Helpful Guides

Installing Bigfish on Linux Servers

Assumptions

  • This deployment guide assumes a setup consisting of 4 servers:
    • Apache httpd server: front end, open publicly
    • Application Server: running BigFish
    • SOLR Search Server: running a BigFish deploy
    • Database Server: running MySQL
  • If the hardware architecture is different, or if any of the servers are combined, the guide is still applicable

Conventions

blue_italics are variables - replace them with the correct information

red-text are commands - run them as they appear, including correctly replaced variables

Useful hints

  • If a command doesn't work the executable may be located in either /sbin or /usr/sbin
  • Example:
    • This guide states to execute:
      • iptables
    • If that doesn’t work you may try:
      • /sbin/iptables

Useful Commands

iptables -L --line-numbers This will show existing iptable firewall rules on the server. The '--line-numbers' option shows the line numbers for each entry. The last entry is usually a "block all" rule so all rules should go above that one. This also shows the chain name needed in the commands below. The line number for the last entry should replace the # sign in the iptables commands below. This inserts the new rule at that line number and slides the existing rules of that # and higher down the list. Rerun the command after adding a new rule to see the effect.
mysqldump db_name > /backup_path/filename.sql This will back up the mysql database to a sql file
mysql db_name < /backup_path/filename.sql This will restore a database from a backup that was made by the above command
pscp source_file remote_dest_file This is putty's secure copy program. It can be installed on Windows to transfer files to a linux server over ssh.

Setting up the servers

  • Ports 80 and 443 must be open publicly on the Apache Server
    • This is a network firewall rule, the Network Administrator can set this up
  • Ports 80 and 443 must be open on the apache server if using a firewall or IP tables
    • Check if they're already open:
      • iptables -L --line-numbers
    • Among the list should be lines ending dpt:80 and dpt:443. If not, run the following for the missing port(s):
      • iptables -I chain_name # -p tcp -m state --state NEW --dport 80 -j ACCEPT
      • iptables -I chain_name # -p tcp -m state --state NEW --dport 443 -j ACCEPT
  • The Application Server and SOLR Search Server must be able to access port 3306 on the Database Server
    • On the Database Server, create IP table entry with:
      • iptables -I chain_name # -p tcp -s source_ip -m state --state NEW --dport 3306 -j ACCEPT
    • source_ip can be blank (for all, leave out the -s option and source ip) or can be set to the application and solr search server internal IP addresses (requires 2 entries, one for each ip)
  • The Apache Server must be able to access port 8004 on the Application Server
    • On the Application Server, create and IP table entry with:
      • iptables -I chain_name # -p tcp -s source_ip -m state --state NEW --dport 8004 -j ACCEPT
    • source ip can be blank (for all, leave out the -s option and source ip) or set to the apache server internal ip address
  • The Apache Server must be able to access ports 8084 and 8444 on the Application Server:
      • iptables -I chain_name # -p tcp -s source_ip -m state --state NEW --dport 8084 -j ACCEPT
      • iptables -I chain_name # -p tcp -s source_ip -m state --state NEW --dport 8444 -j ACCEPT
    • source_ip can be blank (for all, leave out the -s option and source ip) or set to the apache server internal ip address
  • The Application Server must be able to access port 8084 on the SOLR Search Server
    • On the SOLR Search Server, create IP table entry with:
      • iptables -I chain_name # -p tcp -s source_ip -m state --state NEW --dport 8084 -j ACCEPT
    • source_ip can be blank (for all, leave out the -s option and source ip) or set to the application server internal ip address
  • Allow Apache to access the SOLR Admin Screen at port 8080 (optional)
    • on the SOLR Search Server, create IP table entry with:
      • iptables -I chain_name # -p tcp -s source_ip -m state --state NEW --dport 8080 -j ACCEPT
      • source_ip can be blank (for all, leave out the -s option and source ip) or set to the apache server internal ip address

MySQL setup

  • This assumes that MySQL is already installed
    • See MySQL documentation to install
  • Create Schema and Users:
    • Log in as root user and issue the MySQL command to start a MySQL session:
      • mysql
    • Create the database and users:
      • create database db_name
      • create user username identified by password
    • Grant privileges to user on the DB:
      • grant all privileges on db_name.* to 'username'@'%' identified with 'password' with grant option;

You may need to specifically grant database access rights to each server that will connect to the database.

Rerun the grant command, using the same db_name, username and password as above, but replace the % with the internal ip address of the Application Server and the SOLR Search server (one at a time, run the command twice).

Application Setup

  • Three files get copied and installed to the same directory on the application server
  • Get the necessary files:
    • ofbiz_10_04.tar.gz (this is the base OFBiz install version 10.04)
    • ofbiz_bigfish.tar.gz (this is the BigFish project base install)
    • ofbiz_project.tar.gz (tthis is the latest install for project specific data)
  • Copy and deploy OFBiz base install
    • Copy the file from windows to a remote linux server. Will prompt for password.
      • pscp local_path/ofbiz_10_04.tar.gz username@server_IP:/deploypath/ofbiz_v.tar.gz
    • Rename the file to ofbiz.tar.gz so it will go in the right place when extracted
      • mv ofbiz_10_04.tar.gz ofbiz.tar.gz
    • Unpackage the file into a directory named ofbiz
      • tar -zxvf ofbiz.tar.gz
    • Restore the original filename because we'll be using ofbiz.tar.gz again
      • mv ofbiz.tar.gz ofbiz_10_04.tar.gz
    • Copy and deploy BigFish
      • Copy the file from windows to a remote linux server. Will prompt for password.
        • pscp local_path/ofbiz_bigfish.tar.gz username@server_IP:/deploypath/ofbiz_v.tar.gz
      • Renames the file to ofbiz.tar.gz so it will go in the same OFBiz directory we created with step c
        • mv ofbiz_bigfish.tar.gz ofbiz.tar.gz
      • Unpackage the file into the OFBiz directory
        • tar -zxvf ofbiz.tar.gz
      • Restore the original filename because we'll be using ofbiz.tar.gz again.
        • mv ofbiz.tar.gz ofbiz_bigfish.tar.gz
    • Copy and deploy client and project specific application
      • Copy the file from windows to a remote linux server. Will prompt for password.
        • pscp local_path/ofbiz_project.tar.gz username@server_IP:/deploypath/ofbiz_v.tar.gz
      • Rename the file to ofbiz.tar.gz so it will go in the same OFBiz directory we created with step c
        • mv ofbiz_project.tar.gz ofbiz.tar.gz
      • Unpackage the file into the OFBiz directory:
        • tar -zxvf ofbiz.tar.gz
      • Restore the original filename as backup. Keep the tar.gz files somewhere as a backup so they don't have to be recopied to the server with pscp in the even the application has to be reinstalled.
        • mv ofbiz.tar.gz ofbiz_project.tar.gz

Application Server Configuration

  • In OFBiz directory, build the property files
    • ./ant build
  • Edit ofbiz/osafe_deployment/client-deployment.properties file
    • Update database properties to point to the correct internal IP of your database server
    • Update solr properties to point to the correct internal IP of the solr search server
  • Create tables and seed data by running:
    • This creates the actual database tables preparing them to accept the full application data
      • ./ant run-install-seed
  • Apply properties to correct files:
      • ./ant run-bigfish-parameters
  • Prepare and run the startup script
    • Open the startup script in vi:
      • vi startofbiz.sh
    • Make sure it is in unix format:
      • Press shift and colon keys together before entering each of the following commands (shift +:) to get to the vi command prompt.
      • Hit enter after each command
      • set ff=unix (sets unix format
      • w (saves the change)
      • q (exits vi)
    • Change the startup type
      • open startofbiz.sh in a text editor (nano works well)
        • nano startofbiz.sh
      • uncomment the next to last line, starting with $JAVA (remove the # from the start of the line)
      • comment out the last line starting with exec (add a # to the start of the line)
      • make sure it has $SOLRPARMS after $VMARGS
      • If not, add it in.
      • Exit the text editor.
    • Start OFBiz
      • ./startofbiz.sh
    • Verify startup in logs (./runtime/logs/console.log and ofbiz.log)

Apache server configuration

  • If selinux is being used, make sure network connections are allowed:
    • /usr/sbin/setsebool -P httpd_can_network_connect
  • Configure apache property settings for main application
    • Edit file: /etc/httpd/conf/httpd.conf
    • Add the following, or replace any existing VirtualHost for port 80:
      • <VirtualHost *:80>
      • DocumentRoot "apache_root/htdocs/server_abbrev"
      • <Directory "apache_root/htdocs/server_abbrev" >
      •       Options Indexes FollowSymLinks MultiViews Includes
      •       AllowOverride None
      •       Order allow,deny
      •       Allow from all
      • </Directory>
      • </VirtualHost>
    • Install mod_ssl if not installed
      • yum install mod_ssl
    • Edit ssl.conf. inside the <VirtualHost _default_ *:443> add the following:
      • DocumentRoot "apache_root/htdocs/server_abbrev"
      • <Directory "apache_root/htdocs/server_abbrev" >
      •       Options Indexes FollowSymLinks MultiViews Includes
      •       AllowOverride None
      •       Order allow,deny
      •       Allow from all
      • </Directory>
      • SSLProtocol all
      • SSLCipherSuite HIGH:MEDIUM
    • Restart apache
      • /sbin/apachectl restart
  • In any web browser, navigate to the site and verify page loads
    • http://apache_server_public_ip/online/control/main
    • You should now see a mostly blank page with a dotted line and " Built by Solveda"

Advanced Apache Server Configuration

Overview

  • The above configuration simply redirects everything to the application server
  • The following advanced configurations provide more control over how requests are interpreted and routed by Apache
  • For your non-secure (http) VirtualHost entry use the following to handle traffic for your e-commerce storefront
  • Access to backend applications will be addressed in the secure VirtualHost section below.

You will need to replace the ajp configuration with your internal IP address and port number on your application server.

BigFish is configured for ajp port 8004 out of the box but if you change it you need to update your Apache configuration.

  • The following configurations assume you are mounting your e-commerce storefront on /online.
    • Non-secure (http) Virtual Host
    
RewriteEngine On
    RewriteCond %{REQUEST_URI} !^/images/.*$
    RewriteCond %{REQUEST_URI} !^/osafe_theme/.*$
    RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} !-f
    RewriteCond %{DOCUMENT_ROOT}}%{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} !^/online/.*$
    RewriteRule ^(.*)$ http://<yourhostname.domainname.com>/online$1 [R=301,L]

    ProxyRequests Off
    ProxyPreserveHost On
    ProxyPass /images ajp://&l;internal IP to app server>:8004/images
    ProxyPassReverse /images ajp:// <internal IP to app server>:8004/images
    ProxyPass /online ajp:// <internal IP to app server>:8004/online
    ProxyPassReverse /online ajp:// <internal IP to app server>:8004/online
    ProxyPass /osafe_theme ajp:// <internal IP to app server>:8004/osafe_theme
    ProxyPassReverse /osafe_theme ajp:// <internal IP to app server>:8004/osafe_theme
    • Secure (https) VirtualHost - use the following to handle https requests to your storefront AND access to backend applications.
 
    RewriteEngine On
    RewriteCond %{REQUEST_URI} !^/images/.*$
    RewriteCond %{REQUEST_URI} !^/osafe_theme/.*$
    RewriteCond %{REQUEST_URI} !^/webtools/.*$
    RewriteCond %{REQUEST_URI} !^/flatgrey/.*$
    RewriteCond %{REQUEST_URI} !^/bizznesstime/.*$
    RewriteCond %{REQUEST_URI} !^/bluelight/.*$
    RewriteCond %{REQUEST_URI} !^/droppingcrumbs/.*$
    RewriteCond %{REQUEST_URI} !^/multiflex/.*$
    RewriteCond %{REQUEST_URI} !^/tomahawk/.*$
    RewriteCond %{REQUEST_URI} !^/osafe_admin_theme/.*$
    RewriteCond %{REQUEST_URI} !^/osafe-admin/.*$
    RewriteCond %{REQUEST_URI} !^/partymgr/.*$
    RewriteCond %{REQUEST_URI} !^/ar/.*$
    RewriteCond %{REQUEST_URI} !^/ap/.*$
    RewriteCond %{REQUEST_URI} !^/accounting/.*$
    RewriteCond %{REQUEST_URI} !^/assetmaint/.*$
    RewriteCond %{REQUEST_URI} !^/catalog/.*$
    RewriteCond %{REQUEST_URI} !^/content/.*$
    RewriteCond %{REQUEST_URI} !^/facility/.*$
    RewriteCond %{REQUEST_URI} !^/humanres/.*$
    RewriteCond %{REQUEST_URI} !^/manufacturing/.*$
    RewriteCond %{REQUEST_URI} !^/marketing/.*$
    RewriteCond %{REQUEST_URI} !^/myportal/.*$
    RewriteCond %{REQUEST_URI} !^/ordermgr/.*$
    RewriteCond %{REQUEST_URI} !^/projectmgr/.*$
    RewriteCond %{REQUEST_URI} !^/sfa/.*$
    RewriteCond %{REQUEST_URI} !^/ofbizsetup/.*$
    RewriteCond %{REQUEST_URI} !^/workeffort/.*$
    RewriteCond %{REQUEST_URI} !^/bi/.*$
    RewriteCond %{REQUEST_URI} !^/ebay/.*$
    RewriteCond %{REQUEST_URI} !^/example/.*$
    RewriteCond %{REQUEST_URI} !^/exampleext/.*$
    RewriteCond %{REQUEST_URI} !^/googlecheckout/.*$
    RewriteCond %{REQUEST_URI} !^/googlebase/.*$
    RewriteCond %{REQUEST_URI} !^/hhfacility/.*$
    RewriteCond %{REQUEST_URI} !^/oagis/.*$
    RewriteCond %{REQUEST_URI} !^/ebaystore/.*$
    RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} !-f
    RewriteCond %{DOCUMENT_ROOT}}%{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} !^/online/.*$
    RewriteRule ^(.*)$ http://<yourhostname.domainname.com>/online$1 [R=301,L]

Important: Use the same hostname and domain name that you registered your ssl certificate with or some browsers will give users security warnings.

 
    ProxyRequests Off
    ProxyPreserveHost On
    ProxyPass /images ajp://localhost:8002/images
    ProxyPass /online ajp://localhost:8002/online
    ProxyPassReverse /online ajp://localhost:8002/online
    ProxyPass /osafe_theme ajp://localhost:8002/osafe_theme
    ProxyPassReverse /osafe_theme ajp://localhost:8002/osafe_theme
    ProxyPass /osafe-admin ajp://localhost:8002/osafe-admin
    ProxyPassReverse /osafe-admin ajp://localhost:8002/osafe-admin
    ProxyPass /osafe_admin_theme ajp://localhost:8002/osafe_admin_theme
    ProxyPassReverse /osafe_admin_theme ajp://localhost:8002/osafe_admin_theme
    ProxyPass /webtools ajp://localhost:8002/webtools
    ProxyPassReverse /webtools ajp://localhost:8002/webtools
    ProxyPass /flatgrey ajp://localhost:8002/flatgrey
    ProxyPassReverse /flatgrey ajp://localhost:8002/flatgrey
    ProxyPass /bizznesstime ajp://localhost:8002/bizznesstime
    ProxyPassReverse /bizznesstime ajp://localhost:8002/bizznesstime
    ProxyPass /bluelight ajp://localhost:8002/bluelight
    ProxyPassReverse /bluelight ajp://localhost:8002/bluelight
    ProxyPass /droppingcrumbs ajp://localhost:8002/droppingcrumbs
    ProxyPassReverse /droppingcrumbs ajp://localhost:8002/droppingcrumbs
    ProxyPass /multiflex ajp://localhost:8002/multiflex
    ProxyPassReverse /multiflex ajp://localhost:8002/multiflex
    ProxyPass /tomahawk ajp://localhost:8002/tomahawk
    ProxyPassReverse /tomahawk ajp://localhost:8002/tomahawk
    ProxyPass /ap ajp://localhost:8002/ap
    ProxyPassReverse /ap ajp://localhost:8002/ap
    ProxyPass /ar ajp://localhost:8002/ar
    ProxyPassReverse /ar ajp://localhost:8002/ar
    ProxyPass /accounting ajp://localhost:8002/accounting
    ProxyPassReverse /accounting ajp://localhost:8002/accounting
    ProxyPass /catalog ajp://localhost:8002/catalog
    ProxyPassReverse /catalog ajp://localhost:8002/catalog
    ProxyPass /content ajp://localhost:8002/content
    ProxyPassReverse /content ajp://localhost:8002/content
    ProxyPass /facility ajp://localhost:8002/facility
    ProxyPassReverse /facility ajp://localhost:8002/facility
    ProxyPass /humanres ajp://localhost:8002/humanres
    ProxyPassReverse /humanres ajp://localhost:8002/humanres
    ProxyPass /manufacturing ajp://localhost:8002/manufacturing
    ProxyPassReverse /manufacturing ajp://localhost:8002/manufacturing
    ProxyPass /marketing ajp://localhost:8002/marketing
    ProxyPassReverse /marketing ajp://localhost:8002/marketing
    ProxyPass /ordermgr ajp://localhost:8002/ordermgr
    ProxyPassReverse /ordermgr ajp://localhost:8002/ordermgr
    ProxyPass /partymgr ajp://localhost:8002/partymgr
    ProxyPassReverse /partymgr ajp://localhost:8002/partymgr
    ProxyPass /sfa ajp://localhost:8002/sfa
    ProxyPassReverse /sfa ajp://localhost:8002/sfa
    ProxyPass /workeffort ajp://localhost:8002/workeffort
    ProxyPassReverse /workeffort ajp://localhost:8002/workeffort

SOLR Search Server Configuration

If your architecture has the SOLR Search Server installed as part of the Application Server then you are set. Only run this section if you have a separate server for SOLR Search.

  • Install java/jdk/javac if not installed
    • Test by issuing command:
      • javac –version
  • Follow all the same steps as the Application Server Configuration above
  • In the OFBiz directory, build the property files:
    • ./ant build
  • edit ofbiz/osafe_deployment/client-deployment.properties file
    • Update database properties to point to the correct internal IP of your database server
    • Update the SOLR properties to point to the localhost
  • Apply properties to correct files:
    • ./ant run-bigfish-parameters
  • prepare and run the startup script
    • open the startup script in vi:
      • vi startofbiz.sh
    • Make sure it is in unix format:
      • Press shift and colon keys together before entering each of the following commands (shift +:) to get to the vi command prompt.
      • Hit enter after each command.
      • set ff=unix (sets unix format)
      • w (saves the change)
      • q (exits vi)
    • change the startup type
      • open startofbiz.sh in a text editor (nano works well)
        • nano startofbiz.sh
      • uncomment the next to last line, starting with $JAVA (remove the # from the start of the line)
      • comment out the last line starting with exec (add a # to the start of the line)
      • make sure it has $SOLRPARMS after $VMARGS
      • If not, add it in.
      • Exit the text editor.
    • Start OFBiz
      • ./startofbiz.sh
    • Verify startup in logs (./runtime/logs/console.log and ofbiz.log)

Load Content into the Application Server

  • Load the data
  • Verify page loads with content
  • As a preliminary test for the SOLR search indexing, go to the web page (http://apache_server/online/control/main) and click a link to verify the page should have headers, but no products shown.

Generate SOLR indexes

  • Go to the osafe-admin web page, (https://apache_server/osafe-admin/control/main)
    • Admin Admin Tools SOLR Indexing
    • Click on “Re-Index SOLR”
  • Wait for indexing to finish
  • You can check that indexing completed successfully by going to the solr search server, looking for the ofbiz/hot-deploy/solr/data/index directory and seeing that there should be several files starting with an underscore '_' and 2 other files.

This process can take up to an hour, so please be patient.

Changing the Default Localization

  • If you are a non US user or need to launch a site in another language and currency you can change these settings in your store configuration.
  • Login to Catalog Manager
    • https://<yourhost.yourdomain.com>/catalog
  • Click on the “Stores” tab.
  • Select your store.
  • Expand the Localisation section.
  • Set your locale string and currency.
  • Locale string should be in the format en_US, en_GB, etc.
Back to Top

Built by Solveda