to DB2:
./ConfigEngine.sh database-transfer -DWasPassword=<password>
28
19. DB2 only. After the database-transfer script completes, connect to each database
and perform a reorg check to improve performance. You can do that following these
steps:
a. From the DB2 server, connect to the release database and execute the following
command:
db2 reorgchk update statistics on table all > reorgchk.txt
b. Review the reorgchk.txt file and note any table names that have an * set in the
REORG column.
c. Execute the following command for each table name that has an * set:
db2 reorg table <tablename>
d. After you have completed running reorg against all the marked tables for this
database, execute the following DB2 commands to rebind the database:
db2 terminate
db2rbind <database name> -l db2rbind.out -u <db2admin ID> -p <db2admin
password>
21. Verify that you can render Portal successfully in a web browser.
http://myprimaryportal.ibm.com:10039/wps/portal
At this point, you have successfully configured WebSphere Portal to use an external
database.
29
30
to
jcr.textsearch.enabled=false
8. Save icm.properties.
9. From a terminal window on the primary node, navigate to the <wp_profile
root>/ConfigEngine directory.
10. Execute the following ConfigEngine script:
./ConfigEngine.sh enable-profiles -DWasPassword=<password>
NOTE: This script will create a backup of your wp_profile configuration named
Portal.car and save it to the following directory:
<PortalServer root>/profileTemplates/default.portal/configArchives
If you placed your database drivers within the wp_profile/PortalServer directory, then
they will be automatically collected.
11. Execute the following ConfigEngine script to package all of the profile templates into a
single zip file:
./ConfigEngine.sh package-profiles -DWasPassword=<password>
NOTE: This will create a zip file called profileTemplates.zip in the following directory:
<PortalServer root>/profileTemplates
At this point, the primary node has been installed and the profile templates have been
created.
31
IBM WebSphere SDK Java Technology Edition V7.0 (bundled with WAS v8.5.5)
1. Download IBM Installation Manager 1.6.2 (IIM) from the following link:
http://www-01.ibm.com/support/docview.wss?uid=swg24033586
Download whichever package is applicable to your environment. In my case, I am
running on a 64-bit Linux platform, so I downloaded "agent.installer.linux.gtk.x86_64".
2. Copy the downloaded file to your Deployment Manager server if needed.
3. Extract the contents of the downloaded IIM zip file into a temporary directory.
4. Launch the IIM installer by executing the following command from within the temp
directory:
./install
32
33
8.
9.
NOTE: If you are installing from Passport Advantage, you will not need to add these
repositories.
12. Click OK to close the preferences.
13. From the main IIM screen, click Install.
34
14. Select 'WebSphere Application Server Network Deployment - Version 8.5.5.0' and
'IBM WebSphere SDK Java Technology Edition'. Click Next.
NOTE: If you are using Passport Advantage, you may see many editions of
WebSphere Application Server to install. Ensure you select WebSphere Application
Server Network Deployment. Otherwise, the Portal installation may not allow you to
proceed.
15. Accept the license agreement and click Next.
16. Set a directory location for the IMShared directory and click Next.
35
17. Select an installation directory for WebSphere Application Server and click Next.
36
32-bit
./managesdk.sh -setCommandDefault -sdkName 1.7_32
./managesdk.sh -setNewProfileDefault -sdkName 1.7_32
37
26. Select the radio button for Deployment Manager and click Next.
38
27. Select 'Advanced Profile Creation' and click Next. This allows you to customize the
node name, cell name, profile name and profile location (among other items).
28. Check the box to deploy the administrative console and click Next.
29. Set the DMGR profile name and profile directory and click Next.
39
30. Select a Node Name, Hostname and Cell Name, then click Next:
NOTE: Do NOT use the same cell name or node name that you used for the Portal
node/cell. If you do, you will be unable to federate the Portal node the DMGR cell and
must recreate the DMGR profile with unique values for Node and Cell name.
40
31. IMPORTANT. Select the checkbox to Enable Administrative security and use the
exact same user ID and password you used when installing Portal on your
primary node. Doing this will save you some headaches when creating your cluster.
The cluster setup steps in this guide assume you have used the same ID. If you do
NOT use the same ID, you may see unexpected problems when creating your cluster
related to the user IDs..
41
32. Select your security certificates on the next two screens. For this guide, the defaults
were used. Click Next on each screen.
33. Change the port numbers if you'd like. For this guide, the port numbers were not
changed.
NOTE: Make note of the Administrative Console port and the SOAP port. Both of these
ports will be used later in this guide.
34. Windows/Linux only. Select whether to run the DMGR as a service. For this guide,
this option was not selected.
35. Click CREATE on the summary screen.
36. Click Finish to complete the DMGR profile creation.
37. Exit out of the Profile Management Tool.
At this point, the Deployment Manager has been installed and the DMGR profile has been
created. The default URL for the Deployment Manager's Administrative Console is:
http://mydmgr.ibm.com:9060/ibm/console
42
3. From the primary Portal node, copy the following zip file over to a temporary location
on your DMGR server:
<PortalServer root>/filesForDmgr/filesForDmgr.zip
4. Back on the DMGR server, extract the filesForDmgr.zip that you just copied over into a
temporary directory (<temp>).
5. Remote DMGR only. Copy the
<temp>/bin/ProfileManangement/plugins/com.ibm.wp.dmgr.pmt_7.0.5 directory to the
<DMGR AppServer root>/bin/ProfileManagement/plugins directory.
NOTE: If you do not have a plugins directory here, then create it manually.
6. Remote DMGR only. Copy the <temp>/lib/wkplc.comp.registry.jar and wp.wire.jar to
the <DMGR AppServer root>/lib directory.
7. Remote DMGR only. Copy the <temp>/plugins/com.ibm.patch.was.plugin.jar, and the
com.ibm.wp.was.plugin.jar files to the <DMGR AppServer root>/plugins directory.
8. Remote DMGR only. Copy the <temp>/profileTemplates/management.portal.augment
directory to the <DMGR AppServer root>/profileTemplates directory.
9. Copy the <temp>/profiles/Dmgr01/config/.repository/metadata.wkplc.xml file to the
<DMGR profile root>/config/.repository directory.
NOTE: The .repository directory is a hidden directory.
43
In steps 10 and 11, we will augment the DMGR profile. This process automatically
makes the following changes to your DMGR profile:
- Increases the HTTP connection timeouts for the DMGR server
- Increases the SOAP connector timeout for JMX in the DMGR server
- Increases the JVM Maximum Heap size for the DMGR server
- Enables Application Security
- Creates a 'wpsadmins' group in the default file repository
- Adds your administrative user to the 'wpsadmins' group.
- Increases the soap timeout in the soap.client.props file.
IMPORTANT: If you created a Deployment Manager profile locally using the IIM
feature during Portal installation, then the DMGR profile is already augmented. You
do not need to follow steps 10 and 11 in this case.
10. From a terminal window on your DMGR server, change directories to <DMGR
AppServer root>/bin
11. Execute the following command to augment the DMGR profile:
./manageprofiles.sh -augment -templatePath <DMGR AppServer
root>/profileTemplates/management.portal.augment -profileName
<dmgr_profile_name>
Where <DMGR AppServer root> is the root path of AppServer on your DMGR server,
and <dmgr_profile_name> is the name of your Deployment Manager profile, Dmgr01
for example.
12. Start the Deployment Manager from <DMGR profile root>/bin directory:
./startManager.sh
13. Launch the Deployment Manager administrative console and login. Default port is
9060:
http://mydmgr.ibm.com:9060/ibm/console
44
45
16. In the 'Primary administrative user name' field, change this value to the full
distinguished name of the user using the following format:
uid=<user id>,o=defaultWIMFileBasedRealm
In my example, my user ID is wpsadmin, therefore my full distinguished name will be:
uid=wpsadmin,o=defaultWIMFileBasedRealm
NOTE: This change will help prevent user ID conflicts when we add the federated
LDAP.
17. Before saving, enter the administrative user password, then click Save to save
changes.
18. Restart the deployment manager for the changes to take effect.
At this point, your deployment manager is configured and ready for Portal federation.
IMPORTANT: This cluster guide uses the out of the box file repository for the security
configuration to set up the cluster. If your Portal server is configured for a different type of
security (such as an LDAP), then you must configure your Deployment Manager to use the
exact same user repository as your Portal node. Once the Portal node is added to the
Deployment Manager's cell, it will begin using the Deployment Manager's user repository. If
your Portal is configured for an LDAP and your DMGR is not, then your Portal will not function
after adding it to the DMGR. If you need to configure your DMGR for LDAP security, please
do so now. This guide does not cover enabling the DMGR for LDAP at this stage of the
cluster creation process.
We will configure the cluster to use an LDAP repository in a later section of this guide.
46
4. Execute the following command from the <wp_profile root>/bin to add the Portal node
to the DMGR cell :
./addNode.sh <dmgr_hostname> <dmgr soap port> -username <dmgr admin ID>
-password <dmgr user password> -includeapps
For example:
./addNode.sh mydmgr.ibm.com 8879 -username wpadmin -password wppassword
-includeapps
NOTE: If you are not sure what your DMGR's soap port is, you can obtain it by logging
into the DMGR and navigating to System Administration Deployment Manager
Ports.
IMPORTANT: If the addNode script fails for any reason, you must complete the
following steps before running addNode again:
a) Remove the node from the DMGR cell in case AddNode successfully completed
that step before failing.
b) Login to the DMGR and do the following (these may not exist, depending on
where the failure occurred):
i. Remove all Enterprise applications
ii. Remove the WebSphere_Portal server definition
iii. Remove the JDBC Provider information for WebSphere_Portal
47
5. Stop the deployment manager by issuing the following command from the <dmgr
profile>/bin directory:
./stopManager.sh -user <WAS user> -password <WAS pwd>
6. Start the deployment manager by issuing the following command from the <dmgr
profile root>/bin directory:
./startManager.sh
At this point, your WebSphere Portal server has been federated to the Deployment Manager.
It is not yet in a cluster. It has also inherited the Deployment Manager's security
configuration.
Running Portal in a federated-only environment is not officially supported by IBM, so next we
must build a cluster.
48
NOTE: For the primary node, you must leave ServerName as WebSphere_Portal. Do
not change it to any other value.
2. Edit <wp_profile>/ConfigEngine/properties/wkplc_dbdomain.properties and ensure all
database user IDs and passwords are accurate.
3. Update the deployment manager configuration for the new WebSphere Portal server
by executing the following ConfigEngine script:
./ConfigEngine.sh cluster-node-config-post-federation
-DWasPassword=<password>
49
4.
5.
50
51
13. In the Name field, type in any name you'd like, for example PortalNodeGroup. You
may add a description too if you'd like. Click OK.
52
18. Check the box next to your primary node name, and click Add.
53
22. From the Server Type drop-down menu, select WebSphere Application Server and
click Next.
23. Select the radio button 'Automatically define cluster members with rules' and type in
the name of the Dynamic Cluster. This should be the same value you set for
ClusterName in wkplc.properties. For example, PortalCluster. Click Next.
Note: You do not need to check the Create a replication domain for this cluster
option. This will be created later by the ConfigEngine script 'cluster-node-configdynamic-cluster-setup.
54
24. On the Define dynamic cluster members screen, remove the default text that
appears in the Membership Policy field, then click Subexpression builder.
25. In the window that pops up, set all of the following:
Logical Operator = and
Select operand = Nodegroup
Operator = Equals (=)
Value = <The node group you created earlier>
then click Generate subexpression. This will automatically populate the
Subexpression field.
55
56
30. On the next screen, you can configure rules for how the dynamic cluster will manage
your cluster members. This includes the following options:
Minimum number of cluster instances Set this to indicate the minimum number of
cluster members that should be running at any given time in this cluster.
Maximum number of cluster instances Set this to indicate the maximum number
of cluster members that should be running at any given time in this cluster.
Vertical stacking of instances on a node Set this to allow the dynamic cluster to
start more than one vertical cluster member on the node. A vertical cluster member is
any additional cluster member that exists on the same node as your main cluster
member (WebSphere_Portal in this case). Checking this option will automatically
generate vertical cluster members. I left this unchecked but you can certainly do
this now if you would like. See Appendix B-2 for full instructions for creating vertical
cluster members.
Isolation preference Set this if you have more than one dynamic cluster running on
a single node and want to restrict the number of clusters running on a node at any
given time.
For the purposes of this guide, I am leaving all of the defaults. You can change these
settings after cluster creation if you need to. Refer to Appendix B-3 for instructions on
how to do this. Click Next.
57
NOTE: You may notice that the original WebSphere_Portal server still exists, but is not
part of the cluster. With static clusters, the WebSphere_Portal server is moved into the
cluster. With dynamic clusters however, the server is NOT moved. Instead a new
server is created based on a template of the server you specify during cluster creation.
At this point, the cluster is created, but it has not been configured with WebSphere
Portal yet.
58
59
38. IMPORTANT. If you already had LDAP security enabled in the DMGR before
federating the WebSphere Portal node, you need to update the WebSphere Portal
configuration to recognize a valid user ID and a valid group ID for the environment.
From the <wp_profile root>/ConfigEngine directory, execute the following command:
./ConfigEngine.sh wp-change-portal-admin-user -DnewAdminId=<full DN of the
new Portal Admin ID> -DnewAdminPw=<newPwd> -DnewAdminGroupId=<full DN of the
new group ID>
40. Now you should be able to access your new cluster member in a web browser.
Remember to use the new port we got from earlier in this section. In my case, it is
10050:
http://myprimarynode.ibm.com:10050/wps/portal
At this point, you have successfully created a one node dynamic cluster using a remote
database. Remember the following points:
A new server was created based on the name of your cluster and node. You will use this
going forward instead of WebSphere_Portal
The 'WebSphere_Portal' server still exists in the configuration, but will no longer be used.
You can delete the original WebSphere_Portal server at this point if you'd like, it will not
be used again.
60
NOTE: The remaining properties were left as the default values for the purposes of this
guide. If you need to modify these to suit your environment, please do so and refer to
the Product Documentation link above as needed.
NOTE: If your LDAP supports a membership attribute, such as ibm-allGroups for IBM
Tivoli Directory Server, fill in one additional property as follows:
federated.ldap.gc.name=ibm-allGroups
Not all LDAPs support a membership attribute. This is an optional parameter, but one
that can offer a significant performance enhancement if available in your LDAP. Check
with your LDAP administrator to determine if your LDAP supports a membership
attribute.
61
save the properties from the helper file into the wkplc.properties file.
4. Execute the following ConfigEngine script to add the federated LDAP to the cluster
security configuration:
./ConfigEngine.sh wp-create-ldap -DWasPassword=<current password>
NOTE: This script does not remove or replace the out-of-the-box file user registry.
Instead, it adds the ldap to the security configuration, so that both it and the file user
registry are in use. Your Portal Administrator User ID, Portal Administrator Group ID
and WAS User ID are still in the default out-of-the-box file user registry.
5. Restart the DMGR, the nodeagent on the primary node, and the WebSphere_Portal
server on the primary node.
6. IMPORTANT: If you happen to have a user in your ldap that shares the same
shortname as your current Portal/WAS Administrator from the out-of-the-box-file
registry, you will need to execute the following ConfigEngine script before proceeding
with the remaining steps:
./ConfigEngine.sh wp-modify-realm-enable-dn-login -DWasPassword=<password>
Failure to run this script now can cause authentication problems for the remainder of
these steps. Again this is only needed if you have duplicated shortname IDs.
For example, your original ID is:
uid=wpadmin,o=defaultWIMFileBasedRealm
and you have another 'wpadmin' ID in your LDAP:
uid=wpadmin,o=users,dc=mycompany,dc=com
If you try to login to Portal, you will be unable to login to Portal using the shortname.
This will only be temporary and will be corrected at the end of these steps.
62
7. Execute the following ConfigEngine script to verify that all defined attributes are
available in your newly added ldap:
./ConfigEngine.sh wp-validate-federated-ldap-attribute-config
-DWasPassword=<current password>
NOTE: If the full distinguished name of your user has a space in it, then add the
'newAdminId' and 'newAdminPw' values to your wkplc.properties file instead of passing
them through the command line.
NOTE: After running this script, the WasUserid value in wkplc.properties will be
updated to reflect the new WAS User ID you specified for newAdminId.
63
9. Restart the DMGR, NodeAgent and WebSphere_Portal server for the change to take
effect.
NOTE: When you stop these servers, you will need to pass in the user ID/pwd of the
original WAS admin user. The new user will not take effect until the servers have been
restarted.
NOTE: If you ran the 'wp-modify-realm-enable-dn-login' script, then you will be
required to pass in the full distinguished name of the WAS admin user (since the
servers are now using it) in order for authentication to succeed. For example:
./stopManager.sh -user uid=wpadmin,o=defaultWIMFileBasedRealm -password
<password>
After the servers are restarted, the WasUserid and WasPassword will be the ldap user.
10. Execute the following ConfigEngine script to reassign the WebSphere Portal
Administrator ID and Group ID to a user and group within your LDAP:
./ConfigEngine.sh wp-change-portal-admin-user -DWasPassword=<password>
-DnewAdminId=<full distinguished name from ldap> -DnewAdminPw=<ldap ID
password> -DnewAdminGroupId=<full distinguished name from ldap>
NOTE: If the full distinguished name of your user has a space in it, then add the
'newAdminId', 'newAdminPw', and 'newAdminGroupId' values to your wkplc.properties
file instead of passing them through the command line.
NOTE: After running this script, the PortalAdminId value in wkplc.properties will be
automatically updated to reflect the ID value specified for 'newAdminId' and the
PortalAdminGroupId value will be automatically updated to reflect the
'newAdminGroupId'.
64
11. Restart the Deployment Manager, nodeagent, and WebSphere_Portal server on the
primary node.
NOTE: At this point, your WasUserid, WasPassword, PortalAdminId, PortalAdminPwd,
and PortalAdminGroupId values will be your ldap user and group values.
NOTE: If you ran the 'wp-modify-realm-enable-dn-login' script, then you will be
required to pass in the full distinguished name of the new LDAP WAS admin user
(since the servers are now using it) in order for authentication to succeed. For
example:
./stopManager.sh -user uid=wpadmin,cn=users,dc=ibm,dc=com -password
<password>
12. Execute the following ConfigEngine script to list the current user repositories:
./ConfigEngine.sh wp-query-repository -DWasPassword=<password>
65
14. Execute the following ConfigEngine script to ensure that new users and groups are
created in your LDAP:
./ConfigEngine.sh wp-set-entitytypes -DWasPassword=<password>
16. Execute the following ConfigEngine script to remove the default file repository:
./ConfigEngine.sh wp-delete-repository -DWasPassword=<password>
17. If you executed the 'wp-modify-realm-enable-dn-login' script earlier, run the following
ConfigEngine script to disable it and allow shortname logins to be functional again:
./ConfigEngine.sh wp-modify-realm-disable-dn-login -DWasPassword=<password>
For example:
./syncNode.sh mydmgr.ibm.com 8879 -user wpadmin -password wppassword
66
IBM WebSphere SDK Java Technology Edition V7.0 (bundled with WAS v8.5.5)
WebSphere Portal Server v8.0.0.0 (Including the Setup and Portal media files)
Optional: WebSphere Portal <Offering> v8.0.0.0, where Offering is Enable, Extend, etc.
NOTE: If you have downloaded the Portal media from Passport Advantage, refer to
Appendix B-4 for instructions on how to properly extract the downloaded images.
1. Open a terminal window and enter:
ping yourserver.yourcompany.com
where yourserver.yourcompany.com is your actual fully qualified hostname.
67
4. Download IBM Installation Manager 1.6.2 (IIM) from the following link:
http://www-01.ibm.com/support/docview.wss?uid=swg24033586
Download whichever package is applicable to your environment. In my case, I am
running on a 64-bit Linux platform, so I downloaded "agent.installer.linux.gtk.x86_64".
5. Copy the downloaded file to your primary Portal server if needed.
6. Extract the contents of the downloaded IIM zip file into a temporary directory.
7. Launch the IIM installer by executing the following command from within the temp
directory:
./install
68
69
70
17. Select WebSphere Application Server Network Deployment v8.5.5 and IBM
WebSphere SDK Java Technology Edition. Click Next.
NOTE: If you are using Passport Advantage, you may see many editions of
WebSphere Application Server to install. Ensure you select WebSphere Application
Server Network Deployment. Otherwise, the Portal installation may not recognize
the WAS installation as valid.
18. Accept the license agreement and click Next.
19. Select a location for the IMShared directory and click Next.
71
20. Select an installation directory for WebSphere Application Server, then click Next.
21. Select any translations you might want, and click Next.
72
NOTE: We will configure for Java 7 after the WebSphere Application Server
installation completes.
73
Next we must configure WebSphere Application Server to create profiles using Java 7.
26. Open a terminal window and change directories to the <AppServer root>/bin directory.
27. Execute the following commands, depending on your bit architecture:
64-bit:
./managesdk.sh -setCommandDefault -sdkName 1.7_64
./managesdk.sh -setNewProfileDefault -sdkName 1.7_64
32-bit
./managesdk.sh -setCommandDefault -sdkName 1.7_32
./managesdk.sh -setNewProfileDefault -sdkName 1.7_32
74
NOTE: If you added the Portal v8000 Setup repository like I did, then you will see
WebSphere Application Server v8.0.0.3 in your list. Do NOT select it for this
installation.
NOTE: If you added a Portal Cumulative Fix to your list of repositories, do NOT select
it at this time. It is not possible to install a cumulative fix until AFTER the base product
is installed.
33. Accept the license agreement and click Next.
75
34. Select an installation directory for WebSphere Portal and click Next.
35. On the features screen, expand IBM WebSphere Portal Server 8.0.0.1 and review
the features to be installed. De-select the 'Portal Server Profile' feature. We will
create a Portal profile later. Click Next.
76
36. On the next screen, select the existing WAS v8.5.5 installation and click Next.
37. On the summay screen, click Install to launch the installation process.
IMPORTANT: Double check the features to be installed and ensure that Portal Server
Profile is NOT listed. If it is, go back and remove the feature.
38. Once the installation completes, click the radio button for None and click Finish to
exit the installer.
77
You should be taken back to the main screen for IBM Installation Manager. Now we
need to upgrade WebSphere Portal v8001 to v8001CF7.
39. Go to File Preferences Repositories and add the repository for CF7, then click
OK:
NOTE: You can remove the other repositories if you'd like, we won't need them.
NOTE: If you leave the Search service repositories during installation box checked,
then IIM will automatically attempt to connect to Fix Central to find the latest cumulative
fixes. Use this if your server has an internet connection and you want to get the latest
Portal cumulative fix, but haven't downloaded it yet.
40. On the main IIM screen, click Update.
41. Select IBM WebSphere Portal in the list of packages and click Next.
78
42. On the packages screen, your results here may vary depending on whether you're
using Passport Advantage, the Live Service Repositories or downloaded media, but
ensure you select 8.0.0.1 CF7 or higher (if anything higher than CF7 is available),
then click Next..
79
45. You will be prompted for whether or not you have a local DMGR on the system. At this
stage of the cluster setup process, we do not, so select No and click Next.
46. On the Credentials screen, we do not yet have a profile so there are no credentials to
validate. Click Next.
80
NOTE: The 'chmod' command is only needed for Linux/Unix environments. It does
not apply to Windows.
52. From the <PortalServer root>/profileTemplates directory, execute the following
command:
./installPortalTemplates.sh <AppServer root>
where <AppServer root> is the WebSphere Application Server root path on your
system. For example:
./installPortalTemplates.sh /opt/IBM/WebSphere/AppServer
81
53. On the WebSphere Portal additional node, execute the following command from the
<AppServer root>/bin/ directory to create the WebSphere Portal profile on this node:
./manageprofiles.sh -create -templatePath <PortalServer
root>/profileTemplates/managed.portal -profileName <my_portal_profile>
-profilePath <full path to profile> -cellName <cell_name> -nodeName
<node_name> -hostName <hostname>
For example, if I wanted to create a profile called wp_profile with a cell name of
wp8Node2Cell and a nodename of wp8Node2, I would run this command:
./manageprofiles.sh -create -templatePath
/opt/IBM/WebSphere/PortalServer/profileTemplates/managed.portal -profileName
wp_profile -profilePath /opt/IBM/WebSphere/wp_profile -cellName wp8Node2Cell
-nodeName wp8Node2 -hostName mysecondaryportal.ibm.com
NOTE: Do NOT use the same node name as your primary node or any other node
that may already be part of the DMGR cell. You will be unable to add this node to the
DMGR cell if the node names are identical.
NOTE: Do NOT use the same cell name as the DMGR cell.
IMPORTANT: Do NOT use the manageprofiles option to Federate the profile now.
This results in an unusable Portal profile.
NOTE: A WebSphere_Portal server will NOT be created during the profile creation.
The WebSphere_Portal server will be created after the node is added to the existing
cluster.
54. After creating the profile, edit the <PortalServer root>/wps.properties file on the
system and add the ProfileName and ProfileDirectory properties to this file:
ProfileName=<your profile name>
ProfileDirectory=<your profile directory including the profile name>
For example:
ProfileName=wp_profile
ProfileDirectory=/opt/IBM/WebSphere/wp_profile
NOTE: You may need to temporarily give the OS user write access to this file.
NOTE: For reference, you can compare this file to the same file on your primary node,
but do NOT copy the file from the primary node.
82
55. If you did NOT place your database drivers in the wp_profile/PortalServer directory on
your primary node BEFORE running the 'enable-profiles' script there, or if you are
using Type 2 drivers, copy the database drivers to the new Portal node.
At this point, you have successfully installed WebSphere Application Server v8.5.5,
WebSphere Portal v8.0.0.1, and upgraded WebSphere Portal to v8.0.0.1 CF7 on an
additional node.
A Portal profile was manually created on the node, but it does not contain a
WebSphere_Portal server so it is not yet functional.
83
2. Ensure that the time on the Deployment Manager server and the time on the additional
Portal node server are no more than 5 minutes apart.
3. From the <wp_profile root>/bin directory, execute the following command:
./addNode.sh <dmgr_hostname> <dmgr soap port> -username <dmgr admin ID>
-password <dmgr user password>
For example:
./addNode.sh mydmgr.company.com 8879 -username wpadmin -password wppassword
84
8. Ensure the NodeAgent is started on this node by running the following command from
the <wp_profile>/bin directory:
./startNode.sh
12. Click the name of your NodeGroup and click Node Group Members.
85
14. Check the box next to your new node and click Add.
NOTE: This action creates a new server that is automatically added to your dynamic
cluster.
15. Save all of your changes.
86
16. Navigate to Servers Server Types WebSphere Application Servers and note
the name of your server. In my case, it is PortalCluster_wp8Node2.
17. Click the name of your new server and and expand the Ports section. Note the value
of WC_defaulthost. This the port you will use to access the new Portal server.
NOTE: Do not attempt to access the Portal server just yet. We have not finished
configuring it for the dynamic cluster.
87
21. From the <wp_profile root>/ConfigEngine directory, execute the following command
to complete the configuration for the additional dynamic cluster member:
./ConfigEngine.sh dynamic-cluster-setup-additional -DWasPassword=<password>
22. From the <wp_profile root>/bin directory, execute the following commands to restart
the new cluster member:
./stopServer.sh <new cluster member> -user <WAS user> -password <WAS
password>
./startServer.sh <new cluster member>
23. Verify you can access the new cluster member in a web browser using the port we
identified earlier:
http://mysecondaryserver.ibm.com:10050/wps/portal
At this point, you have successfully created a two-node dynamic cluster. The cluster uses a
remote database and is configured with federated ldap security.
88
3. Click New.
4. Select an existing node and create a server name for the On Demand Router. Click
Next.
89
NOTE: I have unchecked Generate Unique Ports. The ODR listens on port 80 by
default but if Generate Unique Ports is left checked, this may change to 81, 82, etc. If
that happens, you then have to add an entry to the "Default Host" virtual hosts for that
port.
6. On the next screen, select the default ODR template and click Next.
7. Click Finish to create the ODR and Save all changes.
90
91
9. Navigate to System Administation Nodes and ensure the node that you created
the ODR on has synchronized with the DMGR. If it has not, sync it now by checking
the box next to your node and clicking the Synchronize button.
10. Navigate to Servers Server Types On Demand Routers. Click the checkbox
next to your ODR name and click Start.
92
11. Once the ODR has started, you should be able to access your Portal cluster though it.
Access the URL:
http://myODRserver.ibm.com/wps/portal
where <myODRserver.ibm.com> is the hostname of the node where you created the
ODR.
The ODR will route incoming requests to your cluster members. It does this based on
a default rule to route incoming requests that go to the "default_host" virtual host.
For additional configuration options and more about the On Demand Router, please
visit the WebSphere Application Server v8.5 Information Center here:
http://pic.dhe.ibm.com/infocenter/wasinfo/v8r5/index.jsp?topic=
%2Fcom.ibm.websphere.wve.doc%2Fae%2Ftwve_odr.html
At this point, you have configured an On Demand Router to handle incoming requests to your
dynamic Portal cluster.
Conclusion
In this guide, you saw how to build a fully functional WebSphere Portal v8.0.0.1 CF7 dynamic
cluster running on WebSphere Application Server v8.5.5. You configured Portal to use an
external database and federated LDAP for security. You also saw how to configure an On
Demand Router to route requests to the members of your dynamic cluster.
93
12 What to do next
After you have completed building the dynamic cluster, you may considering doing any of the
following:
Adding Vertical Cluster members. This is covered in Appendix B-2 of this guide.
Adding mulitple dynamic clusters to your cell. You can add additional WebSphere
Portal clusters to a single cell if you'd like. See the WebSphere Portal product
documentation for instructions, for example on Linux:
http://www-10.lotus.com/ldd/portalwiki.nsf/xpDocViewer.xsp?
lookupName=IBM+WebSphere+Portal+8+Product+Documentation#action=openDocume
nt&res_title=Setting_up_multiple_clusters_on_Linux_wp8&content=pdcontent
Ensure that you also understand the limitations of multiple Portal clusters in a single cell:
http://www-10.lotus.com/ldd/portalwiki.nsf/xpDocViewer.xsp?
lookupName=IBM+WebSphere+Portal+8+Product+Documentation#action=openDocume
nt&res_title=Planning_for_multiple_clusters_wp8&content=pdcontent
Adding features to a base installation. If you installed a Base Portal profile instead of a
Full profile, you can add any of the Full features following the instructions in the
WebSphere Portal product documentation:
http://www-10.lotus.com/ldd/portalwiki.nsf/xpDocViewer.xsp?
lookupName=IBM+WebSphere+Portal+8+Product+Documentation#action=openDocume
nt&res_title=Adding_features_to_a_base_installation_wp8&content=pdcontent
Adding a Web Server. To add a Web Server to the environment, refer to the WebSphere
Application Server v8.5 information center:
http://pic.dhe.ibm.com/infocenter/wasinfo/v8r5/index.jsp?topic=
%2Fcom.ibm.websphere.nd.multiplatform.doc%2Fae%2Ftwsv_plugin.html
IMPORTANT: If you configured an ODR and want to add a Web Server, you must add
the Web Server as a trusted proxy server. See the WAS v8.5 Information Center for
instructions.
http://pic.dhe.ibm.com/infocenter/wasinfo/v8r5/index.jsp?topic=
%2Fcom.ibm.websphere.wve.doc%2Fae%2Ftwve_ccgodrscen.html
94
IBM WebSphere SDK Java Technology Edition V7.0 (bundled with WAS v8.5.5)
WebSphere Portal Server v8.0.0.0 (Including the Setup and Portal media files)
Optional: WebSphere Portal <Offering> v8.0.0.0, where Offering is Enable, Extend, etc.
NOTE: If you have downloaded the Portal media from Passport Advantage, refer to
Appendix B-4 for instructions on how to properly extract the downloaded images.
1. Open a terminal window and enter:
ping yourserver.yourcompany.com
where yourserver.yourcompany.com is your actual fully qualified hostname.
95
4. Download IBM Installation Manager 1.6.2 (IIM) from the following link:
http://www-01.ibm.com/support/docview.wss?uid=swg24033586
Download whichever package is applicable to your environment. In my case, I am
running on a 64-bit Linux platform, so I downloaded "agent.installer.linux.gtk.x86_64".
5. Copy the downloaded file to your primary Portal server if needed.
6. Extract the contents of the downloaded IIM zip file into a temporary directory.
7. Launch the IIM installer by executing the following command from within the temp
directory:
./install
96
97
Note: If you are using Passport Advantage, then you will not need to add these
repositories.
15. Click OK to close the preferences.
16. From the main IIM screen, click Install.
98
17. Select WebSphere Application Server Network Deployment v8.5.5 and IBM
WebSphere SDK Java Technology Edition. Click Next.
NOTE: If you are using Passport Advantage, you may see many editions of
WebSphere Application Server to install. Ensure you select WebSphere Application
Server Network Deployment. Otherwise, the Portal installation may not allow you to
proceed.
18. Accept the license agreement and click Next.
19. Select a location for the IMShared directory and click Next.
99
20. Select an installation directory for WebSphere Application Server, then click Next.
21. Select any translations you might want, and click Next.
100
NOTE: We will configure for Java 7 after the WebSphere Application Server
installation completes.
23. Click Install to being installing WebSphere Application Server V8.5.5.
24. When the installation completes, select the radio button for None. We will create a
profile when WebSphere Portal installed. Click Finish to exit the installer.
25. You should be taken back to the IIM home screen. Leave this window open for now.
101
Next we must configure WebSphere Application Server to create profiles using Java 7.
26. Open a terminal window and change directories to the <AppServer root>/bin directory.
27. Execute the following commands, depending on your bit architecture:
64-bit:
./managesdk.sh -setCommandDefault -sdkName 1.7_64
./managesdk.sh -setNewProfileDefault -sdkName 1.7_64
32-bit
./managesdk.sh -setCommandDefault -sdkName 1.7_32
./managesdk.sh -setNewProfileDefault -sdkName 1.7_32
102
NOTE: If you added the Portal v8000 Setup repository like I did, then you will see
WebSphere Application Server v8.0.0.3 in your list. Do NOT select it for this
installation.
NOTE: If you added a Portal Cumulative Fix to your list of repositories, do NOT select
it at this time. It is not possible to install a cumulative fix until AFTER the base product
is installed.
33. Accept the license agreement and click Next.
103
34. Select an installation directory for WebSphere Portal and click Next.
35. On the features screen, expand IBM WebSphere Portal Server 8.0.0.1 and ensure
that all features are selected, including Deployment Manager augmented with
WebSphere Portal. Click Next.
104
36. On the next screen, select the existing WAS v8.5.5 installation and click Next.
37. For the profile template type, choose either Full or Base, then click Next. For this
guide, I am using Base.
105
38. For Profile Configuration Details, set the Node Name, Cell Name, Administrator User
ID and Administrator User Password, and click Next.
Optional: If you select the Advanced Configuration radio button at the top of this
screen (not shown), you can also set the Context Root, Default Home, Personalized
Home, starting Port range, Profile Name, and Profile Path. For this guide, these were
all left as the defaults but you are welcome to configure these as you see fit.
106
39. On the Dmgr Profile Configuration screen, set HostName, Node Name, Cell Name,
Administrative User ID, Admnistrative Password, DMGR Profile Name and DMGR
profile Path, then click Next.
IMPORTANT: Use the exact same user ID and password that you used for the Portal
profile.
IMPORTANT: Do NOT use the same Cell Name or Node Name as your Portal profile.
Doing so will prevent you from being able to add the Portal node to the DMGR cell
later.
40. On the summay screen, click Install to launch the installation process.
41. Once the installation completes, click the radio button for None and click Finish to
exit the installer.
107
You should be taken back to the main screen for IBM Installation Manager. Now we
need to upgrade WebSphere Portal v8001 to v8001CF7. The Portal installation
leaves the WebSphere_Portal started though, so we must stop it before proceeding
with the upgrade.
42. From a terminal window, change directories to <wp_profile root>/bin and execute the
following command to stop the WebSphere_Portal server:
./stopServer.sh WebSphere_Portal -user <WAS user> -password <WAS password>
NOTE: You will use the user ID and password you set during installation.
43. Back on the main IIM screen, if you downloaded 8001CF7, go to File Preferences
Repositories and add the repository for CF7, then click OK:
NOTE: You can remove the other repositories if you'd like, we won't need them.
NOTE: If you leave the Search service repositories during installation box checked,
then IIM will automatically attempt to connect to Fix Central to find the latest cumulative
fixes. Use this if your server has an internet connection and you want to get the latest
Portal cumulative fix, but haven't downloaded it yet.
108
109
49. You will be prompted for whether or not you have a local DMGR on the system. At this
stage of the cluster setup process, we do have a local Deployment Manager, BUT this
Portal is not yet part of the cluster so select No and click Next.
50. Enter the administrator credentials for your WebSphere Application Server and
WebSphere Portal server, the click Validate Credentials.
NOTE: The validation process will take several minutes to complete. A script runs in
the background that starts the WebSphere_Portal server and runs a couple of tests
against it, then shuts the server down again.
NOTE: Use the same credentials that you set during the initial installation.
110
111
4.
112
5. Add the repository for the Portal v8.0 media if it is not already there:
Portal/repository.config
You can add the Setup, WAS, and <Offering> repositories if you'd like, but they will not
be used for this section. You also will not need the 8001 or CF7 repositories.
6. Click OK to save changes.
7. Click the 'Modify' button on the Installation Manager main screen.
8. Select the WebSphere Portal package and click Next:
113
9. On the next screen, expand 'IBM WebSphere Portal Server 8.0.0.1 CF7' and select the
checkbox for 'Deployment Manager augmented with WebSphere Portal':
114
11. Review the summary screen. Make sure you are NOT inadvertently removing any
features, such as your WebSphere Portal profile. If you see this, THIS IS BAD AND
YOUR PROFILE WILL BE REMOVED!
If anything looks incorrect, go back and make any necessary corrections. If everything
is correct, click Modify.
115
12. When the installation finishes, start the Deployment Manager from the <dmgr profile
root>/bin directory:
./startManager.sh
13. Launch the Deployment Manager administrative console and login. Default port when
the DMGR is installed on the same server as Portal is 9061:
http://myprimaryportal.ibm.com:9061/ibm/console
NOTE: Remember the DMGR is now installed on the primary Portal server, so the
hostname is the same as Portal's.
14. Navigate to Security Global Security
15. Under 'User Account Repository', click 'Configure':
116
16. In the 'Primary administrative user name' field, change this value to the full
distinguished name of the user using the following format:
uid=<user id>,o=defaultWIMFileBasedRealm
In my example, my user ID is wpadmin, therefore my full distinguished name will be:
uid=wpadmin,o=defaultWIMFileBasedRealm
NOTE: This change will help prevent user ID conflicts when we add the federated
LDAP.
17. Before saving, enter the password for this user when prompted, then save all
changes.
18. Restart the Deployment Manager for the changes to take effect.
117
118
standalone.ldap.et.personaccount.searchFilter=
standalone.ldap.et.personaccount.objectClasses=inetOrgPerson
standalone.ldap.et.personaccount.objectClassesForCreate=
standalone.ldap.et.personaccount.searchBases=cn=users,dc=ibm,o=com
standalone.ldap.gm.groupMemberName=uniqueMember
standalone.ldap.gm.objectClass=groupOfUniqueNames
standalone.ldap.gm.scope=direct
standalone.ldap.gm.dummyMember=uid=dummy
standalone.ldap.personAccountParent=cn=users,dc=ibm,o=com
standalone.ldap.groupParent=cn=groups,dc=ibm,o=com
standalone.ldap.personAccountRdnProperties=uid
standalone.ldap.groupRdnProperties=cn
I also altered one 'Advanced Properties' in the helper file and left the rest as the
defaults, but you may find that you need to alter more for your LDAP.
standalone.ldap.gc.name=ibm-allGroups
2. Standalone LDAP only. Import the helper file contents into the wkplc.properties file
by executing this ConfigEngine script from the <wp_profile root>/ConfigEngine
directory:
./ConfigEngine.sh -DparentProperties=<wp_profile
root>/ConfigEngine/config/helpers/wp_security_ids.properties
-DSaveParentProperties=true
5. From the primary Portal node, copy the following zip file over to a temporary location
on your DMGR server:
<PortalServer root>/filesForDmgr/filesForDmgr.zip
6. Back on the DMGR server, extract the filesForDmgr.zip that you just copied over into a
temporary directory.
7. Remote DMGR only. Copy the
<temp>/bin/ProfileManangement/plugins/com.ibm.wp.dmgr.pmt_7.0.5 directory to the
<DMGR AppServer root>/bin/ProfileManagement/plugins directory.
119
Where <DMGR AppServer root> is the root path of AppServer on your DMGR server,
and <dmgr_profile_name> is the name of your Deployment Manager profile, Dmgr01
for example.
14. Ensure the time on your Portal primary node is within 5 minutes of the time on your
Deployment Manager (DMGR). Failure to do so will cause the addNode process to
fail.
120
15. Ensure the DMGR is started. On the DMGR server, execute the following command
from the <dmgr_profile>/bin directory:
./startManager.sh
16. Stop WebSphere_Portal by executing the following command from the <wp_profile
root>/bin directory:
./stopServer.sh WebSphere_Portal -user <WAS user> -password <WAS password>
17. Execute the following command from the <wp_profile root>/bin to add the Portal node
to the DMGR cell :
./addNode.sh <dmgr_hostname> <dmgr soap port> -username <dmgr admin ID>
-password <dmgr user password> -includeapps
For example:
./addNode.sh mydmgr.ibm.com 8879 -username wpadmin -password wppassword
-includeapps
NOTE: If you are not sure what your DMGR's soap port is, you can obtain it by logging
into the DMGR and navigating to System Administration Deployment Manager
Ports.
IMPORTANT: If the addNode script fails for any reason, you must complete the
following steps before running addNode again:
a) Remove the node from the DMGR cell in case AddNode successfully completed
that step before failing.
b) Login to the DMGR and do the following (these may not exist, depending on where
the failure occurred):
i. Remove all Enterprise applications
ii. Remove the WebSphere_Portal server definition
iii. Remove the JDBC Provider information for WebSphere_Portal
121
18. Stop the deployment manager by issuing the following command from the <dmgr
profile>/bin directory:
./stopManager.sh -user <WAS user> -password <WAS password>
19. Start the deployment manager by issuing the following command from the
NOTE: Now that the node has been federated, it has inherited the DMGR's security
configuration. The WebSphere Portal server will not function correctly yet so do not be
surprised if you try to start Portal and cannot access it.
At this point, you have successfully federated a WebSphere Portal node into a Deployment
Manager that already had LDAP Security enabled.
This appendix replaces chapters 4, 5, 6 and 8. You will still need to follow Chapter 7 to create
the dynamic cluster.
IMPORTANT: A step is included at the end of Chapter 7 for users that already have LDAP
security enabled, asking you to run wp-change-portal-admin-user. Ensure you do not skip
this. Failure to do so will prevent your Portal server from functioning.
122
123
124
125
DISCONNECT jcrdb;
TERMINATE;
NOTE: This action adds an additional cluster member to ALL nodes in your cluster.
For example, if you have two nodes in your cluster, and you use the exact same
settings I have above, then each node will have one additional JVM created on it.
5. Click OK and Save all changes.
6. Navigate to Servers Server Types WebSphere Application Servers
127
The new cluster members will have _1, _2, etc appended to them. Note the names of
the new cluster members as well as what nodes they are on, we will need that
information momentarily.
8. For each new server, navigate to <ServerName> Container Service Dynamic
Cache Service.
9. Change the following settings:
- Set Cache Size to 3000
- Check the box for Enable Cache Replication
- Set Replication Type to 'Not Shared'.
128
10. Click OK and save all changes. Repeat for each new server.
11. Back at Servers Server Types WebSphere Application Servers, for each
new server, navigate to <ServerName> Ports
12. Note the following ports:
WC_defaulthost
WC_defaulthost_secure
These ports need to be added to the Virtual Host list.
NOTE: The WC_defaulthost port is the port you will use should you ever need to
access that particular server directly.
IMPORTANT: Repeat steps 8-12 for each new cluster member.
13. Navigate to Environment Virtual Hosts default_host Host Aliases
14. For each port you got for WC_defaulthost and WC_defaulthost_secure, click Add
and enter the following information:
Host: *
Port: <the port number>
15. Save all changes.
16. Log out of the Deployment Manager.
17. On the primary node, open a terminal window and change directories to <wp_profile
home>/ConfigEngine.
129
18. For each new cluster member, execute the following ConfigEngine command to
update the new cluster member for WebSphere Portal:
./ConfigEngine.sh cluster-node-config-vertical-cluster-setup
-DServerName=<vertical cluster member name> -DNodeName=<the node that
contains that server> -DWasPassword=<password>
For example, in my case I had two new servers created, one for each node:
PortalCluster_wp8Node1_1 on node wp8Node1
PortalCluster_wp8Node2_1 on node wp8Node2
So I ran each of these commands:
./ConfigEngine.sh cluster-node-config-vertical-cluster-setup
-DServerName=PortalCluster_wp8Node1_1 -DNodeName=wp8Node1
-DWasPassword=password
./ConfigEngine.sh cluster-node-config-vertical-cluster-setup
-DServerName=PortalCluster_wp8Node2_1 -DNodeName=wp8Node2
-DWasPassword=password
19. The servers are now ready for use. You can start them by running the following
command from the <wp_profile root>/bin directory on each node:
./startServer.sh <serverName>
for example:
./startServer.sh PortalCluster_wp8Node1_1
20. Verify you can access each new server in a web browser using the port you noted
earlier:
http://nodehostname.ibm.com:10068/wps/portal
130
5. Make any changes you'd like, and click OK. Save all changes.
131
132
5. When this is complete, you should end up with the following directory structure (using
my /opt/Portal8Media as an example):
/opt/media/Portal8/Setup
/opt/media/Portal8/WAS
/opt/media/Portal8/Portal
/opt/media/Portal8/Extend
NOTE: If you are installing Portal Server, you will only have three directories: Setup, WAS,
Portal. For every other edition, you will have four directories: Setup, WAS, Portal, and your
Offering (Extend for example).
3. Download all required parts from Passport Advantage and store them in the directory
you created. There are three parts.
4. Extract each zip file you downloaded into the directory you created.
5. When this is complete, you should end up with the following directory structure:
5. When this is complete, you should end up with the following directory structure:
135
4. Extract the downloaded zip file(s) into the temporary directory. This will result in a new
zip file:
WP8001_Server.zip
If you have an Offering like Enable or Extend, then you will have a second zip file:
WP8001_Enable.zip
5. Create a new directory on the server that will hold the installation media. For example:
/opt/media/Portal8001/Server
6. Extract the WP8001_Server.zip file into this directory.
7. If you have an additional offering, then create a directory for it. For example:
/opt/media/Portal8001/Extend
8. Extract the Offering zip file into this directory.
9. When this is complete, you should end up with the following directory structure:
136
137
Change History
Version
Date
What Changed
08/16/13
Published
138