dominopoint 2012 - ibm lotus traveler high availability in a nutshell

IBM Lotus Traveler High Availability in a nutshell

Dominopoint Days 2012, Milano

René Winkelmeyer midpoints GmbH

René Winkelmeyer Senior Consultant

midpoints GmbH http://www.midpoints.de IBM Advanced Business Partner IBM Design Partner for Domino Next IBM Mobile Design Partner Apple Enterprise Developer & MDM Program Services

•  Notes / Domino Consulting •  E-Mail Management •  App Development (IBM Connections, RCP,

XPages, mobile)

We mobilize Notes •  Lotus Traveler planning & deployment •  mobile app development •  Domino based iOS Device Management •  Domino based “Dropbox” for Notes and iOS

OpenNTF Contributor and OpenNTF Director •  File Navigator: http://filenavigator.openntf.org

About me

René Winkelmeyer Senior Consultant

•  Skype

muenzpraeger •  Twitter

muenzpraeger •  LinkedIn

muenzpraeger •  Facebook

muenzpraeger •  Slideshare

muenzpraeger •  G+

www.winkelmeyer.com/+

•  Web http://blog.winkelmeyer.com http://www.midpoints.de

•  Mail mail@winkelmeyer.com rene.winkelmeyer@midpoints.de

About me

4

The IBM Lotus Traveler 8.5.3 Beta releases are displayed and/or demonstrated with permission from IBM Corporation. The screen images, features and functions of such beta releases are preliminary, not yet committed for delivery to customers and subject to change by IBM without notice.

Beta disclaimer

5

Agenda

What will I talk about? -  Lotus Traveler 8.5.3 and prior – where do we come from? -  Lotus Traveler 8.5.3 Upgrade Pack 1 in general -  High Availability and Loadbalancing

-  High Availability installation and adminstration

-  Considerations for and if using High Availability

6

Lotus Traveler 8.5.3 and prior – where do we come from?

Domino

Traveler

7

§  January 2008 - Traveler 8.0.1 for Windows Mobile

§  January 2009 - Traveler 8.5 for Nokia S60 and Windows Mobile §  October 2009 - Traveler 8.5.1 for Apple iPhone/iPod, Nokia, Windows Mobile

§  January 2010 - Traveler 8.5.1 FixPack 1

Companion App & iOS attendee calendar support §  June 2010 - Traveler 8.5.1 for iPad §  July 2010 - Traveler 8.5.1 for iPhone4 (iOS4x) §  August 2010 - Traveler 8.5.2 for Apple/Nokia/Windows Mobile §  December 2010 - Traveler for Android (8.5.2.1 FixPack release) §  October 2011 – Traveler 8.5.3 §  March 2012 – Traveler 8.5.3 FP2 §  June 2012 – Traveler High Availability

Lotus Traveler 8.5.3 and prior – where do we come from?

8

Domino Mail

Domino Mail

Domino Mail

Traveler Server

Server topology – Traveler in own DMZ

SSL Notes

Lotus Traveler 8.5.3 and prior – where do we come from?

9

Domino Mail

Domino Mail

Domino Mail

Secure Reverse Proxy

Traveler Server

Server topology – Reverse Proxy and Traveler, each in own DMZ

SSL SSL Notes

Lotus Traveler 8.5.3 and prior – where do we come from?

10

Lotus Traveler components (today)

Domino Mail Traveler Server

HTTP TASK

Traveler

Servlet

Traveler Task SSL

Traveler Policy

Settings Domino

Directory

Domino Directory

Server Config

ntsclcacheCluster

Info

LotusTraveler

Default Settings

Derby SQL-DB /ntsdb

Benutzer Mail-DB Benutzer

Mail-DB User Mail-DB

Notes

notes.ini NTSconfig.xml

Domino and HTTP

security Profile Doc

11

High Availability as per today (and maybe in the future)

§  Traveler supports mail file clusters (info is stored in dedicated ntsclcache.nsf)

§  But is doesn’t support “real” high availability. There are several workarounds:

§  Run Traveler on a high available virtual machine platform (but please, without snapshots)

§  Run a dedicated, ready-configured hot-stand-by system

§  Quickly install Domino and Traveler from the ground up ;-)

12

Lotus Traveler 8.5.3 Upgrade Pack 1

Domino Mail

Traveler 8.5.3 UP1

13

Lotus Traveler 8.5.3 Upgrade Pack 1

§  What’s an “Upgrade Pack”?

§  An “Upgrade Pack” is a new IBM way (besides major/minor releases, FP’s and HP’s) to deliver additional functionality.

§  Why an “Upgrade Pack”?

§  It’s a way to roll out major new functionality outside a major release.

§  It contains a lot more than “only” high availability…

14

Lotus Traveler 8.5.3 Upgrade Pack 1 - Contents (excerpt)

§  High availability

§  Scaling with “Traveler-Server-Pooling”

§  Support for a single server URL

§  Client version management

§  XPages administration interface

§  Additional Android settings

§  Additional filter settings

15

Lotus Traveler 8.5.3 Upgrade Pack 1 - Requirements

§  Domino 8.5.3 (Windows or Linux)

§  64bit for the operating system is a requirement when running High Availability!

§  IBM Lotus Domino 8.5.3 Upgrade Pack 1 (which is included in the Traveler installation image and will be installed automatically if not present)

§  IBM DB2 9.7.0.5 or Microsoft SQL 2008 Server (if you want to use High Availability)

§  An IBM DB2 entitlement is contained free of charge for this. But the Traveler servers need to be licensed as Enterprise servers!

16

Lotus Traveler 8.5.3 Upgrade Pack 1 - change of configuration settings location

§  All configuration parameters will move from the NTSConfig.xml to the notes.ini.

§  Benefit: update installation won’t overwrite configuration changes. Please use – as a best practice – server configuration documents.

§  Old (NTSConfig.xml)

<COMPONENT COMPONENT_TYPE="TrueSyncServer"> <PROPERTY NAME=”Lookup_Min_Length" VALUE=3 />

§  New (notes.ini)

NTS_LOOKUP_MIN_LENGTH=3

17

Lotus Traveler 8.5.3 Upgrade Pack 1 - change of Traveler URI

§  The Traveler URI will change

§  Old: https://traveler.midpoints.de/servlet/traveler

§  New: https://traveler.midpoints.de/traveler

§  The installation automatically creates a HTTP redirect from “/servlet/traveler” to “/traveler”, so that existing connections still will work.

§  If you run Mobile Device Management => consider to change the URI.

18

Lotus Traveler 8.5.3 Upgrade Pack 1 - managing sent mails

§  New configuration setting “NTS_SENDMAIL_SAVE_OPTIONS” which defines if sent mails should be stored in the mail file.

§  user (== default) sent mail will be saved if defined in the mail files calendar profile

§  never As the value says…sent mail won’t be saved

§  always Again as the value says…sent mail will always be saved

§  noatt Very cool => attachments won’t be saved, can be i. e. combined with “always” (NTS_SENDMAIL_SAVE_OPTIONS=always,noatt)

19

§  As per today mails are sent via the users mail server. Those servers often don‘t run an AntiVirus solution. That may result in insecure mail (from the mobile devices).

§  The new configuration setting „NTS_OUTBOX_SERVERS“ allows to define the mail servers (failover like) which will be used for sending outgoing mail.

§  NTS_OUTBOX_SERVERS=Gateway1/srv/midpoints, Gateway2/srv/midpoints

Lotus Traveler 8.5.3 Upgrade Pack 1 - managing the outbox server

20

Lotus Traveler 8.5.3 Upgrade Pack 1 - extended Notes doc link handling

§  Notes doc links are now converted into HTTP links (as you know it from iNotes).

§  Restrictions

§  The target server must be reachable via HTTP.

§  The target application should be web enabled.

21

Lotus Traveler 8.5.3 Upgrade Pack 1 - web based administration interface (I)

§  With this release IBM introduces the administration from a „classic“ Notes usage to a XPage based administration interface (for standalone and HA servers).

§  The „classic“ Notes interface should be considered as deprecated.

§  Now you can administrate your Traveler environment from everywhere...

§  ...but watch out! The administrators shouldn‘t have weak HTTP passwords!

22

Lotus Traveler 8.5.3 Upgrade Pack 1 - web based administration interface (II)

23

Lotus Traveler 8.5.3 Upgrade Pack 1 - web based administration interface (III)

24

Lotus Traveler 8.5.3 Upgrade Pack 1 - web based administration interface (IV)

25

Lotus Traveler 8.5.3 Upgrade Pack 1 - web based administration interface (V)

26

Lotus Traveler 8.5.3 Upgrade Pack 1 - web based administration interface (VI)

27

Lotus Traveler 8.5.3 Upgrade Pack 1 - Client Download Manager (I)

§  The new Client Download Manager allows a dedicated management of Lotus Traveler mobile clients based on operating system and version number.

§  The installation files are now stored in the SQL database! That allows to use the same clients for multiple servers with HA.

§  The installation files are saved from the SQL database onto the local file system (for HTTP download). The files are located within „<dominodata>/domino/html/travelerclients“.

§  A file change in the SQL database automatically changes the file on the file system.

28

Lotus Traveler 8.5.3 Upgrade Pack 1 - Client Download Manager (II)

29

Lotus Traveler 8.5.3 Upgrade Pack 1 - Client Download Manager (III)

§  Updating / new installation of Traveler automatically updates the clients and assigns them as default.

§  That‘s not applicable for HA – there the default assignment happens after all servers have been updated.

§  You‘re able to assign different clients to different users/groups, i .e. for testing purposes.

30

Lotus Traveler 8.5.3 Upgrade Pack 1 - filter limits for all users

31

Lotus Traveler 8.5.3 Upgrade Pack 1 - scheduled sync settings

32

Lotus Traveler 8.5.3 Upgrade Pack 1 - locking individual default settings

33

Lotus Traveler 8.5.3 Upgrade Pack 1 - extended Android security settings

Android 4 !!!Android 4 !!!

34

Lotus Traveler 8.5.3 Upgrade Pack 1 - High Availability and Loadbalancing

Domino Mail

Traveler 8.5.3 UP1

SQL

35

Lotus Traveler 8.5.3 Upgrade Pack 1 - different run modes

§  Run Traveler standalone (as you know it)

§  LotusTraveler.nsf

§  Local Derby database per Traveler server

§  Run Traveler high available (HA)

§  Traveler-“Pool”

§  Remote SQL database server

36

Lotus Traveler 8.5.3 Upgrade Pack 1 - High Availability and Loadbalancing

§  If you want to use HA, you‘ll have to implement a SQL system for storing the data (which replaces the local Derby database as a storage).

§  Currently supported enterprise relational database systems

(additional RDBMS being considered for a future release):

§  IBM DB2 Server 9.7.0.5 or higher

§  Microsoft SQL 2008 Server or higher

§  Please use the HA products lines of those RDBMS!

37

Lotus Traveler 8.5.3 Upgrade Pack 1 - High Availability and Loadbalancing

38

Lotus Traveler 8.5.3 Upgrade Pack 1 - Load Balancer / Reverse Proxy

§  A load balancer is a hard- or software appliance, which allows high available networking connections.

§  Virtual IP address for multiple backend servers (i. e. Cisco Local Director, IBM Websphere Edge Server)

§  A (secure == https) Reverse Proxy serves as authentication and redirection frontend.

§  Sends requests from the same connection to the same backend system.

§  Systems could be Lotus Mobile Connect (my preferred choice), IBM Tivoli Access Manager, F5 Big-IP, Apache Pound...

39

Lotus Traveler 8.5.3 Upgrade Pack 1 - Traveler service pools

§  Traveler servers are „pooled“ in HA

§  All members of the pool use the same backend SQL database.

§  Each server in the pool can manage each user.

§  Every member serves HTTP requests.

40

Lotus Traveler 8.5.3 Upgrade Pack 1 - Traveler service pools

§  The requested Traveler server may serve the current request or delegate it to another member in the service pool.

§  A delegations depends on several factors, i. e. which server is

currently monitoring the users mail database or how server usage is. §  All servers are communicating within the pool on TCP port 50125 for

determining that. The communication could be encrypted (optional).

41

Lotus Traveler 8.5.3 Upgrade Pack 1 - High Availability installation and administration

Domino Mail

Traveler 8.5.3 UP1

SQL

42

§  It‘s so easy...it‘s Traveler.

§  Run the standard Traveler installation

§  Validate the installation

§  Create the SQL database on the SQL server (IBM DB2 is used here)

§  Create the table structure and the permissions for the SQL database

§  Add the first Traveler server to High Availability (initiates the service pool)

§  (optional) Add additional Traveler servers to the existing service pool

Lotus Traveler 8.5.3 Upgrade Pack 1 - High Availability installation steps

43

Lotus Traveler 8.5.3 Upgrade Pack 1 - High Availability installation (I)

NTS_TEMPLATE_INSTALL=1 NTS_CLIENT_UPDATE=FULL NTS_AUTO_CONFIG=true NTS_AUTOSTART_HTTP=true NTS_DBCONNECTIONURL=jdbc:derby:ntsdb;create=true NTS_ENABLE_WEB_CLIENT_INSTALL=true NTS_64_BIT=true NTS_NEW_INSTALL=true NTS_INSTALLATION_TYPE=ON_PREMISE NTS_SET_EXTERNAL_URL=https://travelerha.midpoints.net/traveler NTS_SERVER_LANG=en NTS_BUILD=8.5.3.100 Upgrade Pack 1 Build 201205011719

§  Run the standard Traveler installation

§  Like in previous releases. Creates a ready standalone Traveler server which uses the local Derby database.

44

Lotus Traveler 8.5.3 Upgrade Pack 1 - High Availability installation (III)

> tell http osgi diag com.lotus.sync.traveler.admin [122C:0002-13C4] 05.06.2012 14:26:45 update@../../../../data/domin applications/eclipse/plugins/com.lotus.sync.traveler.admin.jar [159] [122C:0002-13C4] 05.06.2012 14:26:45 No unresolved constraints.

§  Validate the installation

§  It‘s quite simple. Just start the Domino with Traveler and take a look at the version.

§  Additionally: Traveler 8.5.3 UP1 uses – new in this release – the built-in OSGi servlet container and no longer the old Domino servlet engine. You can check the installation on the console.

45

Lotus Traveler 8.5.3 Upgrade Pack 1 - High Availability installation (IV)

§  Create the SQL database on the SQL server (IBM DB2 is used here, you need to do it once)

§  Traveler allows to create the database scheme automatically. That‘s the preferred way. Otherwise you may setup it manually per SQL script (DDL).

§  You can configure it using the notes.ini parameter NTS_AUTO_DBSCHEMA=false/true

46

Lotus Traveler 8.5.3 Upgrade Pack 1 - High Availability installation (V)

§  AUTOMATIC: create the new SQL database using the DB2 cc. Traveler populates it automagically at startup.

47

Lotus Traveler 8.5.3 Upgrade Pack 1 - High Availability installation (VI)

§  MANUAL: create the new SQL database per script. Traveler populates it automagically at startup.

§  Extract <dominodata>/traveler/cfg/db/TravelerSQL.zip

§  Goto the sub directory DB2

§  Change the db2cmd script if needed

§  Execute db2cmd –c –w –i db2 –tvf createDb.sql -o –r createDb.out

§  Execute db2cmd –c –w –i db2 –tvf appGrants.sql -o –r appGrants.out

48

Lotus Traveler 8.5.3 Upgrade Pack 1 - High Availability installation (VII)

§  Add the first Traveler server to High Availability

§  Copy the JDBC driver from: <db2_install_dir>/sqllib/java/db2jcc4.jar to: <domino>/traveler/lib

§  Open a shell and goto <dominodata>/traveler/util

§  Execute the travelerUtil tool travelerutil db set url=jdbc:db2://db2.midpoints.net:50000/traveler user=db2admin pw=passw0rd

§  The credentials will be saved encrypted whithin the LotusTraveler.nsf.

49

Lotus Traveler 8.5.3 Upgrade Pack 1 - High Availability installation (VIII)

§  Start the Domino server. Done!

50

§  You can issue console commands on any Traveler server for any Traveler server.

§  A Traveler server could be deactivated for user acces.

§  You can bind users to a specific Traveler instance.

Lotus Traveler 8.5.3 Upgrade Pack 1 - High Availability administration (I)

51

§  tell traveler bind options

§  Binds a user to a specific server. This will disable failover for this user.

§  Tell traveler HADR show

§  Shows the state of all servers in the pool.

Lotus Traveler 8.5.3 Upgrade Pack 1 - High Availability administration (II)

52

§  tell traveler users

§  Shows all users of the specific server.

§  tell traveler available <on/off>

§  Enables/disables pool participation of this server. No new users will be added if a server is disabled (but existing users are still connected).

Lotus Traveler 8.5.3 Upgrade Pack 1 - High Availability administration (III)

53

§  Most console commands have been extended with an additional option:

§  –s <serverName> executes the command on the specified server

§  –s * executes the command on the pool

§  –s *- executes the command on the pool, excluding the local server

§  Example: tell traveler –s * status

Lotus Traveler 8.5.3 Upgrade Pack 1 - High Availability administration (IV)

54

Lotus Traveler 8.5.3 Upgrade Pack 1 - Considerations for and if using High Availability

55

Lotus Traveler 8.5.3 Upgrade Pack 1 - Considerations for and if using High Availability

§  Easy scaling based on your needs.

§  High Availability (as the name says ;-)) – no Traveler outage for your users

§  Single servers could be migrated without affecting the mobile sync of any user

56

Lotus Traveler 8.5.3 Upgrade Pack 1 - Considerations for and if using High Availability

§  You‘ll need additional infrastructure: the ease of just having a Traveler server is gone.

§  Additional load balancer / reverse proxy needs to be setup – and to be maintained.

§  Additional SQL database server cluster. Mostly you‘ll have some of them. If not: do you have somebody who has experience in this area?

§  Currently only IBM DB2 and Microsoft SQL 2008 supported.

57

Lotus Traveler 8.5.3 Upgrade Pack 1 - Considerations for and if using High Availability

§  Running HA on different data centers (maybe in different locations/countries/continents) is not really a good idea.

§  Think about latencies...the Traveler service pool always communicates internally.

§  And the SQL database cluster has to...yes, you‘re right, to cluster. Think here about latencies, too.

58

Thank you very much!

59

Grazie agli sponsor per aver reso possibile i Dominopoint Days 2012!

Main Sponsor

Vad sponsor

Platinum sponsor

Gold sponsor