(Click to open topic with navigation)

Installing Moab Web Services

These instructions describe how to install Moab Web Services (MWS).

To install Moab Web Services

You must deploy Moab Web Services on the same server as Moab Workload Manager.

  1. Verify Moab is installed and configured as desired (for details, see Installing Moab Workload Manager).
  2. Start Moab.
    3. [root]# service moab start
  3. Create the MWS home directory and subdirectories (for more information, see the "Configuration" section of the Moab Web Services Reference Guide).

    4. The default location for the MWS home directory is /opt/mws. These instructions assume the default location.

    Here is a sample script for this setup:

    [root]# mkdir -p \
    /opt/mws/etc/mws.d \
    /opt/mws/hooks \
    /opt/mws/log \
    /opt/mws/plugins \
    /opt/mws/spool/hooks \
    /opt/mws/utils
[root]# chown -R tomcat:tomcat /opt/mws # Depending on your OS, the Tomcat username might be tomcat6.
[root]# chmod -R 555 /opt/mws
[root]# chmod u+w \
    /opt/mws/log \
    /opt/mws/plugins \
    /opt/mws/spool \
    /opt/mws/spool/hooks \
    /opt/mws/utils
  4. Download the latest MWS build (mws-<version>.tar.gz) from the Adaptive Computing website.
  5. Extract the contents of the MWS download tarball into a temporary directory. For example:
    6. [root]# mkdir /tmp/mws-install
[root]# cd /tmp/mws-install
[root]# tar xvzf $HOME/Downloads/mws-8.0.3.tar.gz

  6. Copy the extracted utility files to the utility directory created above and give the tomcat user ownership of the directory.

    [root]# cd /tmp/mws-install/mws-8.0.3/utils
[root]# cp * /opt/mws/utils
[root]# chown tomcat:tomcat /opt/mws/utils/*

  7. Set up the MWS configuration files. In the extracted directory are several configuration files.

    1. Copy mws-config.groovy to /opt/mws/etc.

      [root]# cd /tmp/mws-install/mws-8.0
[root]# cp mws-config.groovy /opt/mws/etc
    2. Copy the appropriate suite-specific file to /opt/mws/etc/mws.d. Pick from the files matching filename mws-config-*.groovy in /tmp/mws-install/mws-8.0.
      3. [root]# cp mws-config-<your suite choice>.groovy /opt/mws/etc/mws.d
    3. Give the Tomcat user read access to /opt/mws/etc/mws-config.groovy and /opt/mws/etc/mws.d/mws-config-*.groovy.
      4. [root]# chown tomcat:tomcat /opt/mws/etc/mws-config.groovy /opt/mws/etc/mws.d/mws-config-hpc.groovy
[root]# chmod 400 /opt/mws/etc/mws-config.groovy /opt/mws/etc/mws.d/mws-config-hpc.groovy
    4. In the /opt/mws/etc/mws-config.groovy file, change these settings:
      • moab.secretKey: Must match the Moab secret key you generated earlier (contained in /opt/moab/etc/.moab.key).
      • auth.defaultUser.username: Any value you like, or leave as is.
      • auth.defaultUser.password: Any value you like, but choose a strong password.
      • moab.messageQueue.secretKey: Add this property to configure the message queue security key in MWS.

        • The key you specify must be encoded in Base64, and must match exactly the key specified in the MESSAGEQUEUESECRETKEY when installing Moab Workload Manager (see Installing Moab Workload Manager).

        Important: If MWS is configured to encrypt the message queue and Moab is not (or vice versa) then the messages from Moab will be ignored. Furthermore, all attempts to access the MWS service resource will fail.

      [root]# vi /opt/mws/etc/mws-config.groovy
									
// Replace <ENTER-KEY-HERE> with the contents of /opt/moab/etc/.moab.key.
									

      moab.secretKey = "<ENTER-KEY-HERE>"
moab.server = "localhost"
moab.port = 42559
						
// Replace <ENTER-KEY-HERE> with the value of MESSAGEQUEUESECRETKEY in /opt/moab/etc/moab-private.cfg.

moab.messageQueue.secretKey = "<ENTER-KEY-HERE>"
      									
// Change these to be whatever you like.

auth.defaultUser.username = "moab-admin"
auth.defaultUser.password = "changeme!"

      If you do not change auth.defaultUser.password, your MWS will not be secure (because anyone reading these instructions would be able to log into your MWS). Here are some tips for choosing a good password.

    5. Do one of the following:

        6. You can configure only one authentication method in mws-config.groovy—LDAP or PAM, but not both. If you have configured both LDAP and PAM, MWS defaults to using LDAP.

        If you need multiple authentication methods, you must add them to your local PAM configuration. See your distribution documentation for details.

      • If you are configuring an MWS connection to your LDAP server, add the following parameters to /opt/mws/etc/mws-config.groovy:
        • ldap.server  = "192.168.0.5"
ldap.port = 389
ldap.baseDNs = ["dc=acme,dc=com"]
ldap.bindUser = "cn=Manager,dc=acme,dc=com"
ldap.password = "*****"
ldap.directory.type = "OpenLDAP Using InetOrgPerson Schema"

        This is just an example LDAP connection. Be sure to use the appropriate domain controllers (dc) and common names (cn) for your environment.

        If you followed the Adaptive Computing tutorial, Setting up OpenLDAP on CentOS 6, your ldap.directory.type should be set to "OpenLDAP Using InetOrgPerson Schema." However, the use of other schemas is supported. For more information see LDAP Configuration using mws-config.groovy.

        To see how to configure a secure connection to the LDAP server, see Securing the LDAP connection.

      • If you are configuring MWS to use PAM, add the the pam.configuration.service parameter to the mws-config.groovy file. For example:
        • pam.configuration.service = "login"

        This is just an example PAM configuration file name. Make sure you specify the name of the configuration file you want MWS to use.

        For more information about PAM configuration with MWS, see PAM (pluggable authentication module) configuration using mws-config.groovy.

        There is a security risk when authenticating local users through your PAM configuration. This behavior is highly discouraged and not supported by Adaptive Computing.

    6. Add the grails.mongo.username and grails.mongo.password parameters to the mws-config.groovy file. Use the MWS credentials you added to MongoDB in the Preparing for installation section.
      7. ...
grails.mongo.username = "mws_user"
grails.mongo.password = "secret3"
  8. Add the following lines to the end of /etc/tomcat6/tomcat6.conf:
    9. CATALINA_OPTS="-DMWS_HOME=/opt/mws -Xms256m -Xmx3g -XX:MaxPermSize=384m -Dfile.encoding=UTF8"
    JAVA_HOME="/usr/java/latest"

    Some Linux distributions use /etc/default/tomcat6 or /etc/sysconfig/tomcat6 instead of /etc/tomcat6/tomcat6.conf.

  9. Deploy the mws.war file and start Tomcat.
    10. [root]# chkconfig tomcat6 on
[root]# service tomcat6 stop
[root]# cp /tmp/mws-install/mws-8.0.3/mws.war /usr/share/tomcat6/webapps
[root]# service tomcat6 start
  10. Navigate to http://localhost:8080/mws/ in a web browser to verify that MWS is running (you will see some sample queries and a few other actions).
  11. Log in to MWS to verify that your credentials are working. (Your login credentials are the auth.defaultUser.username and auth.defaultUser.password values you set in the /opt/mws/etc/mws-config.groovy file.)

    12. Click to enlarge

    If you encounter problems, or if the application does not seem to be running, see the steps in Moab Web Services issues.

© 2015 Adaptive Computing