Server components installation - serverinst script
The master domain manager, backup domain manager, dynamic domain manager, backup dynamic domain manager, and installation parameters that can be defined for the serverinst script.
This section lists and describes the parameters that are used when running a serverinst script to install the master domain manager and backup domain manager, dynamic domain manager, and backup dynamic domain manager.
- ca.crt
- tls.key
- tls.crt
You can specify values in the properties file, type them in the command line, or use both methods. If a parameter is specified both in the properties file and in the command line, the command line value takes precedence.
- On Windows operating systems
- TWA_home\logs
- On UNIX operating systems
- TWA_DATA_DIR/installation/logs
Syntax
- On Windows™ operating systems:
-
- Show command usage
-
cscript serverinst.vbs -? | --usage | --help
- Retrieve the command parameters and values from a properties file
-
cscript serverinst.vbs --propfile|-f [properties_file]
- General information
-
cscript serverinst.vbs --acceptlicense yes|no [--lang lang_id] [--inst_dir install_dir] [--work_dir working_dir] [--skipcheckprereq true|false] [--skipcheckemptydir true|false] [--skipusercheck true|false]
- Configuration information for the data source
-
--rdbmstype|-r DB2 | ORACLE | MSSQL | POSTGRESQL [--dbname db_name] [--dbuser db_user] --dbpassword db_password [--dbport db_port] --dbhostname db_hostname [--dbdriverpath db_driver_path] [--dbsslconnection true | false]
- Security options
-
--sslkeysfolder keystore_truststore_folder --sslpassword ssl_password [--enablefips true | false]
- User information
-
[--wadomain] [--wauser wa_user] [--wapassword wa_password]
- Configuration information for the application server
-
--wlpdir|-w wlp_directory [--httpsport https_port] [--bootstrapport bootstrap_port] [--bootsecport bootstrap_sec_port] [--startserver true | false]
- Configuration information for dynamic scheduling
-
[--displayname agent_name] [--jmport port_number]
- Configuration information for the master domain manager
-
[--componenttype MDM | DDM]
- Configuration options when --componenttype is MDM
-
[--company company_name] [--hostname hostname] [--thiscpu workstation] [--eifport eif_port] [--brwksname broker_workstation_name] [--brnetmanport broker_netman_port] [--netmanport netman_port_number] [--netmansslport netman_port_number]
- Configuration options when --componenttype is DDM
-
[--domain domain_name] --master mdm-domain_name --mdmhttpsport mdm_https_port --mdmbrokerhostnamemdm_hostname [--eifport eif_port] [--brwksname broker_workstation_name] [--brnetmanport broker_netman_port] [--netmanport netman_port_number] [--netmansslport netman_port_number] [--isforzos yes|no]
- IBM Workload Scheduler encryption options
-
[--useencryption true | false] [--encryptionpassword default]
- On UNIX® operating systems
-
- Show command usage
-
./serverinst.sh -? | --usage | --help
- Retrieve the command parameters and values from a properties file
-
./serverinst.sh --propfile|-f [properties_file]
- General information
-
./serverinst.sh --acceptlicense yes|no [--lang lang_id] [--inst_dir install_dir] [--work_dir working_dir] [--data_dir wa_datadir] [--skipcheckprereq true|false] [--skipcheckemptydir true|false]
- Configuration information for the data source
-
--rdbmstype|-r DB2 | ORACLE | MSSQL | POSTGRESQL [--dbname db_name] [--dbuser db_user] --dbpassword db_password [--dbport db_port] --dbhostname db_hostname [--dbdriverpath db_driver_path] [--dbsslconnection true | false]
- Security options
-
--sslkeysfolder keystore_truststore_folder --sslpassword ssl_password [--enablefips true | false]
- User information
-
[--wauser wa_user] [--wapassword wa_password]
- Configuration information for the application server
-
--wlpdir|-w wlp_directory [--httpsport https_port] [--bootstrapport bootstrap_port] [--bootsecport bootstrap_sec_port] [--startserver true | false]
- Configuration information for dynamic scheduling
-
[--displayname agent_name] [--jmport port_number]
- Configuration information for the master domain manager
-
[--componenttype MDM | DDM]
- Configuration options when --componenttype is MDM
-
[--company company_name] [--hostname hostname] [--thiscpu workstation [--eifport eif_port] [--brwksname broker_workstation_name] [--brnetmanport broker_netman_port] [--netmanport netman_port_number] [--netmansslport netman_port_number]
- Configuration options when --componenttype is DDM
-
[--domain domain_name] --master mdm_domain_name --mdmhttpsport mdm_https_port --mdmbrokerhostname mdm_hostname --eifport eif_port] [--brwksname broker_workstation_name] [--brnetmanport broker_netman_port] [--netmanport netman_port_number] [--netmansslport netman_port_number] [--isforzos yes|no]
- IBM Workload Scheduler encryption options
-
[--useencryption true | false] [--encryptionpassword default]
Arguments
- ? | --usage | --help
- Displays the command usage and exits.
- --propfile|-f [properties_file]
- Optionally specify a properties file containing custom values for serverinst
parameters. The default file is
- On Windows systems
image_dir>\TWS95_WIN_X86_64_SERVER\TWS\WINDOWS_X86_64\serverinst.properties
- On UNIX systems
image_dir>/TWS/interp>/serverinst.properties
General information
- --acceptlicense yes|no
- Specify whether to accept the License Agreement.
- --lang lang_id
- The language in which the messages returned by the command are displayed. If not specified, the
system LANG is used. If the related catalog is missing, the default C
language catalog is used. If neither --lang nor LANG are used, the
default codepage is set to SBCS. For a list of valid values for these
variables, see the following table:
Table 1. Valid values for -lang and LANG parameter Language Value Brazilian Portuguese pt_BR Chinese (traditional and simplified) zh_CN, zh_TW English en French fr German de Italian it Japanese ja Korean ko Russian ru Spanish es Note: This is the language in which the installation log is recorded and not the language of the installed component instance. The command installs all languages as default. - --inst_dir installation_dir
- The directory of the IBM Workload Scheduler installation. This parameter is optional. The default value is:
- On Windows operating systems
-
C:\Program Files\wa
- On UNIX operating systems
-
/opt/wa
- --work_dir working_dir
- The temporary directory used by the program to deploy the installation process files. This
parameter is optional. The default value is:
- On Windows operating systems
-
C:\TMP
- On UNIX operating systems
-
/tmp/waversion_number
- --data_dir wa_datadir
- UNIX operating systems only. Specify the path to a directory where you want to store the logs and configuration files produced by IBM Workload Scheduler. This parameter is optional. If you do not specify this parameter, all data files generated by IBM Workload Scheduler are stored in the TWA_home/TWSDATA directory. This path is called, in the publications, TWA_DATA_DIR.
- --skipcheckprereq true|false
- If you set this parameter to false, IBM Workload Scheduler does not scan system prerequisites before starting the installation. This parameter is optional. The default value is true. For more information about the prerequisite check, see Scanning system prerequisites for IBM Workload Scheduler.
- --skipcheckemptydir true|false
- Set this parameter to true to avoid checking whether the installation directory is empty. By default, this parameter is false, because starting from version 9.5 the installation directory must be empty. If you set this parameter to true and the installation directory is not empty, the installation process might fail.
- --skipusercheck true|false
- If you set this parameter to true, IBM Workload Scheduler,
performs no checks on the user. This parameter is optional. The default
value is false. By default, the following checks are performed:
- local user
- The script checks if the specified user is existing, has the
correct access rights, and the password specified with the
wapassword
parameter is correct. If the user does not exist, the script creates it and grants it the correct access rights. If the specified password is incorrect, the script returns an error and the installation process stops. - domain user
- The script checks if the specified user is existing, has the
correct access rights, and the password specified with the
wapassword
parameter is correct. If the user does not exist, the script cannot create it and the installation process ends in error. If the user exists but does not have the correct access rights, the script assigns it the required rights. If the specified password is incorrect, the script returns an error and the installation process stops.
Configuration information for the data source
The values for these parameters must match the values defined by the database administrator when creating the database. For more information, see Creating and populating the database and browse to the topic for the database you are using.
- --rdbmstype|-r rdbms_type
- The database type. Supported databases are:
- DB2
- ORACLE This value applies to Oracle and Amazon RDS for Oracle
- MSSQL This value applies to MSSQL and MSSQL cloud-based databases.
- POSTGRESQL
- --dbname db_name
- The name of the IBM Workload Scheduler database. This parameter is optional. The default value is TWS.
- --dbuser db_user
- The user that has been granted access to the IBM Workload Scheduler tables on the database server. This parameter is optional. The default value is db2tws.
- --dbpassword db_password
- The password for the user that has been granted access to the IBM Workload Scheduler or Dynamic Workload Console tables on the database server. This parameter is required. The default value is password. Special characters are not supported. You can optionally encrypt the password. For more information, see Encrypting passwords (optional).
- --dbport db_port
- The port of the database server. This parameter is optional. The default value is 50000.
- --dbhostname db_hostname
- The host name or IP address of database server. This parameter is required.
- --dbdriverpath db_driver_path
- The path where the database drivers are stored. This parameter is optional. By default, the configuration script references the JDBC drivers supplied with the product images. If your database server is not compatible with the supplied drivers, then contact your database administrator for the correct version to use with your database server and specify the driver path using this parameter. Ensure you provide the same path in the configureDb, serverinst, and dwcinst commands.
- --dbsslconnection true | false
- Enables or disables the SSL connection to the database. The default value is false. This parameter applies only to DB2.
- --sslkeysfolder keystore_truststore_folder
- The name and path of the folder containing certificates in
.PEM format. The installation program
automatically processes the keystore and truststore files using the
password you specify with the --sslpassword
parameter. The folder must contain the following files:
-
- ca.crt
- The Certificate Authority (CA) public certificate.
Note that if certificates being
installed are part of a chain consisting of 3 or
more certificates (one Root CA, followed by one or
more Intermediate CAs, followed by the end user
certificate), then this file must contain the Root
CA certificate only. Any Intermediate CA
certificates must be stored in the
additionalCAs subfolder,
which therefore becomes a mandatory subfolder. Each
Intermediate CA must be stored in the
additionalCAs subfolder in
its own file.Note: From V10.2.3, if certificates being installed are part of a chain, the ca.crt can contain also the intermediate CAs. In this case, it must begin with one or more intermediate CA certificates and end with the Root ca.
-
- tls.key
- The private key of the end user certificate for the instance to be installed.
-
- tls.crt
- The public part of the previous key, that is the end user certificate.
For UNIX systems, ensure that all the files have the ownership of the user who installed the master domain manager and the correct permissions (644).
You can optionally create a subfolder to contain one or more *.crt files to be added to the server truststore as trusted CA, whose name must be additionalCAs. This can be used for example to add to the list of trusted CAs the certificate of the LDAP server or DB2 server. Additionally, you can store here any intermediate CA certificate to be added to the truststore. The subfolder must be named additionalCAs. Note that if the end user certificate being installed in the instance is part of a chain consisting of 3 or more certificates (one Root CA, followed by one or more Intermediate CAs, followed by the end user certificate), then the Intermediate CAs certificates must be stored in the additionalCAs subfolder, which therefore becomes a mandatory subfolder. Each Intermediate CA must be stored in the additionalCAs subfolder in its own file.
For further information about how to generate custom certificates, see Managing certificates using Certman.
-
- --sslpassword ssl_password
The password for the custom certificates and the path to the folder containing certificates in .PEM format with the sslkeysfolder parameter.
For more information, see sslkeysfolder.
You can optionally encrypt the password using the secure script. For more information, see Optional password encryption - secure script.
- --enablefips false
- Specify whether you want to enable FIPS. In the current product version, you can only specify false because FIPS is not supported. In a fresh installation, the default is false. In upgrade, there is no default value, so you have to set it explicitly and be aware that FIPS is being disabled when you upgrade. This parameter is optional. If you are upgrading from an environment where FIPS is supported, see Q: My environment is FIPS compliant. What happens if I upgrade to version 10.2.3?.
User information
- --wauser user_name
- The user for which you are installing IBM Workload Scheduler. This parameter is optional. The default value is the user performing the installation, unless you use a user other than root.
- --wapassword wauser_password
- The password for the user
for which you are installing IBM Workload Scheduler.
- On Windows operating systems
- Supported characters for the password are alphanumeric, dash (-), underscore (_) characters, and ()|?*~+.@!^
- On UNIX operating systems
- Supported characters for the password are any alphanumeric, dash (-), underscore (_) characters, and ()|?=*~+.
Configuration information for the application server
The values for these parameters must match the values defined when installing WebSphere Application Server Liberty Base. For more information, see Installing WebSphere Application Server Liberty Base.
- --wlpdir | w wlp_directory
- WebSphere Application Server Liberty Base profile installation directory. This parameter is required.
- --httpsport https_port
- The HTTPS port. This parameter is optional. The default value is 31116.
- --startserver true | false
- Specifies whether the WebSphere Application Server Liberty Base server must be started after installation. This parameter is optional. The default value is true.
Configuration information for dynamic scheduling
- --displayname agent_name
- The name to be assigned to the agent. The name cannot start with a number. If the host name starts with a number, this parameter is required, otherwise it is optional. The default value is the host name of the workstation followed by _1.
- --jmport port_number
-
The JobManager port number on which the dynamic domain manager is contacted by the dynamic agent. This parameter is optional. The default value is 31114. The valid range is from 1 to 65535.
Configuration information for the master domain manager
- --componenttype MDM | DDM
- The workstation type being installed. Supported workstation types are:
- MDM
- master domain manager
- DDM
- dynamic domain manager
To install a backup domain manager, run the serverinst command on the workstation where you plan to install the backup domain manager. The serverinst command connects to the database you specify, discovers that a master domain manager is already installed, and proceeds to install a backup domain manager. The same procedure applies when installing a backup dynamic domain manager.
Configuration options when --componenttype is MDM
- --company company_name
- The name of the company. The company name cannot contain blank characters. The name is shown in program headers and reports. This parameter is optional. The default name is COMPANY.
- --hostname host_name
- The fully qualified host name or IP address on which the installation is performed. The default value is calculated at installation time.
- --thiscpu workstation
- The name of the IBM Workload Scheduler workstation for this installation. The name cannot exceed 16 characters, cannot start with a number, cannot contain spaces. If the host name starts with a number, this parameter is required, otherwise it is optional. This name is registered in the localopts file. The default name is the host name of the workstation.
- --eifport eif_port
- Specifies the Job Manager Event Integration Facility (EIF) port number. The default value is 31131. The valid range is 1 to 65535.
- --brwksname broker_workstation_name
- The broker workstation name. This parameter is optional. The default value is the workstation host name followed by _DWB. It cannot start with a number.
- --brnetmanport port_number
- The TCP/IP port number used by the
netman
process to listen for communication from the dynamic domain manager. This parameter is optional. The default value is 41114. The valid range is from 1 to 65535. This port number is registered in the localopts file. For each installation you must specify a different number. For more information about the localopts file, see Setting local options - --netmanport netman_port_number
- The TCP/IP port number used by the
netman
process to listen for communication from the master domain manager. This parameter is optional. The default value is 31111. The valid range is from 1 to 65535. You can also set this parameter to disabled. In this case, you must provide a value for the netmansslport parameter, which enables SSL communication. This port number is registered in the localopts file, in the nm port attribute. For each installation you must specify a different number. - --netmansslport SSL_port_number
- The TCP/IP port number used by the netman process to listen for communication from the master in SSL mode. The default value is 31113. The valid range is from 1 to 65535. You can also set the netmansslport parameter to disabled to use non-encrypted communication. If you set the netmansslport parameter to disabled, you must provide a value for the netmanport parameter. This port number is registered in the localopts file, in the nm ssl full port attribute. For each installation you must specify a different number.
Configuration options when --componenttype is DDM
- --domain domain_name
- Windows systems only. The domain name of the IBM Workload Scheduler user. This parameter is optional. The default value is MASTERDM when you install a master domain manager, and DYNAMICDM when you install a dynamic domain manager.
- --master mdm_domain_name
- The master domain manager name. It cannot start with a number. This parameter is required for the dynamic domain manager only. Do not specify when installing the master domain manager.
- --mdmhttpsport mdm_https_port
- The port of the master domain manager host used by the broker to contact master domain manager. This parameter is required. This parameter applies to the dynamic domain manager only. Do not specify when installing the master domain manager.
- --mdmbrokerhostname mdm_hostname
- The fully qualified host name or IP address of the master domain manager contacted by the dynamic domain manager. This parameter is required for the dynamic domain manager only. Do not specify when installing the master domain manager.
- --eifport eif_port
- Specifies the Job Manager Event Integration Facility (EIF) port number. The default value is 31131. The valid range is 1 to 65535.
- --brwksname broker_workstation_name
- The broker workstation name. This parameter is optional. The default value is the workstation host name followed by _DWB. It cannot start with a number.
- --brnetmanport port_number
- The TCP/IP port number used by the
netman
process to listen for communication from the dynamic domain manager. This parameter is optional. The default value is 41114. The valid range is from 1 to 65535. This port number is registered in the localopts file. For each installation you must specify a different number. For more information about the localopts file, see Setting local options - --netmanport netman_port_number
- The TCP/IP port number used by the
netman
process to listen for communication from the master domain manager. This parameter is optional. The default value is 31111. The valid range is from 1 to 65535. You can also set this parameter to disabled. In this case, you must provide a value for the netmansslport parameter, which enables SSL communication. This port number is registered in the localopts file, in the nm port attribute. For each installation you must specify a different number. - --netmansslport SSL_port_number
- The TCP/IP port number used by the netman process to listen for communication from the master in SSL mode. The default value is 31113. The valid range is from 1 to 65535. You can also set the netmansslport parameter to disabled to use non-encrypted communication. If you set the netmansslport parameter to disabled, you must provide a value for the netmanport parameter. This port number is registered in the localopts file, in the nm ssl full port attribute. For each installation you must specify a different number.
- --isforzos yes|no
-
Set to yes if you want to connect the dynamic domain manager to only the Z controller. Set to no if you want to connect the dynamic domain manager to a master domain manager or, to both a master domain manager and a Z controller. This parameter is optional. The default value is no.
IBM Workload Scheduler encryption options
- --useencryption true | false
- Specifies whether IBM Workload Scheduler files must be encrypted at runtime. If you specify true, or do not set this parameter, files such as the Symphony file and the message queues are encrypted using AES-256 or AES-128 cryptography. By default, a fresh installation is automatically encrypted and the keystore password is default. To change the keystore password, use the encryptionpassword parameter. This parameter is optional.
- --encryptionpassword default
- The password for the keystore storing the AES-256 or AES-128 keys used to encrypt the files at runtime. This parameter is optional. The default value is default. You can optionally encrypt the password using the secure script. For more information, see Optional password encryption - secure script.
Comments
- --rdbmstype
- --dbhostname
- --dbport
- --dbname
- --dbuser
- --dbpassword