Sentinel Express 3.1.0 :: Sentinel Administration Guide :: Installing the Sentinel Express Provisioning Module

Artifactory

This page refers to a public Artifactory instance that is no longer available. Please contact us via support if you require more information.

The Sentinel Express provisioning module is distributed as a Rhino Element Manager (REM) plugin.

It requires REM 2.7.0 or compatible. REM can be installed with Jetty or Apache Tomcat. For Sentinel Express, the Apache Tomcat method is required.

To install the Sentinel Express Provisioning module you will need:

the REM distribution package — rhino-element-manager-<version>.zip; expanded to a location of your choice
- download from https://repo.rhino.metaswitch.com/artifactory/opencloud-sentinel-express-3.1.0/opencloud/rem/2.7.0/rem-package/
an Apache Tomcat installation — either downloaded and configured manually, or installed via a package manager; minimum supported version is 7.0.39
the Sentinel Express REM plugin — sentinel-express-element-manager-<version>.em.jar
- download for your release version from https://repo.rhino.metaswitch.com/artifactory/opencloud-sentinel-express-3.1.0/opencloud/sentinel-pack/3.1.0/sentinel-express-element-manager
(optional) the SIS REM plugin — sis-em-<version>.em.jar
- download for your release version from https://repo.rhino.metaswitch.com/artifactory/opencloud-sentinel-express-3.1.0/opencloud/sis-em/2.6.1/sis-em

Below are the procedures to:

set up Tomcat
install the REM plugin
customize plugin logging
import Rhino trust certificate
run it securely

REM restart required

After installing and configuring the plugin, you will need to restart REM, for example by restarting the Tomcat webapp it is running in:

${CATALINA_BASE}/bin/catalina.sh stop
${CATALINA_BASE}/bin/catalina.sh start

Set up Tomcat

To set up Apache Tomcat for the Sentinel Express Provisioning module:

1	Follow the instructions for running REM on Apache Tomcat in the REM Guide.
2	Create the `rem_home/plugins` directory. cd apache-tomcat-<version> mkdir -p rem_home/plugins

Follow the instructions for running REM on Apache Tomcat in the REM Guide.

Create the rem_home/plugins directory.

cd apache-tomcat-<version>
mkdir -p rem_home/plugins

Install the REM plugin

To install the REM plugin for the Sentinel Express Provisioning Module:

1	Copy `sentinel-express-element-manager-<version>.em.jar` into `rem_home/plugins`. cd apache-tomcat-<version> cp /full/path/to/sentinel-express-element-manager-<version>.em.jar rem_home/plugins/
2	(Optional) Copy `sis-em-<version>.em.jar` into `rem_home/plugins`. cd apache-tomcat-<version> cp /full/path/to/sis-em-<version>.em.jar rem_home/plugins/

Copy sentinel-express-element-manager-<version>.em.jar into rem_home/plugins.

cd apache-tomcat-<version>
cp /full/path/to/sentinel-express-element-manager-<version>.em.jar rem_home/plugins/

(Optional) Copy sis-em-<version>.em.jar into rem_home/plugins.

cd apache-tomcat-<version>
cp /full/path/to/sis-em-<version>.em.jar rem_home/plugins/

Customize plugin logging

1	Unzip `log4j2.properties` from `rem.war`: cd apache-tomcat-<version> mkdir rem-tmp cd rem-tmp unzip ../webapps/rem.war WEB-INF/classes/log4j2.properties
2	Edit `WEB-INF/classes/log4j2.properties` with this content: rootLogger.level=INFO rootLogger.appenderRef.console.ref=CONSOLE rootLogger.appenderRef.file.ref=FILE appender.CONSOLE.type=Console appender.CONSOLE.name=CONSOLE appender.CONSOLE.layout.type=PatternLayout appender.CONSOLE.layout.pattern=%d{ABSOLUTE} %-5p <%t> [%c] %m%n appender.FILE.type=RollingFile appender.FILE.name=FILE appender.FILE.filename=${rem.home}/rem.log appender.FILE.layout.type=PatternLayout appender.FILE.layout.pattern=%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p <%t> [%c] %m%n logger.rem.name=rem logger.rem.level=INFO logger.openjpa.name=openjpa logger.openjpa.level=INFO logger.wink.name=org.apache.wink logger.wink.level=INFO # Uncomment for subscriberdata cache eviction logging #logger.subscriberdatacache.name = rem.server.sentinel.subscriberdata.cache #logger.subscriberdatacache.level = TRACE logger.audit.name=sentinel.audit logger.audit.level=INFO logger.audit.additivity=false logger.audit.appenderRef.audit.ref=AUDIT appender.AUDIT.type = RollingFile appender.AUDIT.name = AUDIT appender.AUDIT.fileName = ${rem.home}/sentinel-audit.log appender.AUDIT.layout.type = PatternLayout appender.AUDIT.layout.pattern = "%d{yyyy-MM-dd HH:mm:ss,SSS}", "%c{1}", %m%n
3	Replace `WEB-INF/classes/log4j2.properties` in `rem.war`: zip ../webapps/rem.war WEB-INF/classes/log4j2.properties
4	Remove temporary files: cd .. rm -rf rem-tmp

Import Rhino trust certificate

This can also be done using the REM web UI.

1	Import a Rhino Trust Certificate into REM: "${JAVA_HOME}/bin/keytool" -importcert -file ${RHINO_HOME}/rhino-trust.cert -keystore "${TOMCAT_HOME}/rem_home/rhino-ems.ks" -storepass changeit -noprompt

Security considerations

Below are recommendations for securely running the Sentinel Express Provisioning Module.

Use https

Be aware that the Sentinel Express machine API uses HTTP BASIC authentication. This passes the username and password with every request.

To prevent your credentials going over the network unencrypted, run REM over https.

Set up SSL

See the Tomcat 7 - SSL How-To docs for help setting up SSL in Apache Tomcat 7.

Previous page Next page