Preparing new servers for Migration - Application and Database (Traditional)

Riya Ray
Riya Ray
  • Updated

Author: Riya Ray

Date: March 15, 2024

Audience: Everyone

Environmental details: 

Self-hosted Jama Connect instance

Summary: 

Tasks that need to be performed to prepare the Application and Database Server for migration. This will help prepare the environment before migrating from old servers.

 

Preparing your application server 

Make sure your application server meets all requirements. See Supported software and system requirements.

Important considerations:

  • To improve resolution time of any issues, keep ports open. Closing access to ports for communication within the server isn't supported and poses a risk to application accessibility.
  • Docker pre-routes traffic, so be sure to set rules in the DOCKER-USER table, not the INPUT table.
  • To avoid blocking issues when installing on RHEL or CentOS Linux distributions, disable firewall or add the docker0 interface to the "trusted" zone.
  1. Ports: For users and administrators to properly access Jama Connect, the following ports must be accessible to inbound traffic. Work with your network admin to make sure your network is configured properly.
    • Port 22 — SSH port allows admins to make remote connections to the application server using SSH.
    • Port 8800 — Admin Console port allows admins to access the Admin Console, which is used to configure, install, and upgrade Jama Connect.
    • Port 80 — Jama Connect port for clear text communication (HTTP), which is used to access Jama Connect. It can be disabled or the port number can be reconfigured.
    • Port 443 — Jama Connect port for SSL/TLS communication (HTTPS), which is used to access Jama Connect. It can be disabled or the port number can be reconfigured.

  2. User IDs: For Jama Connect to successfully run its processes, the following User IDs must be available and unused on the application server.
    • User ID 91 — Used by Tomcat to read and write to directories under /data.
    • User IDs 480 to 499 — Used by the various services.

  3. Time sync schedule: To ensure accurate time on the application server, sync the time on a routine schedule (for example, set a cron job to sync time every day or hour). To set up the cron job, use the command:
    • ntpdate pool.ntp.org
  4. Setting up dedicated volumes: We recommend setting up dedicated volumes for the data your application is going to write. Use this example to partition the logical volumes on your application server.
    • Start with a 100 GB disk
    • Create a mountpoint:
      • mkdir /data /logs /var/lib/docker /var/lib/replicated
    • Create a physical volume:
      • pvcreate /dev/
    • Create a volume group:
      • vgcreate vg_jama /dev/ 
    • Create logical volumes:
      • lvcreate -L 30G -n lv_docker vg_jama 
        lvcreate -L 20G -n lv_replicated vg_jama
        lvcreate -L 10G -n lv_logs vg_jama
        lvcreate -l 100%FREE -n lv_data vg_jama
    • Write file systems:
      • mkfs.xfs -L docker -n ftype=1 /dev/vg_jama/lv_docker 
        mkfs.ext4 -L replicated /dev/vg_jama/lv_replicated
        mkfs.ext4 -L data /dev/vg_jama/lv_data (ext4 or NFS)
        mkfs.ext4 -L logs /dev/vg_jama/lv_log
    • Edit the file /etc/fstab to include the following lines:
      • LABEL=docker /var/lib/docker xfs defaults 0 0 
        LABEL=replicated /var/lib/replicated ext4 defaults 0 0
        LABEL=data /data ext4 defaults 0 0
        LABEL=logs /logs ext4 defaults 0 0
    • Mount all volumes:
      • mount -a 
    • Confirm that all volumes were mounted properly:
      • df -h
  5. Configure custom memory settings for Elasticsearch: To prepare for installing Jama Connect, you must first update the system that hosts the application. The update consists of configuring memory settings for Elasticsearch.
    • Open the /etc/sysctl.conf file, add the following line to the file, then save the file.
      • vm.max_map_count=262144 
    • Reload the sysctl.conf file:
      • sysctl -p 
    • To confirm, type this command. The system should respond with vm.max_map_count=262144
      • sudo sysctl -a | grep max_map_count

 

Preparing your Database server 

The following information is needed when connecting the application server to the database server.

The username and password for SAML and OAuth must match what's entered in the Microsoft SQL Server upgrade preparation script. 

 

For MySQL:

MySQL is the recommended database server. Follow these steps to install and configure it.

Important considerations:

  • Before installing Jama Connect 8.62.x, you must create two additional database schemas for the installation/upgrade to succeed (see step 3).
  • If you want to upgrade MySQL, see Upgrade and configure MySQL.
  1. Make sure that the InnoDB engine is enabled.
  2. Download and install a supported version of MySQL. To find out which version of MySQL you need, see Supported software, environments, and system requirements and click the link for your version of Jama Connect.
  3. On the MySQL database server:
    • Create an empty Jama Connect schema / database that uses UTF8:
      • CREATE DATABASE jama character set utf8mb4;
    • On the MySQL database server, create two additional database schemas and a user ("jamauser") with the ability to access, create, and update tables within the database:
      • CREATE DATABASE jama character set utf8mb4;
        CREATE DATABASE saml;
        CREATE DATABASE oauth;
        CREATE USER 'jamauser'@'%' IDENTIFIED BY 'password';
        CREATE USER 'oauthuser'@'%' IDENTIFIED BY 'password';
        CREATE USER 'samluser'@'%' IDENTIFIED BY 'password';
        GRANT ALL PRIVILEGES ON jama.* TO 'jamauser'@'%';
        GRANT ALL PRIVILEGES ON oauth.* TO 'oauthuser'@'%';
        GRANT ALL PRIVILEGES ON saml.* TO 'samluser'@'%';
  4. Restart the database server.
  5. The following recommended settings require 8 GB of memory allocated to MySQL Server for a typical installation and 16 GB for an enterprise installation. Depending on your database server's operating system, this can be added to your my.cnf file (Linux) or my.ini file (Windows). You can also make these changes directly to the database.

    Here is a sample text config file at an enterprise level. You must add the following values for your environment:
    • bind-address=0.0.0.0 
      key_buffer_size=16M
      max_allowed_packet=1G
      thread_stack=192K
      thread_cache_size=8
      tmp_table_size=2G
      max_heap_table_size=2G
      table_open_cache=512
      innodb_buffer_pool_size=12G
      innodb_log_file_size=256M
      innodb_log_buffer_size=12M
      innodb_thread_concurrency=16
      max_connections=351
      wait_timeout=259200

For MS SQL Server:

Important considerations:

  • You must have full database admin permissions to the server hosting the SQL Server database.
  • If you want to upgrade the Microsoft SQL Server, see Upgrade and configure Microsoft SQL Server.
  • Before installing Jama Connect 8.62.x
    • Install Microsoft SQL 2016–2019 for the database server.
    • Create an empty Jama Connect database and two additional database schemas for the installation to succeed.

NOTE: Organizations using Microsoft SQL Server must enter database users in Replicated. Without these entries, the installation will fail. Also, The new schema must be created for a successful installation. Otherwise, the system continues to attempt to connect to the databases and produces log failures. After you create the database schemas, you must restart Jama Connect.

For more information, go to Supported software, environments, and system requirements and select your version of Jama Connect.

If you are using Microsoft SQL Server for your database, follow the below outlined steps to install and configure it.

  1. Install Microsoft SQL 2016–2019 for the database server
  2. Connect to the SQL Server using a SQL management application (such as SQL Server Management Studio).
  3. Replace the following values in the installation script: , &
    • Create the User Logins:
      • USE master; 
        CREATE LOGIN jamauser with password = 'password';
        CREATE LOGIN samluser with password = 'password';
        CREATE LOGIN oauthuser with password = 'password';
        GO
    • Create the Jama Database:
      • USE master; 
        CREATE DATABASE jama;
        GO

        ALTER DATABASE jama SET READ_COMMITTED_SNAPSHOT ON WITH ROLLBACK IMMEDIATE
        GO
    • Create the OAuth and SAML schemas:
      • USE jama; 
        EXEC ('CREATE SCHEMA oauth');
        EXEC ('CREATE SCHEMA saml');
        GO
    • Grant necessary permissions to the user logins:
      • USE jama; 
        CREATE USER jamauser for LOGIN jamauser;
        CREATE USER samluser for LOGIN samluser with DEFAULT_SCHEMA=saml;
        CREATE USER oauthuser for LOGIN oauthuser with DEFAULT_SCHEMA=oauth;
        GO

        EXEC sp_addrolemember N'db_owner', jamauser;
        EXEC sp_addrolemember N'db_owner', samluser;
        EXEC sp_addrolemember N'db_owner', oauthuser;
        GO
    • Verify all these actions were completed successfully:
      • Script completed — Check the Query Execution results for errors
      • Users created — Run the following SQL script in a new query window (The results should include jamauser, samluser, and oauthuser in the "Name" column of the result panes).
        • USE jama 
          SELECT * from master.sys.sql_logins
          SELECT * from Jama.sys.sysusers
      • Users granted the DB_owner role — Run the following SQL script in a new query window (The results should show that db_owner role is granted to jamauser, samluser, and oauthuser.).
        • USE jama 
          SELECT DP1.name AS DatabaseRoleName,
          isnull (DP2.name, 'No members') AS DatabaseUserName
          FROM sys.database_role_members AS DRM
          RIGHT OUTER JOIN sys.database_principals AS DP1
          ON DRM.role_principal_id = DP1.principal_id
          LEFT OUTER JOIN sys.database_principals AS DP2
          ON DRM.member_principal_id = DP2.principal_id
          WHERE DP1.type = 'R'
          ORDER BY DP1.name;
    • Keep the database from locking users' accounts while they are logging in or working in Jama Connect (you must have db_owner permissions):
      • ALTER DATABASE jama SET READ_COMMITTED_SNAPSHOT ON WITH ROLLBACK IMMEDIATE;
    • Make sure the flag was successfully enabled (If the returned value is 1, the flag is on):
      • SELECT is_read_committed_snapshot_on FROM sys.databases WHERE name='jama';
  4. Copy and store the passwords you create here. You will need them later to configure the Admin Console settings.

Additional Information/Metadata:

  • Data Migration
  • Traditional 
  • New Servers

 

Please feel free to leave feedback in the comments below.

Related to

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.