MidVision RapidDeploy for WAS Base Edition on AWS

Amazon EC2 Installation guide

1. Overview

This guide will provide step by step instructions how to start using the installed products on your AWS EC2 instance.

This AMI contains a ready-to-run MidVision RapidDeploy for WAS Base image at the selected version. In order to use this image, you need to launch it with your selected type, and log in via SSH to activate (start) the WebSphere servers

Visit the  MidVision RapidDeploy for WAS Base Edition pages on AWS
Launch from AWS

2. Launching an instance

In order to launch MidVision RapidDeploy for WAS Base, a few settings need to be configured on the AWS console as follows. The instructions for launching an instance differ depending on where you launch from. Initially you will launch the instance from the AWS Marketplace.

 

 3. Initial login and setup

The MidVision RapidDeploy for WAS Base products are shipped with a base binary installation and the necessary profiles created. On the first login to the instance, you will be placed into a console wizard, which will guide you through the process of starting IBM WAS Base profile(s) and other configuration steps. The following is an overview of the steps you will be guided through to get started with the installed products on the instance:

Once the instance has started up (you can see it by having ” 2/2 checks passed ” in EC2 console).

  1. Log onto the instance from the EC2 console or via SSH as the ‘midvision’ user, using the key you selected above.  For example:
    • From the EC2 console by clicking  the “Connect to your instance” button with username “midvision” (if your instance contains IBM MQ installation use “mqm” as username), using the previously (instance launch-time) selected .pem keyfile.
    • Via SSH from your desktop, for example 
      ssh -i ./MidVisionUSMC.pem midvision@ec2-52-87-198-23.compute-1.amazonaws.com
  2. You should see the MidVision banner and then you are placed in a setup wizard. 
    Welcome to
 __  __ _     ___     ___     _                    ____ _                 _ 
|  \/  (_) __| \ \   / (_)___(_) ___  _ __        / ___| | ___  _   _  __| |
| |\/| | |/ _` |\ \ / /| / __| |/ _ \| '_ \ _____| |   | |/ _ \| | | |/ _` |
| |  | | | (_| | \ V / | \__ \ | (_) | | | |_____| |___| | (_) | |_| | (_| |
|_|  |_|_|\__,_|  \_/  |_|___/_|\___/|_| |_|      \____|_|\___/ \__,_|\__,_|                                                                            
                                                       A MidVision Service

        * WebSite: https://www.midvisioncloud.com
        * Support: http://support.midvision.com/redmine/projects/devtestcloud
        * Forum:   https://www.midvisioncloud.com/forum

Welcome, this is DevTestCloud Websphere Application Server image first run configuration
Note that you can rerun this configuration wizard again by executing /home/midvision/firstrunsetup.sh script
Configuration steps
- Create and Start Websphere application server
- Set RapidDeploy framework initial password
- Open ports on RHEL firewall
Create and Start Websphere application server? [y/n]
  3. Type ‘y‘ and hit [return]. You should see the following output. Depending on your instance type, the following output will be displayed over several minutes. 
    Creating and Starting Webpshere application server...
INSTCONFSUCCESS: Success: Profile AdminAgent now exists. Please consult /opt/IBM/WebSphere/AppServer/profiles/AdminAgent/logs/AboutThisProfile.txt for more information about this profile.
ADMU0116I: Tool information is being logged in file
           /opt/IBM/WebSphere/AppServer/profiles/AdminAgent/logs/adminagent/startServer.log
ADMU0128I: Starting tool with the AdminAgent profile
ADMU3100I: Reading configuration for server: adminagent
ADMU3200I: Server launched. Waiting for initialization status.
ADMU3000I: Server adminagent open for e-business; process id is 2284
ADMU0116I: Tool information is being logged in file
           /opt/IBM/WebSphere/AppServer/profiles/AppSrv/logs/AppServer/startServer.log
ADMU0128I: Starting tool with the AppSrv profile
ADMU3100I: Reading configuration for server: AppServer
ADMU3200I: Server launched. Waiting for initialization status.
ADMU3000I: Server AppServer open for e-business; process id is 2847
  4. Set initial password for RapidDeploy user “mvadmin“. Hit [return] to accept the default of the instance id. 
    Configuring password for RapidDeploy default user 'mvadmin'
Set password for user 'mvadmin'. Submit blank for default value of the instance id: i-380002a3
  5. Open required firewall ports on Red Hat Linux firewall. Select ‘y‘ and hit [return]. 
    Open firewall ports for Websphere application server (default port 9060 9061 9043 9044) and RapidDeploy (port 9090) [y/n]?
  6. Open required firewall ports on Red Hat Linux firewall.  Type ‘process‘ to open all ports used by WebSphere and hit [return]. 
    Type port number to open. Type 'process' to open all ports used by WebSphere, type 'all' to open all ports, type 'exit' to finish.
  7. You should see ports list of ports being opened. Type ‘exit‘ to leave this section and the wizard. The correct URLs to access the WebSphere server are displayed. 
    Configuration finished, you may now start using Websphere and RapidDeploy services. You can use WebSphere and RapidDeploy web user interface  on:
WebSphere: ec2-52-20-44-183.compute-1.amazonaws.com:9061/ibm/console (admin agent credentials: wasadmin/i-380002a3)
RapidDeploy: ec2-52-20-44-183.compute-1.amazonaws.com:9090/MidVision
  8. You can log in to WebSphere console as “wasadmin” using your ‘[instance-id]‘ as password.

4. Accessing the web consoles

4.1 Access the default snoop servlet

Confirm installation. The DefaultApplication Snoop servlet is shipped by default and can be accessed on:

http://[publicip]:9080/snoop

4.2 Access the IBM WebSphere Application Server Admin Console

You should now be able to access the WebSphere AdminConsole, at the URL specified below.
http://[publicip]:9061/ibm/console
You can log in to WebSphere console as “wasadmin” using your ‘[instance-id]‘ as password.
 
The Admin Agent can be accessed on:
http://[publicip]:9060/ibm/console

You can log in to the AdminAgent console as “wasadmin” using your ‘[instance-id]‘ as password.

Note that the IBM WAS Base profiles are bound localhost ip address in order to work reliably with the changing hostnames as the instance is restarted. You should not need to change this. However, in case you want to change the bound ip address, there is a script provided in midvision user’s home to change the configuration by replacing the configured hostnames with the new ip address. The script is called setuphost.sh. Please refer to IBM documentation for WebSphere Application Server configuration.

4.3 Access the RapidDeploy Web Console

RapidDeploy server and agent will start up automatically when you start your instance. You can access the web console on:

http://[publicip]:9090/MidVision

Note: make sure you have port 9090 open in your Security group when trying to access RapidDeploy web console. For the first time, you can set the password for the default username ” mvadmin “.

5. Maintaining the installation

The following sections cover some of the activities you might want to perform after the instance has been started.
  • midvision: This is the default user, which you can log in as. It is permitted to use all SUDO rights. To switch to the root user, type “sudo su“.
  • root:      This is the superuser in linux systems. You can log in as any other user without using passwords. E.g: “su ec2-user“, “su midvision
  • ec2-user:  This user does not have SUDO rights. If you want to switch back to root user, type “exit“, this will take you back to the previous user session.

The IBM WebSphere Application Server Base Admin Console is initially configured so that you can log in to WebSphere console as “wasadmin” using your ‘[instance-id]‘ as password.

You can further configure WebSphere security in the normal way according to your requirements. However you should pay attention to some AWS specifics covered on this page.

Two scripts are provided in the midvision home directory to start and stop the WebSphere Base edition servers. These are named startwas.shand stopwas.sh.

sudo /home/midvision/startwas.sh

You can open the necessary ports quickly using the setup wizard.  To re-run this section of the wizard, from the midvision home directory run:

sudo /home/midvision/openwasports.sh

There is an option to open all ports used by IBM WebSphere services, by entering ‘process‘ input. Alternatively, you can choose to open all ports on the instance by entering ‘all‘ input. If you are creating a distributed cell over multiple nodes, we strongly recommend you don’t try to estimate which ports should be opened, but select the ‘process’ option, which will open all the required ports to ensure node agent synchronisation will work correctly. Port opening options:

  • <port number> – Open this port. Multiple ports can be entered, separated by pressing the ‘[return]’ key.
  •  ‘process’           – Open all WebSphere ports for all WebSphere processes detected on the instance.
  • all’                    – Open all ports on the instance (effectively remove the firewall).
  • exit’                  – Exit the port opening script.

RHEL instances are shipped with a firewall by default to protect your machine. For security reasons, the instance is only accessible via SSH (port 22) at first, so further ports can be opened on the firewall as needed. You will need to open all the ports in this internal firewall, which you have open in your Security group. There is a script placed in the user home of midvision (/home/midvision), which is also the starting location when logged in. You will need to be the root user to run this script. Example usage:

[midvision@ ] sudo ./open-firewall.sh 9090
Open firewall port 9090 iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
 

Before upgrading your WAS installation we strongly recommend creating a backup so you can be sure you have a working installation if anything goes wrong during the upgrade process. Example usage (you can obtain links to the binaries and package ids by creating a new support ticket on our support portal https://support.midvision.com/):

sudo su
cd /home/midvision/
./stopwas.sh 

mkdir /home/midvision/fixbinaries
cd /home/midvision/fixbinaries/
curl "LINK_TO_WAS_FIXPACK" -o 9.0.5-WS-WAS-FP018.zip

curl "LINK_TO_JAVA_FIXPACK" -o ibm-java-sdk-8.0-8.15-linux-x64-installmgr.zip

mkdir /home/midvision/fixbinaries/wasfix
cd /home/midvision/fixbinaries/wasfix/
unzip /home/midvision/fixbinaries/9.0.5-WS-WAS-FP018.zip
cd /home/midvision/fixbinaries/
mkdir javafix
cd javafix/
unzip ../ibm-java-sdk-8.0-8.15-linux-x64-installmgr.zip
cd /home/midvision/fixbinaries
/opt/IBM/InstallationManager/eclipse/tools/imcl install WAS_PACKAGE_ID -repositories /home/midvision/fixbinaries/wasfix/repository.config -acceptLicense -installationDirectory /opt/IBM/WebSphere/AppServer --launcher.suppressErrors -nosplash -showVerboseProgress -silent

/opt/IBM/InstallationManager/eclipse/tools/imcl install JAVA_PACKAGE_ID -repositories /home/midvision/fixbinaries/javafix/repository.config -acceptLicense -installationDirectory /opt/IBM/WebSphere/AppServer --launcher.suppressErrors -nosplash -showVerboseProgress -silent
cd /home/midvision/
./startwas.sh

You can use the WebSphere Base install in three host configurations:

  • Leave as the default ‘localhost
  • Assign to an elastic IP address. You will need to run setuphost.sh once to change the address from ‘localhost‘ to the elastic IP address
  • Use dynamically assigned hostname. You will need to run setuphost.sh on each restart of the instance

The setuphost.sh script provided in the midvision user home directory will search and replace for the old host name (localhost) occurrences in all the necessary WAS the configuration files. We recommend leaving ‘localhost‘ default setting or using an elastic IP address to avoid having to run setuphost.sh on each restart.

sudo /home/midvision/setuphost.sh

There are a few scripts and other files in midvision and root users home directory, which will need to remain unchanged in order to keep the provided scripts working. Files are placed under  /root/WAS_install  are required to create the IBM WebSphere profiles. There are a set of scripts in midvision home directory. Those scripts are executed when logging into the instance controlled by  .bash_profile , but you can also execute them manually whenever they are needed. There are some hidden files used as well:

.firstrun  indicates that the setup wizard has already ran once,  

.dontask  indicates that the user will not be prompted again for running the setuphost script (if chosen not to ask again), 

.host file is needed to determine the previously bound hostname to WebSphere service.

To restart RapidDeploy manually from the filesystem, use the rapiddeploy linux service. The RapidDeploy version is 5.0. RapidDeploy home is located at /var/rd/midvision Example usage:

[midvision@ ] sudo service rapiddeploystart start 
[midvision@ ] sudo service rapiddeploystart stop

The RapidDeploy server uses an in-memory database, so your RapidDeploy framework needs to be shut down properly to save your work. This happens when the instance is stopping or when calling the stop service manually from the command line. Note that on instance restart, unsaved data will be lost.

For security reasons, you will need to change the default password (default value is ‘[instance-id]‘) for user mvadmin. This will be requested the first time only when you log in to the RapidDeploy server.

6. Troubleshooting

6.1 Session loss during setup

If you lose your SSH connection to the target instance during the first run setup script execution (e.g. as a result of a network problem), we advise you to delete and recreate the EC2 instance and run the script again.

6.2 Profile startup exceptions

If the profile fails to start with the  ${PROFILE_HOME}/bin/startserver.sh , or the  ${USER_HOME}/startwas.sh  commands, check that you are running as the root user, either by being in a root shell, or by prepending ‘ sudo ’ to the start command.

6.3 Cannot access the IBM WebSphere admin console (ISC)

Check that  the default server is running, and you have correctly opened all the required ports on the firewall, and that your instance was created using a security group definition that allows TCP access to the instance on the required ports.

6.4 Contacting MidVision support

Please visit our support website.