Installation on SLES

This section describes the steps for a fresh installation of IVIG Software Stack version 11.0.0 on SUSE Linux Enterprise Server (SLES).

Overview

Perform the following steps to install IVIG Software Stack release on SUSE Linux Enterprise Server (SLES).

Stand-alone deployment

IBM Java 8 SDK
  1. Download IBM Java 8 SDK.
  2. Install Java 8. Run this command:

    sudo rpm -Uvh ibm-java-x86_64-sdk-8.0-8.30.x86_64.rpm

  3. Add /opt/ibm/java-x86_64-80 to your PATH environment variable.
IBM MQ

Download IBM MQ from IBM Passport Advantage portal.

IBM MQ 9.4 LTS is available with part number G0B7VML.

Next, install IBM MQ.

  1. Ensure that you have root or sudo access on the system.
  2. Run this command: tar zxf 9.4.0.0-IBM-MQ-LinuxX64.tar.gz

    After executing this command, a directory MQServer is created.

  3. Run this command: sudo groupadd -g 500 mqm
  4. Run this command: sudo useradd -u 501 -g mqm -s /bin/bash -d /home/mqm -m mqm

    NOTE: You may ignore the warning about uid range.

  5. Run this command: sudo passwd mqm
  6. Run this command:sudo useradd -s /bin/bash -d /home/isimsystem -m isimsystem
    Important: Ensure that the isimsystem user is NOT a member of the mqm group. The userid that you use to create the queue managers must be in the mqm group, but the userid isimsystem used by IVIG connect to MQ must not be a member of the mqm group.
  7. Run this command: sudo passwd isimsystem
  8. Next, edit the file /etc/security/limits.conf file to add the following to the end of the file, above the # End of File line. 
    root hard nofile 10240
root soft nofile 10240
mqm hard nofile 10240
mqm soft nofile 10240
  9. Edit the file /etc/sysctl.conf to add or change the following entries.
     fs.file-max = 524288
 kernel.threads-max = 32768
  10. Run this command: sudo sysctl -p

    This command ensures that changes are enforced without having to reboot the computer.

  11. Create the mqm data directory.
     sudo mkdir /var/mqm
 sudo chown mqm /var/mqm
 sudo chgrp mqm /var/mqm
  12. Next, navigate to the MQServer directory obtained in step 2. Run the command: cd MQServer

    Execute the following two commands from the MQServer directory.

  13. Run this command: sudo ./mqlicense.sh
  14. Run this command: sudo rpm -Uvh MQ*.rpm

For detailed instructions, see the IBM MQ documentation.

Configure IBM MQ
  1. Ensure to use a user in the mqm group. You can also add your account to the group. sudo usermod -g mqm <yourid>
  2. Use the command newgrp to reload groups without having to log in again.
  3. Run this command: . /opt/mqm/bin/setmqenv -s
    Important: Do not forget the <period><space> at the front to source this info into your environment.
  4. From IBM Passport Advantage site, download the IVIG Software Stack files. Extract the files to a directory (for example, <extracted_directory>) on your local computer.
  5. Using command-prompt, navigate to this directory: <extracted_directory>/wlp/usr/servers/defaultServer/config/config/mq/ and then use either ssl OR plain

    Here, choose ssl directory if you want to use SSL, OR choose plain for non-SSL.

  6. Check the listener line at the end of the .mqsc files. The local is configured for port 1414 and shared for 1415, but they can be adjusted as needed.
  7. Create a queue manager. Run this command: crtmqm -ii isvgqm.ini ISVGQueueMgr
  8. Start the queue manager. Run this command: strmqm ISVGQueueMgr
  9. Open a command prompt for the queue manager. Run this command: runmqsc ISVGQueueMgr < ISVGQMgr.mqsc
Next, you need to set up the shared queues. It can be done on the IM system, or you can install MQ on another machine and run it there. Run these commands: 
crtmqm -ii isvgqm.ini ISVGQMgrShared
strmqm ISVGQMgrShared
runmqsc ISVGQMgrShared < ISVGQMgr-shared.mqsc

SSL: If you plan to use SSL, you will need to create a certificate for each queue manager. You can either use openssl to create a PKCS12 file to be imported into the MQ keystore, or you can create one with GSKit.

  1. Refer the MQ Documentation.
  2. Run as the mqm user or you will need to update permissions on the file.
  3. Run this command: runmqakm -keydb -create -populate -db /var/mqm/qmgrs/ISVGQueueMgr/ssl/key.kdb -pw the_password -stash
  4. If you have a PKCS12: Run this command: runmqakm -cert -import -db /var/mqm/qmgrs/ISVGQueueMgr/ssl/key.kdb -stashed -label pkcs12label -new_label ibmwebspheremqisvgqueuemgr -target cert.p12 -target_pw pkcs_password -type kdb -target_type pkcs12
  5. If you do not have PKCS12: Run this command: runmqakm -cert -create -db /var/mqm/qmgrs/ISVGQueueMgr/ssl/key.kdb -stashed -label ibmwebspheremqisvgqueuemgr -dn "CN=ISVGIM" -san_dnsname your_hostname -san_ipaddr your_ip
  6. If you have created a new certificate, extract the CA with this command: runmqakm -cert -extract -label ibmwebspheremqisvgqueuemgr -db /var/mqm/qmgrs/ISVGQueueMgr/ssl/key.kdb -stashed -file localCA.crt -format ascii

    NOTE: The label for the shared QM MUST be ibmwebspheremqisvgqmgrshared, and use a different file name.

  7. Use mqcertck Queue_Manager_Name

    This step is important to ensure that all the updates are correct.

  8. To enable SSL, you must restart the queue managers. Run the following commands.

    endmqm ISVGQueueMgr

    strmqm ISVGQueueMgr

  9. Next, perform the steps 3 to 8 for the ISVGQMgrShared QM.
Deploy IVIG Software Stack
Next, perform the following steps.
  1. Go to the IVIG- Software Stack package that you had extracted into its own directory (for example <extracted_directory>).
  2. Run this command: cd <extracted_directory>/wlp/bin
  3. Run this command: ./im_installer.sh configure --configfile /path/to/file

    The im_installer.sh script, when run in the configure mode, prompts for various inputs (such as LDAP, DB2, IBM connection parameters) and stores them in the configuration file created in the specified directory on the local computer. If the same file already exists in the specified directory, then it will be updated.

    In this command, replace /path/to/file with the complete directory path including the file name. For example: ./im_installer.sh configure --configfile /home/imssliberty/ivig11_config.properties

  4. Run this command: ./im_installer.sh install --configfile /path/to/file

    Here, the im_installer.sh script, when run in the install mode, uses the parameters from the configuration file created in the previous step. In this command, replace /path/to/file with the same directory path and the file name that was created in the previous step. For example: ./im_installer.sh install --configfile /home/imssliberty/ivig11_config.properties

  5. If you want the to use SSL, add your certificate and private key to the keystore listed as liberty.keystore.location in bootstrap.properties file. If not using SSL, then you can use port 9080 instead of 9443.
  6. Run this command: <wlp>/bin/server start
  7. Log in to IVIG Server:
    • If using SSL: https://<hostname>:9443/itim/console
    • If using non-SSL: http://<hostname>:9080/itim/console
    The screen prompts you to change the default password. Set a password of your choice, and then proceed with logging in to the IVIG Server.

Multi-node deployment

If you want to deploy IVIG-Software Stack in a multi-node SLES environment, create the first node (for example, Node-1) by performing the steps described in the Standalone Deployment section.

Next, we will configure a new node (for example, Node-2). Perform the following steps:

  1. On Node-2, install IBM Java.
  2. On Node-2, install IBM MQ.
  3. From IBM Passport Advantage site, download the IVIG Software Stack files.
  4. Extract the downloaded IVIG Software Stack package into its own directory in Node-2.
  5. On Node-2, configure the local MQ queue manager, by performing steps 1 to 8 from Configure IBM MQ section. Also, if you plan to use SSL, perform the SSL-related steps from the same section.
  6. On the existing Node-1, go to the wlp/bin directory and run the following command: im_installer.sh addnode --configfile /path/to/configfile
  7. The script prompts you to provide the hostname for Node-2 and other required details for the MQ local. Provide the required values.
  8. The script then adds the required files to /path/to/configfile.zip
  9. Transfer the two files (configfile and configfile.zip) from the existing Node-1 to the new node, Node-2. Ensure that both the files are placed in the same directory on Node-2.
  10. On Node-2, go to the wlp/bin directory and run the following command: im_installer.sh install --configfile /path/to/configfile
  11. From the wlp/bin directory, run the following command: <wlp>/bin/server start
  12. Log in:
    • If using SSL: https://<hostname>:9443/itim/console
    • If using non-SSL: http://<hostname>:9080/itim/console