Centos 8 Portal Server manual install
Prepare your system
Install Centos 8 minimal server.
Disable SELinux in /etc/selinux/config
Network & System Tuning
Open ports 443 and 80 on firewall:
firewall-cmd --zone=public --add-service=http
firewall-cmd --zone=public --add-service=https
firewall-cmd --zone=public --permanent --add-service=http
firewall-cmd --zone=public --permanent --add-service=https
firewall-cmd --reload
In /etc/sysctl.conf add:
# TCP/IP Tuning
# =============
fs.file-max = 524288
net.ipv4.tcp_max_syn_backlog = 2048
net.ipv4.tcp_synack_retries = 3
net.ipv4.tcp_max_orphans = 65536
net.ipv4.tcp_fin_timeout = 30
net.ipv4.ip_local_port_range = 16384 60999
net.core.somaxconn = 256
net.core.rmem_max = 1048576
net.core.wmem_max = 1048576
in /etc/security/limits.conf add:
# TCP/IP Tuning
# =============
* soft nproc 262140
* hard nproc 262140
* soft nofile 262140
* hard nofile 262140
root soft nproc 262140
root hard nproc 262140
root soft nofile 262140
root hard nofile 262140
Reboot system and check with ulimit -n : The output should be 262140
Install dependencies
Install SQLite
sudo yum update
yum install sqlite
Install haveged
yum -y install epel-release
yum repolist
yum install haveged
Other tools
yum install unzip
yum install tar
Install JDKs (As root)
Download OpenJDK 11 and 8 (TODO: URLs) and then:
cd /opt/OpenJDK
tar xzvf openjdk-11.0.1_linux-x64_bin.tar.gz
update-alternatives --install "/usr/bin/java" "java" "/opt/OpenJDK/jdk-11.0.1/bin/java" 1
update-alternatives --install "/usr/bin/javac" "javac" "/opt/OpenJDK/jdk-11.0.1/bin/javac" 1
update-alternatives --install "/usr/bin/keytool" "keytool" "/opt/OpenJDK/jdk-11.0.1/bin/keytool" 1
update-alternatives --install "/usr/bin/jar" "jar" "/opt/OpenJDK/jdk-11.0.1/bin/jar" 1
update-alternatives --set "java" "/opt/OpenJDK/jdk-11.0.1/bin/java"
update-alternatives --set "javac" "/opt/OpenJDK/jdk-11.0.1/bin/javac"
update-alternatives --set "keytool" "/opt/OpenJDK/jdk-11.0.1/bin/keytool"
update-alternatives --set "jar" "/opt/OpenJDK/jdk-11.0.1/bin/jar"
tar xzvf openjdk-8u41-b04-linux-x64-14_jan_2020.tar.gz
Java installation validation steps
java -version
openjdk version "11.0.1" 2018-10-16/
opt/OpenJDK/java-se-8u41-ri/bin/java -version
openjdk version "1.8.0_41"
Install Real Load
Create the DKFQS account
sudo adduser -m dkfqs
su - dkfqs
cd /home/dkfqs
mkdir portal
cd /home/dkfqs/portal
mkdir backup bin config db htdocs jks log scripts usersLib usersData
Copy various files into place
cp /opt/install_sw/Common/*.jar /home/dkfqs/portal/bin/
cp /opt/install_sw/V4.2.11/PortalServer/bin/DKFQS.jar /home/dkfqs/portal/bin/
cp /opt/install_sw/V4.2.11/PortalServer/config/* /home/dkfqs/portal/config/
Copy the htdocs.jar file to the htdocs directory /home/dkfqs/portal/htdocs
Navigate to /home/dkfqs/portal/htdocs and un-jar the file:
jar -xvf htdocs.jar
rm htdocs.jar (and delete the jar)
rm -R META-INF (delete the META-INF directory)
Create SQLite DBs
Copy the following files to the db directory /home/dkfqs/portal/db
- CreateNewAdminDB.sql
- CreateNewOperationsDB.sql
- CreateNewUsersDB.sql
Login with the dkfqs account, navigate to /home/dkfqs/portal/db and create the Admin, Operations and the Users DB:
sqlite3 AdminAccounts.db < CreateNewAdminDB.sql
sqlite3 Operations.db < CreateNewOperationsDB.sql
sqlite3 Users.db < CreateNewUsersDB.sql
Allow privileged port binding
Allow un-privileged accounts to bind to privileged ports (80, 443)
sysctl net.ipv4.ip_unprivileged_port_start=0
Create services
Create the /home/dkfqs/portal/bin/portal.sh file:
#!/usr/bin/bash
case "$1" in
start)
if [ -f /home/dkfqs/portal/log/DKFQS.log ]; then
mv /home/dkfqs/portal/log/DKFQS.log /home/dkfqs/portal/log/DKFQS.log_$(date +"%Y_%m_%d_%H_%M")
fi
CLASSPATH=/home/dkfqs/portal/bin/bcpkix-jdk15on-160.jar:/home/dkfqs/portal/bin/bcprov-jdk15on-160.jar:/home/dkfqs/portal/bin/bctls-jdk15on-160.jar:/home/dkfqs/portal/bin/DKFQS.jar;export CLASSPATH;nohup java -Xmx2048m -DdkfqsProperties=/home/dkfqs/portal/config/dkfqs.properties -DrewriteProperties=/hom
e/dkfqs/portal/config/rewrite.properties -Dnashorn.args="--no-deprecation-warning" com.dkfqs.server.internal.StartDKFQSserver 1>/home/dkfqs/portal/log/DKFQS.log 2>&1 &
;;
stop)
PID=`ps -o pid,args -e | grep "StartDKFQSserver" | egrep -v grep | awk '{print $1}'`
if [ ! -z "$PID" ] ; then
echo "DKFQS stopped with pid(s) : $PID"
kill -9 ${PID} 1> /dev/null 2>&1
fi
;;
status)
PID=`ps -o pid,args -e | grep "StartDKFQSserver" | egrep -v grep | awk '{print $1}'`
if [ ! -z "$PID" ] ; then
echo "DKFQS running with pid(s) : $PID"
else
echo "No DKFQS running"
fi
;;
*)
echo "Usage: /etc/init.d/DKFQS {start|stop|status}"
exit 1
;;
esac
exit 0
Create the unit file
Create the file /etc/systemd/system/DKFQSPortal.service with the below content:
[Unit]
Description=DKFQS portal
After=network.target
[Service]
User=dkfqs
Group=dkfqs
Type=simple
RemainAfterExit=yes
ExecStart=/home/dkfqs/portal/bin/portal.sh start
ExecStop=/home/dkfqs/portal/bin/portal.sh stop
TimeoutStartSec=0
[Install]
WantedBy=default.target
Start the services
systemctl daemon-reload
systemctl enable DKFQSPortal.service
systemctl start DKFQSPortal.service
journalctl -ex (... to check that no errors occured..)