Contents


Set up IBM Business Process Manager with Amazon Web Services

Comments

This tutorial describes how to install IBM Business Process Manager (BPM) Advanced V8.5.7. on the Amazon Web Services public cloud platform. As stated in the IBM Eligible Public Cloud policy, Amazon Web Services is supported for all eligible IBM products, including IBM BPM, under the IBM Eligible Public Cloud Bring Your Own Software License (BYOSL) policy. If you have Amazon Web Services in your cloud environment, learn some tips for installing IBM BPM.

IBM BPM is a comprehensive business process management platform on which business process applications can be developed, automated, and managed to provide process visibility, control, and continual improvement. IBM BPM is available on premises or as IBM BPM on Cloud.

The following illustration shows the key components that make up the IBM BPM platform:

Illustration of IBM BPM components: Process Server,                             Process Center, Process Designer, and repositories
Illustration of IBM BPM components: Process Server, Process Center, Process Designer, and repositories

Understand the following details about Process Center:

  • Process Center is the common management repository where process applications are created.
  • Process Center is the central command center for managing and governing process deployments throughout all runtime environments (for example, the Process Server).
  • With the shared model architecture, you can build, deploy, measure, and optimize processes in a single, unified platform.
  • Process developers can reuse existing artifacts, both within and across process applications, by including them in a toolkit.
  • Process Center includes an embedded Process Server for playback during development.

Understand the following details about Process Designer and Integration Designer:

  • Process Designer, based on Business Process Model and Notation (BPMN) 2.0, is the authoring environment for developing human-centric process applications. BPMN 2.0 is the industry standard notation from business process modelling.
  • Integration Designer is the environment for process developers to create complex automated Business Process Execution Language (BPEL) processes and integration services, within a complete integration development environment.

Understand the following details about Process Server:

  • Process Server is a unified IBM BPM runtime environment that supports the full range of business processes, service orchestration and integration.
  • You can use multiple Process Servers to provide non-production and production environments (for example, development, test, QA, pre-production, and production).

You can find more information about the latest version of IBM BPM in the announcement letter.

This tutorial is intended to provide guidance to anyone who has some experience installing IBM BPM but is installing for the first time on Amazon Web Services. The purpose is not to provide a detailed and formal installation manual, but instead to emphasize some of the key considerations and details to watch out for when installing IBM BPM on Amazon Web Services.

For installation details, see the IBM Business Process Manager Interactive Installation and Configuration Guide in the IBM BPM documentation. For detailed software requirements, including supported operating systems and databases for IBM BPM, see the IBM Business Process Manager Advanced detailed system requirements.

The process shown in the following illustration describes a typical installation and configuration of IBM BPM V8.5.7. for a Golden (three cluster) Process Center topology. In the installation example for this tutorial, IBM BPM is installed with the silent installation option. The following diagram illustrates the topology that has been installed and configured for the minimum viable product, described in detail in the next section.

Illustration of IBM BPM and Amazon Web Services topology
Illustration of IBM BPM and Amazon Web Services topology

The installation is a recommended topology of Process Center (three clusters named AppCluster, MECluster and SupCluster), contained in one Amazon Web Services virtual machine. The associated DB2 database, the IBM HTTP Server, and the deployment manager are co-located in the instance. The DmgrProfile deployment manager contains the deployment manager, with the two nodes hosting the pairs of servers making up the three standard clusters. One IBM HTTP Server with the IBM WebSphere Application Server plugin routes requests across the servers. The operating system used in the examples in this tutorial is Red Hat Enterprise Linux Server release 6.6.

This installation is suitable as a small scale development environment. It is entirely self-contained on one Amazon Web Services instance (virtual machine) for ease of documentation and deployment. The configuration provides high availability at a Process Center level (WebSphere Application Server server instance level), but has single points of failure at the HTTP, DB2 and Amazon Web Services instance level. It might be used for product evaluation, a quick start for a development team, or a proof of concept. The same installation process, with some minor changes, is suitable for Process Server.

The type of environment (Process Server or Process Center), the topology (single or triple cluster), and the database type (Oracle or DB2) that you build is determined by the deployment configuration file that you choose. The configuration settings are similar for for all cases except where the database types differ in their configuration options and terminology.

Note the functions of the WebSphere Application Server deployment environment in the IBM BPM Golden topology pattern are split into three clusters: the application (named AppCluster), messaging (named MECluster), and support (named SupCluser). This topology is the recommended for IBM BPM production environments and for meeting availability and scalability requirements. For production scenarios, install the two nodes that host the three clusters on two different machines. Then, if one node goes down, the work will fail over to the other node. It might be necessary to have additional nodes, for increased redundancy. The IBM BPM Golden topology, along with other IBM BPM production topologies, is discussed in detail in the IBM Business Process Manager Version 8.0 Production Topologies IBM Redbooks publication.

In the following sections, where a decision or configuration should be determined, in whole or part, by how you use Amazon Web Services the explanatory note is prefixed by Amazon Web Services Tip.

Step 1. Create an Amazon Web Services instance

The first step is to create an instance:

  1. Use the Amazon Web Services management console, also called the EC2 console for the Amazon Elastic Compute Cloud (Amazon EC2), a web service that provides resizable compute capacity in the cloud. Click Instances > Instances and select Launch Instance. See: Amazon EC2 Instance Types.
    NOTE: The volumes and instances must be in the same availability zone. It's best to create the instance and any required volumes together (as in this example). If they are created separately, create the instance and then any volumes required, because it is easier to specify the availability zone for elastic block volume (EBS) than for images.
  2. On the left hand select Community AMIs, then select Red Hat under Operating System, 64-bit under Architecture, and EBS under Root Device Type, as shown in the following screen capture:Screen capture of the Choose an Amazon Machine Image (AMI) window on Amazon Web Services
    Screen capture of the Choose an Amazon Machine Image (AMI) window on Amazon Web Services
  3. IBM BPM 8.5.7 Advanced is supported on RHEL 6.6. Select the RHEL-6.6_HVM_GA-20150128-x86_64-1-Hourly2-GP2 - ami-0b5f073b AMI.
  4. On the Choose an Instance Type window, the default selection is for the general purpose t2.micro type. Change the selection to the t2.large type. The size of the instance you select should be based on your expected workload and subsequent bench marking, as shown in the following screen capture:Screen capture of the Choose an Instance Type window on Amazon Web Services
    Screen capture of the Choose an Instance Type window on Amazon Web Services
  5. Complete the other windows until you get to Step 4. Add Storage. There, add two volumes to the image:
    • The first volume is a 30 GB /opt file system for IBM BPM and IBM DB2 and for the DB2 instance storage.
    • The second is a temporary 30 GB code magnetic volume for storage of the installation code. Because you don't need the code after installation (and may want to use it on additional images) you separate its storage.

    Follow your organization's standards for storage and naming standards and for separation. Your storage selections are likely to differ from the following example.

    Add the /opt file system volume, as shown in the following example:

    Screen capture of the Add Storage window on Amazon Web Services
    Screen capture of the Add Storage window on Amazon Web Services

    Add the code volume. The following example has Magnetic selected, because it doesn't require high input/output operations per second (IOPS), and retaining a magnetic volume for installation purposes is likely to cost less per hour.

    Screen capture of the Add Storage window on Amazon Web Services
    Screen capture of the Add Storage window on Amazon Web Services
  6. Click Review and Launch.
    Because you have not addressed security, and the selections are not free, you see the following messages: Screen capture of messages on Review Instance Launch                             window
    Screen capture of messages on Review Instance Launch window
  7. Click Launch.

    Amazon Web Services Tip: You must select a key (which you have previously created and downloaded) or create and download a key to access your image. The following example shows a key selected.

    Screen capture of Select an existing key par or create a new key pair message on Amazon Web Services
    Screen capture of Select an existing key par or create a new key pair message on Amazon Web Services

    Amazon Web Services Tip: Do not lose your key. It is the only way to access your instances.

  8. Click Launch Instances.
    The instance takes a few seconds to start.
  9. Check under the EC2 Dashboard by expanding Instances and selecting Instances. On the dashboard, you see the instance is ready when 2/2 checks is shown in green under status checks, as shown in the following screen capture:Screen capture of Instances dashboard on Amazon Web Services
    Screen capture of Instances dashboard on Amazon Web Services
  10. Select the instance (the blue dot in the previous screen capture), and click Connect. The following message opens, showing how to connect to the instance:Screen capture of Connect To Your Instance message on Amazon Web Services
    Screen capture of Connect To Your Instance message on Amazon Web Services

Amazon Web Services Tip: Use the external address to the Secure Shell (SSH) command line interface and the secure file transfer protocol (sftp) for your server. Select your instance and click Connect. You can then cut and paste the domain name server (DNS) name.

Amazon Web Services Tip: The external address changes each time you start the server. If you can't connect, check the DNS you're using to see if it restarted.

Step 2. Connect to the instance and prepare it for installation

Complete the following steps to connect to the instance and prepare it for installation.

  1. The key command for Linux users looks like the following example: ssh -i "Richard Shooter.pem" ec2-user@ec2-52-37-202-89.us-west-2.compute.amazonws.com

    Because the following example shows a situation where keys were stored in RichardShooter.pem (omitting the space for convenience), connect with the following command: ssh -i "RichardShooter.pem" ec2-user@ec2-52-37-202-89.us-west-2.compute. amazon ws.com

  2. Accept the key, like the example in the following screen capture:Example Secure Shell command line interface
    Example Secure Shell command line interface

    Now you can mount a temporary object code repository, like the following example:

    	sudo mkfs /dev/xvdc
    	sudo mkdir /mnt/object
    	sudo mount /dev/xvdc /mnt/object
    	sudo mkdir /mnt/object/install
    	sudo chown ec2-user /mnt/object/install
  3. Copy the installation archives. Because you are using Secure Shell and the secure file transfer protocol is available, the following example uses sftp:
    	sftp -oIdentityFile=RichardShooter.pem ec2-user@ec2-52-37-202-89.us-west-2.compute.amazonws.com
    	sftp> cd /mnt/object/install
    	sftp> lcd /media/usb1gb/InstallationCode/BPM857Advanced # or the path to your archives
    	sftp> mput *
  4. After it is uploaded, you can extract the media:
    	cd /mnt/object/install
    	for i in *.gz
    	do
    		zcat $i | sudo tar xvf -
    	done
    	for i in *.zip
    	do
    		sudo unzip $i
    	done
  5. Replace /opt with a new file system:
    	sudo mkfs /dev/xvdb
    	sudo mkdir /mnt/opt
    	sudo mount /dev/xvdb /mnt/opt
    	cd /opt
    	sudo find . -depth -print | sudo cpio -pdv /mnt/opt
  6. Update the /etc/fstab file (sudo vi /etc/fstab) to mount the new /opt file system, as shown in the following screen capture:Screen capture of a fstab file
    Screen capture of a fstab file
  7. Mount the new file system:
    	sudo umount /mnt/opt
    	sudo mount -a
    	sudo rmdir /mnt/opt

Step 3. Install DB2

  1. Copy the server response file to a convenient location (/home/ec2user.rsp):
    	cp /mnt/object/install/server/db2/linuxamd64/samples/db2server.rsp /home/ec2-user
    	sudo vi /home/ec2-user/db2server.rsp
  2. Install a default configuration of DB2 with a single instance (named db2inst1). Make the following changes:
    LIC_AGREEMENT = ACCEPT
    INTERACTIVE = NONE
    CONFIG_ONLY = NO

    The instance is owned by the db2inst1 user, the db2iadm1 group, the db2sdfe1 fenced user and db2fsdm1 group are also required.

  3. You also create an additional user db2bpm1 group db2bpm1 for use by BPM (the additional user permits lower privilege than the instance owner has):
    sudo groupadd db2iadm1
    sudo groupadd db2fsdm1
    sudo groupadd db2bpm1
    sudo useradd -g db2iadm1 -m db2inst1
    sudo useradd -g db2fsdm1 -m db2sdfe1
    sudo useradd -g db2bpm1 -m db2bpm1
  4. Now set the passwords for the three user accounts (the command will prompt for the password):
    sudo passwd db2inst1
    sudo passwd db2sdfe1
    sudo passwd db2bpm1
  5. Validate the response file:
    cd /mnt/object/install/server
    sudo ./db2setup -c -r /home/ec2-user/db2server.rsp
  6. Correct any errors that you find.
  7. Update the kernel / operating system configuration as recommended for DB2.
  8. Install DB2 and create the db2inst1 instance:
    cd /mnt/object/install/server
    sudo ./db2setup -r /home/ec2-user/db2server.rsp
  9. Check the installation.
    sudo /opt/ibm/db2/V10.5/bin/db2val

Step 4. Install IBM BPM

  1. Make the following changes to the /etc/security/limits.conf file (sudo vi /etc/security/limits.conf):
    * soft stack 32768
    * hard stack 32768
    * soft nofile 65536
    * hard nofile 65536
    * soft nproc16384
    * hard nproc 16384
    # for DB2
    	* soft fsize unlimited
    	* hard fsize unlimited
  2. Edit /etc/security/limits.d/90-nproc.conf to set nproc to 16384 .
  3. Copy the example response file to an appropriate location : cp /mnt/object/install/responsefiles/BPM/bpmAdv_linux_response_root_64bit.xml /home/ec2_user
  4. Edit the file and make the following changes to the repository location:
    	sudo vi /home/ec2-user/bpmAdv_linux_response_root_64bit.xml <server>
    	<!-- ==================== IBM Installation Repository Location =====================-->
    	<repository location='/mnt/object/install/IM64/' temporary='true'/>
    	 <!-- ================= IBM Business Process Manager Advanced, WebSphere Application Server ND, DB2 Express ===================-->
    	 <repository location="/mnt/object/install/repository/repos_64bit/" />
    	 </server>
    
    	cd /mnt/object/install/IM64
    	sudo ./installc -acceptLicense input /home/ec2-user/bpmAdv_linux_response_root_64bit.xml -log /home/ec2-user/bpm_silent_install.log
  5. Install IBM BPM, as shown in the following example commands:
    	cd /mnt/object/install/IM64
    	sudo ./installc -acceptLicense input /home/ec2-user/bpmAdv_linux_response_root_64bit.xml -log /home/ec2-user/bpm_silent_install.log

Step 5. Create the IBM BPM profiles

  1. Copy the default BPMconfig configuration file to /home/ec2-u ser with the following command: cp /opt/ibm/BPM/v8.5/BPM/samples/config/advanced/Advanced-PC-ThreeClusters-DB2.properties /home/ec2-user
  2. Edit the file ( sudo vi /home/ec2-user/Advanced-PC-ThreeClusters-DB2.properties ) and make the following changes:
    bpm.de.authenticationAlias.1.user=bpmadmin
    bpm.de.authenticationAlias.1.password= the password you want to use 
    bpm.de.authenticationAlias.2.user=db2bpm1
    bpm.de.authenticationAlias.2.password= the password you want to use 
    bpm.cell.authenticationAlias.1.user=wasadmin
    bpm.cell.authenticationAlias.1.password= the password you want to use

    Amazon Web Services Tip:

    • The public and internal DNS name of your instance is available in the EC2 console.
    • Expand Instances, click Instances, select the instance and look at the lower right details pane.
    • Use the internal DNS because it is persistent and unchanging and also effects routing and charging of traffic.
    • The external DNS can change when the instance is restarted and therefore is inappropriate for internal traffic.
    	bpm.dmgr.hostname=ip-172-31-5-126.us-west-2.compute.internal
    	bpm.dmgr.installPath=/opt/ibm/BPM/v8.5
    	bpm.de.node.1.hostname=ip-172-31-5-126.us-west-2.compute.internal
    	bpm.de.node.1.installPath=/opt/ibm/BPM/v8.5
    	bpm.de.db.1.hostname=ip-172-31-5-126.us-west-2.compute.internal
    	bpm.de.db.2.hostname=ip-172-31-5-126.us-west-2.compute.internal
    	bpm.de.db.3.hostname=ip-172-31-5-126.us-west-2.compute.internal
    	bpm.de.db.4.hostname=ip-172-31-5-126.us-west-2.compute.internal
  3. Now validate your configuration file:
    cd /opt/ibm/BPM/v8.5/bin
    sudo ./BPMConfig.sh -validate /home/ec2-user/Advanced-PC-ThreeClusters-DB2.properties
  4. Correct any errors and create the profiles:
    sudo ./BPMConfig.sh -create /home/ec2-user/Advanced-PC-ThreeClusters-DB2.properties
  5. For convenience we will create the databases under /opt, you would wish to follow your organisation's policies and standards.
    	sudo mkdir /opt/data
    	sudo chown db2inst1 /opt/data
  6. Create the databases:
    	$ cd /opt/ibm/BPM/v8.5/profiles/DmgrProfile/dbscripts/PCCell1.De1/DB2/BPMDB
    	$ sudo vi createDatabase.sql
    	sudo su - db2inst1
    	add ' on /opt/data' to the create database SQL after 'automatic storage yes':
    		create database BPMDB automatic storage yes on /opt/data using codeset UTF-8 territory US pagesize 32768;
  7. createDatabase.sql CMNDB PDWDB ).
  8. Create the databases: $ sudo su - db2inst1
    	$ cd /opt/ibm/BPM/v8.5/profiles/DmgrProfile/dbscripts/PCCell1.De1/DB2/BPMDB
    	$ ./createDatabase.sql
    	$ cd ../CMNDB
    	$ ./createDatabase.sh
    	$ cd ../PDWDB
    	$ ./createDatabase.sh
  9. Create the schemas.
    	$ cd /opt/ibm/BPM/v8.5/profiles/DmgrProfile/dbscripts/PCCell1/DB2/CMNDB
    	$ db2 connect to CMNDB
    	$ db2 -tf createSchema_Advanced.sql
    	$ db2 terminate
    	
    	$ cd ../../../PCCell1.De1/DB2/BPMDB
    	$ db2 connect to BPMDB
    	$ db2 -tvf createSchema_Advanced.sql
    	$ db2 -tdGO -vf createProcedure_Advanced.sql
    	$ db2 terminate
    	
    	$ cd ../CMNDB
    	$ db2 connect to CMNDB
    	$ db2 -tvf createSchema_Advanced,sql
    	$ db2 -tvf createSchema_Messaging.sql
    	$ db2 terminate
    	
    	$ cd ../PDWDB
    	$ db2 connect to PDWDB
    	$ db2 -tvf createSchema_Advanced.sql
    	$ db2 terminate
    	
    	$ exit
  10. Populate the database:
    $ cd /opt/ibm/BPM/v8.5/profiles/DmgrProfile/bin
    $ sudo ./bootstrapProcessServerData.sh -clusterName AppCluster
  11. Copy the IBM HTTP Server installation files as shown in the following example:
    	sudo mkdir /mnt/object/supplements
    	sudo chown ex2-user /mnt/objects/supplements
  12. Use the secure file transfer protocol (sftp) to copy the three archives.
  13. Unzip the archives:
    	cd /mnt/objects/supplements
    	for i in *.zip
    	do
    	sudo unzip $i
    	done
  14. Copy the two response files that you are interested in to /home/ec2-user (the IBM HTTP Server and the WebSphere Application Server plug-in).
    	cd /mnt/object/supplements/responsefiles/samples
    	cp WASv85.ihs.install.Win32.xml /home/ec2-user
    	cp WASv85.plg.install.Win32.xml /home/ec2-user/
  15. Edit the IBM HTTP Server file and make the following changes:

    In add <repository> information for the three disks and comment out the online repository manager:

    	<!--repository location="http://www.ibm.com/software/repositorymanager/com.ibm.websphere.IHS.v85" /> -->
    and
    	<!-- <repository location='insert the full directory path inside single quotes'/> -->
    	<repository location='/mnt/object/supplements/disk1'/>
    	 <repository location='/mnt/object/supplements/disk2/ad'/>
    	<repository location='/mnt/object/supplements/disk3/ad'/>

    In <install> amend the offering to select the 64bit (from 32bit) version of IHS:

    	<offering id='com.ibm.websphere.IHS.v85'
    	profile='IBM HTTP Server for WebSphere Application Server V8.5'
    	features='core.feature,arch.64bit' installFixes='none'/>
    	<!-- <offering id='PM12345_WAS80' profile='IBM HTTP Server for WebSphere Application Server V8.5'/> -->
    	</install>

    Edit the installLocation of the profile parameter to /opt/IBM/HTTPServer:

    	<profile id='IBM HTTP Server for WebSphere Application Server V8.5'
    	installLocation='/opt/IBM/HTTPServer'>

    Edit the eclipseLocation to match:

    	<profile id='IBM HTTP Server for WebSphere Application Server V8.5'
    	installLocation='/opt/IBM/HTTPServer'>
    	<data key='eclipseLocation' value='/opt/IBM/HTTPServer'/>

    Edit the eclipseCache for Linux defaults (/var/ibm/InstallationManager):

    	<preference name='com.ibm.cic.common.core.preferences.eclipseCache' value='/var/ibm/InstallationManager'>
  16. Install IBM HTTP Server:
    	cd /opt/IBM/InstallationManager/eclipse/tools
    	sudo ./imcl -acceptLicense -showprogress -log /home/ec2-user/ihs-install.log -input /home/ec2-user/WASv85.ihs.install.Win32.xml
  17. Edit the WebSphere plug-in installation file at sudo vi /home/ec2-user/WASv85.plg.install.Win32.xml and make the following changes:

    In <server> add <repository> information for the three disks and comment out the online repository manager:

    	<!-- <repository location="http://www.ibm.com/software/repositorymanager/com.ibm.websphere.IHS.v85" /> -->

    And

    <!-- <repository location='insert the full directory path inside single quotes'/> -->
     <repository location='/mnt/object/supplements/disk1'/>
     <repository location='/mnt/object/supplements/disk2/ad'/>
     <repository location='/mnt/object/supplements/disk3/ad'/>

    Amend the profile to match Linux defaults.

    Change:

    	<profile id='Web Server Plug-ins for IBM WebSphere Application Server V8.5'
    	installLocation='C:\Program Files\IBM\WebSphere\Plugins'>
    	<data key='eclipseLocation' value='C:\Program Files\IBM\WebSphere\Plugins'/>

    to:

    	<profile id='Web Server Plug-ins for IBM WebSphere Application Server V8.5'
    	installLocation='/opt/IBM/WebSphere/Plugins'>
    	<data key='eclipseLocation' value='/opt/IBM/WebSphere/Plugins'/>
    	<data key='user.import.profile' value='false'/>
    	<data key='cic.selector.nl' value='en'/>
    	</profile>

    Change the cache location from <preference name=’com.ibm.cic.common.core.preferences.eclipseCache’ value=’C:\Program Files\IBM\IMShared’/>t o <preference name='com.ibm.cic.common.core.preferences.eclipseCache' value='/opt/IBM/IMShared'/>

  18. Install the plug-ins:
    	cd /opt/IBM/InstallationManager/eclipse/tools
    	sudo ./imcl -acceptLicense -showProgress -log /home/ec2-user/plugins-install.log -input /home/ec2-user/WASv855
  19. Log in to the deployment manager as your administrative user (wasadmin) and then expandServers . Then select Server Types > Web Servers .
  20. Add the web server definition to the deployment manager, as shown in the following screen capture:Screen capture of Web servers window in WebSphere Application Server
    Screen capture of Web servers window in WebSphere Application Server
  21. Click Add, give the web server a name, select a node, and select IBM HTTP Server, as shown in the following screen capture:Screen capture of Create new web server definition window in WebSphere Application Server
    Screen capture of Create new web server definition window in WebSphere Application Server
  22. Click Next, Next again, and then and confirm that the configuration matches the HTTP and plugin locations you selected when installing, as shown in the following screen capture:Screen capture of Create new web server definition window in WebSphere Application Server
    Screen capture of Create new web server definition window in WebSphere Application Server
  23. Click Next and then click Finish.
  24. Click Save. The definition is saved to the repository and the server is listed underWeb servers, as shown in the following screen capture:Screen capture of the Web servers window in WebSphere Application Server
    Screen capture of the Web servers window in WebSphere Application Server
  25. Create a keyfile:
    $ sudo ./gskcapicmd -keydb -create -db /opt/IBM/HTTPServer/ihsserverkey.kdb -pw <password> -stash
  26. Add a self certified certificate:
    sudo ./gskcapicmd -cert -create -db /opt/IBM/HTTPServer/ihsserverkey.kdb -pw password -dn "cn=ec2-52-42-174-74.us-west-2.compute.amazonws.com" -label "Quick test certificate"

    Amazon Web Services Tip: Remember the DNS name will change when the server is rebooted: use the Amazon Web Services facility for permanent DNS addresses.

  27. Edit the SSL stanza in the HTTPD server configuration file (httpd.conf). The changes to the permitted SSL versions ensures that current Firefox and Chrome browsers connect. Extend the configuration with your organization's permitted specifications.
    $ cd /opt/IBM/HTTPServer/conf
    $ sudo vi httpd.conf
    ## SSLv3 128 bit Ciphers
    SSLCipherSpec SSL_RSA_WITH_RC4_128_MD5
    
    # Example SSL configuration which supports SSLv3 and TLSv1
    # To enable this support:
    • Create a key database with ikeyman
    • Update the KeyFile directive below to point to that key database
    • Uncomment the directives up through the end of the example
    #
    LoadModule ibm_ssl_module modules/mod_ibm_ssl.so
    
    	Listen 443
    <VirtualHost *:443>
    
    	SSLEnable
    </VirtualHost>
    
    	KeyFile /opt/IBM/HTTPServer/ihsserverkey.kdb
    	#SSLDisable
    
    # End of example SSL configuration
  28. Configure the plug-in:
    	$ cd /opt/IBM/HTTPServer/conf
    	$ sudo vi httpd.conf
  29. Append the following text:
    	LoadModule was_ap22_module /opt/IBM/WebSphere/Plugins/bin/64bits/mod_was_ap22_http.so
    	WebSpherePluginConfig /opt/IBM/WebSphere/Plugins/config/webserver/plugin-cfg.xml
  30. Restart the HTTP server.
  31. On the Amazon Web Services console, allow access to your HTTP Server on 80 for the HTTP port and 443 for the HTTPS port (find your instance and click on the appropriate security group). Click the inbound route and add 80 and 443, as shown in the following screen capture:Screen capture of Security Groups in Amazon Web Services
    Screen capture of Security Groups in Amazon Web Services

    Amazon Web Services Tip: Your system is globally accessible if you use the default settings. Consider carefully how you can secure and protect the system using Amazon Web Services security groups and configuration of the instance.

  32. You can now stop and start your environment.

    Run the following commands:

    	$ cd /opt/bpm/BPM/v8.5/bin
    	$ sudo ./BPMConfig.sh -stop /home/ec2-user/Advanced-PC-ThreeClusters-DB2.properties
    	$ sudo ./BPMConfig.sh -start /home/ec2-user/Advanced-PC-ThreeClusters-DB2.properties

    Log in with the ec2-user user account.

    Run the following commands:

    	$ sudo su - db2inst1
    	$ db2start
    	$ exit
    	
    	$ cd /opt/ibm/BPM/v8.5/bin
    	$ sudo ./BPMConfig.sh -start /home/ec2-user/Advanced-PC-ThreeClusters-DB2.properties
    	$ cd /opt/IBM/HTTPServer/bin
    	$ sudo ./apachectl start

Conclusion

This tutorial described a typical installation and configuration of IBM BPM Process Center for a Golden topology, using the silent installation option.

Now you understand how to plan your own installation of IBM BPM on Amazon Web Services, if it is your preferred public cloud infrastructure. Use these tips and pointers to work with your cloud implementation and plan a successful first-time installation.

The Golden topology implementation does not work in all situations. Therefore, consider the following more resilient topologies for high availability in production use:

  • Two or more virtual machines for the Process Center nodes, providing high availability to the failure of one Process Center instance.
  • Use of an high availability DB2 service, either consuming an existing service or adding a second DB2 virtual machine in an HA configuration (four Amazon Web Services virtual machines) .
  • Separation of the deployment manager to a separate Amazon Web Services virtual machine to simplify recovery.

Also, you should make sure to consider benchmarking, tuning and sizing of the images for the workload that is expected and experienced.

Acknowledgments

The authors would like to thank Claudio Tagliabue for reviewing this tutorial.


Downloadable resources


Related topics


Comments

Sign in or register to add and subscribe to comments.

static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=Middleware, Cloud computing
ArticleID=1041081
ArticleTitle=Set up IBM Business Process Manager with Amazon Web Services
publish-date=12162016