Deploy PEM Partner Repository

As a prerequisite, configure the files that are present in your Mount directory.

For more information, see Configuring the files in Mount directory.

Also, ensure that IBM PEM is connected to Subscription Monitor service.

For more information, see Subscription Monitor.

Attention: As PEM Partner Repository is running on SSL, before deploying PEM Partner Repository, ensure to create and use the SSL certificate. Provide the SSL certificate in a jks file to enable PEM Partner Repository to load the certificate.

To deploy PEM Partner Repository, run the following command:

docker run --name="<container name>" --add-host=<host_name>:<IP address> -v <path to mount files>:/opt/IBM/Resources -v <path to logs>:/opt/IBM/PEM_PR_PP_servers/usr/servers/pr/logs -v /etc/localtime:/opt/IBM/localtime:ro -e application="pr" -p <host_name or IP>:<SSL exposed port number>:9443 -dt <image name>:<version>
where, --add-host is optional.
Note: Enter the appropriate parameter values within the angle (<>) brackets.
Important: As the application name is case-sensitive, you must enter the application name in the same case as provided in the run command. For example, application="PR" is invalid.
Here,
  • <container name> - refers to the user-defined container name.

    If you again use the container with the same name, the docker engine reports that the container with the same name is already in use. In such a situation, you can either delete the container by running the command, docker rm <container name> or use a different container name.

  • <path to mount files> - provide the absolute path of the directory where the mount files are extracted. For the contents of the mount directory, see Mount Directory structure.
  • --add-host=<host_name>:<IP address> - Can add other hosts into the /etc/hosts file of the container by using one or more --add-host flags.
  • -v /etc/localtime:/opt/IBM/localtime:ro - synchronizes the container's time zone with the host machine's time zone.
  • <path to logs> - this is the absolute path of the directory in your host machine that is mounted into the container's log path.
  • <host_name or IP> - provide the host name or the IP address where the container is running.
  • <SSL exposed port number> - the exposed SSL (https) port number for the application.
  • <image name>:<version> - refers to the image name and version of the image that is downloaded from the repository and used to deploy the application.
Note:
  • If you configure an API with a hostname, the API call from PEM Partner Repository or PEM Partner Provisioner fails as the application running inside the docker container cannot resolve the hostname. To resolve the hostname, add the hostname mapping by adding --add-host=<host_name>:<IP address> in the docker run command, delete the old container, and create a new container by running the updated docker run command.
  • If the firewall is activated, add all the ports that are used in the Docker run command to the host machine's firewall. For example, to open the port 19443 in the host machine, run the command: firewall-cmd --zone=public --add-port=19443/tcp. The port 19443 gets added to the host machine's firewall.

Sample run command

docker run --name="PR_Image" --add-host=<host_name>:<IP address> -v /home/MountFiles:/opt/IBM/Resources -v /home/logs/pr:/opt/IBM/PEM_PR_PP_servers/usr/servers/pr/logs -v /etc/localtime:/opt/IBM/localtime:ro -e application="pr" -p host_name:19443:9443 -dt registry.ng.bluemix.net/gold/pem:3.5.16
Note: Here, --add-host is optional.

Log files

Log files help in analyzing and debugging the errors. You can find the log files in the logs directory. For PEM Partner Repository-specific error messages, see the PRServer_messages.log file. For trace-level log, IBM Support can contact and assist you in enabling the trace-level log.

Note: If you have not deleted or archived the existing container logs directory, after deploying PEM Partner Repository, the existing logs are rolled over, and the new container logs are created.

Verifying whether the Docker run command is successful

To verify whether the Docker run command is successful, run docker logs <container name>. The following messages are displayed:
Starting the container
License accepted successfully.
Starting server pr.
Server pr started with process ID 75.
Note: Look for the specific message that indicates the run command is successful. Log in to PEM Partner Repository by entering https://<ip:port>/<sponsorContext>/login in any supported browser.

The URL can be different based on your deployment option. For more details about the URL, see URL for accessing IBM PEM and APIs.

Ensure that the Partner Repository log in screen is displayed.

Configuring the properties of Setup.cfg file

Configure the following properties:
  • accept_license
  • proxy_host
  • proxy_port
  • customer_id
  • db_type
  • ssl_connection
  • db_port
  • db_host
  • db_name
  • db_schema
  • db_user
  • db_password
  • db_driver
  • db_max_pool_size
  • db_min_pool_size
  • db_aged_timeout
  • db_max_idle_time
  • db_sslTrustStoreName
  • db_sslTrustStorePassword
  • servers.jvm_options
  • servers.keystore_password
  • servers.keystore_alias
  • servers.keystore_filename
  • servers.max_file_size
  • servers.max_files
  • servers.console_log_level
  • servers.trace_specification
  • servers.enable_jms_features
  • servers.provisioner_request_queue
  • servers.provisioner_response_queue
  • servers.remote_server_ssl
  • servers.remote_server_host
  • servers.remote_server_port
  • servers.channel
  • servers.connection_name_list
  • servers.queue_manager
  • servers.username
  • servers.password
  • servers.wmq_provisioner_request_queue_manager
  • servers.wmq_provisioner_response_queue_manager
  • servers.wmq_provisioner_request_queue_name
  • servers.wmq_provisioner_response_queue_name
  • servers.ssl_cipher_suite
Important: To establish a connection to IBM subscription verification system, you must configure proxy_host and proxy_port.