Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Lotus Sametime 8.5: Using the new Sametime System Console
1. IBM® Lotus® Sametime® System Console
- The New Browser-based Dashboard for Managing your
Sametime® Infrastructure
Michael Herring, Development Lead, Sametime System Console
Bhavuk Srivastava, Senior Software Engineer
2. Agenda
● Introduction
● Experience the platform
● Deep Dive
● Lets see it Live
● Tips and Tricks
2
3. IBM® Lotus® Sametime® 8.5: Introduction
A key goal of the 8.5 release is to improve the deployment and administration
experience for Sametime products
– Sametime System Console (SSC): Centralized deployment coordination and
administration for Sametime product line.
IP Sametime
Domino®
Presence/
Network IM
VP Sametime
Presence, Chat Legacy
Sametime Connect Alerts, Invites, Legacy Meeting Meetings
Client Content
Sametime
HTTP New Meetings
WebSphere®
Presence, Chat, Alerts, Invites, LDAP
New Meetings content/media Sametime
Browser Client
Media
Server
SIP DB2®
Federated Presence/Chat, Sametime
A/V Control signalling Proxy
Mobile Client RTP
Sametime
A/V Media
Gateway
Sametime
Custom App Client System Console
3
4. Lotus® Sametime® 8.5 System Console
Centralized configuration and policy management
Sametime
Gateway
Sametime
Proxy
Server
Sametime
Media
Sametime Sametime
Presence/IM Meetings
4
5. Core Capabilities
• Manage Prerequisites.
– System console manages all needed info for prerequisite components.
– No more install/reinstall of DB2 (for example) for each separate offering.
• Centralize Configuration.
– Setup & testing of things like LDAP centralized in a single location, instead of
various wizards in different installers.
• Facilitate Deployment Planning.
– Mechanism to plan the Sametime server deployment
– Installation of server nodes is simpler, as the shared configuration already
exists. Server installers are “headless”, and need no input from user.
• Single Point of Action for Administration Tasks
– Example: Policy is managed from a single place; is easily made inclusive of all
product line components policy needs.
5
6. Agenda
● Introduction
● Experience the platform
● Deep Dive
● Lets see it Live
● Tips and Tricks
6
7. WebSphere® Application Server
● Application Server - Supports and hosts user applications. Runs on only
one node, can support many application servers.
● Node - Logical group of server-managed processes that share a common
configuration repository.
● Cell - Grouping of nodes into a single administrative domain, all nodes are
administered from a deployment manager server.
● Deployment Manager – Allows the administration of multiple nodes from
one centralized location.
● Node Agent - W orks with the deployment manager to perform
administrative activities on the node.
7
8. WebSphere® Application Server
● Cluster -A group of servers that are used for the same purpose and are
identified by a single host name.
▬ Horizontal Cluster - Cluster members are on multiple nodes in a cell.
▬ Vertical Cluster - Cluster members are on the same node in a cell.
● Federation – Process by which a node becomes part of a cell
▬ A node agent server is created on the node to manage the WebSphere
Application Server environment on that node.
● Integrated Solutions Console
▬ Provides a single, common interface for system administration.
▬ Provides the main platform on which IBM and non-IBM products can build
administrative user interfaces as individual plug-ins to a common console
framework.
8
10. Cell Profile
● Creates a Deployment Manager Profile and a federated Application
Server Profile
● Internally, 2 profiles are created
Deployment Manager profile
Application Server profile
● The Application Server is federated to the cell of the Deployment
Manager.
● Deployment Manager and Application Server reside on the same
system.
10
11. IBM® Rational® Installation Manager - IM
● Eclipse run-time based program to manage entire life-cycle of
product packages
▬ Installation
▬ Updates
▬ Roll Back
▬ Modification
▬ Uninstall
11
12. Agenda
● Introduction
● Experience the platform
● Deep Dive
● Lets see it Live
● Tips and Tricks
12
13. System Console Server
● Built on J2EE technology
● Extension to IBM® Integrated Solutions Console
● Built purely on open standards
▬ XML
▬ HTTP/HTTPs – For some administrative communication
▬ SOAP for all admin related functions
▬ JDBC for all database operations
▬ JNDI for all LDAP requests
13
14. Architecture Illustrated
MEETINGS
PROXY
COMMUNITY
LDAP Community
SSC
MEDIA Registration
Utility
System Console Server
SSC Admin
Deployment Manager
REST/JMX
SSC Portlets
JMX(MBean)
SSC Application Server
REST API (HTTP)
JDBC
DB2
14
15. General Concepts - LDAP
Sametime Community is defined by its directory
● Directory choice - LDAP (Domino®, IDS, SunOne, ActiveDirectory, Novell, ADAM)
➢ Same directory configuration
● Synchronized LDAP configuration between System Console and Sametime server
● Supports multiple federated repositories
● All servers work from common view of directory and share information in that context
➢ Same search filters, login attributes
15
17. General Concepts - Database
● Aims to provide a single view of
database planning and management.
● Sametime deployment information
storage
● Provides validation of the datasource
being used for products.
● Auto registration of System Console
database.
17
18. General Concepts - Deployment
● Deployment framework is the heart of the System Console application server
● Provides the capabilities of planning and building the Sametime deployment
● Built on schema based deployment description templates and extensible design model.
● Makes the installation of server nodes simpler, as the shared configuration already exists.
● Supports both Domino® and WebSphere® based product
● for e.g. Sametime server, New Meetings server
● Performs validation on deployment object (product servers, LDAP, etc)
● Handles the product server's and pre-requisites relationship and inter-dependencies.
18
19. Deployment Framework
Service Layer APIs
Deployment Product Deployment Product Deployment Product
(Meetings) (Media) (Community)
System Console Server Run Time
Engine
XML
Documents
19
20. General Concepts - Clustering
● Sametime System Console provides a user friendly Clustering tool
● Step by step Guided Activity to cluster WebSphere® Application Servers
● Performs validation prior to creating the cluster
● Domino clusters are registered manually using Post Install Registration utilities.
● SSC Deployment Manager can be used as the DM for any Sametime product
● Can be shared between multiple products. (One DM for all Sametime servers)
● Product dedicated Deployment Managers can also be used
● All tasks including federation are driven from the System Console browser
● No switching back and forth between servers to build the Cell
20
21. Plan and Build- Guided Activities
Guided Activities- The Basics
Guided Activities (GA's) are used to collect information about customer's
environment that is used to install and configure products
• Provides cross product validation to reduce occurrences of post-install
configuration issues
• Guided activities validate most required input before install time
− Disk space, paths etc are validated by installer
• Allows for less user input, since information already known by SSC is not asked
for in detail (LDAP settings, etc), reducing human error
21
22. Plan and Build
Planning starts from the System Console using the Guided Activities
Set up Pre-requisites (LDAP, DB2®)
Plan Sametime Installations
Run Installation Manager to install the product
• Connect to System Console to retrieve Deployment Plan
Once a product is installed, the System Console can administer the product
remotely
Some products require other products to be installed prior to planning the
installation
Example: Sametime Proxy requires Sametime Community to be installed
22
23. Plan and Build
Pilot Deployment
Small deployments used to test features
• Use 'Cell Profile' selection in Guided Activity to install
− This was what most beta customers did
− Cell Profile may be used to expand to a cluster later
Clustered Deployment
Multi-System deployments used for failover and load balancing
• Vertical clusters contain many servers on a single node (the 'Primary Node')
• Horizontal clusters contain one server on each node in the cluster
− Most common cluster topology
23
24. Plan and Build
Building a Cluster
Plan and Install the Product Nodes
Use the System Console Clustering Guided Activity to federate nodes, create the
Cluster, and add additional Cluster Members
System Console will provide step by step guide to create a complete cluster
Deployment which will be administered using SSC.
24
26. General Concepts – Product Registration
● Set of command line tools/utilities for registering products into SSC
● Powerful and useful stuff for administrators.
➢ Product can be registered after an upgrade to 8.5
➢ Product can be registered if it was installed without using a Guided Activity.
● A product server must be registered with the SSC in order for it to be administered.
● All 8.5 product installers lay down these utilities
● Can be found in <product install root>/console directory
● Only 8.5 products can be administered from SSC
26
27. Stand-alone Server Registration and Unregistration
WebSphere® Based products
● registerProduct.bat/sh
To register stand-alone product servers (Meetings, Proxy, Gateway, Media) with SSC.
● unregisterWASProduct.bat/sh
To unregister product server from SSC
Domino® Based products
● registerSTServerNode.bat/sh
To register Community server with SSC.
● unregisterProductNode.bat/sh
To unregister Community server from SSC.
27
28. Cluster Registration and Unregistration
WebSphere® Based products
● registerProduct.bat/sh
To register a product cluster with SSC
● removeWASClusterRegistration.bat/sh
To remove registration of product cluster from SSC
Domino® Based Product
● registerSTCluster.bat/sh
To register Community/Domino server cluster with SSC.
● removeClusterRegistration.bat/sh
To remove Community/Domino cluster from SSC
28
29. General Concepts - Policy
● 8.5 has introduced an enhanced user policy model for all products
● Any product that is administered by the SSC has the same user policy in effect
● Model is based on weights- the document with the highest number that is applied to the
user or his/her groups is the policy that is applied to that user (no inheritance model)
● Tools available to look up a user's policy by product
● Policy information is stored in the SSC database
➢ Meetings accesses this information directly from the database
➢ Community server keeps a cache and updates periodically from SSC
➢ Proxy and Media Manager use Community for Policy info
29
30. General Concepts - Administration
Provides a consolidated administration interface for all Sametime products
Provides secure communication between products and System Console using a common
framework model
One interface to administer Policies for all Sametime products
New weights-based model allows administrators to easily set Policy ordering
Easy view of all policies that apply to users and groups
Policy interface is dynamically generated based on policy templates
30
33. Agenda
● Introduction
● Experience the platform
● Deep Dive
● Lets see it Live
● Tips and Tricks
33
34. Agenda
● Introduction
● Experience the platform
● Deep Dive
● Lets see it Live
● Tips and Tricks
34
35. Tips and Tricks
● While creating plan for a product or installing the product, make sure all the
servers should be reachable from each other.
▬ Add hosts entries in all servers if not present in DNS.
● While creating databases, make sure same database is not shared between two
products.
● While getting plan from SSC from installer, if the connection is too slow, you
may have to increase the time-out period.
▬ Create an environment variable ST_SSC_CONNECT_TIMEOUT=60/120
(Time in secs)
● Do not include "=" signs in Deployment name in productConfig.properties
required for registration.
● LDAP details need to be entered it productConfig.properties file while
registering Gateway server
35
36. Tips and Tricks - contd.
● To change an existing LDAP for a product Server(e.g. Sametime Meetings)
▬ Add a new LDAP with SSC, and manually configure with meeting server
● To register Secondary Node using registration utilities, DB and LDAP host
entries should be entered manually before registrations
● How to install IBM Lotus Sametime Community Server on pure IPv6 machine.
▬ For pure IPV6 environment
▬ Through installer install Community Sever without SSC.
▬ Later register this server with SSC using utility.
▬ For mixed environment (IPv4 and IPv6) look at the document here:
▬ https://idoc2.swg.usma.ibm.com/sametime/index.jsp?topic=/
com.ibm.help.sametime.v85.doc/install/
inst_config_chat_ipv6_deployplan.html
36
37. Troubleshooting
● All error messages get logged to the SystemOut.log on the SSC dmgr and
STConsoleServer, occasionally the nodeAgent.
● Location for SSC server logs
▬ ISC Portlets - Client side logs
▬ <WAS_INSTALL_ROOT>profilesSTSCDMgrProfilelogsdmgr
▬ SSC Server – Server side logs
▬ <WAS_INSTALL_ROOT>profilesSTSCAppProfilelogsSTConsoleServer
● Location for SSC client registration utility
▬ <Product_Install_Location>consolelogs
▬ e.g. C:WebSphereSTServerCellconsolelogs
● For any issues related to authenticaiton/security,
▬ check deployment manager logs
37
38. Troubleshooting - contd.
● The most common problem is that the servers are not started properly.
SSC is a cell profile- this means it has a dmgr, a node agent, and an
application server, all 3 need to be running for proper functionality.
▬ startManager.bat(sh)
▬ startNode.bat(sh)
▬ startServer.bat(sh) STConsoleServer
● Make sure there is no clock skew between servers.
▬ Possible error security tokens no longer valid.
● Creating more than one plan for community server on single machine
is invalid.
▬ SSC will not validate Domino credentials in this scenario
38
39. Troubleshooting - contd.
● All SSC errors start with 'AIDSC' followed by a 4 digit number
▬ e.g. 'AIDSC1234E'. Look for these errors first when debugging SSC errors
● LDAP known issues
▬ saMAccountName attribute for Active Directory should not be used - enter
uid instead, it will map accordingly to this attribute.
▬ Admin name used for WebSphere should not match a username in the
LDAP
39
40. Troubleshooting - contd.
● Troubleshooting Federation
▬ Federation adds the nodes into the dmgr's cell. Most issues with clustering
in 8.5 are around federation.
▬ Before federation there is some validation in the Guided Activity to prevent
users from running into problems (clock sync issues, etc.)
▬ Debug as a normal WAS addNode command
▬ check addNode.log, on the nodes in logs directory
▬ Check for product technotes for all known issues that we may have skipped
here...
40
41. Troubleshooting - contd.
● Troubleshooting other Clustering issues
▬ Ensure that all nodes have been synchronized before restarting the node
agents.
▬ Occasionally the deployment manager will have to be restarted in the
middle of the clustering guided activity,
▬ Guided Activity will tell you when it is appropriate to do so.
▬ You can pick up where you left off by using the 'Modify Existing
Cluster' option.
▬ All Clustering Guided Activity actions will log to the deployment manager's
SystemOut.log.
▬ The Clustering GA will print error messages to the browser for the most
common user errors
▬ (clock sync issues, node not started, etc)
41
42. Troubleshooting - contd.
● Policy Issues
▬ Use the tool in SSC to check which policy is applied to a user
▬ If policies are not in effect for Community users, check that it is configured
to use SSC in the sametime.ini
▬ POLICY_DB_BB_IMPL=com.ibm.sametime.policy.databasebb.xml.DbXmlBl
ackBox
▬ (all one line)
▬ If settings change was recent, community server will refresh after 1 hour, or
you can restart the community server and it will refresh its cache upon
startup
42
43. Troubleshooting - contd.
● Installation issues
▬ It is always good to use shorter install path names as WAS allows only 80
characters for the profile path name
▬ Make sure that the LDAP/DB2® hostnames are reachable from the product
machines during installation
▬ Sometimes it is required to use authenticated access for LDAP. Even
though validation passes, when installing WAS is not able to retrieve all
attribute values.
▬ Make sure that the DB2® user id which is being used during install has
admin rights
▬ Before starting uninstall , stop all the servers.
43
44. Troubleshooting - contd.
● Installation issues
▬ When installing multiple products on same machine ,only Cell profile types
can co-exist.
▬ System Console & Meetings databases are mutually exclusive.
▬ Do not use System Console database for attaching into the meetings
Server deployment plan.
▬ For AD LDAP, way to consume the "samAccountName" attribute within
WAS is by specifying "uid" (a VMM property) during LDAP plan creation/IM
installation as WAS already has a internal map of the uid property to
samAccountName
▬ Short host names should be 11 characters or less when planning
installations from the Guided Activities in the 8.5 release (bug will be fixed
in the next release)
44
45. Firewalls and Ports
● The System Console Server needs access through the following ports for the
following servers
▬ Meetings, Gateway, Media, Proxy
▬ SOAP port (default 8880)
● AboutThisProfile.txt SOAP connector port value
▬ Meetings needs access to SSC db (default port 50000 on windows)
▬ Community
▬ Community HTTP or HTTPs (default 80 and 443)
▬ Community needs access to SSC HTTP or HTTPS (default 9080 and
9443)
● Installation Utilities need access to SSC
▬ SSC HTTP or HTTPs (default 9080 or 9443)
● DB2® port (default 50000 on windows)
● LDAP (default 389 or 636)
45