How to setup Outsystems Platform (Java Edition) on CentOS? (DEV SERVER)

How to setup Outsystems Platform (Java Edition) on CentOS? (DEV SERVER)

  
--------------------
Frontend server
--------------------

------------
Database
------------
0) Install CentOS and run #yum update

1) # yum install libaio bc flex  
2) Download the Oracle XE rpm, http://www.oracle.com/technetwork/products/express-edition/downloads/index.html
3) # unzip -q oracle-xe-11.2.0-1.0.x86_64.rpm.zip  
4) # cd Disk1  
5) # rpm -ivh oracle-xe-11.2.0-1.0.x86_64.rpm  
6) run /etc/init.d/oracle-xe configure
(If you are running jboss on the same server as your database change the HTTP port that will be used for Oracle Application Express from [8080]: to 8081)
7) Enable remote access to the oracle database
# . /u01/app/oracle/product/11.2.0/xe/bin/oracle_env.sh
# sqlplus /nolog
SQL> connect sys as sysdba
EXEC DBMS_XDB.SETLISTENERLOCALACCESS(FALSE);

SELECT Value FROM v$parameter WHERE Name='processes' or Name='sessions';

ALTER SYSTEM SET processes=250 SCOPE=spfile;
ALTER SYSTEM SET sessions=250 SCOPE=spfile;

7) Download SQL Developer via http://www.oracle.com/technetwork/developer-tools/sql-developer/downloads/index.html
8) Check NLS properties, open SQL Developer go to Tools --> Perferences --> NLS
 

NLS_LANGUAGE

AMERICAN

NLS_TERRITORY

AMERICA

NLS_CHARACTERSET

AL32UTF8 (Unicode support)

or

WE8MSWIN1252 (no Unicode support)

NLS_DATE_FORMAT

DD-MON-RR

NLS_SORT

BINARY


9) use SQL Developer and execute /opt/outsystems/platform/db/runtime_oracle_creation.sql (you find this on the frontend server)

----------------------------
runtime_oracle_creation
----------------------------
CREATE TABLESPACE OSUSR 
    LOGGING 
    DATAFILE 'OUTSYSTEMS_USERDATA01.dbf' 
    SIZE 50M AUTOEXTEND ON NEXT  10M MAXSIZE UNLIMITED
    EXTENT MANAGEMENT LOCAL SEGMENT SPACE MANAGEMENT  AUTO;

CREATE TABLESPACE OSSYS
    LOGGING 
    DATAFILE 'OUTSYSTEMS_SYSTEM01.dbf' 
    SIZE 20M  AUTOEXTEND ON NEXT  10M MAXSIZE UNLIMITED
    EXTENT MANAGEMENT LOCAL SEGMENT SPACE MANAGEMENT  AUTO;

CREATE TABLESPACE OSIDX
    LOGGING 
    DATAFILE 'OUTSYSTEMS_INDEXES01.dbf' 
    SIZE 20M  AUTOEXTEND ON NEXT  10M MAXSIZE UNLIMITED
    EXTENT MANAGEMENT LOCAL SEGMENT SPACE MANAGEMENT  AUTO;

CREATE TABLESPACE OSLOG
    NOLOGGING 
    DATAFILE 'OUTSYSTEMS_LOGS01.dbf' 
    SIZE 20M  AUTOEXTEND ON NEXT  10M MAXSIZE UNLIMITED
    EXTENT MANAGEMENT LOCAL SEGMENT SPACE MANAGEMENT  AUTO;

CREATE USER OSADMIN  PROFILE "DEFAULT" 
    IDENTIFIED BY adminoutsystems DEFAULT TABLESPACE OSUSR
    ACCOUNT UNLOCK;

CREATE USER OSRUNTIME PROFILE "DEFAULT"
IDENTIFIED BY runtimeoutsystems DEFAULT TABLESPACE OSUSR
ACCOUNT UNLOCK;

CREATE USER OSLOG PROFILE "DEFAULT"
IDENTIFIED BY logoutsystems DEFAULT TABLESPACE OSLOG
ACCOUNT UNLOCK;

GRANT CREATE VIEW TO OSADMIN;
GRANT CREATE TABLE TO OSADMIN;
GRANT ALTER SESSION TO OSADMIN;
GRANT CREATE SEQUENCE TO OSADMIN;
GRANT CREATE PROCEDURE TO OSADMIN;
GRANT CREATE TRIGGER TO OSADMIN;

GRANT CREATE SESSION TO OSADMIN;
GRANT CREATE SESSION TO OSLOG;
GRANT CREATE SESSION TO OSRUNTIME;


ALTER USER OSADMIN QUOTA UNLIMITED ON OSUSR;
ALTER USER OSADMIN QUOTA UNLIMITED ON OSSYS;
ALTER USER OSADMIN QUOTA UNLIMITED ON OSIDX;
ALTER USER OSADMIN QUOTA UNLIMITED ON OSLOG;
ALTER USER OSRUNTIME QUOTA UNLIMITED ON OSUSR;
ALTER USER OSRUNTIME QUOTA UNLIMITED ON OSSYS;
ALTER USER OSRUNTIME QUOTA UNLIMITED ON OSIDX;
ALTER USER OSLOG QUOTA UNLIMITED ON OSLOG;


10) use SQL Developer and execute /opt/outsystems/platform/db/session_oracle_creation.sql
CREATE TABLESPACE OSSTATE
    LOGGING 
    DATAFILE 'OUTSYSTEMS_STATEDATA01.dbf'
    SIZE 50M AUTOEXTEND ON NEXT  10M MAXSIZE UNLIMITED
    EXTENT MANAGEMENT LOCAL SEGMENT SPACE MANAGEMENT  AUTO;

CREATE USER OSSTATE PROFILE "DEFAULT" 
    IDENTIFIED BY outsystems DEFAULT TABLESPACE OSSTATE
    ACCOUNT UNLOCK;

-- these grants are necessary to user OSSTATE create his own tables and stored procedures
GRANT CREATE VIEW TO OSSTATE;
GRANT CREATE TABLE TO OSSTATE;
GRANT ALTER SESSION TO OSSTATE;
GRANT CREATE SEQUENCE TO OSSTATE;
GRANT CREATE PROCEDURE TO OSSTATE;
GRANT CREATE TRIGGER TO OSSTATE;

GRANT CREATE SESSION TO OSSTATE;

ALTER USER OSSTATE QUOTA UNLIMITED ON OSSTATE;

GRANT EXECUTE on DBMS_LOB to OSSTATE;



Opening ports in CentOS

Open port XY (8081, 1521)

Open flle /etc/sysconfig/iptables:

# vi /etc/sysconfig/iptables

Append rule as follows:

-A INPUT -m state --state NEW -m tcp -p tcp --dport XY -j ACCEPT

 

Save and close the file. Restart iptables:

# /etc/init.d/iptables restart

Verify that port is open

Run following command:

# netstat -tulpn | less

Make sure iptables is allowing port connections:

# iptables -L -n


TIP: Turning firewall on/off
Firewall Off
# service iptables save
# service iptables stop
# chkconfig iptables off

Firewall On
# /etc/init.d/iptables start
# chkconfig iptables on


---------------------
# vi /etc/sysconfig/iptables
 
# Generated by iptables-save v1.4.7 on Wed Jun 26 22:05:55 2013
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A PREROUTING -p tcp -m tcp --dport 443 -m comment --comment "outsystems" -j REDIRECT --to-ports 8443
-A PREROUTING -p tcp -m tcp --dport 80 -m comment --comment "outsystems" -j REDIRECT --to-ports 8080
-A OUTPUT -o lo -p tcp -m tcp --dport 443 -m addrtype --dst-type LOCAL -m comment --comment "outsystems" -j REDIRECT --to-ports 8443
-A OUTPUT -o lo -p tcp -m tcp --dport 80 -m addrtype --dst-type LOCAL -m comment --comment "outsystems" -j REDIRECT --to-ports 8080
-A OUTPUT -o eth0 -p tcp -m tcp --dport 443 -m addrtype --dst-type LOCAL -m comment --comment "outsystems" -j REDIRECT --to-ports 8443
-A OUTPUT -o eth0 -p tcp -m tcp --dport 80 -m addrtype --dst-type LOCAL -m comment --comment "outsystems" -j REDIRECT --to-ports 8080
COMMIT
# Completed on Wed Jun 26 22:05:55 2013
# Generated by iptables-save v1.4.7 on Wed Jun 26 22:05:55 2013
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [3:1060]
-A INPUT -p tcp -m tcp --dport 8443 -m state --state NEW -m comment --comment "outsystems" -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8080 -m state --state NEW -m comment --comment "outsystems" -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8081 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 5121 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Wed Jun 26 22:05:55 2013
~                                             

# vi /etc/hosts
127.0.0.1   localhost localhost.localdomain dev.yourdomain.com dev
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
~                                                                                      
You may want to set NLS_SORT to BINARY_AI instead of BINARY, as it's usually much more natural to think in a case-insensitive way.

See Oracle's manual page for Linguistic Sorting and String Searching.
Regarding your "TIP: Turning firewall on/off":

NEVER turn iptables completely off with "chkconfig iptables off". We use iptables rules to redirect priviledged port 80 to port 8080 (where the application server is actually running), so you will have a bad time if you turn iptables off.
You no longer need to manually install Outsystems Platform (Java Edition), you can now automate Outsystems Platform installation using the shell script provided by Richardo Silva http://www.outsystems.com/forums/discussion/10772/community-installer-for-java/
if turn off iptables.

instead of accessing http://<host>/ServiceCenter/Home.jsf we would access http://<host>:8080/ServiceCenter/Home.jsf 

do you see any issue how outsystem work internally, please can you detail more 

Ricardo Silva wrote:
Regarding your "TIP: Turning firewall on/off":

NEVER turn iptables completely off with "chkconfig iptables off". We use iptables rules to redirect priviledged port 80 to port 8080 (where the application server is actually running), so you will have a bad time if you turn iptables off.
 
 
Yes, there are issues with how the OutSystems Platform works internally.

You need to make sure that requests to 127.0.0.1:80 reach the application server untainted. Either through iptables or other mechanisms.

Some ajax requests also assume that the server is accessible in the default protocol port, so URL's will be generated with this assumption in mind and may not honor the originating port.

The outsystems platform manages this by adding a few forwarding rules to iptables, so, preferably, you should keep those in place and never turn iptables completely off.

What is your reasoning for turning iptables off ? Why do you want to do it ?
Just trying to understand in details, your reply helps me.
 
One obstacle I see is we need to reserve 4 ports(80 and 8080 / 443 and 8443) for outsystems work, in some special case I would not able to use port 80 or 443.     
Naveen, what do you mean by "not able to use port 80 or 443?" default http is port 80, and default https is port 443.