Deployment Process Implementation and Operation Overview Administrative Directory Structure and Content The implementation of the deployment process consists of build and configuration files located in what I refer to as an Admin directory. (wsadmin owner) /websvcs-deploy/ /admin/ createWebappDirs.sh /scripts/ appendLib.py regenplugin.jacl restoreShrlib.jacl saveShrlib.jacl setClassLoaderScope.py SyncAllNode.py SyncNode.py /build/ MasterBuild.properties MailLogger.properties .deploy.system.properties controller.xml build.xml inputProp.xml deploy-profile.xml inputEAR.xml inputXML.xml inputLIB.xml inputJSP.xml inputWAR.xml inputDeployPackage.xml utility.xml deploymentRequest.dtd /build/xsl/ SharedXML.xsl SharedLibrary.xsl Property.xsl NotifyList.xsl DeployRequestTransForm.xsl phaseIVInstance.xsl
2 Application.xsl
Administrative Directory Security This directory needs to be readable to the users of the deployment process, but no client information or developer information should be written into these directories. • The SSA team will not need any more than read-only access to these directories. • The “admin” directories should be read-only to everyone other than the WebSphere team. • The WebSphere team will only require write or change access to these files in order to make updates to the files if a new version of the process needs to be deployed.
Deploy Process Execution Security wsadmin.sh execution authority To invoke a wsadmin.sh script without encountering security issues, the deployment process passes a file name as an argument. The file name is .deploy.system.properties. This file name contains the following: com.ibm.SOAP.ConfigURL=file:/websvcs/properties/soap.client.props Passing this file masks the true location of the soap.client.props file to the casual user reviewing the build logs. It also enables wsadmin.sh to lookup the authentication information encrypted in the soap.client.props file and thereby run privileges scripts (basically all the wsadmin.sh scripts executed by wsadmin.sh).
wsadmin properties that needs to be set for each user By default wsadmin.sh tries to write files to /temp. However, if root, or another user has written a file of the same name, then the next user to try to invoke wsadmin.sh will fail because the process won’t be able to write required temporary files. The solution is to setup each user with his/her own wsadmin.properties file. This functionality exists in the shell scripts provided but I’m not completely happy with how it is currently working. It’s easy to resolve the issue, it just needs a little attention. Please see the appendix for listings of the shell scripts and details as to how they setup the wsadmin.properties environment.
Client Instance Directory Structure and Content The second kind of directory structure I refer to as the “client” or “client instance” directory. This includes the shell scripts that invoke the deployment process. 1. processRequest.sh 2. promoteApplication.sh 3. packagePhaseIV.sh 2004, 2005, 2006 Bronze Drum Consulting, Inc. All Rights Reserved. Bronze Drum, DeployAgility and the Bronze Drum and DeployAgility logo are registered trademarksof Bronze Drum Consulting, Inc. ©
3 4. deployPackage.sh /backup /admin /outputEAR /artifact /docs /assembleEAR /log /inputEAR /inputDeployRequest /inputDeployStrategy /inputXML /inputProp /inputLIB /inputJSP /inputDeployPackage /outputDeployPackage /outputPlugin packagePhaseIV.sh processRequest.sh promoteApplication.sh deployPackage.sh
Implementation 1. Jar files: NetComponents.jar needs to be in /opt/WebSphere51/DeploymentManager/lib. It should be owned by root. Note that this jar file needs to have read and execute privileges available to all in order to be used by the build process. 2. In the test environment (wsdmt1) Create a tar file of the directory /webapps/wbsvcsDeploy and name it deployadmin.tar. This tars up the master files associated with the deployment process into one tar. 3. Create a tar file of the directory /webapps/wbsvcswebapp and name it deploy instance.tar 4. Copy these two tar files to the target deployment manager server to the /home/wasadmin directory. For example we will need to deploy the tar files to the Stress Test, QA, and Production deployment manager servers. 5. On the target deployment manager server, if it does not already exist, create a directory called /webapps 6. Copy the DeployAdmin.tar and tar files into the /webapps directory 7. tar –xvf DeployAdmin.tar 8. tar –xvf DeployInstance.tar 9. Now there should be two subdirectories in the /webapps directory /webapps/wbsvcsDeploy /webapps/wbsvcswebapp 2004, 2005, 2006 Bronze Drum Consulting, Inc. All Rights Reserved. Bronze Drum, DeployAgility and the Bronze Drum and DeployAgility logo are registered trademarksof Bronze Drum Consulting, Inc. ©
4 10. For the directory /webapps/wbsvcswebapp change the ownership so that the SSA team and wasadmin user will have read/write access to the subdirectories: inputEAR, inputDeployPackage, backup, inputDeployRequest, inputXML, inputProp, inputLIB 11. Change the name of the ./wbsvcswebapp to upm or to the specific application instance needed by performing a mv wbsvcswebapp upm. The directory name should correspond to a specific application instance and should be all lowercase letters. Examples might include pdfapp, bpsamon, bpsconnect. 12. Repeat steps 8 – 11 until you have created all the application instance directories that you need for the time being.
Application Instance Configuration Each application to be deployed needs to be registered in a file named deployprofile.xml This file uses the display name of the application to uniquely identify the application. And this display name is used by the deployment process to lookup the target servers and nodes for each environment (sandbox, test, qa, production) to which the application needs to be deployed. Below please find an example. This file is located in the Admin directory in the build subdirectory and is named deploy-profile.xml.
<smtp-server sandbox="38.218.181.42" test="38.218.181.42" stresstest="149.83.72.17" quality-assurance="149.83.72.17" production="149.83.114.24" /> <web-server sandbox="" test="149.83.22.82" stress-test="149.83.114.24" quality-assurance="149.83.114.24" production="10.97.96.30" /> <web-server sandbox="" test="" stress-test="" quality-assurance="" production="10.97.96.31" /> <smtp-server sandbox="38.218.181.42" test="38.218.181.42" stresstest="149.83.72.17" quality-assurance="149.83.72.17" production="149.83.114.24" /> <web-server sandbox="" test="149.83.22.82" stress-test="149.83.114.24" quality-assurance="149.83.114.24" production="10.97.96.30" /> <web-server sandbox="" test="" stress-test="" quality-assurance="" production="10.97.96.31" /> 2004, 2005, 2006 Bronze Drum Consulting, Inc. All Rights Reserved. Bronze Drum, DeployAgility and the Bronze Drum and DeployAgility logo are registered trademarksof Bronze Drum Consulting, Inc. ©
5
<smtp-server sandbox="38.218.181.42" test="38.218.181.42" stresstest="149.83.72.17" quality-assurance="149.83.72.17" production="149.83.114.24" /> <web-server sandbox="" test="149.83.22.82" stress-test="149.83.114.24" quality-assurance="149.83.114.24" production="10.97.96.30" /> <web-server sandbox="" test="" stress-test="" quality-assurance="" production="10.97.96.31" /> <smtp-server sandbox="38.218.181.42" test="38.218.181.42" stresstest="149.83.72.17" quality-assurance="149.83.72.17" production="149.83.114.24" /> <web-server sandbox="" test="149.83.22.82" stress-test="149.83.114.24" quality-assurance="149.83.114.24" production="10.97.96.30" /> <web-server sandbox="" test="" stress-test="" quality-assurance="" production="10.97.96.31" />
Prerequisites WebSphere Environment Objects Created
Additional Deployment Setup for Specific Applications 1. 2. 3. 4. 5. 6. 7.
Symbolic links to shared library created on all servers Symbolic links to shared xml created on all servers Symbolic links to properties files create on all servers All MQ Connection factories and Queues created All required datasource, jndi names created DeploymentStrategy.xml created for a specific application deployment profile deploy-profile document updated with the application environment specific deployment targets.
2004, 2005, 2006 Bronze Drum Consulting, Inc. All Rights Reserved. Bronze Drum, DeployAgility and the Bronze Drum and DeployAgility logo are registered trademarksof Bronze Drum Consulting, Inc. ©
6
Name Specifies the name of the installed (or deployed) application. Application names must be unique within a cell and cannot contain characters that are not allowed in object names.
Deployment Process Installation Procedure 1. Zip file
New Customer Setup Privileges 1. Group Privilege 2. Shell script privileges for processRequest.sh and promoteApplication.sh
Uses Cases 1. Shared library, xml, properties with url provider, ear file 2. Install and rollback of all, and install and rollback of a specific declared component
QA 1. 2. 3. 4. 5. 6.
Run deployProcess.sh with the name of the zip package to deploy. Clean all directories. Unzip deployPackage.zip Run deploy script and confirm all QA environment specific behavior Problem determination procedures Can the script me made friendly in terms of calling attention to specific issues?
Production 1. Unzip deployPackage.zip
2004, 2005, 2006 Bronze Drum Consulting, Inc. All Rights Reserved. Bronze Drum, DeployAgility and the Bronze Drum and DeployAgility logo are registered trademarksof Bronze Drum Consulting, Inc. ©
7
Process Overview Application Deployment Profile Each application needs to be listed in the deploy-profile.xml document in the admin directory in the wsdmt1 environment. The deployment process looks up all the target servers for each environment using this profile and it matches the name provided in the deploymentRequest.xml with the name listed in the deploy-profile. Without a correct match the process will not know how or where to deploy an application. Once this information has been compiled the build process creates the deploy.xml file generated from the data in the deploy-profile.xml and the deployRequest.xml by using the xsl style sheets referred to in the build.xml build file. A deploy.xml build file contains calls for completion of all the tasks required to complete the build.
2004, 2005, 2006 Bronze Drum Consulting, Inc. All Rights Reserved. Bronze Drum, DeployAgility and the Bronze Drum and DeployAgility logo are registered trademarksof Bronze Drum Consulting, Inc. ©
8
Implementation Plan 1. Move current version into QA Stress Test environment and test deployment process in QA. 2. Create info record for deploying the code to Stress Test Environment, QA Environment (owner wsadmin)
Procedure to Create Individual application instances (for example, phaseiv, cantrust, bpsamon) 1. For each node confirm the following symbolic links exist. To initially setup a node please run the following scripts in the following order. 2. Create directory /webapp-deploy Untar tar DeployInstance.tar file to /webapp-deploy/${app.name}/ admin/ build/ docs/ log/
Shell Script packageAppFromTemplate.sh This script takes an ear file name, minus the ear file extension, an xml data file, and an xslt stylesheet and g enerates an ant script which calls tasks required to create each of the ear files and deploymentStrategy.xml files.
processRequest.sh This script takes the name of a deployment request xml file as its only argument. The file needs to be located in the inputDeployRequest directory or the file will not be found. The script needs to be run from the /webapps/${appname}/ directory or it will not be able to find the resources it requires to run.
promoteApplication.sh This script looks in the local inputDeployPackage directory, zips all the files together, and then sends out an email indicating the package name and stating that it is ready for deployment to the next environment, such as QA or Production. The script needs to be run from its home directory or it will not be able to find the resources it requires to run.
2004, 2005, 2006 Bronze Drum Consulting, Inc. All Rights Reserved. Bronze Drum, DeployAgility and the Bronze Drum and DeployAgility logo are registered trademarksof Bronze Drum Consulting, Inc. ©
9
Automated Deployment Process Standard Directories Deployment Process Application Symbolic Link: none Physical Location: /websvcs-deploy Differentiated by: not applicable—only one instance per Deployment Manager Example: /websvcs-deploy
Client Instance Deployment Artifacts Symbolic Link: none Physical Location: /webapp-deploy Differentiated by: ${app.name} Example: /webapp-deploy/cantrust, /webapp-deploy/phaseiv
Property Files Symbolic link: /webapp/property-package Physical Location: /opt/WebSphere51/DeploymentManager/config/cells/upmt1Network/property-package Differentiated By: ${package.name} Example entry in DeployRequest.xml: 1. /webapp/property-package/phaseiv 2. /webapp/property-package/cantrust Example physical directories: phaseiv and cantrust, respectively 1. /opt/WebSphere51/DeploymentManager/config/cells/upmt1Network propertypackage /phaseiv 2. /opt/WebSphere51/DeploymentManager/config/cells/upmt1Network/ propertypackage/cantrust
Shared Library Symbolic link: /webapp-resource/shared-library Physical Location: /opt/WebSphere51/DeploymentManager/config/cells/upmt1Network/shared-library Differentiated By: ${app.name}/${package.name} Example entry in DeployRequest.xml: 1. /webapp/shared-library/phaseiv/common 2. /webapp/shared-library/SystemAppShrlib Example physical directories: phaseiv and cantrust, respectively 1. /opt/WebSphere51/DeploymentManager/config/cells/upmt1Network/sharedlibrary/phaseiv/common 2004, 2005, 2006 Bronze Drum Consulting, Inc. All Rights Reserved. Bronze Drum, DeployAgility and the Bronze Drum and DeployAgility logo are registered trademarksof Bronze Drum Consulting, Inc. ©
10 2. /opt/WebSphere51/DeploymentManager/config/cells/upmt1Network/propertybundle/SystemAppShrlib
XML Files—Shared Symbolic link: /webapp-resource/xml-package Physical Location: /opt/WebSphere51/DeploymentManager/config/cells/upmt1Network/xml-package Differentiated By:${app.name}/${package.name} Example entry in DeployRequest.xml: 1. /webapp/xml-package/phaseiv/service 2. /webapp/xml-packagephaseiv/layout Example physical directories 1. /opt/WebSphere51/DeploymentManager/config/cells/upmt1Network/xmlpackage/phaseiv/service 2. /opt/WebSphere51/DeploymentManager/config/cells/upmt1Network/xmlpackage/phaseiv/layout
JSP Files Symbolic link: /webapp-resource/jsp-package Physical Location: /opt/WebSphere51/DeploymentManager/config/cells/upmt1Network/jsp-package Differentiated By: ${package.name} Example entry in DeployRequest.xml: 3. /webapp/jsp-package/tle-package 4. /webapp/jsp-package/yearend-package Example physical directories 3. /opt/WebSphere51/DeploymentManager/config/cells/upmt1Network/jsppackage/tle-package 4. /opt/WebSphere51/DeploymentManager/config/cells/upmt1Network/xmlpackage/yearend-package
Log Files Symbolic link: none Physical Location:/weblogs Differentiated By: ${app.name} Example physical directories 1. /weblogs/${appname1} 2004, 2005, 2006 Bronze Drum Consulting, Inc. All Rights Reserved. Bronze Drum, DeployAgility and the Bronze Drum and DeployAgility logo are registered trademarksof Bronze Drum Consulting, Inc. ©
11 2. /weblogs/${appname2} 3. /weblogs/${appname3} 4. /weblogs/${appname4} Create Symbolic Links Deployment Manager
2004, 2005, 2006 Bronze Drum Consulting, Inc. All Rights Reserved. Bronze Drum, DeployAgility and the Bronze Drum and DeployAgility logo are registered trademarksof Bronze Drum Consulting, Inc. ©