Versions Compared

Old Version 2

changes.mady.by.user author

Saved on

compared with

New Version Current

changes.mady.by.user author

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Install PostgreSQL from yum repository

    Code Block
    yum install -y postgresql postgresql-server

  2. Initialize a new PostgreSQL installation

    Code Block
    postgresql-setup initdb

    By default PostgreSQL server is only accessible via Unix Domain Sockets or loopback IP interface (127.0.0.1) to the local users, the users are authenticated by the operating system, i.e. the OS user postgres can connect as PostreSQL user postgres without any additional authentication from the PostgreSQL server side. To allow PgAdmin4 and FIXICC H2 to work we need to enable access via a network

    To enable network access to PostgreSQL server edit file /var/lib/pgsql/data/pg_hba.conf and add the following lines:

    Code Block
    host    all     all     0.0.0.0/0       md5

    
host    all     all     ::0/0           md5

    It allows all users to connect from any host via TCP or SSL socket using hashed passwords.

    Remove lines that enable ident connection to localhost:

    Code Block
    # IPv4 local connections:

    
host    all             all             127.0.0.1/32         ident

    
# IPv6 local connections:

    
host    all             all             ::1/128            
     ident
      ident

    To enable listening of all network interfaces edit file /var/lib/pgsql/data/postgresql.conf , replace line:

    Code Block
    # listen_addresses = 'localhost'

    with

    Code Block
    listen_addresses = '*'

  3. Enable auto-start and start postgresql server (check service status)

    Code Block
    systemctl enable --now postgresql

    
systemctl status postgresql

FIXICC-H2 installation and configuration

  1. Install dependencies

    Code Block
    yum install -y java-1.8.0-openjdk

  2. Download latest package from https://clientspace.b2bits.com/product-58 (fixicc-h2-*.el7.x86_64.rpm)

  3. Install rpm package fixicc-h2-*.el7.x86_64.rpm

    Code Block
    rpm -i fixicc-h2-*.el7.x86_64.rpm

  4. Login into postgres server

    Code Block
    sudo -u postgres psql

  5. Create a user and a database for FIXICC H2 in postgresql

    Code Block
    CREATE USER fixicch2 WITH CREATEDB PASSWORD 'fixicch2';

    
CREATE DATABASE fixicch2;

    
GRANT ALL PRIVILEGES ON DATABASE fixicch2 TO fixicch2;

  6. Exit psql console

    Code Block
    postgres=# \q

  7. Generate keystore for FIXICC-H2

    Code Block
    keytool -genkey -noprompt -alias jetty -keyalg RSA -dname 'CN=admin, OU=EPM-BFIX, O=EPAM Systems, L=Unknown, S=Unknown, C=Unknown' -keystore /etc/fixicc-h2/keystore.jks -storepass fixicch2 -keypass fixicch2

    
chown fixicc-h2:fixicc-h2 /etc/fixicc-h2/keystore.jks

  8. Edit /etc/fixicc-h2/local.app.properties and set properties as follows

    Code Block
    cuba.rest.anonymousEnabled = true

    
cuba.anonymousLogin = anonymous
    

cuba.dbmsType = postgres

    
cuba.dataSourceProvider = application

    
cuba.dataSource.username = fixicch2

    
cuba.dataSource.password = fixicch2

    
cuba.dataSource.dbName = fixicch2

    
cuba.dataSource.host = 127.0.0.1

    
cuba.dataSource.port = 5432
    

fixicch2.fixServerType = all

    
fixicch2.consulEnabled=false

    
fixicch2.secure_http_port = 8443

    
fixicch2.key_store_path = keystore.jks

    
fixicch2.trust_store_path = keystore.jks

  9. Edit /usr/lib/systemd/system/fixicc-h2.service as follows (NOTE: there is a version number in the file path, please specify the current version of FIXICCH2, e.g. 23Q1)

    Code Block
    [Unit]

    
Description=FIXICC-H2

    
After=syslog.target network.target

    
 

    
[Service]

    
Type=simple

    
User=fixicc-h2

    
Group=fixicc-h2

    
SuccessExitStatus=143

    
Environment=FIXICC_H2_KEY_STORE_PASSWORD=fixicch2 FIXICC_H2_KEY_MANAGER_PASSWORD=fixicch2 FIXICC_H2_TRUST_STORE_PASSWORD=fixicch2

    
ExecStart=/bin/bash -c '/usr/bin/java -Dapp.home=/etc/fixicc-h2/ -Dfixicch2.secure_http_port=8443 -Dfixicch2.key_store_path=/etc/fixicc-h2/keystore.jks -Dfixicch2.trust_store_path=/etc/fixicc-h2/keystore.jks -jar /usr/lib64/fixicc-h2/22H1/app.jar'

    
ExecReload=/bin/kill -HUP $MAINPID

    
 

    
[Install]

    
WantedBy=multi-user.target

  10. Enable auto-start and start FIXICC-H2 server (check service status)

    Code Block
    systemctl enable --now fixicc-h2

    
systemctl status fixicc-h2

  11. FIXICC-H2 UI should be available on https://server_ip:8443/app/

...

FIXEdge installation and configuration

  1. Install dependencies

    Code Block
    yum install -y libtool-ltdl
Note

NOTE for RHEL systems!

  1. check whether /usr/lib64/libnsl.so.1 exists on your system (create symlink if needed `ln -s /usr/lib64/libnsl.so.2 /usr/lib64/libnsl.so.1`)

  1. Download latest package from https://clientspace.b2bits.com/product-30 (fixedge-*.el7.x86_64.rpm)

  2. Install rpm package fixedge-*.el7.x86_64.rpm

    Code Block
    rpm -i fixedge-*.el7.x86_64.rpm

  3. Copy your engine.license file into /etc/fixedge/ directory

    Code Block
    cp ./engine.license /etc/fixedge/

  4. Add below config at the end of /etc/fixedge/FIXEdge.properties

    Code Block
    # FIXICC-H2 Integration

    
AdminRESTAPI.Enabled = true

    
AdminRESTAPI.Port = 8903

    
AdminRESTAPI.HTTPSServer.PrivateKey = AdminRESTAPI.key

    
AdminRESTAPI.HTTPSServer.Certificate = AdminRESTAPI.crt
    

Components.Service.FIXICCH2 = configuration-service

    
Components.Service.FIXICCH2.Host = 127.0.0.1

    
Components.Service.FIXICCH2.Port = 8443

    
Components.Service.FIXICCH2.SSL = true

    
Components.Service.FIXICCH2.SSL.CertificateAuthority = /etc/fixedge/fixicc-h2.crt

    
Components.Service.FIXICCH2.ReconnectInterval = 1000

    
Components.Component.Configuration = FIXICCH2

  5. Extract fixicc-h2 certificate

    Code Block
    keytool -export -alias jetty -file /etc/fixicc-h2/fixicc-h2.der -keystore /etc/fixicc-h2/keystore.jks -storepass fixicch2 -keypass fixicch2

    
openssl x509 -inform der -in /etc/fixicc-h2/fixicc-h2.der -out /etc/fixicc-h2/fixicc-h2.crt

    
cp /etc/fixicc-h2/fixicc-h2.crt /etc/fixedge/fixicc-h2.crt

    
chown fixedge:fixedge /etc/fixedge/fixicc-h2.crt

  6. Enable auto-start and start FIXEdge server (check service status)

    Code Block
    systemctl enable --now fixedge

    
systemctl status fixedge

  7. After startup fixedge server navigate to "Show all servers" and you will see "Misbehaving" status for the FIXEdge1 server. Press on "Edit" button and provide the parameters like below, Then, press "OK":

...

  1. Download latest package from https://clientspace.b2bits.com/product-36 (fixeye-agent-*.el7.x86_64.rpm)

  2. Install rpm package fixeye-agent-*.el7.x86_64.rpm

    Code Block
    rpm -i fixeye-agent-*.el7.x86_64.rpm

  3. Copy your fixeye-agent.license file into /etc/fixeye/ directory

    Code Block
    cp ./fixeye-agent.license /etc/fixeye/

  4. Edit /etc/fixeye/fixeye-agent.config as follows

    Code Block
    -rest-port 8882 -rest-pkey "/etc/fixeye/AdminRESTAPI.key" -rest-cert "/etc/fixeye/AdminRESTAPI.crt" --propfile "/etc/fixeye/fixeye-agent.properties" -f "/var/lib/fixedge/*.in" "/var/lib/fixedge/*.out" --pidfile "/var/log/fixeye/fixeye-agent.pid" -licfile "/etc/fixeye/fixeye-agent.license"

  5. Copy RESTAPI certificate for fixeye

    Code Block
    cp /etc/fixedge/AdminRESTAPI.crt /etc/fixeye/AdminRESTAPI.crt

    
cp /etc/fixedge/AdminRESTAPI.key /etc/fixeye/AdminRESTAPI.key

    
chown fixeye:fixeye /etc/fixeye/AdminRESTAPI.crt

    
chown fixeye:fixeye /etc/fixeye/AdminRESTAPI.key

  6. Add fixeye user to the fixedge group

    Code Block
    usermod -a -G fixedge fixeye

  7. Enable auto-start and start fixeye-agent server (check service status)

    Code Block
    systemctl enable --now fixeye-agent

    
systemctl start fixeye-agent