Performing the Diagnostics Server installation silently

You can install the BMC Application Diagnostics Server unattended (a silent installation), which requires no user interaction during installation. You can perform a silent installation, as described in this topic, or use the installation wizard.

Perform this procedure to install all the Diagnostics Server components on one computer, for a small environment, or each component on separate computers, such as for larger environments with several Diagnostics Collectors. When the Diagnostics Portal and Collector components are installed on the same computer, they share the same database.

The following files are used to configure the silent installation of Diagnostics Server:

  • (Windows) adop-silent-option.txt
  • (Linux) adop-silent-option

These files are located in the \ADOPServer\Disk1 folder in the installation file structure.

Note

If you have Diagnostics Server components from an earlier version, upgrade the components before installing new components on the same computer.

When you install Feature Pack 1 (version 2.7.01), a POODLE security patch is automatically applied and does not need to be installed separately.

Before you begin

Ensure that you have completed all preinstallation tasks.

If you are installing the APM proxy, you must have a KeyStore certificate and prepare an encrypted password.

To configure the silent Server installation

  1. On the computer where you want to install one or more Diagnostics Server components, use a command line to open the relevant adop-silent-option file in edit mode.

  2. Specify a valid installation directory for the Diagnostics Server:

    -P installLocation=<directory>

    <directory> is the installation location, which must be empty. If the path includes a space, enclose the path in quotation marks.

    (Windows) -P installLocation="C:\Program Files\BMC Software\BMC Application Diagnostics"
    (Linux) -P installLocation=/opt/bmc/BMC_Application_Diagnostics     

    RecommendationOn Linux computers, BMC recommends using the default installation directory. Otherwise, you might experience issues related to permissions and access.
     

  3. Under the Installation Features section is a list of the Diagnostics Server components. Add a hash tag (#) before a component that you do not want to install.

    # Install App Visibility Manager Portal
    -A bmc_application_diagnostics_portal
    # Install App Visibility Manager Collector
    -A bmc_application_diagnostics_collector
    # Install App Visibility Manager Proxy
    -A bmc_application_diagnostics_proxy

  4. Under the Portal Configuration section, enter the Diagnostics Portal configuration.

    Note

    You must provide Diagnostics Portal configuration details, even if you are only installing the Diagnostics Collector or 

    APM proxy

    .

    If required, modify the port numbers. Ensure that the port you enter is available.

    -J portal_ip=localhost
    -J portal_http_port=8100
    -J portal_https_port=8143
    -J portal_apm_console_host=<hostname_or_IP_address>
    -J portal_apm_console_port=443

    Portal configuration parameter descriptions

    The [confluence_table-plus] macro is a standalone macro and it cannot be used inline. Click on this message for details.

    1 Parameters for the apm_console are optional during installation. To enter the required information after installation, see Configuring-the-Portal-on-the-Console.

  5. Enter the connection security level to be used by all components.

    -J connection_security=<securityLevel>

    One of the following values is valid for the <securityLevel> parameter:

    • not_secured—Enter this option to set the communication protocol to HTTP. If left blank, this is the default option.
    • encrypted_authenticated—Enter this option to set the communication protocol to encrypted and authenticated HTTPS.
  6. (For Collector installation)  If you are installing the Diagnostics Collector, modify the parameter values under the Collector Configuration section, as necessary.

    • If required, modify the port number for the relevant communication protocol.
      Ensure that the ports you enter are available.

      -J collector_http_port=8200
      -J collector_https_port=8243

      Collector configuration parameter descriptions

    • (For Portal or Collector installation) Modify the database retention period (days), and database size (GB):

      -J db_retention_time=35
      -J db_max_size=100

      Portal or Collector database parameter descriptions

  7. (For APM proxy installation) If you are installing the APM proxy, modify the parameter values under the Proxy Configuration section, as necessary.

    • If required, modify the port number for the relevant communication protocol.
      Ensure that the ports you enter are available.

      -J proxy_http_port=8300
      -J proxy_https_port=8343
      -J proxy_beacon_receiver_port=8344

    • APM proxy requires a security certificate for use with SSL-encrypted beacons and injected requests. You can provide the location of the KeyStore file now, or you can import the KeyStore post-installation.

      -J import_proxy_keystore_now=false
      -J proxy_keystore_type=
      -J proxy_keystore_path=
      -J proxy_keystore_password_enc=

      KeyStore parameter descriptions

  8. Under the Address Configuration section, configure the listening address (host name or IP address) of the computer on which you are installing the Diagnostics Server or component.

    This is the address that BMC Application Diagnostics components will use to connect to the installation computer.

    Note

    Ensure that the address is accessible from other components. If you need to change the address after installation, see Changing Portal settings.

    -J callback_address=

  9. (For Portal or Collector installation) Under the Database Configuration section, configure the database.
    Enter the port number for the MySQL database that is created during the installation process.

    The default port number is 3301.

    -J db_port=3301
  10. Save and close the options file.
Example

The following example illustrates the settings of a silent installation configuration for the Diagnostics Server on a Windows operating system.

setup.cmd \-i silent \-DOPTIONS_FILE=adop-silent-option.txt
-P installLocation="C:\Program Files\BMC Software\BMC Application Diagnostics"
-A bmc_application_diagnostics_portal
-A bmc_application_diagnostics_collector
-A bmc_application_diagnostics_proxy
-J portal_ip=localhost
-J portal_http_port=8100
-J portal_https_port=8143
-J connection_security=https
-J collector_http_port=8200
-J collector_https_port=8243
-J db_retention_time=35
-J db_max_size=100
-J proxy_http_port=8300
-J proxy_https_port=8343
-J proxy_beacon_receiver_port=8344
-J import_proxy_keystore_now=false
-J proxy_keystore_type=
-J proxy_keystore_path=
-J proxy_keystore_password_enc=
-J callback_address=myDiagnosticsServer
-J db_port=3301

To install the Diagnostics Server silently

  1. In a command line, navigate to the \ADOPServer\Disk1 folder in the installation file structure.
  2. To run the silent installation of the Diagnostics Server, enter the following command:

    • Windows

      setup.cmd -i silent -DOPTIONS_FILE=adop-silent-option.txt

    • Linux

      ./setup.sh -i silent -DOPTIONS_FILE=adop-silent-option

Encrypting a password for silent APM proxy installation

The Maintenance Tool enables you to create an encrypted password, which the Diagnostic Server requires for importing a KeyStore. You must use an encrypted password so that the KeyStore password is not exposed in the adop-silent-option file.

You can run the Maintenance Tool in a GUI or from the command line interface (CLI):

To encrypt a password by using the Maintenance Tool GUI (click here to expand steps)
  1. To open the Maintenance Tool, go to the temporaryDirectory/Disk/utilities directory.
    The temporaryDirectory is the place to which you downloaded the installation files.
  2. Run the ADOPServerMaintenanceTool utility and click the Encrypt tab.
  3. Enter your password in the Password and Confirm Password fields and click Encrypt.
  4. Copy and paste the value from the Encrypted Password field to the adop-silent-option file for the proxy_keystore_password_enc parameter.
     For example, if the encrypted password output is DES\:d70cbe3669602717ce66af37cce7ecf0, modify the proxy_keystore_password_enc parameter as follows:
    -J proxy_keystore_password_enc=DES\:d70cbe3669602717ce66af37cce7ecf0
To encrypt a password by using a CLI (click here to expand steps)
  1. To open the Maintenance Tool, go to the temporaryDirectory\Disk\utilities directory.
    The temporaryDirectory is the place to which you downloaded the installation files.

  2. Run the following command, entering your password for the -password and -confirm_password options:

    • Windows

      ADOPServerMaintenanceTool.cmd -silent -encrypt -encrypt -password=<password> -confirm_password=<password>

    • Linux

      ./ADOPServerMaintenanceTool.sh -silent -encrypt -encrypt -password=<password> -confirm_password=<password>

     

    Note

    If the password contains special characters, use quotation marks. For example:

    • Windows 

      ADOPServerMaintenanceTool.cmd -silent -encrypt -encrypt -password="<password>" -confirm_password="<password>"

    • Linux 

      ./ADOPServerMaintenanceTool.sh -silent -encrypt -encrypt -password="<password>" -confirm_password="<password>"
  3. Copy and paste the output to the adop-silent-option file for your silent installation.
    For example, if the encrypted password output is DES\:d70cbe3669602717ce66af37cce7ecf0, modify the proxy_keystore_password_enc parameter as follows:
    -J proxy_keystore_password_enc=DES\:d70cbe3669602717ce66af37cce7ecf0

To patch the Application Diagnostic Server 2.6.x components for POODLE security vulnerability

This patch repairs the POODLE (Padding Oracle On Downgraded Legacy Encryption) security vulnerabilities for communication between Application Diagnostics Agents for Java and Application Diagnostics Server components. Ensure that you select the Patches tab when you download the installation files for BMC Application Diagnostics.

Extract and replace the required file on the Application Diagnostics Portal, Collector, and Proxy servers, and modify the property files as instructed.

If the Portal, Collector, and APM Proxy are installed on the same computer, replace the file once, otherwise, replace it for each installation.

  1. Stop the service or services.
  2. In the server installation directory, under the common/lib directory, replace common-server.jar with the extracted file from this patch.
    The following file paths show the default installation directory:
    • (Windows) C:\Program Files\BMC Software\BMC Application Diagnostics\common\lib
    • (Linux) /opt/bmc/BMC_Application_Diagnostics/common/lib

  3. In the Portal installation directory, under portal/lib directory, replace the portal.jar with the file in this patch.

    The following file paths show the default installation directory:

    (Windows) C:\Program Files\BMC Software\BMC Application Diagnostics\portal\lib

    (Linux) /opt/bmc/BMC_Application_Diagnostics/portal/lib

  4. Open the properties file for each component in a text editor:
    • Portal: installationDirectory\portal\properties\portal.properties
    • Collector: installationDirectory\collector\properties\collector.properties
    • APM Proxy: installationDirectory\apm-proxy\properties\apm-proxy.properties

  5. For each component properties file, add the following lines for the tomcat.ciphers and the tomcat.ssl.enabled.protocols properties:

    # A comma separated list of encryption ciphers to support for HTTPS connections. Spaces between list items are not allowed.
    tomcat.ciphers=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA

    #The comma separated list of SSL protocols to support for HTTPS connections. Spaces between list items are not allowed.
    #Default Value: TLSv1,TLSv1.1,TLSv1.2
    tomcat.ssl.enabled.protocols=SSLv2Hello,TLSv1,TLSv1.1,TLSv1.2
  6. Restart the service or services.

 

Notes

  • If the installation fails, for example the database stops responding during installation, you must uninstall what has already been installed before rerunning the installation wizard. For more information about the uninstall process, see Uninstalling-the-BMC-Application-Diagnostics-Server.
  • You can find the Diagnostics Server log files in the following location:
    • (Windows) %temp%\adopserver_install_log.txt
    • (Linux) /tmp/adopserver_install_log.txt

Where to go from here

Verify that the BMC Application Diagnostics Server installation is successful.

Change the MySQL root password.

Install the BMC Application Diagnostics Agent for Java.

Install the BMC Application Diagnostics Agent for .NET.

Configure the BMC Application Management Console.

Related topic

Importing-a-KeyStore-file-to-replace-the-self-signed-certificate

 

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*