FIXICC H2: Deployment Guide
- 1 Environment requirements
- 1.1 Hardware
- 1.2 Software
- 1.3 Supported Database Options
- 1.3.1 Configuration Examples
- 1.3.1.1 1. PostgreSQL
- 1.3.1.2 2. HSQLDB
- 1.3.1.3 3. MSSQL
- 1.3.1 Configuration Examples
- 2 Pre-configuration
- 2.1 Consul configuration
- 2.1.1 FIXICC H2 without Consul
- 2.1.1.1 FIXICC H2 configuration
- 2.1.1.1.1 local.app.properties
- 2.1.1.2 FIXEdge Java configuration
- 2.1.1.2.1 fixedge.properties
- 2.1.1.3 FIXEdge C++ configuration
- 2.1.1.3.1 FIXEdge.properties
- 2.1.1.4 FIXEye Agent configuration
- 2.1.1.1 FIXICC H2 configuration
- 2.1.1 FIXICC H2 without Consul
- 2.2 FIXICC H2 settings
- 2.2.1.1 local.app.properties
- 2.2.2 Logging configuration
- 2.2.2.1 logback.xml
- 2.3 HTTPS support
- 2.4 Start application
- 2.4.1 Changing FIXICC H2 port
- 2.5 FIX Log Viewer Settings
- 2.6 How to Configure and Use LDAP for FIXICC H2
- 2.1 Consul configuration
Environment requirements
Hardware
A physical or virtual server with:
2 core CPU
2Gb RAM
40G storage
Software
FIXICC H2 machine:
RHEL 7 / RHEL 8
OpenJDK 1.8
(Optional since FIXICC H2 23Q1 release) Consul agent in client mode
FIXEdge Cpp/Java machine:
(Optional since FIXICC H2 23Q1 release) Consul agent in client mode
On the network:
Database:
1 user with DDL privileges to run the database migration or run normal FIXICC H2 operation
1 user without DDL privileges to run normal FIXICC H2 operation
(Optional since FIXICC H2 23Q1 release) Consul cluster - can be deployed on the same machines as FIXEdge Cpp/Java or FIXICC H2
Client workstations:
Chrome browser
Supported Database Options
FIXICC H2 supports the following databases:
PostgreSQL
HSQLDB (since FIXICC H2 23Q1)
MSSQL (since FIXICC H2 1.2.0)
You can select the database type by setting the cuba.dbmsType and the fixicch2.db property in your local.app.properties file.
Configuration Examples
1. PostgreSQL
cuba.dbmsType=postgres
cuba.dataSourceProvider=application
cuba.dataSource.username=fixicch2
cuba.dataSource.password=fixicch2
cuba.dataSource.dbName=fixicch2
cuba.dataSource.host=127.0.0.1
cuba.dataSource.port=5432
cuba.automaticDatabaseUpdate=true
fixicch2.db=postgresEnsure the user and database exist in PostgreSQL and have the necessary privileges.
2. HSQLDB
cuba.dbmsType=hsql
cuba.dataSourceProvider=application
cuba.dataSource.username=sa
cuba.dataSource.password=
cuba.dataSource.dbName=fixicch2
cuba.dataSource.jdbcUrl=jdbc:hsqldb:file:/etc/fixicc-h2/hsqldb/fixicch2;sql.syntax_pgs=true
cuba.dataSource.connectionParams=;sql.syntax_pgs=true
cuba.dataSource.host=127.0.0.1
cuba.dataSource.port=54321
cuba.automaticDatabaseUpdate=true
fixicch2.db=hsqldbHSQLDB is typically used for development or evaluation. No password is required for the default
sauser.
3. MSSQL
cuba.dbmsType=mssql
cuba.dataSourceProvider=application
cuba.dataSource.username=cuba
cuba.dataSource.password=cuba
cuba.dataSource.dbName=fixicch2
cuba.dataSource.host=127.0.0.1
cuba.dataSource.port=1433
cuba.dataSource.connectionParams=;encrypt=false;trustServerCertificate=false
cuba.automaticDatabaseUpdate=true
fixicch2.db=mssqlMake sure the MSSQL server is accessible and the user has the required permissions.
Pre-configuration
Before you start working with the FIXICC H2, install and configure the FIX Engine and Consul application.
Consul configuration
To find the Consul installation instructions, please follow the link.
For non-production use, you can run the Consul in developer mode with the command:
consul agent -devFor production use - please follow the link.
To configure the encrypted connection from FIXICC H2 to the Consul on the Consul side, please follow the link.
FIXICC H2 without Consul
The ability to use FIXICC H2 without Consul is available since FIXICC H2 23Q1 release.
FIXICC H2 configuration
The fixicch2.consulEnabled property must be set to 'false' in the local.app.properties configuration file.
Example:
local.app.properties
###############################################################################
# Other #
###############################################################################
cuba.rest.anonymousEnabled=true
cuba.anonymousLogin=anonymous
cuba.dbmsType = postgres
cuba.dataSourceProvider = application
cuba.dataSource.username = cuba
cuba.dataSource.password = cuba
cuba.dataSource.dbName = fixicch2
cuba.dataSource.host = localhost
cuba.dataSource.port = 5432
fixicch2.fixServerType = all
fixicch2.prometheus.host = localhost
fixicch2.consulEnabled=falseThe following actions must be performed to connect to FIXEdge Java or FIXEdge C++ and FIXEye-Agent:
Run FIXICC H2 and log in.
Navigate to the Configuration → Show all servers in the left navigation menu. The Servers page will be opened.
Click the Add button. The Server editor page will be opened.
Enter Server Name, Type, IP, Admin Port and FIX Port for the Server and IP and Port for FIXEye Agent. Click the OK button.
Admin Port for FIXEdge Java server is set to '9010', and FIX Port is set to '8911' by default.
Admin Port for FIXEdge C++ server is set to '8903', and FIX Port is set to '8901' by default.
Port for FIXEye Agent is usually set to '8882'.
FIXEdge Java configuration
The following properties must be defined in the fixedge.properties file:
fixedge.properties
service.discovery.enabled=false
server.useFixicch2ConfigManager=true
fixicch2.enable=true
# Fixicch2 REST API to load fix session and schedules configs and to subscribe on session and schedules changes
fixicch2.url=<fixicc_h2_url>FIXEdge C++ configuration
The following properties must be defined in the FIXEdge.properties file:
FIXEdge.properties
Components.Service.FIXICCH2 = configuration-service
Components.Service.FIXICCH2.Host = <host>
Components.Service.FIXICCH2.Port = 8080
Components.Service.FIXICCH2.ReconnectInterval = <some_interval>
Components.Service.FIXICCH2.HeartBeatIntervalS = <optional, otherwise default 30 seconds: the interval at which FIXICC H2 expects to receive heartbeat messages from FIXEdge C++. Set this value to '0' to disable heartbeats.>
Components.Component.Configuration = FIXICCH2FIXEye Agent configuration
The Consul.Enabled property must be set to 'false' in the fixeye-agent.properties file:
Consul.Enabled = falseFIXICC H2 settings
You should choose a directory on your workstation for FIXICC H2 files.
The FIXICC H2 instance is in the app.jar file. To complete the configuration, please create a local.app.properties file.
You can place the app.jar file for the FIXICC H2 application and local.app.properties (FIXICC H2 properties file) in the same directory, or store them separately.
Before you start your work, please set the database type for data storage.
The FIXICC H2 is compatible with PostgreSQL databases.
Please configure the FIXICC H2 according to the instance of the local.app.properties in your FIXICC H2 package, and set the following properties:
Name | Mandatory | Example value | Default Value | Description |
|---|---|---|---|---|
cuba.dbmsType | Y | postgres | - | The property defines the type of the RDBMS. |
cuba.dataSourceProvider | Y | application | - | The property defines the data source. |
cuba.dataSource.username | Y | CUBA | - | The property defines the username for the database. Possible values: string |
cuba.dataSource.password | Y | cuba | - | The property defines the password for the database. Possible values: string |
cuba.dataSource.dbName | Y | PTGSDB | - | The property defines the name of the database. Possible values: string |
cuba.dataSource.host | Y | 10.68.21.182 | - | The property defines the host for the database. Possible values: string |
cuba.dataSource.port | Y | 1521 | - | The property defines the port for the database. Possible values: string |
fixicch2.consul.encrypted_connection | N | true | false | The property defines whether HTTPS will be used or not. Possible values: true | false |
fixicch2.consul.port | N | 8501 | 8500 | The property defines the port for Consul. Possible values: string |
fixicch2.fixServerType | N | FIXEdge CPP | all | The property defines the type of server to work with. Possible values: FIXEdge CPP | FIXEdge Java | any other value means both types of the server |
fixicch2.consulEnabled | N | true | true | The property is available since FIXICC H2 23Q1 release. The property defines whether FIXICC H2 connection to Consul will be enabled or not. Possible values: true | false |
fixicch2.prometheus.host | N | localhost | - | The property defines the host for Prometheus. Possible values: string |
fixicch2.prometheus.port | N | 9090 | 9090 | The property defines the port for Prometheus. Possible values: string |
fixicch2.prometheus.pollInterval | N | 5 | 5 | The property defines the time interval between requests to Prometheus. Possible values: int |
fixicch2.metrics.support.fe | N | false | false | The property defines whether live counters for the FIXEdge C++ server will be shown or not. Possible values: true | false |
fixicch2.metrics.support.fej | N | true | true | The property defines whether live counters for the FIXEdge Java server will be shown or not. Possible values: true | false |
fixicch2.unknownServer.autoRegistration | N | true | true | The property defines whether auto-adding of the server configuration will be enabled. Possible values: true | false |
Configuration example:
local.app.properties
cuba.dbmsType = postgres
cuba.dataSourceProvider = application
cuba.dataSource.username = C##CUBA
cuba.dataSource.password =cuba
cuba.dataSource.dbName = PTGSDB
cuba.dataSource.host = 10.68.21.182
cuba.dataSource.port =1521
fixicch2.consul.encrypted_connection =true
fixicch2.consul.port =8501
fixicch2.consul.insecure_connection_enabled =false
fixicch2.fixServerType = FIXEdge CPP
fixicch2.prometheus.port = localhost
fixicch2.prometheus.port = 9090
fixicch2.prometheus.pollInterval = 5
fixicch2.metrics.support.fe = false
fixicch2.metrics.support.fej = true
fixicch2.unknownServer.autoRegistration = trueThe following optional properties can also be configurated on the Application Properties page via FIXICC H2:
Name | Example value | Default Value | Description |
|---|---|---|---|
fixicch2.fixServerType | FIXEdge CPP | all | The property defines the type of server to work with. Possible values: FIXEdge CPP | FIXEdge Java | any other value means both types of the server |
fixicch2.maxTimeToWaitServerStatusUpdate | 8 | 10 | The property defines the max time slot in minutes to update the server status from the Consul. If there were no events during the specified period, the Consul sends the response. Possible values: int < 10 |
fixicch2.metricsUpdatePeriod | 4 | 1 | The property defines the period of time in seconds for requesting metrics from the FIXEdge server. Possible values: int |
fixicch2.mode | production | production | The property defines the instance of FIXICC H2. Possible values: string |
fixicch2.notificationTimeZone | UTC | UTC | The property defines the time zone to display the correct time of notifications. Possible values: string |
fixicch2.pauseToReconnect | 2000 | 2000 | The property defines the pause between reconnection attempts. Possible values: int |
fixicch2.prometheus.host | localhost | - | The property defines the host for Prometheus. Possible values: string |
fixicch2.prometheus.port | 9090 | 9090 | The property defines the port for Prometheus. Possible values: string |
fixicch2.prometheus.pollInterval | 5 | 5 | The property defines the time interval between requests to Prometheus. Possible values: int |
fixicch2.metrics.support.fe | false | false | The property defines whether live counters for the FIXEdge C++ server will be shown or not. Possible values: true | false |
fixicch2.metrics.support.fej | true | true | The property defines whether live counters for the FIXEdge Java server will be shown or not. Possible values: true | false |
fixicch2.unknownServer.autoRegistration | true | true | The property defines whether auto-adding of the server configuration will be enabled. Possible values: true | false |
If parameters from the table above were configured in the local.app.properties file, values from the file would be applied despite values being changed through the Application Properties page.
Logging configuration
To configure the logging level for the FIXICC H2 application, please create the logback.xml file and put it in the directory where the local.app.properties file is stored.
The logback.xml file is not mandatory.
For additional information please refer to the link.
Example:
logback.xml
<?xml version="1.0" encoding="UTF-8"?>
<configuration debug="false" packagingData="true">
<property name="logDir" value="${app.home}/logs"/>
<appender name="File" class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>${logDir}/app.log</file>
<filter class="ch.qos.logback.classic.filter.ThresholdFilter">
<level>INFO</level>
</filter>
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<!-- daily rollover -->
<fileNamePattern>${logDir}/app.%d{yyyy-MM-dd}.log</fileNamePattern>
<!-- keep 30 days' worth of history -->
<maxHistory>5</maxHistory>
<cleanHistoryOnStart>true</cleanHistoryOnStart>
</rollingPolicy>
<encoder>
<pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} %-5level [%thread%X{cubaApp}%X{cubaUser}] %logger - %msg%n</pattern>
</encoder>
</appender>
<root>
<appender-ref ref="File"/>
</root>
<!-- Begin CUBA -->
<logger name="com.haulmont.cuba" level="INFO"/>
<logger name="com.haulmont.cuba.core.sys" level="INFO"/>
<logger name="com.haulmont.cuba.core.sys.CubaDefaultListableBeanFactory" level="WARN"/>
<logger name="com.haulmont.cuba.core.app.scheduling" level="INFO"/>
<logger name="com.haulmont.cuba.web.sys" level="INFO"/>
<logger name="com.haulmont.cuba.portal" level="INFO"/>
<logger name="com.haulmont.restapi.sys" level="INFO"/>
<logger name="com.haulmont.cuba.core.app.LockManager" level="INFO"/>
<!-- End CUBA -->
<logger name="eclipselink" level="WARN"/>
<logger name="eclipselink.sql" level="INFO"/>
<logger name="org.springframework" level="WARN"/>
<logger name="com.vaadin" level="WARN"/>
<logger name="org.atmosphere" level="WARN"/>
<logger name="org.activiti" level="INFO"/>
<logger name="org.jgroups" level="INFO"/>
<logger name="freemarker" level="INFO"/>
<logger name="org.thymeleaf.TemplateEngine" level="INFO"/>
<logger name="com.zaxxer.hikari" level="INFO"/>
<logger name="org.docx4j" level="WARN"/>
<logger name="org.xlsx4j" level="WARN"/>
<logger name="org.apache.fop.apps.FOUserAgent" level="WARN"/>
<logger name="org.hibernate" level="WARN"/>
<logger name="sun" level="INFO"/>
<logger name="com.sun" level="INFO"/>
<logger name="javax" level="INFO"/>
<logger name="org.apache" level="INFO"/>
<logger name="org.eclipse.jetty" level="INFO"/>
<logger name="org.docx4j.utils.ResourceUtils" level="ERROR"/>
<logger name="org.docx4j.Docx4jProperties" level="ERROR"/>
<logger name="org.xlsx4j.jaxb.Context" level="ERROR"/>
<logger name="org.docx4j.utils.XSLTUtils" level="ERROR"/>
<logger name="org.docx4j.jaxb.JaxbValidationEventHandler" level="ERROR"/>
<logger name="org.docx4j.TraversalUtil" level="ERROR"/>
<logger name="org.docx4j.fonts" level="ERROR"/>
<!-- Begin Perf4J -->
<appender name="PerfStatFile" class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>${logDir}/perfstat.log</file>
<append>true</append>
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<fileNamePattern>${logDir}/perfstat.%d{yyyy-MM-dd}.log</fileNamePattern>
<maxHistory>5</maxHistory>
<cleanHistoryOnStart>true</cleanHistoryOnStart>
</rollingPolicy>
<encoder>
<pattern>%msg%n</pattern>
</encoder>
</appender>
<appender name="CoalescingStatistics" class="org.perf4j.logback.AsyncCoalescingStatisticsAppender">
<param name="TimeSlice" value="60000"/>
<appender-ref ref="PerfStatFile"/>
</appender>
<appender name="UIPerfStatFile" class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>${logDir}/perfstat-ui.log</file>
<append>true</append>
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<fileNamePattern>${logDir}/perfstat-ui.%d{yyyy-MM-dd}.log</fileNamePattern>
<maxHistory>5</maxHistory>
<cleanHistoryOnStart>true</cleanHistoryOnStart>
</rollingPolicy>
<encoder>
<pattern>%msg%n</pattern>
</encoder>
</appender>
<appender name="UICoalescingStatistics" class="org.perf4j.logback.AsyncCoalescingStatisticsAppender">
<param name="TimeSlice" value="120000"/>
<appender-ref ref="UIPerfStatFile"/>
</appender>
<logger name="org.perf4j.TimingLogger" additivity="false" level="INFO">
<appender-ref ref="CoalescingStatistics"/>
</logger>
<logger name="com.haulmont.cuba.gui.logging.UIPerformanceLogger" additivity="false" level="INFO">
<appender-ref ref="UICoalescingStatistics"/>
</logger>
<!-- End Perf4J -->
</configuration>HTTPS support
To run FIXICC H2 with HTTPS support you need to provide it with a key store and trust store in JKS format. For production installations, you need to create JKS from the certificate and private key provided by a trusted certificate authority.
For testing purposes, you can generate a self-signed certificate by yourself.
keytool -genkey
-noprompt
-alias jetty
-keyalg RSA
-dname 'CN=admin, OU=EPM-BFIX, O=EPAM Systems, L=Unknown, S=Unknown, C=Unknown'
-keystore keystore.jks
-storepass fixicch2
-keypass fixicch2Note here the name of the file (keystore.jks) and passwords (fixicch2).
To run FIXICC H2 with HTTPS enabled, you need to provide the following parameters:
Name | Example value | Where | Description |
|---|---|---|---|
FIXICC_H2_KEY_STORE_PASSWORD | fixicch2 | Environment variable | The property defines the key store password in plain text. Possible values: string |
FIXICC_H2_KEY_MANAGER_PASSWORD | fixicch2 | Environment variable | The property defines the key manager password in plain text. Possible values: string |
FIXICC_H2_TRUST_STORE_PASSWORD | fixicch2 | Environment variable | The property defines the trust store password in plain text. Possible values: string |
Add the following section to your jetty.xml file:
<Call name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.ServerConnector">
<Arg name="server">
<Ref refid="Server"/>
</Arg>
<Arg>
<New class="org.eclipse.jetty.util.ssl.SslContextFactory$Server">
<Set name="keyStorePath">keystore.jks</Set>
<Set name="keyStorePassword"><Env name="FIXICC_H2_KEY_STORE_PASSWORD"/></Set>
<Set name="keyManagerPassword"><Env name="FIXICC_H2_KEY_MANAGER_PASSWORD"/></Set>
<Set name="trustStorePath">keystore.jks</Set>
<Set name="trustStorePassword"><Env name="FIXICC_H2_TRUST_STORE_PASSWORD"/></Set>
</New>
</Arg>
<Set name="port">8443</Set>
</New>
</Arg>
</Call>For more information please refer to the Jetty Documentation page (keyStorePath , keyStorePassword , keyManagerPassword , trustStorePath , and trustStorePassword properties).
For example, to start FIXICC H2 with the keys generated as above run the following command:
export FIXICC_H2_KEY_STORE_PASSWORD=fixicch2
export FIXICC_H2_KEY_MANAGER_PASSWORD=fixicch2
export FIXICC_H2_TRUST_STORE_PASSWORD=fixicch2
java -Dapp.home=/opt/fixicch2-home
-Dlog.dir=/var/log/fixicc-h2
-jar /opt/fixicch2/app.jar -jettyConfPath /opt/fixicch2-home/jetty.xmlWe strongly recommend configuring all connections (FIXICC H2 ↔ Engine, FIXICC H2 ↔ Consul, FIXICC H2 ↔ FIXEye Agent) via HTTPS.
Start application
Create the following jetty.xml file in the directory with the local.app.properties file:
<Configure id="Server" class="org.eclipse.jetty.server.Server">
<Call name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.ServerConnector">
<Arg name="server">
<Ref refid="Server"/>
</Arg>
<Set name="port">8080</Set>
</New>
</Arg>
</Call>
</Configure>Start the FIXICC H2 from the command line with the following command:
java -Dapp.home=/opt/fixicch2-home -Dlog.dir=/var/log/fixicc-h2 -jar /opt/fixicch2/app.jar -jettyConfPath /opt/fixicch2-home/jetty.xmlThis will start FIXICC H2 on port 8080, you can access it by browsing http://fixicc-h2-machine:8080/app.
Where:
"/opt/fixicch2-home" is the directory with the local.app.properties file, you should type the full path for the file.
"/opt/fixicch2/" is the directory with the app.jar file, you should type the full path for the file.
“/var/log/fixicc-h2” is the directory where logs folder with FIXICC H2 logs will be created.
Changing FIXICC H2 port
To run FIXICC H2 on another HTTP port you need to change port name in jetty.xml, e.g. to run FIXICC H2 on port 9090, you should update set the following property:
<Set name="port">9090</Set>FIX Log Viewer Settings
To configure the search in the FIX logs:
Deploy FIXEye Agent (version 2.3.0 or higher) by following instruction.
How to Configure and Use LDAP for FIXICC H2
Please refer to the LDAP Github page for more information.
Precondition: Configure your directory server before enabling the LDAP FIXICC H2 add-on.
1. Configure LDAP plugin and Connection in FIXICC H2 configuration file local.app.properties
Fill in the following mandatory parameters (values are samples and must be replaced):
ldap.contextSourceUrl=ldap://adhost-or-ip:389 ldap.contextSourceUserName=cn=ldapuser,cn=Users,dc=fixicch2,dc=local ldap.contextSourceBase=cn=Users,dc=fixicch2,dc=local ldap.contextSourcePassword=password ldap.addonEnabled=trueSave changes and start/restart FIXICC H2 application
Check yourself
If the plugin is enabled in local.app.properties then in FIXICC H2 UI in the left navigation panel under the Administration section you should see the LDAP navigation tree: