Fix Readme
Abstract
This readme describes the contents and fixes included in new interim fix 2.0.0.2-IBM-IMA-IFIT27945
Content
Interim Fix: 2.0.0.2-IBM-IMA-IFIT27801
Date: February 25, 2019
Build: 20190222-1951
IBM MessageSight 2.0.0.2 Cumulative interim fix
(Note: all MessageSight 2.x ifixes and fixpacks are cumulative. In addition, because of the nature of the fix packaging for 2.0, any published fix can be used for the base install of MessageSight. It is recommend to install the latest IFIX or FP as the initial install of the product.)
Component | md5sum | File |
---|---|---|
Server | b40bb31114f9dc50188f54ee40715fca | 2.0.0.2-IBM-IMA-IFIT27945-Server.tz |
WebUI | 47d1512c55769d09dac662dea9e55a61 | 2.0.0.2-IBM-IMA-IFIT27945-WebUI.tz |
APAR | Description |
---|---|
IT27945 | Add a new config item in LDAP object to check server certificate
Note: We have added a new configuration item "CheckServerCert" in the LDAP object to set Server certificate verification policy. Possible values are: "TrustStore", "PublicTrust", and "DisableVerify". TrustStore: the Certificate item is a file name containing one or more CAs in PEM format. This should include the entire trust chain needed to verify the server certificate. PublicTrust: the Certificate item is not used and the set of publicly trusted root CAs configured in the host is used to verify the server certificate. DisableVerify: the server certificate is not verified and the host name is not verified to match the certificate name. For new installations, default is TrustStore. For code upgrades, the default is DisableVerify (same as previous code levels). To enable server certificate verification, set this item to "TrustStore". This will make MessageSight server verify the LDAP server certificate using uploaded CA Certificate file and configured "Certificate" configuration item of LDAP object. Example: curl -X POST https:// Restart imaserver after enabling or changing certificate verification. |
IT28210 | Change message in LDAP configuration code where the message is not an error |
IT28211 | RejectNew Subscriptions can cause server crash |
Fix Instructions:
Before you install:
We strongly recommend performing a backup before upgrading the product software:
Backup and restore instructions
1. Preparing to install the fix:
Prepare the IBM IoT MessageSight .tz files for installation. The preparation steps for installing MessageSight as an update or for the first time are the same. For more information, see Preparing the IBM IoT MessageSight .tz packages for installation .
These instructions will focus on providing instructions for updating MessageSight. See the following instructions for installing MessageSight for the first time:
Installing IBM IoT MessageSight
2. Installing the fix:
A. RPM: In an environment where MessageSight is installed with rpm:
I. Updating the MessageSight Server package if Server is installed:
cd imaserver
sudo yum -y --nogpgcheck update IBMIoTMessageSightServer*.rpm
systemctl start IBMIoTMessageSightServer
II. Updating the MessageSight Server package if the WebUI is installed:
cd imawebui
sudo yum -y --nogpgcheck update IBMIoTMessageSightWebUI*.rpm
systemctl start IBMIoTMessageSightWebUI
NOTE: these packages can also be installed using: rpm -Uvh IBMIoTMessageSight*.rpm. However, you must never update using:
yum install IBMIoTMessageSightServer*.rpm
or uninstall and reinstall with rpm or yum (if you wish to preserve your existing data), since this will remove all of your data and config under /var/messagesight.
B. Docker: Installing the fix in an environment where MessageSight is running in docker:
I. Build the IBM IoT MessageSight Docker image.
Build the IBM IoT MessageSight server image by issuing the following command:
cd imaserver
mv *.rpm imaserver.rpm
docker build --force-rm=true -t <server_image_name>:<fix_version>.<build> .
Eg:
docker build --force-rm=true -t imaserver:2.0.0.2.20190222-1951 .
II. Build the IBM IoT MessageSight Web UI image by issuing the following command:
cd imawebui
mv *.rpm imawebui.rpm
docker build --force-rm=true -t <webui_image_name>:<fix_version>.<build> .
Eg:
docker build --force-rm=true -t imawebui:2.0.0.2.20190222-1951 .
III. Stop the existing containers.
Stop the server container by issuing the following command:
docker stop <server_container_name>
where <server_container_name> is the name of the container in which the IBM IoT MessageSight server is running. For example,
docker stop imaserver
Stop the Web UI container by issuing the following command:
docker stop <webui_container_name>
where <webui_container_name> is the name of the container in which the IBM IoT MessageSight Web UI is running. For example,
docker stop imawebui
IV. Remove the containers.
Remove the server container by issuing the following command:
docker rm <server_container_name>
where <server_container_name> is the name of the container in which the IBM IoT MessageSight server was running. For example,
docker rm imaserver
Remove the Web UI container by issuing the following command:
docker rm <webui_container_name>
where <webui_container_name> is the name of the container in which the IBM IoT MessageSight Web UI was running. For example,
docker rm imawebui
V. Remove the old MessageSight images (optional)
This step is only required if you are not tagging MessageSight docker images with version specific tags. For example, if you build a MessageSight docker image like this:
docker build --force-rm=true -t imaserver:2.0 .
for every version of MessageSight, then you need to remove the previous image by issuing the following command(s), before building the update image:
docker rmi -f $(docker ps | grep imaserver | awk '{print $3}')
Remove the IBM IoT MessageSight Web UI image by issuing the following command:
docker rmi -f $(docker ps | grep imawebui | awk '{print $3}')
If, however, you tag each MessageSight image with a build specific version, eg:
docker build --force-rm=true -t imaserver:<fix_version>.<build> .
then this step is not required.
VI. Start the new containers.
Use the same Docker run command that you had used for previous incarnations of the MessageSight containers.
Here's the general syntax for how to start the IBM IoT MessageSight server container:
docker run --cap-add SYS_ADMIN --net=host -P -it --name=<server_container_name> -env-file=IBMIoTMessageSightServer-docker.env -m <memory> -v <local_data_directory>:/var/messagesight -v <local_temp_directory>:/var/tmp -d <server_image_name>:<fix_version>.<build>
A more concrete example:
docker run --cap-add SYS_ADMIN --net=host -P -it --name=imaserver -env-file=IBMIoTMessageSightServer-docker.env -m 64G -v /data/messagesight:/var/messagesight -v /mnt/tmp:/var/tmp -d imaserver:2.0.0.2.20190222-1951
To start the IBM IoT MessageSight Web UI container:
docker run --cap-add SYS_ADMIN --net=host -P -it --name=<webui_container_name> --env-file=IBMIoTMessageSightServer-docker.env -m <memory> -v <local_data_directory>:/var/messagesight -v <local_temp_directory>:/var/tmp -d <webui_image_name>:<fix_version>.<build>
A more concrete example:
docker run --cap-add SYS_ADMIN --net=host -P -it --name=imawebui --env-file=IBMIoTMessageSightServer-docker.env -m 2G -v /data/messagesight:/var/messagesight -v /mnt/tmp:/var/tmp -d imawebui:2.0.0.2.20190222-1951
3. Verifying the installation:
If this is your initial install of the product see Configuring the licensed usage for IBM IoT MessageSight and accepting the license by using REST Administration APIs for accepting the product license .
If this is an update, then you can verify the status of the server see Viewing the status of an IBM IoT MessageSight server and services by using REST Administration APIs .
Was this topic helpful?
Document Information
Modified date:
26 February 2019
UID
ibm10873190