Unsupported content This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Installing BMC Atrium Single Sign-On in a cluster


This topic describes how to install BMC Atrium Single Sign-On in a cluster with one or more nodes.

Installing the first node for BMC Atrium Single Sign-On cluster

  1. Run the setup file that you have downloaded from EPD. 
  2. In the BMC Atrium Single Sign-On Server Cluster Options panel:
    1. Select Clustered BMC Atrium SSO Server.
    2. Select New Cluster Installation (First node).
  3. Enter a file name and complete path for storing the cluster configuration information and click Next
    Alternately, you can navigate to the directory and select a file.
    When you enter the file name and click Next, a config file with that name is created on your computer at the specified location automatically. If you are using Microsoft Windows, you must enter the complete path for the cluster configuration file. For example, c:/atriumsso1cluster.dat.

    Note

    You must copy this file to the subsequent nodes before installing BMC Atrium Single Sign-On on those nodes. The file contains sensitive information that is used when installing subsequent nodes.

  4. Enter the following values and click Next.
    • LDAP port number: 8091
    • LDAP replication port: 8092
    • LDAP administration port: 8093
  5. Enter the BMC Atrium Single Sign-On node URL address and click Next.
    For example:
    https://ssoNode1FQDN:port/atriumsso
    https://clm-pun-sso1.bmc.com:8443/atriumsso
  6. Verify that Install New Tomcat is selected and click Next.
  7. Accept the following default port numbers or enter different port numbers and click Next:
    • Tomcat server HTTP port number: 8080
    • HTTPS port number: 8443
    • Shutdown port number: 8005
  8. Enter a cookie domain and click Next.
    The domain value of the cookie should be the network domain of BMC Atrium Single Sign-On or one of its parent domains.
  9. Enter a strong administrator password, confirm the password, and click Next.
    The default administrator name is amadmin.
  10. Review the installation summary and click Install to complete the installation.
    After the first node is successfully installed, additional nodes can be added to the cluster by using the file created during the first installation. For more information about installing the first node, see Installing the first node for an HA cluster on a new Tomcat serverhttps://docs.bmc.com/docs/download/resources/net.customware.confluence.plugin.linking:link-to/img/newwindow.png.

Installing an additional node for BMC Atrium Single Sign-On cluster

During subsequent node installations, previously installed nodes must be available so the newly added node can fully integrate into the cluster.

  1. Copy the cluster configuration file c:/atriumsso1cluster.dat (created during the first node's installation) to the Disk1 directory of the extracted files before installing BMC Atrium Single Sign-On on the node.
  2. Run the installation program.
    Launch the setup executable located in the Disk1 directory of the extracted files.
    • (Microsoft Windows ) Run setup.cmd
    • (UNIX ) Run setup.sh
  3. In the Host Name Information panel, verify that the host name presented is the Fully Qualified Domain Name (FQDN) for the host, and then click Next.
    Correct the value as needed.
  4. In the BMC Atrium Single Sign-On Server Cluster Options panel, perform the following actions:
    1. Select Clustered Atrium SSO Server.
    2. Select Add this node to an existing cluster.
    3. Click Next.
  5. In the BMC Atrium SSO Cluster Configuration File Information panel, browse to the Disk1 directory where you copied the file, and then click Next.
  6. Enter the LDAP port number (8091), LDAP replication port (8092), LDAP administration port (8093), and click Next.
  7. Verify that Install New Tomcat is selected and click Next.
  8. Accept the default Tomcat server HTTP port number (8080), HTTPS port number (8443), and Shutdown port number (8005), or enter different port numbers, and click Next.
  9. Review the installation summary and click Install.
    After the second node has been successfully installed, additional nodes can be added to the cluster by using the file created during the first installation.

After you have installed both the nodes, you must perform the following post-installation configurations.

You need to create a truststore file that will be placed on the load balancer server. The truststore file must contain the BMC Atrium Single Sign-On node certificates. For example, if you have two nodes, the load balancer will serve the clm-pun-sso1.bmc.com and clm-pun-sso2.bmc.com certificates. 

To generate the certificates

  1. Run the following command to generate the certificate on the first node.
    In the command, replace SSOkeystorePassword with the keystore password, which you can find in the server.xml file. 

    $SSO_HOME\tomcat\conf>keytool -exportcert -rfc -keystore keystore.p12 -storepass <SSOkeystorePassword> -storetype PKCS12 -alias tomcat -file certificate1.pem -providername JsafeJCE
  2. Run the following command to generate the certificate on the second node.
    In the command, replace SSOkeystorePassword with the keystore password, which you can find in the server.xml file. 

    $SSO_HOME\tomcat\conf>keytool -exportcert -rfc -keystore keystore.p12 -storepass <SSOkeystorePassword> -storetype PKCS12 -alias tomcat -file certificate2.pem -providername JsafeJCE
  3. After you install the Apache Load Balancer server, you will be required to copy these certificate files to the load balancer server to create a truststore file.  

Where to go from here

Installing-and-configuring-Apache-Load-Balancer-server

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*