Download pdf - EMC InfoArchive · EMC®InfoArchive Version4.2 InstallationGuide EMCCorporation CorporateHeadquarters Hopkinton,MA01748-9103 1-508-435-1000

EMC® InfoArchiveVersion 4.2

Installation Guide

EMC CorporationCorporate Headquarters

Hopkinton, MA 01748-91031-508-435-1000www.EMC.com

Legal Notice

Copyright © 2017 EMC Corporation. All Rights Reserved.

EMC believes the information in this publication is accurate as of its publication date. The information is subject to changewithout notice.

THE INFORMATION IN THIS PUBLICATION IS PROVIDED “AS IS.” EMC CORPORATIONMAKES NO REPRESENTATIONSOR WARRANTIES OF ANY KINDWITH RESPECT TO THE INFORMATION IN THIS PUBLICATION, AND SPECIFICALLYDISCLAIMS IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Use, copying, and distribution of any EMC software described in this publication requires an applicable software license.

For the most up-to-date listing of EMC product names, see EMC Corporation Trademarks on EMC.com. Adobe and Adobe PDFLibrary are trademarks or registered trademarks of Adobe Systems Inc. in the U.S. and other countries. All other trademarksused herein are the property of their respective owners.

Documentation Feedback

Your opinion matters. We want to hear from you regarding our product documentation. If you have feedbackabout how we can make our documentation better or easier to use, please send us your feedback directly [email protected]

Table of Contents

Preface ................................................................................................................................ 5

Chapter 1 Overview ..................................................................................................... 7Upgrading InfoArchive..................................................................................... 8Upgrading from InfoArchive 4.1 to 4.2 ............................................................... 9Preparation .................................................................................................. 9Migration..................................................................................................... 10Known Issue ............................................................................................ 16Adding New Indexes ............................................................................ 16

Testing the Migration.................................................................................... 16Troubleshooting ........................................................................................... 17

Updating Search Templates in the Audit Application.......................................... 18

Chapter 2 Prerequisites and Certified Configurations ................................................. 19Optional Components for InfoArchive ............................................................... 19

Chapter 3 Installing InfoArchive .................................................................................. 21InfoArchive Deployment Options ...................................................................... 21Installing on Linux and Windows Using the Installation Wizard.......................... 22Linux Command Line Installation ..................................................................... 22Running xDB Admin on Linux .......................................................................... 23Windows Command Line Installation ................................................................ 23Installing and Configuring InfoArchive Over Multiple Servers ........................... 24Installing xDB .............................................................................................. 24Installing and Configuring the InfoArchive Server .......................................... 26Installing and Configuring the InfoArchive Web Application .......................... 28Installing an Application............................................................................... 29

Running xDB Admin on Windows .................................................................... 29Installing Gateway/InfoArchive Web Application in Apache Tomcat.................... 29Loading Sample Application Data Sets (Optional) .............................................. 30JDBC Connection Setup .................................................................................... 31User Information for Sample Data ..................................................................... 32Creating a File System Root............................................................................... 32Using Encrypted Passwords in Configuration Files ............................................. 32Using SunJCE/Bouncy Castle (Local Keystore)................................................ 33Tools........................................................................................................ 33Server ...................................................................................................... 34

Using Gemalto (Remote Keystore) ................................................................. 35Tools........................................................................................................ 35Server ...................................................................................................... 35

Changing and Re-encrypting the Password .................................................... 36ANT Tasks and Ciphered Values for Passwords.............................................. 36

3

Table of Contents

Creating Decryption Configuration............................................................ 36Enable Cipher-texted Values in the ANT Tasks in the PhoneCallsApplication ............................................................................................. 37

Chapter 4 Disaster Recovery Scenario for InfoArchive 4.2 .......................................... 39Terminology..................................................................................................... 39Requirements ................................................................................................... 40Considerations ................................................................................................. 41Recovery/Failover Steps .................................................................................... 41Relevant Configuration ..................................................................................... 43

Chapter 5 Troubleshooting Installation ........................................................................ 45

4

Preface

Intended AudienceThis document is intended for system administrators who are responsible for installing EMCInfoArchive.

To install InfoArchive, you must have:

• administrative privileges on the host(s) where you install EMC InfoArchive components

• working knowledge of the operating system on which you install EMC InfoArchive

• working knowledge of EMC xDB deployment

• working knowledge of Apache Ant and web application servers, such as Apache Tomcat

Path ConventionsThis document uses the following path convention:

Path Variable Description

INSTALL_DIR The directory where the EMC InfoArchive installation package isextracted to and runs from.

DocumentationThe following documentation provides information about InfoArchive:

• EMC InfoArchive Release Notes

• EMC InfoArchive Configuration & Administration Guide

• EMC InfoArchive Command Line Tool Guide

• EMC InfoArchive Installation Guide

5

Preface

Revision History

Revision Date Description

January 2017 InfoArchive version 4.2

6

Chapter 1Overview

EMC InfoArchive is a unified enterprise archiving platform that stores related structured data andunstructured content in a single and consolidated repository. InfoArchive enables corporations topreserve the value of enterprise information in a single, easily accessible, unified archive.

InfoArchive includes the following components:

• InfoArchive Web Application (webapp): provides the main web application, allowing easyaccess to most configuration options and functionality.

• InfoArchive Server: provides archiving services to InfoArchive Web Server.

• InfoArchive XML Repository (xDB): provides data storage services to InfoArchive Server. xDB isincluded in the InfoArchive distribution and automatically installed as part of the general set up.

• InfoArchive shell (iashell) [Optional]: provides a command line tool to perform administrativetasks, ingest data and manage and query objects.

• Framework for Data Ingestion [Optional]: provides a framework for data ingestion using Ant.Sample applications are available in the distribution’s tools directory.

You can install InfoArchive and xDB on a single host, or you can distribute components over severalhosts based on security, licensing, or other operation considerations. EMC recommends that you keepthe InfoArchive installation architecture as simple as possible to avoid latency in data transfer. Use arecommended installation unless you have an explicit reason not to do so.

The bulk of the storage size is in the Tools/applications directory, which is not needed on any of theservers. It is recommended, however, that you do not turn off the various server components. Thebenefit will be very small and there would be a lot of small parts that need to be specified (start-upscripts, system scripts, libraries, etc.).

InfoArchive runs xDB. The EMC Documentum xDB Administration Guide, available from EMC OnlineSupport, provides more information about advanced use of xDB.

When connecting to xDB, you have two options:• Whenever you start a server (if not using the server), specify both the bootstrap and the port:

bin\infoarchive-xdb.bat run-server --bootstrap data/xdb/xhive.bootstrap--port 2910

• When you want to connect to the xDB Admin console, use the following command:

bin\infoarchive-xdb admin

7

https://support.emc.com/

https://support.emc.com/

Overview

The following dialog is displayed:

Click the green X.

When specifying how you want to connect, enter:

xhive://localhost:2910

If you specify the absolute path to the bootstrap file, this assumes that the InfoArchive server andthe xDB server are running on the same machine, and no one else can connect to xDB (locks it).Therefore, it is better to use the port. Examples of the ports:— 2910 – Default to connect to main system

— 2911 – If you decided to setup a distinct system for retention (this is not the default)

— 2920 – If you decided to set up a replica for the RollForward operations

There are no minimal privileges necessary to run InfoArchive (InfoArchive server, InfoArchive webapplication or xDB). For Linux, root permissions are necessary to install the system services. ForWindows, administrator permissions are necessary to install the system services.

Upgrading InfoArchiveIf you have an existing installation of InfoArchive (versions 3.0, 3.1, or 3.2) and wish to upgrade toInfoArchive version 4.2, contact EMC consulting services or InfoArchive partners for a migrationassessment.

8

Overview

The Disposition job must not be running when doing the upgrade. If some packages are waiting forconfirmation, run the Confirmation job followed by the Disposition job to complete the disposition ofpackages.

Caution: It is recommended that you do not install InfoArchive 4.x on the same Windowsserver as InfoArchive 3.2.

Upgrading from InfoArchive 4.1 to 4.2InfoArchive 4.1 deployment can be upgraded to the 4.2 version by using the upgrade script. Theupgrade process also requires manual steps.

Customers must follow usual industry best practices to back up the environment. It is recommendedto perform testing in a non-production setup, such as a development or test environment, beforeapplying changes in the production environment.

To upgrade from InfoArchive 4.1 to 4.2, you require the following:

• InfoArchive 4.2 software

• A text editor (Notepad ++ or TextPad are recommended)

Preparation1. You can either:

a. Option 1: Backup the InfoArchive directory; or

b. Option 2: Backup the database by completing the following:

i. Ensure that the system is running and open xDBAdmin Client via Bootstrap.Do not connect to a specific database.

ii. In xDB Admin, click and select the bootstrap URL.

iii. In /bin/infoarchive-xdb admin, select Backup/Restore > Backup.If you are upgrading from an instance that was previously upgraded from 4.0, there willbe two separate federations. Each federation needs to be backed up separately, as therewill be two xDB servers running one for each federation.

iv. In the Backup window:• Specify the full name in the Output filename field.

• Select Standalone.

• Click OK.

• When prompted for the password, enter the xDB dataNode federation password.The default password istest

2. Verify that the backup was created in the specified location.

9

Overview

3. Move the keystore files from 4.1 to the locations specified in the application.yml file.

4. The next step depends on how you plan to proceed with the migration in the next section:• If you plan to copy the data directory from the old installation, as long as the

application.yml file points to the correct location, you are ready to proceed to themigration. If they do not match, the files need to be copied to the locations expected by theapplication.yml file.

• If you plan to backup from the xDB Admin tool, copy the following keystore.jceks datainto the location specified in the application.yml file:

crypto:# KeyStore configurationkeyStore:keyStoreFileLocation: "data/keystore/keystore.jceks"keyStoreType: jcekskeyStorePass: abcdefg

The keyStoreFileLocation is relative to the infoarchive directory.

MigrationNote: The following procedure updates your data so you only have to complete the procedure once.If your software is distributed, however, update each machine that has the 4.1 software to 4.2. Ifusing multiple servers, ensure that a 4.1 InfoArchive web application client is not communicatingwith a 4.2 server.

Ensure that all instances of the InfoArchive server are stopped.

1. Choose the location where want to store the upgraded software.

2. Extract the 4.2 software into the new directory.

3. Put the data from the backup into the new location. You have the following options:

a. Create a new directory called UpgradedInfoArchive and extract the 4.2 infoarchive.zipfile into this new directory. In the InfoArchive 4.1 > infoarchive directory, copy the content ofthe data folder and replace the data folder in the 4.2 UpgradedInfoArchive directory.In UpgradedInfoArchive > infoarchive > tools > config > migration, ensure that you are ableto modify the application.yml file. If you previously upgraded from 4.0 to 4.1 and arenow upgrading to 4.2, the bootstrap listed in the managedItemData has to be changed.If you are upgrading from a previous version of InfoArchive, you are locked into a specificconfiguration. You are essentially using the configuration you had in the previous version.The bootstrap should be:

bootsrap: xhive://localhost:2911

You must also start the InfoArchive server.If, however, you are installing InfoArchive for the first time, you must decide whether youwant the managedItemData stored with everything else or separate. If you decide to spliteverything up, there have to be two bootstraps, one bootstrap for the system and audit andanother bootstrap for the managedItemData. Ensure that the password is entered correctly.The bootstrap should be:

10

Overview

bootsrap: xhive://localhost:2910

The following is the command to run xDBAdmin (a pre-requirement is that the xDB server isrunning):

Cd C:\UpgradedInfoArchive\infoarchive bin\infoarchive-xdb.batrun-server --bootstrap data/xdb/xhive.bootstrap --port 2910

b. Option 2: Restore the backup:• In xDBAdmin, click Restore.

• Select the backup file.

• Ensure that the Use original paths button is selected.

• Ensure the Backup data version is set to Current.

• Click OK.

Note: If the retention database was stored in a separate federation, this has to be done forboth instances. A different port is required and the bootstap parameter needs to match thebootstrap value for the retention federation.

4. If you have made changes to the 4.1 application.yml file, and you want to keep thosechanges, merge the changes with the 4.2 version of the application.yml file. The followingsections were added to the application.yml file in 4.2:• Configuration of managed item backup management managedItemBackup.

• Interval between polling managed item backup - default is 5 minutes (5 * 60 * 1000)pollingDelay: 300000

• Configuration of table indexing tableIndexing

• Maximum number of threads handling table indexing actions numberOfThreads: 2

5. If the retention database is stored in a separate federation, the application.yml file needsto modified. The application.yml file is found here: C:\UpgradedInfoArchive\infoarchive\tools\config\migration:

managedItemData:xdb:dataNode:name: mainFederationbootstrap: xhive://localhost:2910superuser:password: test

database:name: managedItemDatabaseadmin:password: secret

This should match the value in your 4.1 application.yml file.

6. It is important that the xDB server is running. The command to start is the xDB server is:

bin\infoarchive-xdb.bat run-server --bootstrap data/xdb/xhive.bootstrap--port 2910

11

Overview

If you have multiple xDB servers, specify the bootstrap and port for each server to ensure that thesecond instance is running.To deploy the InfoArchive web application, InfoArchive server and xDB database to dedicatedmachines, the following properties must be updated:For the InfoArchive web application, update the config\webapp\application.yml property:• zuul.routes.restapi.url

zuul:routes:restapi:path: /restapi/**sensitiveHeaders: ""url: http://IA-SERVER-HOST:8080/

For the InfoArchive server, update the following config\server\application.yml properties:• system.xdb.dataNode.bootstrap

• auditData.xdb.dataNode.bootstrap

• managedItemData.xdb.dataNode.bootstrap

• batchData.xdb.dataNode.bootstrap

systemxdb:dataNode:storeStackTraceInLock: falsename: mainFederationbootstrap: xhive://XDB-HOST:2910

auditData:xdb:dataNode:storeStackTraceInLock: falsename: mainFederationbootstrap: xhive://XDB-HOST:2910

managedItemData:xdb:dataNode:storeStackTraceInLock: falsename: mainFederationbootstrap: xhive://XDB-HOST:2910

batchData:xdb:dataNode:storeStackTraceInLock: falsename: mainFederationbootstrap: xhive://XDB-HOST:2910

If retention was stored in a different federation, it also needs to be started The command tostart the server is similar except that a separate bootstrap file was created for retention (theport is likely 2911).Before running migration, by default, the logging is set to the WARN level. This can be changedto either DEBUG or WARN level in the application.yml file in the following directory:C:\UpgradedInfoArchive\infoarchive\tools\config\migration

12

Overview

7. In the tools directory:• For Windows, run migration.bat

• For Linux, run migration

If successful, the following is displayed after the Spring Boot logo:

2017-01-10 14:38:25.989 - Migration start2017-01-10 14:38:42.691 - Migration finished

The migration start/finish information also appears in the UpgradedInfoArchive > infoarchive> tools > logs > error.log file. This does not mean you have experienced an error duringthe migration. If, however, the error.log file contains more than the migration start/finishinformation, an error has occurred during the migration.

Note: If you are running on more than one machine, set the bootstrap to xhive://<machine>:<port>and start that xDB service.

If the migration was successful, you will be able to open the UpgradedInfoArchive > infoarchive >tools > logs > ia.log file and see that the LibraryIndexCleaner has removed a number of indexes.It is important to note that you can run the migration.bat/migration command as manytimes as you want. Each time the command is entered, the information will be displayed inthe error.log file.

8. Changes you have made to the configuration files in your InfoArchive 4.1 installation shouldbe copied to each server installation(s) in your new InfoArchive 4.2 setup. This specificallyconcerns the following three files:• INSTALL_DIR/config/server/application.yml

• INSTALL_DIR/config/server/application-ssl.yml

• INSTALL_DIR/config/webapp/application.yml

The changes from your existing configuration file should merged into the new configuration fileswith care, the settings in these files are needed for correct operation of InfoArchive.With respect to the config/webapp/application.yml, its settings are documented in the sectionINSTALL_DIR\config\webapp\application.yml in the Configuration and AdministrationGuide. Consult it to find out the meaning of existing and new settings.With respect to the application-ssl.yml file, your 4.1 configuration file may containproperty names with dashes in them (e.g. key-store) while the configuration file of 4.2 usescamelCasing (e.g., keyStore), but both types of property names are accepted.With respect to config/server/application.yml, the following jobs have been removed fromInfoArchive 4.2:• TableApplyRetention

• BuildIndex

These job definitions are present in the 4.1 configuration file, and should not be copied to the 4.2configuration file, otherwise these obsolete jobs are recreated.The other job definitions new or changed in 4.2 will be processed automatically during migrationand on first start-up of the 4.2 server. The same applies to new and changed access rights, roles,and users present in the configuration file, these are processed as part of the migration.The following table provides an overview of newly introduced properties in release 4.2 in theconfig/server/application.yml file:

13

Overview

New config file element Description

management:

add-application-context-header: false

endpoints:

enabled: false

These settings ensure someinformation related to theSpring framework thatInfoArchive uses is notexposed in responses fromthe InfoArchive server.

managedItemBackup:

pollingDelay: 300000

Time in milliseconds (defaultis 5minutes) interval betweenmanaged item backups. InInfoArchive 4.1, creatingbackups of manageditems happened on eachtransaction. In InfoArchive4.2, these backups are createdwhen needed after a giveninterval.

tableIndexing:

numberOfThreads: 2

In InfoArchive 4.2,the implementation ofbackground indexing fortable archiving was changedand, consequently, it is nowpossible to specify howmanyconcurrent threads are usedfor indexing.

batch:

cleanup:

removeSuccessfulJobsAfterHours: 168

A new batch executionmechanism was introducedin InfoArchive 4.2. Thissetting controls the amountof time finished batch jobexecutions are stored beforethey are cleaned up.

The bold text indicates items that were introduced to theapplication.yml file for 4.2:

system:

# Retention of Rollforward objects, in hoursrollForwardObjectRetention: 24

# SystemData repository

xdb:

dataNode:

storeStackTraceInLock: false

name: mainFederation

bootstrap: xhive://localhost:2910

superuser:

password: test

See Disaster RecoveryScenario for InfoArchive4.2 for more information onreplication.

rollForwardObjectRetention:This setting is related toreplication. For certainactions, special retentionrollforward objects arecreated internally and sent tothe replicas. These itemsare used to execute actionsagain on a replicated site,in case it has to be used asthe master site, to ensure

14

Overview

New config file element Descriptiondatabase:

name: mainDatabase

admin:

password: secret

rollForwardDatabase:name: rollForwardDatabaseadmin:password: secret

# SSL settings, used when connecting to

xhives://

# Can be defined per xDB repository.

# The system xDB repository settings will be

used as a fallback for convenience.

ssl: keyStore: "src/main/dist/config

/server/keystore.p12"

keyStorePassword: abcdefg

keyStoreType: PKCS12

trustStore: "src/main/dist/config/server

/truststore.jks"

trustStorePassword: abcdefg

trustStoreType: JKS

# replicas:# -# bootstrap: xhive://localhost:2920

consistency. This settingdetermines how long suchitems are kept in the system(in hours). The value of thissetting should be longerthan any action that mayneed to be executed againon the replica site in case itbecomes the master (e.g., themanagedItem.pollingDelaymentioned above).

rollForwardDatabase: xDBdatabase used to store theroll forward objects. Theseobjects are replicated tothe replica sites to ensureconsistency of these replicas.The system will use theroll forward objects in theevent that data recovery isrequired.

replicas: The xDB federationsthat act as replicas for themain database. The bootstrapshould contain the addressof the system data xDBserver replica on the disasterrecovery site. InfoArchiveuses this to verify rollforward objects are properlyreplicated before they areexecuted.

system:

ssl:

etc.

SSL settings used whenconnecting to the xDB serverover SSL connections. Thiscan also be configured on thexDB repository level in theconfiguration file.

See the Connecting toxDB Via a Startup Scriptsection of the Configuration &Administration User Guide formore information.

9. Start the InfoArchive server and the InfoArchive web application. In the web application, youwill notice that the graphic on the login screen has changed.

15

Overview

10. If the phone calls sample application was installed, it has to be deleted:

a. Login as a retention manager, select the PhoneCalls application and click on the packages tab.Click Select all 10 and click REMOVE RETENTION POLICY. Although a message will statethat there are 0 packages, even after clicking the Refresh button, simply set the Receptiondate field to All to view the remaining packages.

b. Login as an administrator and delete the application data for the PhoneCalls application.

c. Run the Administration > Jobs > Clean job. Ensure that the job was successful.

d. Delete the PhoneCalls application.

11. If you are upgrading from InfoArchive 4.1, in the Administration > Jobs tab, run the Table DataVolume job. This job updates the table row character count for the Dashboard. It may take a longtime for this job to run successfully. Do not click the ’i’ (information) button while the job is running.Otherwise, you will receive an error message.

12. Run the Administration > Jobs > RefreshMetrics job, which also updates the Dashboard.

Known Issue

The export content may not be accessible after the migration if the store used for the export is onECS. As a workaround, request a new export.

Adding New Indexes

Two indexes were added at the schema level to improve the speed and efficiency of table-rowdisposition. The new indexes support partial disposition on tables and are required.

To add the indexes, complete the following steps after completing the migration steps but prior torunning a partial disposition:

1. Start the InfoArchive 4.2 server.

2. Rerun indexing on all databases.This will create the indexes.

Testing the Migration1. Ensure that all three servers are running.

2. Login as Connie and view the retention sets. If the items is 0, check the application.yml file.

3. Execute a search to ensure that the results are returned as expected.

4. Login as Adam and verify that the new system audits appear on the Administration > Auditspage for the Trades application. You should see the Partial Dispose audit, which is new to 4.2.This new audit is not turned on by default on an upgraded system. To turn on the audit, checkthe Partial Dispose box and click Save.

16

Overview

5. Login as Adam and, if you installed the Trades application, navigate to the Retention Sets tab toensure that the sets are displayed.

6. If desired, re-install the PhoneCalls application.

Troubleshooting

Issue Resolution

User cannot create a new job. Upon upgrading to a new version ofInfoArchive, each user must clear the browsercache:

• For Chrome, press <Ctrl> + Shift R

• For Internet Explorer, press <Ctrl> + Shift +Del

Tip: To confirm that the browser has beenrefreshed, the new login screen should appear:

The following error message was received whenupgrading from 4.1 to 4.2:

C:\UpgradedInfoArchive\infoarchive

\tools>migration.bat

. ____ _ __ _ _

/

/ __' __ _ ()_ __ __ _ \ \ \ \

( ( )___ | '_ | '| | ' \/ _` | \ \ \

\

/ __)| |)| | | | | || (_| | ) ) ) )

' |___| .|| ||| |_, | / / / /

=========||==============|_/=////

:: Spring Boot :: (v1.3.7.RELEASE)

2016-12-12 15:01:53.656 - Migration

Ensure that you ran the xDB server withthe correct bootstrap. Also ensure that,if the retention database is in a separatefederation, both xDB servers are runningwith the correct bootstrap, and the migrationapplication.yml is using the correct portsfor both xDB servers.

Also check that, when running the xDB server, itwas running with the 4.1 data.

17

Overview

Issue Resolutionstart

2016-12-12 15:01:55.751 - Failed to

migrate document <?xml version="1

.0"?>

Updating Search Templates in the AuditApplicationThe following example illustrates how to manually update 4.1 search templates in the Auditapplication for the 4.2 release. The Developer should complete the following steps after completingthe upgrade only if the Audit application was installed in 4.1:

1. Select the Audit application.

2. Import the application audit, system audit and tenant audit searches from the 4.2 deploymentunder the audits\search directory to update the templates.

18

Chapter 2Prerequisites and CertifiedConfigurationsNote: Refer to the EMC InfoArchive Release Notes for prerequisite and certified configuration details.• Bash Shell is required for InfoArchive installation on Linux

Optional Components for InfoArchiveYou can choose the following installation components to extend InfoArchive functions.

Component Description

LDAP Lightweight Directory Access Protocol (LDAP) is anapplication protocol that aids in searching distributeddirectory services over IP networks. LDAP is built on aclient-server model. LDAP features include access control,support for Unicode, and other functionality that securesresources over IP networks.

AD Active Directory (AD) is a directory service (database)implemented by Microsoft. AD includes hierarchicalinformation about objects on the network where each objectcan be a computer, printer, user, site, or other related item.Objects have names and sets of attributes. For example,a user inside of an organization can be represented as anobject with attributes: First Name, Last Name, Title, Email,Country, etc.

LDAP is a protocol to access directory server while ActiveDirectory is Microsoft’s implementation of an LDAP-baseddirectory server.

19

Prerequisites and Certified Configurations

20

Chapter 3Installing InfoArchive

The InfoArchive installation package is a single Zip file. Its contents include:• bin: Contains commands for starting the various servers. The installer is in the root directory.

• config: Contains configuration files for the InfoArchive server, webapp, and the xDB database.

• lib: Contains data libraries for InfoArchive and xDB

• system: Contains system files for Linux and Windows

• third-party: Contains third-party component licenses and documentation

• tools: Contains administrative tools such as iashell and Ant, and sample application data.

• setup.bat: Install script for Windows.

• setup.sh: Install script for Linux.

You can run the install as an interactive question-and-answer wizard that installs InfoArchiveaccording to your responses, or as a command line which requires you to enter parameters.

Note: For best performance, leave working folders such as the Tomcat temp folder, the ingest folder,and the receiver folder on the local disk. Performance and scalability issues might be encountered ifthese folders reside on network storage.

If installing InfoArchive as an individual service, use the suggested script arguments providedwith the interactive setup:

sudo ./setup.sh --services=xdb --ssl= --user=daemon --supasswd=test--licensekey=041*tNLMNf5jUPvr7x3fSOKA6x1yyN#xYYZxQZSZxZRyhbB3EtxtAGhxcsudo ./setup.sh --services=server --ssl= --user=daemon --noDataNodesudo ./setup.sh --services=webapp --ssl= --user=daemon --noDataNode

InfoArchive Deployment OptionsThe following diagram describes three possible deployment options for InfoArchive:

• Option 1: All components on one server (this is default).

• Option 2: Individual components on a dedicated host.

• Option 3: Possible valid deployment variation.

21

Installing InfoArchive

Installing on Linux and Windows Using theInstallation Wizard1. Unzip the InfoArchive distribution into the desired final location.

2. Run setup.sh (for Linux), or setup.bat (for Windows).For Linux, a command window (shell) is already open. For Windows, however, a commandwindow will open.The system will install InfoArchive according to your answers to the following questions:

Remove previously installed InfoArchive services? (Y/n)

If not removing:

Install xDB server as a service? (Y/n)

Install InfoArchive Server as a service? (Y/n)

Install InfoArchive Web App as a service? (Y/n)

If installing the InfoArchive Server as a service:

Install InfoArchive Server service using SSL? (y/N)

For Windows, the system asks the previous question for each server if installed as a service, notjust the InfoArchive server.

If not installing the xDB server as a service (otherwise assumes yes):

Set up an xDB data node? (Y/n)

If set up of an xDB data node should be done (either because you answered yes when asked, orif the xDB server will be installed):

Enter the xDB data node superuser password:

Enter the xDB license key:

Note: If the script is run again, you will not be prompted to create the xDB node. The system willinform you that it already exists.

Linux Command Line Installation1. Unzip the InfoArchive distribution into the desired final location.

2. Review the setup commands supported in the setup.sh script:.--user= System user to run the services (required)--supasswd=... xDB superuser password (required for creation).

The password needs to be updated in the application.ymlfile before running the setup script. It also has to bechanged in the sample application build scripts.

--licensekey=... xDB license key (required for creation)--services=.......System services to install (defaults to xdb,server,webapp)..................Example: --services= xdb,server--noDataNode......Do not set up an xDB data node--ssl=............Install the InfoArchive server service using SSL (defaults to none)...................Note: Remove the InfoArchive services and modify configuration files

accordingly before switching.

22


..................The --ssl parameter accepts the same values as the services parameter(i.e., xdb, server, webapp or any subset of that).

--remove=.........Remove the InfoArchive services

3. Run the setup.sh script as root to create an xDB data node, set up the startup scripts to runInfoArchive at boot time, and immediately start the InfoArchive services.

sudo ./setup.sh --user=<username> --supasswd=<password> --licensekey=<licensekey>

To startup InfoArchiveServer or any of the components in debug mode, the corresponding flags needto be specified in the JAVA_OPTS environment variable as part of the command:

JAVA_OPTS="-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005" ./bin/infoarchive-server

Running xDB Admin on LinuxThe following assumes that the xDB server is running on the same machine. Replace 127.0.0.1 withthe hostname of where the xDB server is running.

1. Run

./bin/infoarchive-xdb admin

2. Connect to xDB xhive://127.0.0.1:2910

Note: If you cannot connect, make sure the correct xDB server is running and listening on port2910. The admin client can be run against the running server. The bootstrap file (xhive.bootstrap)will be locked.

Windows Command Line Installation1. Unzip the InfoArchive distribution into the desired final location.

2. Review the setup commands supported in thesetup.bat script:.

--supasswd.... xDB superuser password (required for creation).The password needs to be updated in the application.ymlfile before running the setup script. It also has to bechanged in the sample application build scripts.

--licensekey.... xDB license key (required for creation)--services........System services to install (defaults to xdb,server,webapp)..................Example: --services "xdb,server"--noDataNode......Do not set up an xDB data node--ssl Install the InfoArchive server service using SSL (defaults to none).

Note: Remove the InfoArchive services and modify configuration filesaccordingly before switching.

..................The --ssl parameter accepts the same values as the services parameter(i.e., xdb, server, webapp or any subset of that).

--remove Remove the InfoArchive services

3. Run the setup.bat script to create an xDB data node, set up the InfoArchive servers asWindows services and immediately start the services.

23


setup.bat --supasswd <password> --licensekey <licensekey>

InfoArchive Server, InfoArchive Webapp, and InfoArchive xDB are now running in the listof Windows local services.

Installing and Configuring InfoArchive OverMultiple ServersThis section illustrates the steps required to install and configure InfoArchive over multiple serverson the same network. To complete an installation over multiple servers, follow the steps contained inthe following subsections:• Installing xDB;

• Installing and configuring the InfoArchive server and confirming that both the xDB andInfoArchive server are communicating;

• Installing and configuring the InfoArchive web application; and

• Accessing InfoArchive and installing an application from a user machine.

Note: When installing InfoArchive on Windows, services may take up to five minutes to completelystart. If you are unable to access a URL or application described in this guide, ensure that the serviceis running and try again.

Installing xDB1. Login to the xDB server.

2. Unzip the InfoArchive binaries to C:\, which will be referred to as %HOME% throughout thissection.

3. In aWindows command prompt, run setup.bat, which can be found at%HOME%\infoarchive).

4. Enter the following selections:

a. Install xDB server and a service?: Y

b. Install xDB server using SSL?: N

c. Install InfoArchive Server as a service:? N

d. Install InfoArchive Web App as a service?: N

e. Enter the xDB data node superuser password: [your password]** This password must be updated in each of the config/server/application.yml files thatwill be configured (find at xdb/dataNode/superuser/password – By default, it is set to test).

f. Enter the xDB license key: [find in the .txt file in the distribution]

24


5. Confirm the InfoArchive xDB service is running.

6. Open the xDB admin console and try to log in:

a. Open a command prompt and navigate to %HOME%\bin.

25


b. Run infoarchive-xdb.bat admin

7. Set Bootstrap URL.

Installing and Configuring the InfoArchive Server1. Login to the InfoArchive server.

2. Unzip the infoarchive binaries to %HOME%.

3. Configure the InfoArchive server:

a. Open the application.yml file found in the %HOME%\config\server directory.

b. Change the bootstrap URLs to correspond to the xDB server’s IP address.

c. Change the superuser password to [your choice]. This password must be the same one usedwhen setting up your xDB server.

d. Save the file.

4. Install the InfoArchive server:

a. In a Windows command prompt, run setup.bat, which can be found at%HOME%\infoarchive).

b. Enter the following selections:

i. Install xDB server and a service?: N

ii. Install InfoArchive Server as a service?: Y

iii. Install InfoArchive Server services using SSL?: N

iv. Install InfoArchive Web App as a service?: N

26


v. Set up an xDB data node?: N

5. Confirm the InfoArchive server service is running.

6. Open a browser and navigate to localhost:8765/services.

7. Open a browser and navigate to localhost:8765/product-info.

8. Return to the xDB server and login to xDB Admin again to confirm that the mainDatabase isactive.

27


Installing and Configuring the InfoArchive WebApplication1. Login to the InfoArchive web application server.

2. Unzip the infoarchive binaries to %HOME%.

3. Configure the InfoArchive web application:

a. Open the application.yml file found in the %HOME%/configs/webapp directory.

b. Change both the secure and non-secure zuul/routes/path/url to correspond to the InfoArchiveserver IP address.

4. Install the InfoArchive web application:

a. In IAShell, run setup.bat (found at %HOME%/infoarchive).

b. Enter the following selections:

i. Install the xDB server as a service?: N

ii. Install InfoArchive Server as a service?: N

iii. Install InfoArchive Web App as a service?: Y

iv. • Install InfoArchive Web App using SSL?: N

v. Set up an xDB data node?: N

5. In a Chrome browser, open the InfoArchive web application. Navigate to localhost:8080 onthe web application server.If everything is configured properly, you should be able to login to InfoArchve.

28


Installing an Application1. While still on the web application server, open a command prompt and go to

%HOME%/tools/applications/Audit.

2. Open the build.properties file for the Audit application and change the services IP to mirrorthat of your InfoArchive server installation.

3. In the InfoArchive web application, sign in as a Developer. Use one of the following:• [email protected];

• [email protected]; or

• A user from your organization that has been setup with the Developer role.

4. Select the Audit application.

5. Add a new search by selecting to import from ZIP.

Running xDB Admin on Windows1. Run

bin\infoarchive-xdb.bat admin

2. Connect to xDB xhive://127.0.0.1:2910

Note: If you cannot connect, make sure the correct xDB server is running and listening on port2910. The admin client can be run against the running server. The bootstrap file (xhive.bootstrap)will be locked.

InstallingGateway/InfoArchiveWebApplicationin Apache Tomcat1. Stop Tomcat if it is running. This step is only required if you want to change the configuration

files first. WAR files are expanded when Tomcat is started or if it is running and the file is copiedinto webapps.

2. Copy infoarchive-webapp.war from the distribution’s Lib directory to Tomcat’s webappsfolder:…\apache-tomcat-8.0.32\webapps\infoarchive-webapp.war

When Tomcat is started, it picks up the file and expands it to the following folder:…\apache-tomcat-8.0.32\webapps\infoarchive-webapp

Configuration files for edit can be found in:…\apache-tomcat-8.0.32\webapps\infoarchive-webapp\WEB-INF\classes

3. To point Gateway/InfoArchive Web Application to InfoArchive Server to a machine with thename iashost on port 8080, for example, edit the following file’s server section:

29


…\apache-tomcat-8.0.32\webapps\infoarchive-webapp\WEB-INF\classes\application.yml

:server:host: ${infoarchive.gateway.host}port: ${infoarchive.gateway.port}contextPath: ${infoarchive.gateway.contextPath}

:zuul:routes:restapi:path: /restapi/**sensitiveHeaders: ""url: http:// iashost:8765/

::

4. Additionally, if you are running the Gateway/InfoArchive Web App and InfoArchive server inHTTPS mode, edit the section at the end of the file:

---spring:profiles: "infoarchive.profile.HTTPS"

server:ssl:key-store: "classpath:ssl/keystore.jks"key-store-password: "infoarchive"key-password: "infoarchive"

zuul:routes:restapi:path: /restapi/**sensitiveHeaders: ""url: https://iashost:8765/

5. Restart Tomcat.

Loading Sample Application Data Sets(Optional)The applications directory contains sample application data sets and configuration you can load todemonstrate functionality.

To load the data sets, change the current directory to the desired application directory undertools/applications and run Ant.

Additionally, the following Ant targets can be invoked:

• install: used for installing and updating configurations.

• receive: used for the reception process where packages are queued for ingestion.

• ingest: used for ingesting the packages and associated records based on package ingestionpriority.

30


Tip: To view the Ant help, which contains more information on available commands, use the—projecthelp or —p option.

The following sample applications are examples of structured data application archiving, broadlyrepresenting an application decommissioning use case. Running just the Ant command for theseapplications will start the configuration and ingestion process:• Baseball

• Order_Management

• Patent

• Tickets

The following sample applications are examples of compound record (data and content) applicationarchiving, broadly representing an active archiving use case. The default Ant target is "all" for theseapplications. Invoking Ant will start the configuration and data ingestion process:

• PhoneCalls

• Certificates

• Invoices

• SEPA

• Trades

In the InfoArchive 4.2 release, following new sample applications also bundled . The sampleapplications are created using InfoArchive connectors:• Documentum – SIPs are created using Documentum connector for InfoArchive

• SharePoint - SIPs are created using SharePoint connector for InfoArchive

• SAP Connector - SIPs are created using SAP connector for InfoArchive

Additionally, a pre-configured application called Audit is available. The application can be used tosearch all audit information in an InfoArchive repository.

To search the audits, the Archive Audits job needs to be run (after installing that application). It isrecommended that the schedule be started so that the job runs. By default, the Archive Auditsjob runs once a day.

Note: In a Linux environment, the default ulimit value is 1024. This value must be increased ifyou are ingesting a large number of SIP files. Otherwise, ZIP errors will be issued. After resettingthe ulimit value, restart the server.

JDBC Connection SetupFor instruction about setting up a JDBC connection, refer to the InfoArchive JDBC Driver section ofthe Configuration & Administration User Guide.

31


User Information for Sample DataUse following default users to log in to InfoArchive sample data applications. Each user’s Roledefines what is presented at the top and second level navigation.

Note: These users are sample users and have been created for easy demo purposes only. Theyshould not be used in the production environment.

Login User Name Password Role Name

[email protected] password ADMINISTRATOR Adam

[email protected] password BUSINESS OWNER Bob

[email protected] password DEVELOPER Connie

[email protected] password END USER Emma

[email protected] password IT OWNER Imran

[email protected] password RETENTIONMANAGER

Rita

[email protected] password ADMINISTRATOR

BUSINESS OWNER

DEVELOPER

END USER

IT OWNER

RETENTIONMANAGER

Sue

Creating a File System RootThe InfoArchive server does not create a default file system root if nothing is configured. Theapplication.yml file, however, allows for a "fileSystemRoot" entry to be used by the InfoArchiveserver. The specified path has to pre-exist on the file system. InfoArchive server will not create it.

Using Encrypted Passwords in ConfigurationFilesSome customers, such as those in the financial sector and health care customers, have strict securityregulations and are not permitted to store passwords in clear text within configuration files. Thesecustomers cannot store non-encrypted passwords with the configuration files and run the InfoArchiveserver without any passwords being mirrored in the command prompt.

32


The ability to store encrypted passwords within the configuration files has two phases:

• Tools: Customers configure how encryption is performed and then encrypt the passwords usingdedicated tools.

• Server: Customers store the outputted encrypted passwords within the server’sapplication.yml file, configure how they were encrypted and enter the relevant passwordsupon server start-up.

Using SunJCE/Bouncy Castle (Local Keystore)

This procedure stores the key used for password encryption in a local keystore. The keystore isfile-based and it is up to the customer to protect it.

Tools

1. Enter the following properties in the following configuration file: infoarchive/tools/config/password-encrypt/encryption.properties.xml:

Field What to Enter

keySize The size of the key being used for encryption.

securityProvider The security provider used for encryption (SunJCE/BouncyCastle).

keyStoreLocation The location of the key store where the encryption key will bestored.

keyStoreType The type of key store that will be used.

encryptionAlgorithm The algorithm used for encryption.

encryptionMode The encryption mode used.

paddingScheme The padding scheme used during encryption.

keyID The ID of the key being used for encryption (if it does not alreadyexist in the keystore, it will be created).

2. Enter one of the following commands:• For Windows: infoarchive\tools\password-encrypt.bat; or

• For Linux: infoarchive/tools/password-encrypt

3. Enter the password to be encrypted. Enter the password again for verification purposes.

4. Enter the keystore password.If this is the first time you are running the tool, this will set the keystore password. Subsequentexecutions of the password-encrypt tool should use that same password.An encrypted password is outputted, which is the same password entered in step 3.

5. Repeat the process for all of the passwords that need to be encrypted.

33


Server

1. In the infoarchive/config/server/application.yml file, replace the clear text/unecryptedpasswords with the encrypted passwords.

2. Enter the following values in the in the passwordEncryption section of theinfoarchive/config/server/application.yml file:

Field What to Enter

keyStorePath The location of the key store where the encryption key will bestored.

keyStoreType The type of key store that will be used.

keyID The ID of key being used for encryption.

enabled Set to ’true’.

encryptionAlgorithm The algorithm used for encryption.

encryptionMode The encryption mode used.

paddingScheme The padding scheme used during encryption.

securityProvider The security provider used for encryption (SunJCE/BouncyCastle).

keySize The size of the key being used for encryption.

3. Start the InfoArchive server.

4. When prompted, enter the key store password.

34


Using Gemalto (Remote Keystore)

This procedure stores the key used for password encryption in a Gemalto remote KeySecureappliance and performs encryption on the appliance, as well. The process is similar to the localkeystore with some additional steps.

Tools

1. Enter the following properties in the infoarchive/tools/config/password-encrypt/encryption.properties.xml file:

Field What to Enter

gemaltoPropertiesFileLocation The location of the Gemalto client propertiesfile.

gemaltoUsername The KeySecure appliance username.

gemaltoClientCertificate The KeySecure client certificate ID.

gemaltoGroup The KeySecure group in which the key will becreated (if not available).

2. Put the Gemalto client jars in the following directory: infoarchive/tools/lib/password-encrypt/

3. Enter one of the following commands:• For Windows: infoarchive/tools/password-encrypt.bat; or

• For Linux: infoarchive/tools/password-encrypt.

4. Enter the password for encryption. Enter the password again for verification purposes.

5. Enter the KeySecure password.

6. Enter the password of the key store that contains the KeySecure client certificate.An encrypted password is outputted.

7. Repeat the process for all of the passwords that need to be encrypted.

Server

1. In the infoarchive/config/server/application.yml file, replace the original passwords withthe encrypted passwords.

2. Enter the following values in the in the passwordEncryption section of theinfoarchive/config/server/application.yml file:

Field What to Enter

gemaltoUserName The KeySecure appliance username.

35


Field What to Enter

gemaltoClientCertificate The KeySecure client certificate ID.

gemaltoPropertiesFile The location of the Gemalto client propertiesfile.


4. When prompted, enter the KeySecure password.

5. When prompted, enter the password of the key store that contains the KeySecure client certificate.

Changing and Re-encrypting the Password1. Stop the InfoArchive server.

2. Update the infoarchive/tools/config/password-encrypt/encryption.properties.xml filewith new values, if needed (new key ID, larger key size, different encryption algorithm, etc.).

3. Re-encrypt the passwords using the dedicated tool.

4. Update the infoarchive/config/server/application.yml file with the new values (includingkeyID if it was changed).


6. When prompted, enter the relevant passwords.

ANT Tasks and Ciphered Values for Passwords

Cipher-texted values can be used in the configure command. There are, however, additional stepsto ensure it works correctly.

Creating Decryption Configuration

Create the file named decryption.properties in an application folder (e.g., PhoneCalls):

passwordEncryption.keyStorePath=../../keystore.jcekspasswordEncryption.keyStoreType=jcekspasswordEncryption.keyID=IA_PASSWORD_ENCRYPTION_KEYpasswordEncryption.enabled=truepasswordEncryption.encryptionAlgorithm=AESpasswordEncryption.encryptionMode=CBCpasswordEncryption.paddingScheme=PKCS5PADDINGpasswordEncryption.securityProvider=SunJCEpasswordEncryption.keySize=256passwordEncryption.gemaltoUserName=passwordEncryption.gemaltoClientCertificate=gemaltoClientCertificatepasswordEncryption.gemaltoPropertiesFile="./IngrianNAE.properties"passwordEncryption.gemaltoGroup=

36


Check the password encryption tool to ensure that the keyStorePath property is pointed to yourkeystore file.

Enable Cipher-texted Values in the ANT Tasks in the PhoneCallsApplication

You can place ciphered passwords in the build.properties file in the application folder:

federationPassword=qC4jw1RQXJiOJyPjwuFQETWcVvcvRaZ4yVu1l5IA4oc=xdbPassword=YrChf+rX884kiQNcvpjbUghO6l2XfYyMQH9FGW8zuGo=

After that check the 040-xdb-federation.xml file:

<ia-task self="fedSelf"><object typeAlias="federation" checkExistSpEL="?[name=='${xdbFederation}']">

<create><name>${xdbFederation}</name><bootstrap>${federationBootstrap}</bootstrap><superUserPassword encrypted="true">${federationPassword}</superUserPassword>

</create></object>

</ia-task>

Then check the 050-xdb-database.xml file:

<ia-task self="dbSelf"><object typeAlias="xdb-database" checkExistSpEL="?[name=='${xdbDatabase}']">

<create><name>${xdbDatabase}</name><adminPassword encrypted="true">${xdbPassword}</adminPassword>

</create></object>

</ia-task>

Every attribute to be encrypted should have the XML attribute: encrypted="true".

Then, when you use the ANT script, the system prompts you to enter the keystore password when itencounters the first value with the attribute encrypted=true.

37


38

Chapter 4Disaster Recovery Scenario forInfoArchive 4.2

The following is the supported disaster recovery setup for InfoArchive 4.2.

TerminologyxDB 11 introduces the cluster, with data nodes, where each data node corresponds to an xDB server.In xDB 10, there was no cluster, just the federation, where a federation corresponds to an xDBserver. InfoArchive does not (yet) use any clustering features of xDB, it only uses single data nodes.Therefore, for all practical purposes to InfoArchive, a single xDB data node is the same as an xDBfederation, and the terms can be used interchangeably. Think of a data node or federation as a server,serving up database pages from a volume of data files.

An xDB federation can contain multiple databases. The database is xDB’s transaction scope: atransaction is only "transactional" on the data in the database in which it was opened.

39

Disaster Recovery Scenario for InfoArchive 4.2

Retention Data/ManagedItems: Two more terms that, for our purposes, are interchangeable. In fact, itis the data that InfoArchive holds to keep track of retention related things:• Hold Applications

• Policy Applications (e.g., on a table or an individual AIU). This data needs to live in a databaseseparate from the system data, but could live in the sane federation (see below).

Batch data: This is basically system data that requires its own transaction scope. Hence, it lives ina database separate from the other System data but typically in the same federation. InfoArchiveuses Spring Batch for batch job execution. Spring Batch keeps data in a database to keep track of jobexecution, job statuses, etc. InfoArchive maps that to an xDB database.

Audit data: This is another xDB database where the audit records live until they are collected in aSIP, and archived separately. Again, this requires a separate transaction scope from the system data,hence a separate database.

RequirementsThe following is required for successful failover to the disaster recovery site:• Asynchronous xDB data-node replication for:

— System data (including audit/batch)

— The server address (bootstrap) of the replica needs to be configured also in the yml file(under system/xdb/replicas). This lets InfoArchive know where to replicate the mostimportant actions before actually executing them so that they can be replayed on thedisaster recovery site on failover.

— Retention data (managedItems)

— Structured data (metadata) : optional, see below

Note: In principle, system data, audit data and batch data can be mapped to different xDB datanodes/servers, but we recommend using the same for simplicity (they have to be differentdatabases within that data node though).

Retention data, if no excessive granular retention is planned, can comfortably live with theSystem data (and be replicated and backed up along with it). Alternatively, it can be mappedto a different data node/server, but in InfoArchive 4.2, it will still need to be fully replicated todisaster recovery and backed up (see backups below).

• File system replication for everything else stored on a FileSystem. For example:

— Content

— Backups (of structured data and retention data)

• These things have to be seamlessly accessible on the disaster recovery site:

— Mount points (paths of FileSystemRoots)

— CAS endpoints (connection strings of ContentAddressedStorage objects)

40


— Custom Storage end points (property bags of CustomStorage objects)

— ECS/S3/etc end points and credentials (StorageEndPoint and StorageEndPointCredentialobjects)

This means that file system storage replication should preserve file system paths.

ConsiderationsAs a last resort recovery option, regular backups of the system data (System/Audit/Batch) repositoryneed to be made. This is left to the customer setup.

As a last resort recovery option, regular backups of the retention data (if this is mapped to a differentserver than the system data, otherwise it is backed up along with the system data).

InfoArchive makes and stores backups of structured (meta)data libraries (e.g., each xDB librarycreated for an AIP is immediately backed up, and the backup is recreated after each partialdisposition on that AIP). This supports both:• Cache-in/Cache-out, and

• Recovery (see below)

(Optionally) Retention (ManagedItem) data libraries (e.g., each xDB library created to hold the holdapplications for the AIUs in one AIP) can be backed up, and the backup is recreated after each change.The Administrator can do this by configuring a ManagedItem store for a holding or database. Thiscan be considered an incubating feature, because:• InfoArchive does not have Cache-in/Cache-out yet for ManagedItem data libraries, and

• No CLI support to restore these partial backups after failover. This is planned tor the nextInfoArchive release.

Recovery/Failover StepsAs mentioned before, the requirement for failover is that you replicate the system and retentionfederations, and optionally the structured (meta)data federations. How to do this is documented inthe xDB documentation, but here are some convenient commands:• To create a replica of a federation with a server running on localhost:2910:

infoarchive-xdb create-replica --federation xhive://localhost:2910--replicaid ia_rep --replicabootstrappath /data_rep/xhive.bootstrap--password test

Be sure to pick suitable values for the replicaid, the path where the databasefiles on the disasterrecovery site will live, and the superuser password.

• To start the server on the replica you just created:

infoarchive-xdb run-server --master xhive://localhost:2910--replicator ia_rep --port 2950 --bootstrap /data_rep/xhive.bootstrap

41


This starts the replica server on port 2950, using the server on port 2910 as its master.

Complete the following procedure to perform on failover on the disaster recovery site:

1. Turn any replicas into masters.For example, assuming that the replica server runs at my.dr.host on port 2950, frominfoarchive/bin, you can run:

infoarchive-xdb turn-replicator-into-master --bootstrap xhive://my.dr.host:2950

2. Start the new xDB servers on these master copies on the desired hosts/ports:• System (audit/batch) data xDB server

• Retention data xDB server (if different from the system data one)

• Any structured (meta)data xDB servers

If necessary, create new replicas of these servers, configure the system data replica bootstrap onthe disaster recovery site in your yml file (under system/xdb/replicas).

3. Modify the yml file to include the proper xDB server addresses (and any other settings regardingthe environment (e.g., the keystore location):• System (audit/batch) data xDB server

• Retention data xDB server (if different from the system data one)

4. Start an InfoArchive server that is not accessible to the outside world yet.

5. Start IAShell from the tools folder, connect it to the InfoArchive server, and execute the followingsequence for any structured data xDB server metadataFederation configured in your system:

ia-shell>select federation --where "?[name=='metadataFederation']"(fill in the proper name)

ia-shell/federation>var-set --name myFederation --value #{ID_1}

ia-shell/federation>update --id #{myFederation} --properties "{'name':'metadataFederation', 'bootstrap' : 'xhive://127.0.0.1:2910','superUserPassword' : 'dummy'}"

Fill in the proper bootstrap address. The other values are not important but need to be providedfor validity of the underlying REST commands.

6. Run:

ia-shell>recover

For InfoArchive 4.2, the "report" of this recovery is only available in the server logs.AIPs that have become inconsistent are invalidated. In the worst case scenario, this may implythat a previously committed AIP was demoted.After this, the various components/repositories of InfoArchive should be consistent again.

7. Start all necessary servers to resume production.

42


Relevant ConfigurationThe yml file has comments over most of its entries that contain brief explanations. The commentsrelevant for failover include:

The bootstrap of the System data server:xdb:

dataNode:storeStackTraceInLock: falsename: mainFederationbootstrap: xhive://localhost:2910

This needs to be set to where the server runs on the disaster recovery site on failover.

The bootstrap of the replica on the DR site (IA needs to know this for thereplication of special objects, relevant for recovery):# replicas:

# -# bootstrap: xhive://localhost:2920

The bootstraps of the audit, batch and retention (ManagedItem)repos, e.g.:auditData:xdb:dataNode:storeStackTraceInLock: falsename: mainFederationbootstrap: xhive://localhost:2910

This is typically the same as the system data server’s address, with the possible exception of theretention data (see above).

Pre-configured file system roots:

fileSystemRoots:name: defaultFileSystemRootdescription: Default FileSystemRootpath: data/root

The path on the disaster recovery site should match the original. In other words, this entry cannot bechanged on failover (same as any file system roots configured outside of the yml file, e.g., throughthe GUI).Crypto:

crypto:# KeyStore configurationkeyStore:keyStoreFileLocation: "data/keystore/keystore.jceks"

43


The path to disaster recovery copy of the key store needs to be configured here on failover.

44

Chapter 5Troubleshooting Installation

The command prompt window displays installation status messages, including errors that mayoccur during the installation. You can also find status in log files saved in INSTALL_DIR/logs.InfoArchive collects errors automatically in error.log; a full log is written to ia.log.

You can locate errors by searching for error or BUILD FAILED in a log file.

Error Message Troubleshooting Steps

The running Ant version is tooold. Ant version n.n.n or later isrequired.

Use a supported version of Apache Ant (1.9.6 orlater). You can find a supported version in thedistribution’s Tools directory.

Issue Troubleshooting Steps

Unable to install InfoArchive successfully Try installing the application using the xDBsuper user password test.

Unable to install the custom applications inInfoArchive

The xDB password was encoded when doingthe setup. Check the ports for the xDB serverin the application.yml file and ensure thatxDB servers are running.

A second tip is to check that there is a rootdirectory in the XDB data directory. If missing,create the root directory and try again.

45