IBM Sterling Perimeter Server: Instalação: Difference between revisions

From Wiki
 
(5 intermediate revisions by the same user not shown)
Line 7: Line 7:
Durante a criação deste artigo as versões dos arquivos disponíveis para a instalação são: '''ps_6000200.jar''' ou '''ps_4060400.jar'''.
Durante a criação deste artigo as versões dos arquivos disponíveis para a instalação são: '''ps_6000200.jar''' ou '''ps_4060400.jar'''.


Este arquivo é obtido no IBM Sterling B2Ni
Este arquivo é obtido no IBM Sterling B2Bi
 
 
* Copiando o arquivo da versão padrão: Usar o comando


* Versão padrão: Usar o comando
  cp <install_dir>/packages/ps_6000200.jar .
  cp <install_dir>/packages/ps_6000200.jar .


* Versão docker: Usar o comando
 
* Extraindo o arquivo do B2B rodando em container docker:
 
  docker cp b2bii:/ibm/b2bi/install/packages/ps_6000200.jar .
  docker cp b2bii:/ibm/b2bi/install/packages/ps_6000200.jar .


Line 46: Line 50:
  <small>// To restrict or permit the required Host/Server to communicate with the PS, update the “ftphost/htttphost/snode” with that of the Server IP and provide the appropriate PORT number where the Server will listen. //</small>
  <small>// To restrict or permit the required Host/Server to communicate with the PS, update the “ftphost/htttphost/snode” with that of the Server IP and provide the appropriate PORT number where the Server will listen. //</small>
   
   
  ''// For each target FTP Server''
  <small>// For each target FTP Server</small>
  permission java.net.SocketPermission "10.117.15.87:33001", "connect"; // Control connection.
  permission java.net.SocketPermission "10.117.15.87:33001", "connect"; <small>// Control connection.</small>
  permission java.net.SocketPermission "10.117.15.87:lowPort-highPort", "connect"; // Passive data connections.
  permission java.net.SocketPermission "10.117.15.87:lowPort-highPort", "connect"; <small>// Passive data connections.</small>
  ''// 10.117.15.87 indicates IP of the FTP Server for which the permission is granted by PS for communicating with client //''
  <small>''// 10.117.15.87 indicates IP of the FTP Server for which the permission is granted by PS for communicating with client //''</small>
   
   
  // For each target HTTP Server
  <small>// For each target HTTP Server //</small>
//
  permission java.net.SocketPermission "10.117.15.87:33002", "connect";
  permission java.net.SocketPermission "10.117.15.87:33002", "connect";
  // 10.117.15.87 indicates IP of the HTTP Server for which the permission is granted by PS for communicating with client //
  <small>// 10.117.15.87 indicates IP of the HTTP Server for which the permission is granted by PS for communicating with client //</small>
   
   
  // For each target C:D snode
  <small>// For each target C:D snode //</small>
//
  permission java.net.SocketPermission "snode:1364", "connect";
  permission java.net.SocketPermission "snode:1364", "connect";
  //  10.117.15.87 indicates IP of the Connect Direct Node for which the permission is granted by PS for communication //
  <small>//  10.117.15.87 indicates IP of the Connect Direct Node for which the permission is granted by PS for communication //</small>
 
== Configurando DNS Lookup no remote perimeter server ==
 
Edite o arquivo '''customer_overrides.properties''', e adicione
 
perimeter.*.forceRemoteDNS=true
 
para forçar a resolução de nome DNS no Perimeter server remoto.


= Iniciando e Parando o Perimeter Server=
= Iniciando e Parando o Perimeter Server=
Line 74: Line 84:


  '''./stopPs.sh''' ou '''./stopPSService.sh'''
  '''./stopPs.sh''' ou '''./stopPSService.sh'''
= Adicionando o Perimeter Server ao Sterling B2B=
1) Acessar o console Web do Sterling B2Bi
2) No o menu '''Administration''', selecione '''Operations -> Perimeter Servers'''.
3) Na página ''Perimeter Servers'', clique em '''New Perimeter Server'''.
Informe os valores para o Perimeter server.


= Ver também =
= Ver também =

Latest revision as of 12:03, 5 September 2020

Vamos realizar a instalação do Perimeter Server.

Procedimento

Arquivos necessários ps_NNNNNNN.jar

Durante a criação deste artigo as versões dos arquivos disponíveis para a instalação são: ps_6000200.jar ou ps_4060400.jar.

Este arquivo é obtido no IBM Sterling B2Bi


  • Copiando o arquivo da versão padrão: Usar o comando
cp <install_dir>/packages/ps_6000200.jar .


  • Extraindo o arquivo do B2B rodando em container docker:
docker cp b2bii:/ibm/b2bi/install/packages/ps_6000200.jar .

Preparando o arquivo de Resposta

1) Criar o arquivo silent.txt

2) Altere os valores

INSTALL_DIR=
REVERSE_CONNECT=Y
PS_PORT=
PS_SECURE_IF=
PS_EXTERNAL_IF=
MAX_JVM_HEAP=
REMOTE_ADDR=
REMOTE_PORT=

Instalação do Perimeter Server

Executar o comando

/bin/java -jar /<install_dir>/packages/<ps_filename>.jar -f silent.txt

Ajustes pós instalação

Configurando permissões para o Backend server

Edite o arquivo restricted.policy, e adicione os servidores de backend (Sterling B2B) que irão fazer proxy por esses servidores.

Exemplo:

// To restrict or permit the required Host/Server to communicate with the PS, update the “ftphost/htttphost/snode” with that of the Server IP and provide the appropriate PORT number where the Server will listen. //

// For each target FTP Server
permission java.net.SocketPermission "10.117.15.87:33001", "connect"; // Control connection.
permission java.net.SocketPermission "10.117.15.87:lowPort-highPort", "connect"; // Passive data connections.
// 10.117.15.87 indicates IP of the FTP Server for which the permission is granted by PS for communicating with client //

// For each target HTTP Server //
permission java.net.SocketPermission "10.117.15.87:33002", "connect";
// 10.117.15.87 indicates IP of the HTTP Server for which the permission is granted by PS for communicating with client //

// For each target C:D snode //
permission java.net.SocketPermission "snode:1364", "connect";
//  10.117.15.87 indicates IP of the Connect Direct Node for which the permission is granted by PS for communication //

Configurando DNS Lookup no remote perimeter server

Edite o arquivo customer_overrides.properties, e adicione

perimeter.*.forceRemoteDNS=true

para forçar a resolução de nome DNS no Perimeter server remoto.

Iniciando e Parando o Perimeter Server

Após a instalação executar os comandos abaixo para o Sterling B2B:

cd <INSTALL_DIR>
  • Iniciar:
./startupPs.sh ou  ./startPSService.sh
  • Parar
./stopPs.sh ou ./stopPSService.sh

Adicionando o Perimeter Server ao Sterling B2B

1) Acessar o console Web do Sterling B2Bi

2) No o menu Administration, selecione Operations -> Perimeter Servers.

3) Na página Perimeter Servers, clique em New Perimeter Server.

Informe os valores para o Perimeter server.

Ver também