- Preinstall checklist
- F5 BIG-IP
- Network Interfaces
Some common commands to verify network functionality before installing applications. This example is for an AIX OS.
- Verify networking
- Check network interfaces
- Verify the system has a resolvable fully qualified host name# nslookup hyhost1.mydomain.com Server: 18.104.22.168 Address: 22.214.171.124#53 Name: myost2.mydomain.com Address: 126.96.36.199
Ping the systemping hostname
If either command fails, correct the /etc/hosts file./etc/hosts
- Hosts file
- Entry for each appserver in the cluster (live appservers should have other live appservers; staging appservers should have other staging appservers) should be added
- Entry for NDM (live or staging)
- Entry for database server
- Entry for each webserver, (DMZ for live and shared for staging)
Verify the system is DNS enabled so that there is a host name and domain present. Pure IP address environments are not supported by WebSphere Commerce.nslookup IP_address
The result should be a reply with the correct fully qualified host name of the system.
You must have both a name server and a search domain defined in.../etc/resolv.conf
- Verify DVD-ROM drive.
- Verify Graphics capable monitor.
- Verify LAN adapter that supports the TCP/IP protocol.
- Ports Verify there are no port conflicts in the planned configuration.
To see in-use port numbers...netstat -an
Look for: 80, 443, 5432, 5433, 8000, 8001, 8002, 8004, 8006, or 8007
- Verify host name
Verify the host name of the Web server machine does not contain an underscore ( _ ).
- Verify nmon is configured
Verify nmon is configured
- Verify unzip
Verify unzip 5.42 installed to /opt/freeware with appropriate symlinks in /usr/bin# unzip -v UnZip 5.51 of 22 May 2004, by Info-ZIP. Latest sources and executables are at ftp://ftp.info-zip.org/pub/infozip/ ; see ftp://ftp.info-zip.org/pub/infozip/UnZip.html for other sites. Compiled with cc for Unix (IBM AIX) on Sep 27 2004. UnZip special compilation options: COPYRIGHT_CLEAN (PKZIP 0.9x unreducing method not supported) LZW_CLEAN (PKZIP/Zip 1.x unshrinking method not supported) SET_DIR_ATTRIB TIMESTAMP USE_EF_UT_TIME USE_DEFLATE64 (PKZIP 4.x Deflate64(tm) supported) VMS_TEXT_CONV [decryption, version 2.9 of 05 May 2000] UnZip and ZipInfo environment options: UNZIP: [none] UNZIPOPT: [none] ZIPINFO: [none] ZIPINFOOPT: [none]
Verify GNU Wget 1.8.2 is installed
Installed to /usr/local/bin
To check...$ wget -V
Verify lsof 4.61 is installed to /usr/sbin with appropriate symlink in /usr/local/sbin
To check:$ lsof -v
- Set ulimitsulimit -a time(seconds) unlimited file(blocks) 2097151 data(kbytes) unlimited< stack(kbytes) 32768 memory(kbytes) 32768 coredump(blocks) 2097151 nofiles(descriptors) 10000 threads(per process) unlimited processes(per user) unlimited
- Full core dumps
On Live app servers only, sys0 needs to be changed to allow full core dumps:chdev -a fullcore=true -lsys0
How to check:lsattr -El sys0 | grep full
fullcore true Enable full CORE dump True
- Operating System
On AIX, as user root, run slibclean
On all nodes (appserver, DB, and web server), verify appropriate fixes have been applied...myhost1:/tmp # oslevel -s
- fileset xlC.rte
Install latest fileset:
To verify...lslpp -l xlC.rte
Example:myhost3:/tmp # lslpp -l xlC.rte Fileset Level State Description ---------------------------------------------------------------------------- Path: /usr/lib/objrepos xlC.rte 10.1.0.3 COMMITTED XL C/C++ Runtime
- Verify LPAR configuration
Verify machine from the IBM POWER processor family.
prtconf | egrep "Processor Type|Processor Clock|Number Of Processors|Good Memory"
Processor Type: PowerPC_POWER7
Number Of Processors: 4
Processor Clock Speed: 3000 MHz
Good Memory Size: 6144 MB
- Verify time and RAM
Verify time stamps for database server and appserver nodes are the same (ntp).
Verify minimum of 2 GB of free RAM for the first appserver instance. Each additional instance requires an additional free 1.5 GB of RAM.
Verify minimum of 1 GB of paging space per processor.
Set virtual memory optimizations (vmo)
- Build files
The following JARs are required for any environment that is connected with MQ for Order processing.
Unlimited strength encryption jars...
...should be copied to...JAVA_HOME/jre/lib/security
Copies of the files can be found in lower life cycle environments.
- Verify Asynchronous I/Olslpp -l bos.iocp.rte Fileset Level State Description ---------------------------------------------------------------------------- Path: /usr/lib/objrepos bos.iocp.rte 188.8.131.52 COMMITTED I/O Completion Ports API Path: /etc/objrepos bos.iocp.rte 184.108.40.206 COMMITTED I/O Completion Ports API
- Required JARs
The following JAR files are required for any application server environment that is connected with MQ for Order processing./opt/isv/WAS70/AppServer/java/jre/lib/security/US_export_policy.jar
- Celerra NFS Filesystems
Is this web server only?
NFS share is always called "wsvr_dctm" and for non-production servers it is hosted on cpemis15.
For production servers, it can be cpemis96/97/98/99 (for high availability).
The filesystem should be mounted on.../opt/hd/wsvr/dctm_nas
To verify...df | grep dctm_nas cpemis97:/wsvr_dctm 82606048 74953424 10% 136110 3% /opt/hd/wsvr/dctm_nas
The NFS mount should be configured to automount. This can be verified in /etc/filesystems:/opt/hd/wsvr/dctm_nas: dev = "/wsvr_dctm" vfs = nfs nodename = cpemis97 mount = true options = bg,soft,intr,sec=sys account = false
- Paging space
1GB page space per processor (4GB total for production)
How to check:myhost3:/tmp # lsps -a Page Space Physical Volume Volume Group Size %Used Active Auto Type Chksum paging02 hdisk18 vg01 1024MB 1 yes yes lv 0 paging01 hdisk18 vg01 1024MB 1 yes yes lv 0 paging00 hdisk18 vg01 1024MB 1 yes yes lv 0 hd6 hdisk0 rootvg 1024MB 1 yes yes lv 0
- Configure backups
For example, Tivoli Storage Manager (TSM) backups should scheduled sometime between midnight and 0400.
The Transmission Control Protocol (TCP) protocol provides a connection-based channel of data between two computers. TCP guarantees that data sent from one end of the connection actually gets to the other end and in the same order it was sent. Otherwise, an error is reported.
The order of the data packets is important for reconstructing at the receving computer, and is tracked carefully.
The User Datagram Protocol (UDP) is not connection-based like TCP. Rather, UDP sends independent packets of data, called datagrams, from one application to another, with no guarantee that the data actually is received.
The order of the data packets is not important. Each message is independent of any other.
Clock servers are typical examples of apps that will use UDP. If the client misses a packet, it doesn't really make sense to resend it because the time will be incorrect when the client receives it on the second try. The reliability of TCP is unnecessary in this instance because it causes performance degradation and may hinder the usefulness of the service.
Another example of a service that doesn't need the guarantee of a reliable channel is the ping command. Ping needs to know about dropped or out-of-order packets to determine how good or bad the connection is. A reliable channel would invalidate this service altogether.
Note that many firewalls and routers have been configured not to allow UDP packets.
ports are used by computers to route traffic to different applications. A web server will run on port 80, Oracle will run on port 1521, WebLogic Server will run on port 7000, etc...
Data transmitted over the Internet is accompanied by addressing information that identifies the computer and the port for which it is destined. The computer is identified by its 32-bit IP address, which IP uses to deliver data to the right computer on the network. Ports are identified by a 16-bit number, which TCP and UDP use to deliver the data to the right application.
Port numbers range from 0 to 65,535. Ports numbered 0 - 1023 are known as well-known ports and are reserved for use by common applications such as HTTP and FTP.
URLsUniform Resource Locators (URLs) are used to located internet resources. URLs can refer to Internet addresses or to URL objects
URLs can be absolute, such as http://www.setgetweb.com/filename.html, or relative, such as ../directory/filename.html.
A URL has two main components:
- Protocol identifier
Name of the protocol to be used to fetch the resource. For examaple, the following uses the HTTP protocol.http://www.setgetweb.com
- Resource name
Complete address to the resource. The format depends on the protocol used, but in general includes one or more of the following components:
Hostname Name of the machine on which the resource lives. Port The port number to which to connect. Typically optional. Filename The pathname to the file on the machine. Reference Reference to a named anchor within a resource that usually identifies a specific location within a file. Typically optional.
- Adaptive Security Algorithm (ASA)
- Firewall: FTP
- Firewall commands - http
- Syslog Messages
- Internet Key Exchange
- Assigning Dynamic Addresses with IKE Mode Config
- IP Addresses
- IP Addresses
- Configuring the Microsoft Exchange Servers
- MS Exchange: Configuring the firewall
- MS Exchange: Configuring the Inside Server
- MS Exchange: Configuring the Outside Server
- MS Exchange: Configuring After Rebooting
- Determining the IP Address of a TFTP Server
- Installing a TFTP Server
- VPN Client
- Extended Authentication (Xauth)
- Firewall commands - aaa-server
- Firewall commands - aaa
- Firewall commands - access-group
- Firewall commands - access-list
- Firewall commands - acctg_service
- Using an Encrypted Tunnel to Obtain Certificates
- Assigning a Fixed Address to a Server
- Acronyms and Abbreviations