/
FE C++ and FIXICC H2 without Consul

FE C++ and FIXICC H2 without Consul

Owned by author
Last updated: Aug 21, 2024
4 min read

PostgreSQL installation and configuration

NOTE!

  • in case you already have postgres setup in your network, you can skip this part

  • installation should be performed under the root user.

  1. Install PostgreSQL from yum repository

    yum install -y postgresql postgresql-server

  2. Initialize a new PostgreSQL installation

    postgresql-setup initdb

    By default PostgreSQL server is only accessible via Unix Domain Sockets or loopback IP interface (127.0.0.1) to the local users, the users are authenticated by the operating system, i.e. the OS user postgres can connect as PostreSQL user postgres without any additional authentication from the PostgreSQL server side. To allow PgAdmin4 and FIXICC H2 to work we need to enable access via a network

    To enable network access to PostgreSQL server edit file /var/lib/pgsql/data/pg_hba.conf and add the following lines:

    host    all     all     0.0.0.0/0       md5 host    all     all     ::0/0           md5

    It allows all users to connect from any host via TCP or SSL socket using hashed passwords.

    Remove lines that enable ident connection to localhost:

    # IPv4 local connections: host    all             all             127.0.0.1/32         ident # IPv6 local connections: host    all             all             ::1/128              ident

    To enable listening of all network interfaces edit file /var/lib/pgsql/data/postgresql.conf , replace line:

    # listen_addresses = 'localhost'

    with

    listen_addresses = '*'

  3. Enable auto-start and start postgresql server (check service status)

    systemctl enable --now postgresql systemctl status postgresql

FIXICC-H2 installation and configuration

  1. Install dependencies

    yum install -y java-1.8.0-openjdk

  2. Download latest package from https://clientspace.b2bits.com/product-58 (fixicc-h2-*.el7.x86_64.rpm)

  3. Install rpm package fixicc-h2-*.el7.x86_64.rpm

    rpm -i fixicc-h2-*.el7.x86_64.rpm

  4. Login into postgres server

    sudo -u postgres psql

  5. Create a user and a database for FIXICC H2 in postgresql

    CREATE USER fixicch2 WITH CREATEDB PASSWORD 'fixicch2'; CREATE DATABASE fixicch2; GRANT ALL PRIVILEGES ON DATABASE fixicch2 TO fixicch2;

  6. Exit psql console

    postgres=# \q

  7. Generate keystore for FIXICC-H2

    keytool -genkey -noprompt -alias jetty -keyalg RSA -dname 'CN=admin, OU=EPM-BFIX, O=EPAM Systems, L=Unknown, S=Unknown, C=Unknown' -keystore /etc/fixicc-h2/keystore.jks -storepass fixicch2 -keypass fixicch2 chown fixicc-h2:fixicc-h2 /etc/fixicc-h2/keystore.jks

  8. Edit /etc/fixicc-h2/local.app.properties and set properties as follows

    cuba.rest.anonymousEnabled = true cuba.anonymousLogin = anonymous cuba.dbmsType = postgres cuba.dataSourceProvider = application cuba.dataSource.username = fixicch2 cuba.dataSource.password = fixicch2 cuba.dataSource.dbName = fixicch2 cuba.dataSource.host = 127.0.0.1 cuba.dataSource.port = 5432 fixicch2.fixServerType = all fixicch2.consulEnabled=false fixicch2.secure_http_port = 8443 fixicch2.key_store_path = keystore.jks fixicch2.trust_store_path = keystore.jks

  9. Edit /usr/lib/systemd/system/fixicc-h2.service as follows (NOTE: there is a version number in the file path, please specify the current version of FIXICCH2, e.g. 23Q1)

    [Unit] Description=FIXICC-H2 After=syslog.target network.target   [Service] Type=simple User=fixicc-h2 Group=fixicc-h2 SuccessExitStatus=143 Environment=FIXICC_H2_KEY_STORE_PASSWORD=fixicch2 FIXICC_H2_KEY_MANAGER_PASSWORD=fixicch2 FIXICC_H2_TRUST_STORE_PASSWORD=fixicch2 ExecStart=/bin/bash -c '/usr/bin/java -Dapp.home=/etc/fixicc-h2/ -Dfixicch2.secure_http_port=8443 -Dfixicch2.key_store_path=/etc/fixicc-h2/keystore.jks -Dfixicch2.trust_store_path=/etc/fixicc-h2/keystore.jks -jar /usr/lib64/fixicc-h2/22H1/app.jar' ExecReload=/bin/kill -HUP $MAINPID   [Install] WantedBy=multi-user.target

  10. Enable auto-start and start FIXICC-H2 server (check service status)

    systemctl enable --now fixicc-h2 systemctl status fixicc-h2

  11. FIXICC-H2 UI should be available on https://server_ip:8443/app/

Default user:password is admin:admin

FIXEdge installation and configuration

  1. Install dependencies

    yum install -y libtool-ltdl

NOTE for RHEL systems!

  1. check whether /usr/lib64/libnsl.so.1 exists on your system (create symlink if needed `ln -s /usr/lib64/libnsl.so.2 /usr/lib64/libnsl.so.1`)

  1. Download latest package from https://clientspace.b2bits.com/product-30 (fixedge-*.el7.x86_64.rpm)

  2. Install rpm package fixedge-*.el7.x86_64.rpm

    rpm -i fixedge-*.el7.x86_64.rpm

  3. Copy your engine.license file into /etc/fixedge/ directory

    cp ./engine.license /etc/fixedge/

  4. Add below config at the end of /etc/fixedge/FIXEdge.properties

    # FIXICC-H2 Integration AdminRESTAPI.Enabled = true AdminRESTAPI.Port = 8903 AdminRESTAPI.HTTPSServer.PrivateKey = AdminRESTAPI.key AdminRESTAPI.HTTPSServer.Certificate = AdminRESTAPI.crt Components.Service.FIXICCH2 = configuration-service Components.Service.FIXICCH2.Host = 127.0.0.1 Components.Service.FIXICCH2.Port = 8443 Components.Service.FIXICCH2.SSL = true Components.Service.FIXICCH2.SSL.CertificateAuthority = /etc/fixedge/fixicc-h2.crt Components.Service.FIXICCH2.ReconnectInterval = 1000 Components.Component.Configuration = FIXICCH2

  5. Extract fixicc-h2 certificate

    keytool -export -alias jetty -file /etc/fixicc-h2/fixicc-h2.der -keystore /etc/fixicc-h2/keystore.jks -storepass fixicch2 -keypass fixicch2 openssl x509 -inform der -in /etc/fixicc-h2/fixicc-h2.der -out /etc/fixicc-h2/fixicc-h2.crt cp /etc/fixicc-h2/fixicc-h2.crt /etc/fixedge/fixicc-h2.crt chown fixedge:fixedge /etc/fixedge/fixicc-h2.crt

  6. Enable auto-start and start FIXEdge server (check service status)

    systemctl enable --now fixedge systemctl status fixedge

  7. After startup fixedge server navigate to "Show all servers" and you will see "Misbehaving" status for the FIXEdge1 server. Press on "Edit" button and provide the parameters like below, Then, press "OK":

image-20240820-115336.png

FIXEye Agent installation and configuration

FIXEye Agent installation instruction mentioned below is not applicable for RHEL systems.

  1. Download latest package from https://clientspace.b2bits.com/product-36 (fixeye-agent-*.el7.x86_64.rpm)

  2. Install rpm package fixeye-agent-*.el7.x86_64.rpm

    rpm -i fixeye-agent-*.el7.x86_64.rpm

  3. Copy your fixeye-agent.license file into /etc/fixeye/ directory

    cp ./fixeye-agent.license /etc/fixeye/

  4. Edit /etc/fixeye/fixeye-agent.config as follows

    -rest-port 8882 -rest-pkey "/etc/fixeye/AdminRESTAPI.key" -rest-cert "/etc/fixeye/AdminRESTAPI.crt" --propfile "/etc/fixeye/fixeye-agent.properties" -f "/var/lib/fixedge/*.in" "/var/lib/fixedge/*.out" --pidfile "/var/log/fixeye/fixeye-agent.pid" -licfile "/etc/fixeye/fixeye-agent.license"

  5. Copy RESTAPI certificate for fixeye

    cp /etc/fixedge/AdminRESTAPI.crt /etc/fixeye/AdminRESTAPI.crt cp /etc/fixedge/AdminRESTAPI.key /etc/fixeye/AdminRESTAPI.key chown fixeye:fixeye /etc/fixeye/AdminRESTAPI.crt chown fixeye:fixeye /etc/fixeye/AdminRESTAPI.key

  6. Add fixeye user to the fixedge group

    usermod -a -G fixedge fixeye

  7. Enable auto-start and start fixeye-agent server (check service status)

    systemctl enable --now fixeye-agent systemctl start fixeye-agent

     

 

Related content