RedHat/CentOS 7 Alpaca Installation
This is an installation guide for a clean RedHat/CentOS 7 server.
Assumptions
- A clean install of CentOS7.
- This is not an upgrade.
- A valid SSL certificate for the Alpaca Server's hostname.
- Credentials to access the Alpaca server as root.
- Credentials to access the connected BroadWorks Application and Profile Servers.
- BroadWorks Credentials to make changes via
bwcli
. - Working knowledge of
ssh
and file transfer tool such asscp
.
Guide
The guide is split into sections based on the server or machine that the operations should be performed. It is also in chronological order. Performing the steps from top to bottom is the desired procedure.
Local Work Station
- Step: O-1
- Download the TimesTen installation archive. This requires accepting the license agreement and having an Oracle account.
- Transfer the downloaded archive to the Alpaca Server's "/tmp" directory.
- Step: O-2
- Download the Alpaca Server installation RPM. This requires an ECG Portal Account.
- Transfer the downloaded installation package to the Alpaca Server's "/tmp" directory.
- Step: O-3
- Download the Alpaca Remote installation RPM. This requires an ECG Portal Account.
- Transfer the downloaded installation package to the each BroadWorks Application Server's "/tmp" directory.
- Step: O-4
- Download the Alpaca license file. This requires an ECG Portal Account.
- Transfer the downloaded license file "ecg.license.txt" to the Alpaca Server's "/tmp" directory.
- Transfer the downloaded license file "ecg.license.txt" to each BroadWorks Application Server's "/tmp" directory.
- Step: O-5
- Transfer the SSL certificate chain "fullchain.pem" and private key "privkey.pem" file to the Alpaca Server's "/tmp" directory.
Alpaca Server
- Step: A-1
-
Commands:
- # cd /tmp
- # tar xf timesten112280.linux8664.tar.gz
- # cd linux8664/
-
# ./setup.sh
WARNING: You are about to install TimesTen as root. TimesTen daemon processes will run with root privileges. See the TimesTen Installation Guide for additional information.
-
Are you sure that you want to install as root? [ no ] y
NOTE: Each TimesTen installation is identified by a unique instance name. The instance name must be a non-null alphanumeric string, not longer than 255 characters.
-
Please choose an instance name for this installation? [ tt1122 ] tt1122
Instance name will be 'tt1122'.
-
Is this correct? [ yes ] y
Of the three components: [1] Client/Server and Data Manager [2] Data Manager Only [3] Client Only
-
Which would you like to install? [ 1 ] 3
Of the following options : [1] /opt [2] /tmp [3] Specify a location [q] Quit the installation
-
Where would you like to install the tt1122 instance of TimesTen? [ 1 ] 1
Installing into /opt/TimesTen/tt1122 ... Creating /opt/TimesTen/tt1122 ... Uncompressing ... NOTE: For security, we recommend that you restrict access to the TimesTen installation to members of a single OS group. Only members of that OS group will be allowed to perform direct mode connections to TimesTen, and only members of that OS group will be allowed to perform operations that access TimesTen data stores, TimesTen files and shared memory. The OS group defaults to the primary group of the instance administrator. You can default to this group, choose another OS group or you can make this instance world-accessible. If you choose to make this instance world-accessible, all database files and shared memory are readable and writable by all users.
Restrict access to the the TimesTen installation to the group 'root'? [ yes ] n
Do you want to restrict access to the TimesTen installation to a different group? [ yes ] n
-
Are you sure you want to make this instance world-accessible? [ yes ] y
In order to use the 'Oracle TimesTen Application-Tier Database Cache' feature in any databases created within this installation, you must set a value for the TNS_ADMIN environment variable. It can be left blank, and a value can be supplied later using <install_dir>/bin/ttModInstall.
Please enter a value for TNS_ADMIN (s=skip)? [ ] s
Do you want to install the Quick Start Sample Programs and the TimesTen Documentation? [ no ] n
-
Would you like to install the documentation (without the Quick Start Sample Programs)? [ yes ] n
Installing client components ...
What is the name of the host running the TimesTen server? [ alpaca.ecg.co ] ⏎
-
What is the TCP/IP port number that the TimesTen server is listening on? [ 53397 ] ⏎
The documentation was not installed. To manually install the documentation, run the command 'setup.sh -installDoc' The 11.2.2.8 Release Notes are located here : '/opt/TimesTen/tt1122/README.html' End of TimesTen installation.
# rm -f /opt/TimesTen/tt1122/lib/ttjdbc{5,6,7}.jar
# echo "/opt/TimesTen/tt1122/lib" > /etc/ld.so.conf.d/timesten.conf
-
# ldconfig -v | grep TimesTen -A 7
/opt/TimesTen/tt1122/lib: libttcoD.so -> libttcoD.so libttco.so -> libttco.so libttclassesCS.so.gcc346 -> libttclassesCS.so.gcc346 libttclient.so.gcc346 -> libttclient.so.gcc346 libttclassesCS.so.gcc410 -> libttclassesCS.so.gcc410 libttJdbcCS.so -> libttJdbcCS.so libttclient.so.gcc410 -> libttclient.so.gcc410
Step: A-2
-
Commands:
- # echo -e "[mongodb-org-4.0]\nname=MongoDB Repository\nbaseurl=https://repo.mongodb.org/yum/redhat/\$releasever/mongodb-org/4.0/x86_64/\ngpgcheck=1\nenabled=1\ngpgkey=https://www.mongodb.org/static/pgp/server-4.0.asc" > /etc/yum.repos.d/mongodb-org-4.0.repo
Step: A-3
-
Commands:
- # cd /tmp
-
# yum install -y alpaca-server-ALPACA_VERSION.x86_64.rpm
Installed: alpaca-server.x86_64 0:6.6.0-RC_SNAPSHOT20190116042343 Dependency Installed: alsa-lib.x86_64 0:1.1.6-2.el7 copy-jdk-configs.noarch 0:3.3-10.el7_5 dejavu-fonts-common.noarch 0:2.33-6.el7 dejavu-sans-fonts.noarch 0:2.33-6.el7 fontconfig.x86_64 0:2.13.0-4.3.el7 fontpackages-filesystem.noarch 0:1.44-8.el7 giflib.x86_64 0:4.1.6-9.el7 java-1.8.0-openjdk.x86_64 1:1.8.0.191.b12-1.el7_6 java-1.8.0-openjdk-headless.x86_64 1:1.8.0.191.b12-1.el7_6 javapackages-tools.noarch 0:3.4.1-11.el7 libICE.x86_64 0:1.0.9-9.el7 libSM.x86_64 0:1.2.2-2.el7 libX11.x86_64 0:1.6.5-2.el7 libX11-common.noarch 0:1.6.5-2.el7 libXau.x86_64 0:1.0.8-2.1.el7 libXcomposite.x86_64 0:0.4.4-4.1.el7 libXext.x86_64 0:1.3.3-3.el7 libXi.x86_64 0:1.7.9-1.el7 libXrender.x86_64 0:0.9.10-1.el7 libXtst.x86_64 0:1.2.3-1.el7 libfontenc.x86_64 0:1.1.3-3.el7 libjpeg-turbo.x86_64 0:1.2.90-6.el7 libpng.x86_64 2:1.5.13-7.el7_2 libxcb.x86_64 0:1.13-1.el7 libxslt.x86_64 0:1.1.28-5.el7 lksctp-tools.x86_64 0:1.0.17-2.el7 mongodb-org.x86_64 0:4.0.5-1.el7 mongodb-org-mongos.x86_64 0:4.0.5-1.el7 mongodb-org-server.x86_64 0:4.0.5-1.el7 mongodb-org-shell.x86_64 0:4.0.5-1.el7 mongodb-org-tools.x86_64 0:4.0.5-1.el7 python-javapackages.noarch 0:3.4.1-11.el7 python-lxml.x86_64 0:3.2.1-4.el7 ttmkfdir.x86_64 0:3.0.9-42.el7 tzdata-java.noarch 0:2018i-1.el7 xorg-x11-font-utils.x86_64 1:7.5-21.el7 xorg-x11-fonts-Type1.noarch 0:7.5-9.el7 Dependency Updated: freetype.x86_64 0:2.8-12.el7 nspr.x86_64 0:4.19.0-1.el7_5 nss.x86_64 0:3.36.0-7.el7_5 nss-softokn.x86_64 0:3.36.0-5.el7_5 nss-softokn-freebl.x86_64 0:3.36.0-5.el7_5 nss-sysinit.x86_64 0:3.36.0-7.el7_5 nss-tools.x86_64 0:3.36.0-7.el7_5 nss-util.x86_64 0:3.36.0-1.el7_5 Complete!
Step: A-4
-
Commands:
-
# service mongod start
Redirecting to /bin/systemctl start mongod.service
-
Step: A-5
-
Commands:
- # mv ecg.license.txt /opt/alpaca
- # openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out keystore.pkcs12
- Enter Export Password: KEYCHAIN_PASSWORD
- Verifying - Enter Export Password: KEYCHAIN_PASSWORD
- # mv keystore.pkcs12 /opt/alpaca/config
- # vi /opt/alpaca/application-https.yml
- Set the "key-store-password" field to the value set during export.
-
# service alpaca-server start
Starting alpaca-server.d (via systemctl): [ OK ]
BroadWorks Application Server
These steps are performed for each BroadWorks Application Server that will be monitored by Alpaca. Log in to the server as bwadmin
. A BroadWorks admin login will be required to make the required AS_CLI
changes.
- Step: AS-1
-
Commands:
- AS_CLI> cd /Applications/ExecutionAndProvisioning/PS/Logging/InputChannels/AuditLog
-
AS_CLI/Applications/ExecutionAndProvisioning/PS/Logging/InputChannels/AuditLog> set accountInfo true
...Done
-
AS_CLI/Applications/ExecutionAndProvisioning/PS/Logging/InputChannels/AuditLog> set verbose true
...Done
AS_CLI/Applications/ExecutionAndProvisioning/PS/Logging/InputChannels/AuditLog> q;q;Output
-
AS_CLI/Applications/ExecutionAndProvisioning/PS/Logging/OutputChannels> set AuditLog enabled true
...Done
AS_CLI/Applications/ExecutionAndProvisioning/PS/Logging/OutputChannels> cd /Applications/OpenClientServer/ExternalAuthentication/AccessControlList
-
AS_CLI/Applications/OpenClientServer/ExternalAuthentication/AccessControlList> get
IP Address Description ========================= 0 entry found.
- If no entries are found skip step 8.
- If the BroadWork's XSP IP address is already listed skip step 8.
-
AS_CLI/Applications/OpenClientServer/ExternalAuthentication/AccessControlList> add
*<kbd>XSP-IP
* description xsp...Done
Step: AS-2
-
Commands:
- $ cd /tmp
-
$ yum install -y alpaca-remote-ALPACA_VERSION.x86_64.rpm
Installed: alpaca-remote-21sp1.x86_64 0:6.6.0-RELEASE_1 Dependency Installed: alsa-lib.x86_64 0:1.1.6-2.el7 copy-jdk-configs.noarch 0:3.3-10.el7_5 dejavu-fonts-common.noarch 0:2.33-6.el7 dejavu-sans-fonts.noarch 0:2.33-6.el7 fontconfig.x86_64 0:2.13.0-4.3.el7 fontpackages-filesystem.noarch 0:1.44-8.el7 giflib.x86_64 0:4.1.6-9.el7 java-1.8.0-openjdk.x86_64 1:1.8.0.191.b12-1.el7_6 java-1.8.0-openjdk-headless.x86_64 1:1.8.0.191.b12-1.el7_6 javapackages-tools.noarch 0:3.4.1-11.el7 libICE.x86_64 0:1.0.9-9.el7 libSM.x86_64 0:1.2.2-2.el7 libX11.x86_64 0:1.6.5-2.el7 libX11-common.noarch 0:1.6.5-2.el7 libXau.x86_64 0:1.0.8-2.1.el7 libXcomposite.x86_64 0:0.4.4-4.1.el7 libXext.x86_64 0:1.3.3-3.el7 libXi.x86_64 0:1.7.9-1.el7 libXrender.x86_64 0:0.9.10-1.el7 libXtst.x86_64 0:1.2.3-1.el7 libfontenc.x86_64 0:1.1.3-3.el7 libjpeg-turbo.x86_64 0:1.2.90-6.el7 libpng.x86_64 2:1.5.13-7.el7_2 libxcb.x86_64 0:1.13-1.el7 libxslt.x86_64 0:1.1.28-5.el7 lksctp-tools.x86_64 0:1.0.17-2.el7 python-javapackages.noarch 0:3.4.1-11.el7 python-lxml.x86_64 0:3.2.1-4.el7 ttmkfdir.x86_64 0:3.0.9-42.el7 tzdata-java.noarch 0:2018i-1.el7 xorg-x11-font-utils.x86_64 1:7.5-21.el7 xorg-x11-fonts-Type1.noarch 0:7.5-9.el7 Dependency Updated: freetype.x86_64 0:2.8-12.el7 nspr.x86_64 0:4.19.0-1.el7_5 nss.x86_64 0:3.36.0-7.el7_5 nss-softokn.x86_64 0:3.36.0-5.el7_5 nss-softokn-freebl.x86_64 0:3.36.0-5.el7_5 nss-sysinit.x86_64 0:3.36.0-7.el7_5 nss-tools.x86_64 0:3.36.0-7.el7_5 nss-util.x86_64 0:3.36.0-1.el7_5 Complete!
From your workstation log in to Alpaca. From there a BroadWorks cluster must be configured according to the Configuration Guide. An application server token will also need to be created for the cluster. This application server token will be configured on this application server in the "/opt/alpaca-remote/config/application-prod.yml" file under the "authenticationToken" field.
Update the "hostname", "port", "broadWorksLicensePath", and "reader.directory" configuration settings. Reference the Configuration Guide.
$ mv ecg.license.txt /opt/alpaca
$ service alpaca-remote start
BroadWorks Profile Server
These steps are performed for each BroadWorks Profile Server that will be accessed by Alpaca to perform migrations and data retrieval. Log in to the server as bwadmin
. A BroadWorks admin login will be required to make the required PS_CLI
changes.
- Step: PS-1
-
Commands:
- PS_CLI> cd /Applications/BroadworksFileRepos/NetworkAccessLists/WebDav
-
PS_CLI/Applications/BroadworksFileRepos/NetworkAccessLists/WebDav> add ALPACA-IP description alpaca-server
...Done
Step: PS-2 (BroadWorks R22 Only)
-
Commands:
- PS_CLI> cd /Applications/BroadworksFileRepos/Users
- PS_CLI/Applications/BroadworksFileRepos/Users> add alpaca-server get put delete
- New Password:
CREATE_A_FILE_REPO_USER_PASSWORD
-
Re-type New Password:
CREATE_A_FILE_REPO_USER_PASSWORD
...Done