JS7 JobScheduler

Space shortcuts

Page tree

Versions Compared

Old Version 67

changes.mady.by.user Andreas Püschel

Saved on

compared with

New Version 68

changes.mady.by.user Andreas Püschel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
titleController Installer Script: js7_install_controller.sh
Usage: js7_install_controller.sh [Options] [Switches]

  Installation Options:
    --home=<directory>                  | required: directory to which the Controller will be be installed
    --data=<directory>                  | optional: directory for Controller data files, default:  <home>/var
    --config=<directory>                | optional: directory from which the Controller reads configuration files, default: <data>/config
    --logs=<directory>                  | optional: directory to which the Controller writes log files, default: <data>/logs
    --user=<account>                    | optional: user account for Controller daemon, default: $USER
    --home-owner=<account[:group]>      | optional: account and optionally group owning the home directory, requires root or sudo permissions
    --data-owner=<account[:group]>      | optional: account and optionally group owning the data directory, requires root or sudo permissions
    --controller-id=<identifier>        | optional: Controller ID, default: controller
    --release=<release-number>          | optional: release number such as 2.2.3 for download if --tarball is not used
    --tarball=<tar-gz-archive>          | optional: the path to a .tar.gz archive that holds the Controller installation or patch tarball
                                        |           if not specified the Controller tarball will be downloaded from the SOS web site
    --patch=<issue-key>                 | optional: identifies a patch from a Change Management issue key
    --patch-jar=<jar-file>              | optional: the path to a .jar file that holds the patch
    --license-key=<key-file>            | optional: specifies the path to a license key file to be installed
    --license-bin=<binary-file>         | optional: specifies the path to the js7-license.jar binary file for licensed code to be installed
                                        |           if not specified the file will be downloaded from the SOS web site
    --http-port=<port>                  | optional: specifies the http port the Controller will be operated for, default: 4444
                                                    port can be prefixed by network interface, e.g. localhost:4444
    --https-port=<port>                 | optional: specifies the https port the Controller will be operated for
                                                    port can be prefixed by network interface, e.g. batch.example.com:4444
    --pid-file-dir=<directory>          | optional: directory to which the Controller writes its PID file, default: <data>/logs
    --pid-file-name=<file-name>         | optional: file name used by the Controller to write its PID file, default: controller.pid
    --instance-script=<file>            | optional: path to the Instance Start Script that will be copied to the Controller, default <home>/bin/<instance-script>
    --backup-dir=<directory>            | optional: backup directory for existing Controller home directory
    --log-dir=<directory>               | optional: log directory for log output of this script
    --exec-start=<command>              | optional: specifies the command to start the Controller, e.g. 'StartService'
    --exec-stop=<command>               | optional: specifies the command to stop the Controller, e.g. 'StopService'
    --return-values=<file>              | optional: specifies a file that receives return values such as the path to a log file

  Configuration Options:
    --deploy-dir=<directory>            | optional: deployment directory from which configuration files are copied to the Controller
    --controller-conf=<file>            | optional: path to a configuration file that will be copied to <config>/controller.conf
    --private-conf=<file>               | optional: path to a configuration file that will be copied to <config>/private/private.conf
    --controller-primary-cert=<file>    | optional: path to Primary/Standalone Controller certificate file
    --controller-secondary-cert=<file>  | optional: path to Secondary Controller certificate file
    --controller-primary-subject=<id>   | optional: subject of Primary Controller certificate
    --controller-secondary-subject=<id> | optional: subject of Secondary Controller certificate
    --joc-primary-cert=<file>           | optional: path to Primary/Standalone JOC Cockpit certificate file
    --joc-secondary-cert=<file>         | optional: path to Secondary JOC Cockpit certificate file
    --joc-primary-keystoresubject=<file><id>          | optional: subject of Primary/Standalone JOC Cockpit certificate
 | optional: path to a PKCS12 keystore file that  --joc-secondary-subject=<id>        | optional: subject of Secondary JOC Cockpit certificate
    --keystore=<file>                   | optional: path to a PKCS12 keystore file that will be copied to <config>/private/
    --keystore-password=<password>      | optional: password for access to keystore
    --keystore-alias=<alias>            | optional: alias name for keystore entry
    --client-keystore=<file>            | optional: path to a PKCS12 client keystore file that will be copied to <config>/private/
    --client-keystore-password=<pass>   | optional: password for access to the client keystore
    --client-keystore-alias=<alias>     | optional: alias name for client keystore entry
    --truststore=<file>                 | optional: path to a PKCS12 truststore file that will be copied to <config>/private/
    --truststore-password=<password>    | optional: password for access to truststore
    --java-home=<directory>             | optional: Java Home directory for use with the Instance Start Script
    --java-options=<options>            | optional: Java Options for use with the Instance Start Script 
    --service-dir=<directory>           | optional: systemd service directory, default: /usr/lib/systemd/system
    --service-file=<file>               | optional: path to a systemd service file that will be copied to <home>/bin/
    --service-name=<identifier>         | optional: name of the systemd service to be created, default js7_controller_<controller-id>

   Switches:
    -h | --help                         | displays usage
    --force-sudo                        | forces use of sudo for operations on directories
    --active                            | makes Controller instance the default active node in a Controller Cluster
    --standby                           | makes Controller instance the default standby node in a Controller Cluster
    --no-install                        | skips Controller installation, performs configuration updates only
    --uninstall                         | uninstalls Controller
    --service-selinux                   | use SELinux version of systemd service file
    --show-logs                         | shows log output of the script
    --make-dirs                         | creates the specified directories if they do not exist
    --make-service                      | creates the systemd service for the Controller
    --move-libs                         | moves an existing Controller's lib directory instead of removing the directory
    --remove-journal                    | removes an existing Controller's state directory that holds the journal
    --restart                           | stops a running Controller and starts the Controller after installation
    --abort                             | aborts a running Controller if used with the --restart switch
    --kill                              | kills a running Controller if used with the --restart switch

...

  • --deploy-dir
    • Specifies the path to a deployment directory that holds configuration files and sub-directories that will be copied to the <config> directory. A deployment directory allows to manage central copies of configuration files such as controller.conf, private.conf, log4j2.xml etc.
    • Use of a deployment directory has lower precedence as files can be overwritten by individual options such as --controller-conf, --private-conf etc.
  • --controller-conf
    • Specifies the path to a configuration file for global JS7 - Controller Configuration Items. The file will be copied to the <config>/controller.conf file.
    • Any file name can be used as a value of this option, however, the target file name controller.conf will be used.
  • --private-conf
    • Specifies the path to a configuration file for private JS7 - Controller Configuration Items. The file will be copied to the <config>/private/private.conf file.
    • Any file name can be used as a value of this option, however, the target file name private.conf will be used.
    • Users have a choice how to provide the required configuration:
  • --controller-primary-cert
    • Specifies the path to to the SSL/TLS certificate of the Primary Controller Instance. The Controller Installation Script extracts the distinguished name from the given certificate and adds it to the Controller's private.conf file to allow HTTPS connections from the pairing Controller in a cluster using mutual authentication without the need for passwords.
    • This option is used alternatively to --controller-primary-subject.
  • --controller-secondary-cert
    • Corresponds to the --controller-primary-cert setting and is used for the Secondary Controller Instance.
    • This option is used alternatively to --controller-secondary-subject.
  • --controller-primary-subject
    • Specifies the subject (distinguished name) of the SSL/TLS certificate of the Primary Controller Instance. The Controller Installation Script adds the distinguished name to the Controller's private.conf file to allow HTTPS connections from the pairing Controller in a cluster using mutual authentication without the need for passwords.
    • A certificate's subject can be extracted for example using the command: openssl x509 -in controller.crt -noout -nameopt RFC2253 -subject
    • This option is used alternatively to --controller-primary-cert.
  • --controller-secondary-subject
    • Corresponds to the --controller-primary-subject setting and is used for the Secondary Controller Instance.
    • This option is used alternatively to --controller-secondary-cert.
  • --joc-primary-cert
    • Specifies the subject (distinguished name) of the SSL/TLS certificate of the Primary Controller /Standalone JOC Cockpit Instance. The Controller Installation Script extracts adds the distinguished name from the given certificate and adds it to the Controller's private.conf file to allow HTTPS connections from the pairing Controller in a cluster JOC Cockpit instance using mutual authentication without the need for passwords.
    • A certificate's subject can be extracted for example using the command: openssl x509 -in joc.crt -noout -nameopt RFC2253 -subject
    • This option is used alternatively to --joc-primary-subject.
  • --controllerjoc-secondary-cert
    • Corresponds to the --controllerjoc-primary-cert setting and is used for the Secondary Controller InstanceJOC Cockpit Instance.
    • This option is used alternatively to --joc-secondary-subject.
  • --joc-primary-certsubject
    • Specifies the path to the SSL/TLS certificate of the Primary/Standalone JOC Cockpit Instance. The Controller Installation Script extracts the distinguished name from the given certificate and adds it to the Controller's private.conf file to allow HTTPS connections from the JOC Cockpit instance using mutual authentication without the need for passwords.
    • This option is used alternatively to --joc-primary-cert.
  • --joc-secondary-certsubject
    • Corresponds to the --joc-primary-cert setting subject setting and is used for the Secondary JOC Cockpit Instance.
    • This option is used alternatively to --joc-secondary-cert.
  • --keystore
    • Specifies the path to a PKCS12 keystore file that holds the private key and certificate for HTTPS connections to the Controller.
    • Users are free to specify any file name, typically the name https-keystore.p12 is used. The keystore file will be copied to the <config>/private directory.
    • If a keystore file is made available then the Controller's <config>/private/private.conf file has to hold a reference to the keystore location and optionally the keystore password. It is therefore recommended to use the --private-conf option to deploy an individual private.conf file that holds settings related to a keystore.
    • For automating the creation of keystores see JS7 - How to add SSL TLS Certificates to Keystore and Truststore.
  • --keystore-password
    • Specifies the password for access to the keystore. Use of a keystore password is required.
    • Consider use of quotes when specifying the password.
  • --keystore-alias
    • If a keystore holds more than one private key, for example if separate pairs of private keys/certificates for server authentication and client authentication exist, then it is not determined which private key/certificate will be used. The alias name of a given private key/certificate is specified when the entry is added to the keystore. The alias name allows to indicate a specific private key/certificate to be used.
  • --client-keystore
    • Use of this setting is optional. It can be used if separate certificates for Server Authentication and Client Authentication are used.
    • The Client Authentication private key and certificate can be added to a client keystore. The location and configuration of a client keystore correspond to the--keystore option.
  • --client-keystore-password
    • Specifies the password for access to the client keystore. Use of a client keystore password is required if a client keystore is used.
    • Consider explanations for the --keystore-password option.
  • --client-keystore-alias
    • If a client keystore holds more than one private key, for example if a number of private keys/certificates for client authentication exist, then it is not determined which private key/certificate will be used.
    • Consider explanations for the --keystore-alias option.
  • --truststore
    • Specifies the path to a PKCS12 truststore file that holds the certificate(s) for HTTPS connections to the Controller using mutual authentication .
    • Users are free to specify any file name, typically the name https-truststore.p12 is used. The truststore file will be copied to the <config>/private directory.
    • If a truststore file is made available then the Controller's <config>/private/private.conf file has to hold a reference to the truststore location and optionally the truststore password. It is therefore recommended to use the --private-conf option to deploy an individual private.conf file that holds settings related to a truststore.
    • For automating the creation of truststores see JS7 - How to add SSL TLS Certificates to Keystore and Truststore.
  • --truststore-password
    • Specifies the password for access to the truststore. Use of a password is recommended as it is not primarily intended to protect access to the truststore. The password is intended to allow verification that truststore entries have been added using the same password.
    • Consider use of quotes when specifying the password.
  • --java-home
    • Specifies the Java home directory that will be made available to the Controller from the JAVA_HOME environment variable specified with the Controller Instance Start Script typically available from ./bin/controller_instance.sh.
  • --java-options
    • Specifies the Java options that will be made available to the Controller from the JAVA_OPTIONS environment variable specified with the Controller Instance Start Script typically available from ./bin/controller_instance.sh.
    • Java options can be used for example to specify Java heap space settings for the Ccontroller.
    • If more than one Java option is used then the value has to be quoted, for example --java-options="-Xms256m -Xmx512m".
  • --service-dir
    • Specifies the systemd service directory to which the Controller's service file will be copied if the --make-service switch is used.
    • By default the /usr/lib/systemd/system directory will be used. Users can specify an alternative location.
  • --service-file
    • Specifies the path to a systemd service file that is copied to the Controller's <home>/bin directory.
    • Users are free to choose any file name as a template for the service file. The resulting service file name will be controller.service.
    • The Controller Installation Script will not perform replacements in the service file to update paths etc., for details see ./bin/controller.service-example.
  • --service-name
    • Specifies the name of the systemd service that will be created if the --make-service switch is used.
    • By default the service name js7_controller will be used.

...

...