www.SpotOnResponse.com
XchangeCore Linux Installation Guide
July 12, 2014
Ernie Dipko 12 Kiltie Drive Pittsburgh, PA 15235 SpotOnResponse LLC providers of
SpotOnResponse™ Location-Based Situational Awareness™ Trusted Crowd-Sourcing™
The XchangeCore Community
www.XchangeCore.com www.SpotOnResponse.com
Revisions
Revision Number Date Description R02C00 03/05/2012 Initial version R02C01 7/12/2014 Transfer to XchangeCore
Page 2 2014-12-07
www.SpotOnResponse.com Introduction
Purpose SpotOnResponse LLC is pleased to contribute this XchangeCore TechNote to the XchangeCore Community as part of our commitment to expanding the depth and scope of XchangeCore implementation around the world. SpotOnResponse™ is a mobile app and a web application designed to span the needs of emergency management in government and the private sector from the field to the EOC. We are pleased to join the XchangeCore community in this open source effort.
This XchangeCore TechNote Linux Installation Guide is provided “as is” with the express request that additions and corrections are requested. Adding the experience of others is encouraged – really is the REASON for the XchangeCore Community. You can submit ideas or improvements for this guide to [email protected].
For further information about SpotOnResponse, please see www.SpotOnResponse.com.
Overview This document supplements the XchangeCore Installation Plan which outlines the process to install a XchangeCore core on a Windows® Server. This guide will outline a similar process on a Linux® server. This document is not intended to replace the XchangeCore Installation Plan, and it is highly recommended that the XchangeCore plan be read through before attempting to use this guide.
The install documented here was created using a RedHat Linux install on an Amazon EC2 Cloud server, but any Linux release should work. However, there will be fewer changes in the process outlined here on RedHat based Linux.
Operating System Setup This procedure will walk through the entire process of configuring an Amazon AMI instance immediately after deployment through to a running XchangeCore core.
Setup the Linux Instance The free Amazon Linux instance, known as a T1 Micro Instance, is what we will use for this document. Do not expect this instance to perform under any load. The Micro instances are free and thus slow, with very little memory. They are easily upgraded, though, to a configuration that will support a production XchangeCore.
After signing up for an Amazon AWS account, create a new instance using the 64-bit Amazon Linux AMI configuration option.
Page 3 2014-12-07
www.SpotOnResponse.com If you choose to utilize this document on an Instance from another cloud provider (Rackspace, GoDaddy, etc.) or on your own Linux install, a basic Linux install is sufficient; the necessary components will be added in the next step.
Initial Setup Once the instance is active, follow the provider documentation to connect to the instance via SSH. Once connected, su to root and update the packages using yum (this could take a quite a bit of time on the T1 instance).
Install Patches and Required Packages $ su –root {enter password} # yum update
When the update completes, it is probably a good idea to restart the instance to make sure there are no initial problems, especially if there was a kernel update in the patches.
# shutdown –i6 –g0 –y
Where the reboot is complete, connect as root and install the packages we will need to complete the XchangeCore install with the following command:
# yum install yum install xterm xorg-x11-utils xorg-x11-fonts-base xorg-x11-fonts-misc \ xorg-x11-font-utils xorg-x11-fonts-Type1 xauth xorg-x11-server-common xclock
Allow root To Directly SSH We need to be able to directly connect to the machine as root to complete the eXist install with a GUI. The following command will allow this to happen:
# perl -i -pe 's/disable_root: 1/disable_root: 0/' /etc/cloud/cloud.cfg # perl -i -pe 's/#PermitRootLogin .*/PermitRootLogin yes/' /etc/ssh/sshd_config # perl -i -pe 's/.*(ssh-rsa .*)/\1/' /root/.ssh/authorized_keys # /etc/init.d/sshd reload
Download and Install the Java JDK We also need to install the Java JDK from Oracle. This is harder than it used to be, because you need an Oracle account (which is free) in order to download the JDK. So the easiest method would be to download the JDK to your PC and then use SCP to transfer it to the XchangeCore server. The JDK can be downloaded from here: http://www.oracle.com/technetwork/java/javase/downloads/index.html
Page 4 2014-12-07
www.SpotOnResponse.com I like to install java in /usr and then create a symbolic link to it. For instance, if the download is jdk- 7u13-linux-x64.tar.gz and that is unzipped and untarred in /usr the following directory will be created:
/usr/jdk1.7.0_13
Create a symbolic link /usr/java to this directory:
# ln –s /usr/jdk1.7.0_13 /usr/java
Now when asked for JAVA_HOME, specify the directory /usr/java
DNS Configuration DNS entries should be created for the name of the host and also pubsub.
Add the appropriate public IP address to the DNS records and if necessary, add entries to the local /etc/hosts file for the private IP addresses.
For example, your DNS records may look like this:
.spotonresponse.com A uicds 166.78.104.149 CNAME pubsub.uicds uicds
And the corresponding /etc/hosts file may contain the following entries: 192.168.1.55 uicds.spotonresponse.com pubsub.uicds.spotonresponse.com
In this case 166.78.104.149 is the public IP address that points to an interface on the Linux instance that has 192.168.1.55 bound to it.
Download and Install XchangeCore To complete the install on a Linux machine, the standard install package will be downloaded and extracted and the XchangeCore-SORlin kit will be downloaded and extracted to the same location. You will need a XchangeCore username and password prior to starting this process.
Download the XchangeCore Installation Kit Connect as root and then download the installation packages to
Page 5 2014-12-07
www.SpotOnResponse.com # cd / # wget --http-user={USERNAME} --http-password={PASSWORD} https://uicds- test5.saic.com/dist/XchangeCore-InstallKit-1.2.2-64bit-20121001.zip
# wget https://app.spotonresponse.com/XchangeCore-SOR-linext.tar
Extract the XchangeCore Install and Linux Update
# unzip XchangeCore-InstallKit-1.2.2-64bit-20121001.zip # tar xvf XchangeCore-SOR-linext.tar
Connect to the Instance to Install To perform the install successfully, an X session will need to be able to use the display on your local machine. This can be a bit tricky if the PC you are on is not set up with an Xserver. You should have already followed the Amazon instructions and have the SSH Key in the appropriate place, imported into PuTTy , or similar. For the examples below, I will use Keypair.pem as the SSH key.
OSX install If you are using MAC OSX the process is fairly simple. ssh -i Keypair.pem -X -Y root@{HOST}
Windows On Windows, you will need to install Xserver software, here are a few examples:
CygwinX: http://x.cygwin.com/
XMing: http://sourceforge.net/projects/xming/
XManager: http://www.netsarang.com/products/xmg_overview.html
If you are using PuTTy, when setting up the connection, enter the properties for the connection, under Connection -> SSH -> X11, click Enable X11 forward
To test the connection you will be able to forward the X session back to the PC, connect to the server with X11 forwarding enable, and issue the following command:
# xclock
If the clock does not appear on your desktop, the install of eXist will not be able to complete (which will not allow the tomcat install to complete either).
Page 6 2014-12-07
www.SpotOnResponse.com Perform the Install Using the connection that has the X Forwarding session validated, change directories and run the setup process.
# cd /XchangeCore/setup/standard64bit # ./setup.ksh
You will see the following prompts for information that is necessary for the installation. Be sure to use the Fully Qualified Domain Name that was specified in the DNS configuration.
.------. XchangeCore Setup Beginning .------.INFO: XchangeCore_HOME=/XchangeCore . .Please enter the following information: Agency Name: SpotOn Response POC Email: [email protected] POC Phone: ###-###-### XchangeCore Server Fully Qualified Domain Name: uicds3.spotonresponse.com XchangeCore System Admin's password: ******** XchangeCore Admin User's password: ******** XchangeCore User's password: ********
The installation will proceed in the following order:
OpenDJ will be installed (no download required)
eXist will be downloaded and the install will start. Once the install is complete the following screen will come up:
Page 7 2014-12-07
www.SpotOnResponse.com
In the Password field, enter the password that was specified as the “Admin” users password at the beginning of the install process and click OK.
On the next screen, select Tools -> Edit Users
Page 8 2014-12-07
www.SpotOnResponse.com
Page 9 2014-12-07
www.SpotOnResponse.com
Fill out the Username, Passwords, and Home Collection as above, again using the password specified at the beginning of the install. Then click the “Create new Group” icon at the Center Bottom of the dialog box, and create a group named uicds.
Then click OK. Verify the screen is populated like the following and then click the “Create User” button.
Page 10 2014-12-07
www.SpotOnResponse.com
The new user should appear in the dialog box:
Page 11 2014-12-07
www.SpotOnResponse.com
Close this Window, and verify the initial window now looks like below:
Page 12 2014-12-07
www.SpotOnResponse.com
Click File -> Quit
Page 13 2014-12-07
www.SpotOnResponse.com
The eXist install will finish and the database restart.
OpenFire will then be installed and configured.
Finally Tomcat will be installed and configured.
If all went well, the command ps –aef | grep java should show 4 running java processes (and possibly a grep command):
[root@ip-10-72-195-84 target]# ps -aef | grep java root 28073 1 7 03:38 pts/1 00:01:52 /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64/jre/bin/java -server - Dorg.opends.server.scriptName=start-ds org.opends.server.core.DirectoryServer --configClass org.opends.server.extensions.ConfigFileHandler --configFile /XchangeCore/Server/OpenDJ/config/config.ldif root 28621 28600 12 03:57 pts/1 00:00:56 /usr/java/bin/java -Xms128m -Xmx512m -Dfile.encoding=UTF-8 -
Page 14 2014-12-07
www.SpotOnResponse.com Djava.endorsed.dirs=/XchangeCore/Server/eXist/lib/endorsed -Dexist.home=/XchangeCore/Server/eXist -jar /XchangeCore/Server/eXist/start.jar jetty root 28731 1 12 03:58 pts/1 00:00:44 /usr/java/bin/java -server -DopenfireHome=/XchangeCore/Server/Openfire - Dopenfire.lib.dir=/XchangeCore/Server/Openfire/lib -classpath /XchangeCore/Server/Openfire/lib/startup.jar -jar /XchangeCore/Server/Openfire/lib/startup.jar root 28976 1 32 03:58 pts/1 00:01:55 /usr/java/bin/java - Djava.util.logging.config.file=/XchangeCore/Server/Tomcat/conf/logging.properties - Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager - Djava.endorsed.dirs=/XchangeCore/Server/Tomcat/endorsed -classpath /XchangeCore/Server/Tomcat/bin/bootstrap.jar:/XchangeCore/Server/Tomcat/bin/tomcat-juli.jar - Dcatalina.base=/XchangeCore/Server/Tomcat -Dcatalina.home=/XchangeCore/Server/Tomcat - Djava.io.tmpdir=/XchangeCore/Server/Tomcat/temp org.apache.catalina.startup.Bootstrap start root 29080 27696 0 04:04 pts/1 00:00:00 grep java
Adding Users /XchangeCore/Server/OpenDJ/bin/control-panel will start the GUI for OpenDJ where users can be added as specified on page 17 of the Installation Plan.
If you try this on a Amazon T1 Micro instance, it will probably run out of memory and crash the directory server. As an alternative, we can manually add the user from the command line. There is an SOR extension script in /XchangeCore/Tools/ called createUser
[root@10-168-235-11 /]# /XchangeCore/Tools/createUser
Enter Users Full Name: Ronald McDonald
Enter Username: rmcdonald
Enter Password: somepassword
Administrator (Y/N): Y
Processing ADD request for cn=rmcdonald,dc=uicds,dc=us
ADD operation successful for DN cn=rmcdonald,dc=uicds,dc=us
Processing MODIFY request for cn=uicds-users,dc=uicds,dc=us
MODIFY operation successful for DN cn=uicds-users,dc=uicds,dc=us
Processing MODIFY request for cn=uicds-admins,dc=uicds,dc=us
MODIFY operation successful for DN cn=uicds-admins,dc=uicds,dc=us
Page 15 2014-12-07