Starting the first cluster instance
Start the first cluster instance and prepare the other instances to be configured.
The browser-based IBM® Safer Payments user interface is used to configure a cluster. To access it, you must start the first cluster instance.
- To start the first cluster instance, run the following commands from the console on the server:
su SPUser cd /instancePath/cfg iris id=i createinstances=n
- /instancePath is the path, where the instance configuration is stored.
- SPUser is the user, which runs the instance.
- i must be a unique ID of the instance you are currently installing. Preferably, start your first instance with 1. That is, if you set up three instances in total, use IDs 1, 2, and 3.
- n is the number of instances that you want to create.
- Check the system event log messages on the console window, and verify that they indicate a
proper start of the cluster instance. That is, no warning (W), error (E), or fatal (F) type
messages. Exception: The status.iris file does not exist yet and is being created during the first start. An E155 message is created during the first start, followed by a message that the file was created. Therefore, this error message is expected.
- Depending on the configuration of the server that you are installing on, you might have to
configure the firewall open port, the API port for HTTP access of the browser. The default HTTP port
of the first instance is 8001.Open a browser and enter:
http://127.0.0.1:8001
- The user interface login page is displayed.
- Enter
user
as login and12345678
as password. You are prompted to change the password of this account immediately.Note: To comply with PCI DSS requirement 8.3.1, you must create new personalized users for your configuration and disable the default configuration user. - Log in with one of your new users and continue the configuration.
- The full user interface is displayed.
- Click the Cluster tab.
- The Cluster Settings section shows a table with one row for each instance.
- Click anywhere in the row (except the checkbox) to open the configuration details of an
instance. Customize all cluster settings, including changing the IP addresses and ports, enabling
SSL encryption as described in Configuring SSL encryption, limiting IP
address ranges, and changing local file storage locations as described in Configuring cardholder data storage locations.
Make the appropriate settings for all cluster instances, not only the instance you are currently working on, even if the others are not yet physically set up.
Note: Changes to the local file storage are processed after a restart of a IBM Safer Payments instance. Thus, you can move the files while the instance is offline. All changes to the interfaces are processed immediately when the settings are saved.
Since IBM Safer Payments was started without a previous configuration, it uses default settings for the number of cluster instances you specified with the createinstances command.
To use all IBM Safer Payments interfaces, it might be required to open more ports in your firewall. By default IBM Safer Payments uses the following ports:
- 8001 - Application Programming Interface
- 27911 - Message Command Interface
- 27921 - Fast Link Interface
- 27931 - Status Control Interface
- 27941 - Encrypted Communication Interface
Note: If you plan to use an IBM MQ or Kafka server to deliver
data to IBM Safer
Payments, you must correctly
set up your firewall.