Versions Compared

Old Version 21

changes.mady.by.user Joseph A Calzaretta

Saved on

compared with

New Version 22

changes.mady.by.user Joseph A Calzaretta

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Wiki Markup
   cd /home
   mkdir /home/alfresco-\[new version\]
   mkdir /home/alf_data

   Note: NO CLUSTERING

4. Unpack the software into the correct directory   If this is going to be a clustered machine, create the cluster directories.

Wiki Markup
   mkdircd /home/alf_data/cluster-Aalfresco-\[new version\]
   mkdirtar \-xzvf /homeroot/alf_data/cluster-Balfresco/alfresco-enterprise-tomcat-wcm-mitmods-2.1.1a.tar.gz

5. Copy the license to the license directory.

Wiki Markup

   mkdircp /homeroot/alf_data/cluster-\[repeat for each stack in cluster\]
&nbspalfresco/enterprise-network-developer-unlimited.lic  \
   mkdir /home/alf_data/replication

4. Unpack the software into the correct directory.

Wiki Markup
   cd /home/alfresco-\[new version\]
   tar \-xzvf /root/alfresco/alfresco-enterprise-tomcat-wcm-mitmods-2.1.1.tar.gz

5. Copy the alfresco.sh file from the ISDA software repository to the new
   Alfresco home directory.

Wiki Markup
   scp \[krb-id\]@\[software-repository\]:alfresco.sh /home/alfresco-\[new-version\]

   Edit the alfresco.sh file to use the local file paths.

6. Copy the license to the license directory.

Wiki Markup
   cp /root/alfresco/enterprise-network-developer-unlimited.lic  \
   /home/alfresco-\[new version\]/tomcat/shared/classes/alfresco/extension/license

7. Set up the dir.root location by adding it to the
   custom-repository.properties file.

   dir.root=/home/alfresco-2.1.1-enterprise/alf_data

8. Setup MySQL database to be used by this system, if this is a new install.
   If this is an upgrade, backup the database with mysqldump.

   8a. Login to MySQL server as root and connect to the MySQL database

   8b. If this is a new install, create a new database and setup a user.

      8b1. Create the database.

         create database alfresco;   Where alfresco is the name of the
                                     database to create

      8b2. Grant permissions to user.

         grant all on alfresco.* to 'username'@'localhost' identified by
          'password' with grant option;
         grant all on alfresco.* to 'username'@'localhost.localdomain'
          identified by 'password' with grant option;

         Replace the database, password and user names as needed, to match
         the alfresco server.  Select a password that will be secure.

9.  If this is going to be the second independent instance of Alfresco on a
    server, then edit the files:

    $ALF_HOME/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/alfresco-shared.properties
    $ALF_HOME/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/web-client-config-wcm.xml

    Alter the option avm.remote.port to have a unique port number, and the
    ports for RMI and JMX.

10.  Edit the virtualization server properties file and change the server address.

    vi virtual-tomcat/conf/alfresco-virtserver.properties

      Edit alfresco.virtserver.domain to have the IP address of the server
      receiving the Alfresco software:

    alfresco.virtserver.domain=18-92-1-223.ip.alfrescodemo.net

 11. Note: you do not need to upgrade TinyMCE or edit any jsp files.

12.  If this is going to be a clustered system, move or alter the following
     files to make a cluster configuration.

    12a.  Move the following files in
          $ALF_HOME/tomcat/share/classes/alfresco/extension

       cp replicating-content-services-context.xml.sample \
           replicating-content-services-context.xml
       cp ehcache-custom.xml.sample.cluster ehcache-custom.xml
       

    12b.  Select an ID for the cluster ID, and alter the following properties
          in the custom-repository.properties file.
       
       cluster.id=A
       dir.root=/home/export   #  Set to an appropriate local, usually a SAN mount
       dir.root.replicated=${dir.root}/replication
       dir.contentstore=${dir.root}/contentstore
       dir.contentstore.replicated=${dir.root.replicated}/contentstore
       dir.contentstore.deleted=${dir.root}/contentstore.deleted
       dir.auditcontentstore=${dir.root}/audit.contentstore
       dir.indexes = ${dir.root}/lucene-indexes
       dir.indexes.lock = ${dir.indexes}/locks
       index.recovery.mode = AUTO
       index.tracking.cronExpression=0/5 * * * * ?
       system.bootstrap.config_check.strick = true

13. Configure the deployment script and remote (deployed-to) server.  This is very dependent on the configuration of the remote server, which we don't necessarily know.  It may require more extensive changes to the script, if the remote server isn't what we expect.  If so, skip this step or pass it on to someone who knows more about the remote server.

  13a. Identify or create an Alfresco deployment user which has read access to the web project to be deployed. (This requires that the user has a sandbox in the web project as at least a Content Reviewer).  Note the Alfresco username and password of this user.

  13b. On the remote (linux) server, identify or create a remote user with write access to the desired deployment destination path.  Ensure that the root account on the Alfresco server can ssh as this user to the remote server without being prompted for a password.  If this is not already set up, you should do the following:

  • On the Alfresco server as root, run "ssh-keygen -t dsa" and accept the default location.  Also, leave the passphrase blank (maybe not the best advice but I want to ensure that the script will not be prompted for a password)
  • Copy the generated public key file (~/.ssh/id_dsa.pub) to the remote server (e.g., "scp ~/.ssh/id_dsa.pub REMOTESERVER:")
  • Log into the remote (assumed linux) server as the remote user.  (If the user doesn't exist, first log in as root and create the account with "adduser USERNAME")
  • If it does not exist, create the remote user's .ssh directory and make sure its permissions are properly set. ("mkdir ~/.ssh" and "chmod 700 ~/.ssh")
  • Append the generated public key file you copied to the end of .ssh/authorized_keys, and make sure its permissions are properly set.  ("cat id_dsa.pub >> ~/.ssh/authorized_keys" and "chmod 600 ~/.ssh/authorized_keys")
  • Remove the generated public key file from the remote server ("rm id_dsa.pub")
  • Log out of the remote server
  • Test by logging into the Alfresco server as root and running "ssh -l USERNAME REMOTESERVER".  If you get in as the remote user without being prompted for a password, congratulations. 

  13c. Edit ${ALF_HOME}/deploy/deploy.sh

  There are four environment variables we care about. 

/tomcat/shared/classes/alfresco/extension/license

6. Set up the dir.root location by adding it to the
   custom-repository.properties file.

   dir.root=/home/alfresco-2.1.1-enterprise/alf_data

7. Setup MySQL database to be used by this system, if this is a new install.
   If this is an upgrade, backup the database with mysqldump.

   7a. Login to MySQL server as root and connect to the MySQL database

   7b. If this is a new install, create a new database and setup a user.

      7b1. Create the database.

         create database alfresco;   Where alfresco is the name of the
                                     database to create

      7b2. Grant permissions to user.

         grant all on alfresco.* to 'username'@'localhost' identified by
          'password' with grant option;
         grant all on alfresco.* to 'username'@'localhost.localdomain'
          identified by 'password' with grant option;

         Replace the database, password and user names as needed, to match
         the alfresco server.  Select a password that will be secure.

8.  ONLY ONE INSTANCE PER SERVER PLEASE

9.  Edit the virtualization server properties file and change the server address.

    vi virtual-tomcat/conf/alfresco-virtserver.properties

      Edit alfresco.virtserver.domain to have the IP address of the server
      receiving the Alfresco software:

  example:  alfresco.virtserver.domain=18-92-1-223.ip.alfrescodemo.net

9a. Generate a strong password for admin and edited alfresco-virtserver.properties to set "alfresco.server.password" to this value.  

 10. Note: you do not need to upgrade TinyMCE or edit any jsp files.

11. Configure the deployment script(s) and remote (deployed-to) server.  This is very dependent on the configuration of the remote server, which we don't necessarily know.  It may require more extensive changes to the script, if the remote server isn't what we expect.  If so, skip this step or pass it on to someone who knows more about the remote server.  For each deployment scenario:

  11a. Identify or create an Alfresco deployment user which has read access to the web project to be deployed. (This requires that the user has a sandbox in the web project as at least a Content Reviewer).  Note the Alfresco username and password of this user.  The password should probably be strong (e.g., random and long)

  11b. On the remote (linux) server, identify or create a remote user with write access to the desired deployment destination path.  Ensure that the root account on the Alfresco server can ssh as this user to the remote server without being prompted for a password.  If this is not already set up, you should do the following:

  • On the Alfresco server as root, run "ssh-keygen -t dsa" and accept the default location.  Also, leave the passphrase blank (maybe not the best advice but I want to ensure that the script will not be prompted for a password)
  • Copy the generated public key file (~/.ssh/id_dsa.pub) to the remote server (e.g., "scp ~/.ssh/id_dsa.pub REMOTESERVER:")
  • Log into the remote (assumed linux) server as the remote user.  (If the user doesn't exist, first log in as root and create the account with "adduser USERNAME")
  • Code Block
    
If it does not exist, create the remote user's .ssh directory and make sure its permissions are properly set. ("mkdir \~/.ssh" and "chmod 700 \~/.ssh") 
  • Append the generated public key file you copied to the end of .ssh/authorized_keys, and make sure its permissions are properly set.  ("cat id_dsa.pub >> ~/.ssh/authorized_keys" and "chmod 600 ~/.ssh/authorized_keys")
  • Remove the generated public key file from the remote server ("rm id_dsa.pub")

Example:

Code Block

 adduser deploy_bot    ###note, this is the WEB SERVER "deploy_bot" account, not the ALFRESCO "deploy_bot" account
 mkdir /home/deploy_bot/.ssh;
 chown deploy_bot /home/deploy_bot/.ssh
 chmod 700 /home/deploy_bot/.ssh;
 cat ~/id_dsa.pub >> /home/deploy_bot/.ssh/authorized_keys
 chown deploy_bot /home/deploy_bot/.ssh/authorized_keys
 chmod 600 /home/deploy_bot/.ssh/authorized_keys
 rm ~/id_dsa.pub
 chmod a+rx /home/www
 chmod a+rx /home/www/sash-server
 chmod a+rx /home/www/sash-server/servers/
 chmod a+rx /home/www/sash-server/servers/alumni/
 chown deploy_bot /home/www/sash-server/servers/alumni/webapps
 chown deploy_bot /home/www/sash-server/servers/alumni/webapps/ROOT
 
Code Block

 
  • Log out of the remote server
  • Test by logging into the Alfresco server as root and running "ssh -l USERNAME REMOTESERVER".  If you get in as the remote user without being prompted for a password, congratulations.   Note: in this step, accept the host key.  This stores the host key in known_hosts and is actually important, since you don't want the deployment script to be prompted to accept or not accept the host key.

  11c. Copy ${ALF_HOME}/deploy/deploy.sh to a scenario-specific file, like ${ALF_HOME}/deploy/deploy-to-someplace.sh

   There are four environment variables we care about. 

    DEPLOY_REMOTE_SERVER is the fully qualified hostname of the remote server.  (e.g., "export DEPLOY_REMOTE_SERVER=isda-ist1.mit.edu")
    DEPLOY_REMOTE_USER is the username (from 13b.) of an account on the remote server with passwordless ssh login access.  (e.g., "export DEPLOY_REMOTE_USER=deploy_bot")
    DEPLOY_REMOTE_DESTPATH is the path to the directory on the remote machine to which you want to deploy    DEPLOY_REMOTE_SERVER is the fully qualified hostname of the remote server.  (e.g., "export DEPLOY_REMOTE_SERVER=isda-ist1.mit.eduDESTPATH=/home/apache-tomcat-5.5.23/webapps/ROOT")
 

    DEPLOY_REMOTEALFRESCO_USER is the username the username (from 13b13a.)  of an account on the remote server with passwordless ssh login accessfor the Alfresco account with read access to the web project to be deployed (e.g., "export DEPLOY_REMOTEALFRESCO_USER=deploy_bot")
    DEPLOY_REMOTE_DESTPATH is the path to the directory on the remote machine to which you want to deployPASSWORD is the Alfresco password for the DEPLOY_ALFRESCO_USER user.  (e.g., "export DEPLOY_REMOTE_DESTPATH=/home/apache-tomcat-5.5.23/webapps/ROOT")
 

    DEPLOY_ALFRESCO_USER is the username (from 13a.) for the Alfresco account with read access to the web project to be deployed (e.g., "export DEPLOY_ALFRESCO_USER=deploy_bot")
    DEPLOY_PASSWORD is the Alfresco password for the DEPLOY_ALFRESCO_USER user.  (e.g., "export DEPLOY_PASSWORD=deploy_bot_password_or_something")

---

 That's it for now.

----

...

PASSWORD=deploy_bot_password_or_something")

  11d. Edit $ALF_EXT/web-client-config-custom.xml and change the <deployment> element to include the deployment command(s)

Code Block

    <commands>
...
         <command name="deploy-to-someplace" program="bash">
                       <param>-c</param>
                       <param>${ALF_HOME}/deploy/deploy-to-someplace.sh</param>
                   </command>
...
         </commands>



12. Edit $ALF_EXT/custom-authority-services-context.xml and add any new administrators (e.g. <value>jcalz_admin</value>) to the admin list. 

13. Do a /$ALF_HOME/alfresco.sh start, and wait for the server to come up.

14.  FROM THE WEB BROWSER, log into alfresco with the admin/admin password

15.  Go into User Management and set the admin account password to the strong password from step 9a.

16  Create any deployment accounts, and set their passwords, from step 11a.

17 Create any other admin user accounts from step 12

ON CMS-PROD-WCM1:

1) I had to make sure all .sh files were executable and in UNIX format, since they came from a Windows box.   (This step should be unnecessary if I fix the tarball)

Code Block

  cd /home/repos/alfresco; for a in `find -name \*.sh`; do chmod a+x $a; dos2unix $a; done

2) I generated a strong password for admin and edited /home/repos/alfresco/virtual-tomcat/conf/alfresco-virtserver.properties to set "alfresco.server.password" to this value. 

Wiki Markup
3) I created $ALF_EXT/custom-authority-services-context.xml (copied from version in /root) and added <value>jcalz_admin</value> to the admin list.&nbsp; \[NOTE: an older version of this file had a bean definition which caused a circular reference here.&nbsp; The new version is correct.&nbsp; In general, this file should be copied out of authority-services-context.xml in the alfresco WAR file before it is edited\]

4) Created the logs directories for tomcat and virtual tomcat.  (Apparently the tomcat startup scripts get upset if the directories aren't there.  This step should be unnecessary if I fix the tarball)

Code Block

mkdir tomcat/logs; mkdir virtual-tomcat/logs

5) I edited $ALF_EXT/web-client-config-custom.xml and changed the <deployment> element to include

Code Block

    <commands>
         <command name="deploy-to-cms-test-wcm1" program="bash">
                       <param>-c</param>
                       <param>${ALF_HOME}/deploy/deploy-to-cms-test-wcm1.sh</param>
                   </command>
         </commands>

6) I copied $ALF_HOME/deploy/deploy.sh to $ALF_HOME/deploy/deploy-to-cms-test-wcm1.sh

7) I generated a strong password for an Alfresco "deploy_bot" account.

8) I ran "ssh-keygen -t dsa" and accepted the default location and left the passphrase blank.

9) I copied the generated public key file to cms-test-wcm1

Code Block

scp ~/.ssh/id_dsa.pub cms-test-wcm1:

10) I logged into the remote server as root:

Code Block

ssh -l root cms-test-wcm1

ON CMS-TEST-WCM1:

11) I did:

Code Block

 adduser deploy_bot    ###note, this is the WEB SERVER "deploy_bot" account, not the ALFRESCO "deploy_bot" account
 mkdir /home/deploy_bot/.ssh;
 chown deploy_bot /home/deploy_bot/.ssh
 chmod 700 /home/deploy_bot/.ssh;
 cat ~/id_dsa.pub >> /home/deploy_bot/.ssh/authorized_keys
 chown deploy_bot /home/deploy_bot/.ssh/authorized_keys
 chmod 600 /home/deploy_bot/.ssh/authorized_keys
 rm ~/id_dsa.pub

12) I ensured that the deploy_bot account had write access to the deployment destination path:

Code Block

 chmod a+rx /home/www
 chmod a+rx /home/www/sash-server
 chmod a+rx /home/www/sash-server/servers/
 chmod a+rx /home/www/sash-server/servers/alumni/
 chown deploy_bot /home/www/sash-server/servers/alumni/webapps
 chown deploy_bot /home/www/sash-server/servers/alumni/webapps/ROOT
 

(There may be better ways of doing this, but this shouldn't be a big deal)

13) I logged out of cms-test-wcm1

ON CMS-PROD-WCM1:

14) I tried "ssh -l deploy_bot cms-test-wcm1.mit.edu" and accepted the host key.  (This step stores the host key in known_hosts and is actually important, since you don't want the deployment script to be prompted to accept or not accept the host key.)

15) I edited "$ALF_HOME/deploy/deploy-to-cms-test-wcm1.sh" and set:

Code Block

 
 export DEPLOY_ALFRESCO_USER=deploy_bot
 export DEPLOY_ALFRESCO_PASSWORD=[Strong password from step 7]
 export DEPLOY_REMOTE_SERVER=cms-test-wcm1.mit.edu
 export DEPLOY_REMOTE_USER=deploy_bot
 export DEPLOY_REMOTE_DESTPATH=/home/www/sash-server/servers/alumni/webapps/ROOT

16) I went into $ALF_HOME and did ./alfresco.sh start, and waited for the server to come up.

FROM THE WEB BROWSER:

17) I logged into http://cms-prod-wcm1.mit.edu:8080/alfresco, with the admin/admin password

18) I went into User Management and set the admin account password to the strong password from step 2.

19) I created the deploy_bot account, and set its password to the strong password from step 7.

20) I created the jcalz_admin account, and set its password to my desired password.

21) I logged out as admin and back in as jcalz_admin

22) I created a Web Project and specified "command:deploy-to-cms-test-wcm1" as the deploy destination, gave deploy_bot content reviewer access, and copied some stuff into it, and took a snapshot.

23) I tested deployment: success!

----

More setting up the server:

A] Added more admin accounts to $ALF_EXT/custom-authority-services-context.xml. 

B] Replaced $ALF_HOME/tomcat/webapps/ROOT/index.jsp with a file that contains only the following: (This step should be unnecessary if I fix the tarball)

Code Block

<% response.redirect("/alfresco/"); %>
&nbsp;

C] Edited $ALF_HOME/tomcat/webapps/ROOT/WEB-INF/web.xml and changed it to: (This step should be unnecessary if I fix the tarball)

Code Block

<?xml version="1.0" encoding="ISO-8859-1"?>
<!--
 Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements.  See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
  The ASF licenses this file to You under the Apache License, Version 2.0
  (the "License"); you may not use this file except in compliance with
  the License.  You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  See the License for the specific language governing permissions and
  limitations under the License.
-->

<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
    version="2.4">

  <display-name>Welcome to Tomcat</display-name>
  <description>
     Welcome to Tomcat
  </description>


</web-app>

(I removed the JSPC <servlet> and <servlet-mapping> sections).