• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Show100: Making IBM Notes Traveler Highly Available
 

Show100: Making IBM Notes Traveler Highly Available

on

  • 5,507 views

Session from IBM Connect 2013 on installing, configuring, and migrating to Traveler HA

Session from IBM Connect 2013 on installing, configuring, and migrating to Traveler HA

Statistics

Views

Total Views
5,507
Views on SlideShare
4,132
Embed Views
1,375

Actions

Likes
4
Downloads
364
Comments
0

11 Embeds 1,375

http://www.curiousmitch.com 1065
http://www.idonotes.com 222
http://planetlotus.org 44
http://abtasty.com 16
http://www.docseek.net 11
http://feeds.curiousmitch.com 9
http://charity.planetlotus.org 4
http://mobile.planetlotus.org 1
http://127.0.0.1 1
http://unity-02.indy.flexion.ch 1
http://www.docshut.com 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Intros Chris & Mitch <5 Min
  • Chris
  • Mitch
  • Chris
  • Chris Mention Fix Central for updates and Fix Packs iSeries coming in IBM Traveler 9.0
  • Mitch < 5 minutes Who has installed Traveler Who has installed Traveler HA
  • Briefly show the topology this slide repeats again so don’t spend a lot of time here Keys to point out Devices Firewall Load Balancer Traveler (Domino Servers) Database (DB2 or MS SQL) Mail Servers (Domino Clusters OK)
  • This is not an exclusive list of load balancers If you have something in your organization that you can leverage do so Must be able to round robin IP on 80/443 (or any custom HTTP Port) since you are behind a load balancer no requirement to run http on 80 on Domino Must be able to monitor (have a slide on this)
  • Explain the Heartbeat Algorithm max interval On the Lotus Traveler server, the Heartbeat Algorithm Maximum Interval can be configured on the Lotus Traveler tab of the current server document. The default value is 15 minutes, which means every mobile client sends the heartbeat check/pulse to the Traveler server every 15 minutes through an HTTP or HTTPS request. Talk about persistence
  • Suggest if possible monitor by dedicating a user that logs in From a task Perspective Traveler and HTTP (s) must be up Watchit Monitoring tool
  • Talk about advantages / disadvantages of having direct access to a Traveler server (not just load balancer)
  • Show the specific demo components Load Balancer – traveler.curi0.us Traveler Server – traveler1.curi0.us Mail Server – festivus.curi0.us
  • Traveler understands Domino Clusters for the purpose of connecting and delivering mail to a mobile device
  • Chris we should be starting this section no later than 10:40 10 Minutes
  • Demo Specs Domino 8.5.3 FP3 UP1 Traveler 8.5.3 UP2 (Slides based on UP1 as they were completed before UP2 shipped)
  • Remember to mention this is after Traveler is installed
  • Is anyone using Domino Servers today
  • Mitch – we should be here at 10:50 DEMO – Traveler Install as we talk through slides 10 Minutes
  • Mention Partitioned Servers here
  • Talk about the checkbox and what it does
  • If you choose Clients Connect to this server directly or Clients connect to this server via a proxy You are prompted for the URL Configure later You are not asked for the Client Connection URL In all cases you can edit the value later in the server document
  • This screen will not appear if you selected ‘Configure later’ on the previous screen
  • Point out that this is Domino 8.5.3 Upgrade Pack 1 Differentiate from Traveler UP1 or UP2 Highlight the OpenNTF piece What is new in Domino 8.5.3 UP1 The main functionality highlights of this upgrade pack include the following: XPages Extension Library – this is why we need it Domino Designer tooling plug-in Domino Data Services Updated TeamRoom and Discussion templates
  • We will show this live Point out not all the rules are here, but this is what is auto-created Later we will show the completed Internet Site Doc
  • Explain what the WebSSO does, also explain why this should probably be its own config not an existing LPTA Config
  • Point out the advantage of Internet Site docs is that when adding servers to the cluster all the rules, and SSO is as easy as dropping the servername in 2 documents Internet Site doc means common config for Server Home URL SSO Config Security & SSL
  • In a > 2 cluster do not have to be able to handle all devices on one server when you set threads
  • Access or Not Access Server Field Can choose to implement this to refine Traveler Access different from Server Access If Server Access Group is same as Traveler Access set this to all
  • This TCP port is used for Auto Sync communications between version 8.5.1 and earlier Lotus Notes Traveler servers and clients. If you are using an 8.5.2 version or later client, this port is not used and can be disabled. If you are using a version earlier than 8.5.2, this port must not be used by other applications on this server. If the Lotus Notes Traveler server is behind a firewall, this port must be open on the firewall or the Lotus Notes Traveler client must use a VPN to tunnel through the external firewalls. To disable the Auto Sync TCP port, set the port value to 0.  If this server is configured for High Availability, the Auto Sync TCP port should be disabled as this is not a supported option in this mode.
  • Chris – we should be here at 11:00 No Demo 8 minutes
  • DB2 Is entitled with Traveler so if you don’t own DB2 or MS SQL go with DB2
  • Chris – we should be here at 11:08 Demo 7 minutes
  • Point out LNTUSER
  • Make sure you set the LNTUSER password to NEVER expire
  • Mitch – we should be here at 11:15 Demo 10 Minutes
  • Explain the various pieces of information DB2 jdbc:db2 MS SQL jdbc:sqlserver
  • Go over the command again show the key pieces This is being Demoed
  • We are demoing this
  • Comment about duplicate users
  • Point out the URL here Explain that this is what is populated in the iOS Profile Android Client
  • Explain that this is simply resetting the server to Derby
  • No data loss in Enterprise DB is key here
  • Chris – We should be here at 11:25 5 Minutes
  • Stress that you need to test and validate your configuration before you add it in to the load balancer
  • Mitch we should be here at 11:30 Demo moving Derby to another server to migrate 15 minutes
  • We can’t give you all the answers This is not a one size fits all Hopefully we are giving you the information you need to make the right decisions fro your organization
  • These are your decision points Use this and other factors to determine the right configuration for your environment
  • Backups
  • Explain what is in the Derby DB and the impact of losing it
  • The Apple stuff is not documented, but has been experienced If you can possibly avoid a DNS change your migration will go that much smoother Setting expectations is all the difference
  • Demo Migrating a Derby DB on a different Server
  • Mention Single Sign on again
  • Mitch We should be here at 11:45 15 minutes
  • Only one policy is available in the Web Admin You can Include or exclude specific users from policy Domino Policies can be used if multiple policies are required
  • In this example there are 3 Android Client Levels 8.5.3.100 is 8.5.3 UP1 8.5.3.200.201211280928 is 8.5.3 UP2 8.5.3.200.20121212030959 is a Interim Fix Android Client for Anroid 4.2
  • We are covering HA Commands only
  • We are covering HA Commands only
  • We should get here at 12:00 if all goes well

Show100: Making IBM Notes Traveler Highly Available Show100: Making IBM Notes Traveler Highly Available Presentation Transcript

  • SHOW 100: Making Traveler Highly Available – Part 1: Traveler Design Mitch Cohen | Manager of Messaging & Collaboration, Colgate-Palmolive Company Chris Whisonant | Lead Consultant, Best Methods© 2013 IBM Corporation
  • About us....Chris Whisonant Lead Consultant at Best Methods IBM Lotus Software Administrator since 2002 Blog at http://www.bleedyellow.com/blogs/lotusnut Twitter: @cwhisonant He’s a Slow Talker2 © 2013 IBM Corporation
  • About us....Mitch Cohen Manager Messaging & Collaboration @ Colgate-Palmolive 2013 IBM Champion for Collaboration Solutions IBM Lotus Software Administrator since 1996 Blog at http://www.curiousmitch.com Twitter: @curiousmitch Mets & Giants fan He’s a Fast Talker3 © 2013 IBM Corporation
  • LegaleseThis session will include information about the following IBM® products:  IBM Lotus®  IBM Lotus Notes®  IBM Lotus Notes Traveler®  IBM Lotus Domino®  IBM DB2®  IBM Websphere® Edge Components®  IBM HTTP Server®4 © 2013 IBM Corporation
  • IBM Software Part Numbers(well, at least some of them...) IBM Lotus Notes Traveler V8.5.3 Upgrade Pack 2 for Windows Multilingual (CIB9RML) IBM Lotus Notes Traveler V8.5.3 Upgrade Pack 2 Linux for xSeries Multilingual (CIB9SML) IBM DB2 10.1 - Limited Use for Linux on 32-bit AMD and Intel systems (x86) Multilingual (CI6TPML) IBM DB2 10.1 - Limited Use for Linux on AMD64 and Intel EM64T systems (x64) Multilingual (CI6TQML) IBM DB2 10.1 - Limited Use for Windows on 32-bit AMD and Intel systems (x86) Multilingual (CI6TXML) IBM DB2 10.1 - Limited Use for Windows on AMD64 and Intel EM64T systems (x64) Multilingual (CI6TYML) IBM Lotus Domino V8.5.3 32 bit for Windows English (CI1L8EN) IBM Lotus Domino V8.5.3 64 bit for Windows English (CI1L9EN) IBM Lotus Domino V8.5.3 32 bit Linux for xSeries English (CI1LBEN) IBM Lotus Notes and Domino V8.5.3 Upgrade Pack 1 English (CI5HUEN)5 © 2013 IBM Corporation
  • Agenda The Set Up Prepare Domino for Traveler Install Traveler Standalone Installation DB2 Installation Creating the Traveler Database Migrating Standalone Server to HA Installing Additional Traveler Servers Migration Scenarios Traveler HA Administration Yada Yada Yada (Q&A)6 © 2013 IBM Corporation
  • The Set Up7 © 2013 IBM Corporation
  • HA Traveler Architecture Map• HTTP Load Balancer listening on single user-facing public DNS address• Multiple Traveler Servers pointing to relational database server• Pointing to one or more Domino mail servers8 © 2013 IBM Corporation
  • Load Balancer General Notes Moving to an HA HTTP environment may be new to Domino Admins Many different options are available, ranging from open-source freeware to licensed software to hardened appliances. Some options are below: – Big-IP F5 – Apache or IBM HTTP Server – IBM WebSphere Edge Components – HAProxy – Amazon ELB (used in this session) – See also other options that may be mentioned in the follow-up session to this one. Gets even more fun when you need to provide redundancy for the load balancers!9 © 2013 IBM Corporation
  • Load Balancer General Notes You should configure your load balancer with Session Persistence – Once a device is connected it will sync with one server for the duration of the persistence – Load Balancer Persistence should be longer than the Heartbeat Algorithm Max Interval • Default is 15 minutes you should increase to at least 30 • If Heartbeat Algorithm Max is 30 Load balancer persistence should be 3110 © 2013 IBM Corporation
  • Load Balancer General Notes Monitoring • Your Load Balancer needs to be able to determine if Traveler is available • Just pinging the box is not enough • The load balancer needs to understand when traveler is not running to mark the node down and direct traffic to other nodes in the cluster11 © 2013 IBM Corporation
  • Standalone Traveler Architecture Map• Firewall and/or DMZ placement is per corporate policies• Single Traveler Server with Derby State Database• Pointing to one or more Domino mail servers12 © 2013 IBM Corporation
  • Kramers Standalone Traveler Architecture Map• Single Traveler Server with Derby State Database• Pointing to single Festivus Domino mail server13 © 2013 IBM Corporation
  • HA Traveler Architecture Map• HTTP Load Balancer listening on single user-facing public DNS address• Multiple Traveler Servers pointing to relational database server• Pointing to one or more Domino mail servers14 © 2013 IBM Corporation
  • Kramers HA Traveler Architecture Map• Amazon ELB listening on single user-facing public DNS address• Multiple Traveler Servers pointing to DB2 server• Pointing to single Festivus Domino mail server15 © 2013 IBM Corporation
  • A word about Clusters• We will be referring to Traveler Clusters • These are Traveler Servers all connected to the same database to provide High Availability for Traveler • These servers are NOT Domino Clusters • Clustering of Traveler Servers is not supported or needed16 © 2013 IBM Corporation
  • Prepare Domino for Traveler Install17 © 2013 IBM Corporation
  • Prepare Domino for Traveler Install What You Will Learn ─ Steps to prepare your Domino Server before installing Traveler ─ Why you should use Internet Site Docs ─ Security Recommendations What Has Been Completed So Far ─ IBM Lotus Domino Server version 8.5.3 has been installed ─ Remember to check for the latest Domino Fixpacks18 © 2013 IBM Corporation
  • Prepare Domino for Traveler Install The Traveler server should be installed on a dedicated system • Dont install on existing mail server or other utility/application server • Traveler server versions will be updated on different timeframes than other servers • Traveler version may be higher than mail servers version • Traveler network placement will likely be different than where you will place other servers19 © 2013 IBM Corporation
  • Prepare Domino for Traveler Install• Mail File Access • The Traveler Server(s) need to have access to: • Mail files for Traveler Users • LocalDomainServers can be added to ACL • Mail servers for Traveler Users • Mail Server must be Domino 7.0.2 or higher • Template must be 6.5 or higher • Consider other mail file cleanup • Replicate unread marks between servers20 © 2013 IBM Corporation
  • Prepare Domino for Traveler Install• Mail File Access – User can verify requirements are met by logging into Traveler server from computer or mobile device21 © 2013 IBM Corporation
  • Prepare Domino for Traveler Install• Decide on your server topology • In our demo the Traveler servers are in their own Domino Domain, in the same Org as the mail servers • Kramer is our Traveler domain • Seinfeld is our Mail domain22 © 2013 IBM Corporation
  • Prepare Domino for Traveler Install• By default Internet Site Documents are disabled • Change to enabled in the server doc • Traveler will configure your Internet Site Document during installation23 © 2013 IBM Corporation
  • Prepare Domino for Traveler Install• Before Installing Traveler make sure Internet Site Documents is enabled • Look for this in your server console or log 12/20/2012 02:25:36 PM HTTP Server: Warning, Internet Site Configuration View is enabled but does not contain any Web Sites 12/20/2012 02:25:36 PM HTTP Server: Using Web Configuration View 12/20/2012 02:25:39 PM JVM: Java Virtual Machine initialized. 12/20/2012 02:25:39 PM HTTP Server: Java Virtual Machine loaded 12/20/2012 02:25:44 PM XSP Command Manager initialized 12/20/2012 02:25:48 PM HTTP Server: Started24 © 2013 IBM Corporation
  • Prepare Domino for Traveler Install• Security • Set up your Server Access and Deny Access lists • Make sure to Enforce Server Access Settings for HTTP25 © 2013 IBM Corporation
  • Prepare Domino for Traveler Install• Notes on enforcing server access settings for HTTP • Forces the HTTP task to use the same Domino Server security settings as on the Server Documents Security tab • Use in tandem with Anonymous HTTP access; if anonymous is open, then this setting is highly recommended • Without this enabled, HTTP security will be wide open to the extent that ACLs have been properly restricted. • Potential caveats with this on servers that could have access incoming that is external to the Domino Directory (DIIOP, etc...) • Which is not a problem here because you installed Traveler on a dedicated server26 © 2013 IBM Corporation
  • Prepare Domino for Traveler Install• Check your FQDN on the server basics tab and on the Ports configuration• Check your DNS• You are ready to install Traveler27 © 2013 IBM Corporation
  • Traveler Standalone Installation28 © 2013 IBM Corporation
  • Traveler Standalone Installation What You Will Learn – Steps necessary to install the IBM Traveler software What Has Been Completed So Far • IBM Lotus Domino Server version 8.5.3 has been installed • Prepare the Domino Server Document per existing corporate standards • Enabled Internet Site Documents29 © 2013 IBM Corporation
  • Traveler Standalone Installation• Traveler Install is the same for standalone and high availability • All Traveler Servers install using Derby (standalone) • Connecting to DB2 or MS SQL is a post install step which we will cover later30 © 2013 IBM Corporation
  • Traveler Standalone Installation Select your language Click OK31 © 2013 IBM Corporation
  • Traveler Standalone Installation Optionally choose to view IBMs Information Site – http://curi0.us/documentation – Click Next32 © 2013 IBM Corporation
  • Traveler Standalone Installation Accept the license agreement (to continue) Click Next33 © 2013 IBM Corporation
  • Traveler Standalone Installation Select your Program and Data Directories This should automatically be detected Click Next34 © 2013 IBM Corporation
  • Traveler Standalone Installation Choose whether or not to set /traveler as the default page for the Domino Web Server (Select this… trust us) Click Next35 © 2013 IBM Corporation
  • Traveler Standalone Installation Choose whether the connection to Traveler is direct or via a proxy Click Next36 © 2013 IBM Corporation
  • Traveler Standalone Installation Input the Traveler URL For Production environments SSL is Strongly recommended  We did not configure SSL in our demo This can be changed later Click Next37 © 2013 IBM Corporation
  • Traveler Standalone Installation Use this option to upgrade Domino to UP1 as well This is mandatory if UP1 is not already installed You Must use Domino 8.5.3 UP1 Not the OpenNTF XPages Extension Library Click Next38 © 2013 IBM Corporation
  • Traveler Standalone Installation Review the Installation options Click Install39 © 2013 IBM Corporation
  • Traveler Standalone InstallationValidating Domino 8.5.3 UP1 Installation•After starting Domino, issue the following command:tell http xsp diag com.ibm.xsp.extlib•If everything installed properly, you will get 2 lines echoed back: – update@../../extlib/eclipse/plugins/com.ibm.xsp.extlib_8.5.3.20111208-0711.jar – No unresolved constraints•This will confirm that extlib is installed (as it is installed as part of Domino UP1)•For this session we are running: – Domino 8.5.3 FP3 Update Pack 1 – Traveler 8.5.3 Update Pack 240 © 2013 IBM Corporation
  • Traveler Standalone Installation• When you start Domino the Traveler and HTTP Tasks will start up automatically• Confirm the Internet Site Document and Redirect rules were created41 © 2013 IBM Corporation
  • Traveler Standalone Installation• To prepare for an HA Install create a Web SSO Configuration for your Internet Site42 © 2013 IBM Corporation
  • Traveler Standalone InstallationWeb SSO Configuration • Give your configuration a unique name • List all servers that will be running Traveler in the cluster43 © 2013 IBM Corporation
  • Traveler Standalone InstallationCompleted Internet Site • Created by Traveler Install • /Microsoft-Server-ActiveSync redirect • /Servlet/Traveler redirect • Manually Created for security • /log.nsf redirect • /names.nsf redirect • Manually created to override Form Based Authentication for Traveler • Override Session Authentication44 © 2013 IBM Corporation
  • Installing Traveler StandaloneOur Complete Internet Site for Traveler45 © 2013 IBM Corporation
  • Traveler Standalone Installation Set your number of active threads to 1.2 times the number of devices Default is 100 threads (roughly 84 devices) Account for the maximum you may need in failover mode (total devices in cluster)46 © 2013 IBM Corporation
  • Traveler Standalone Installation Maximum Memory Size for Traveler Server Task • Default is 512MB • Max is 4GB • This is NOT httpjvmmaxheapsize (that should not be set) External Server URL (notice this is different than the actual Traveler server) Access (or Not Access) Server field is where you can specify a group who can access Traveler47 © 2013 IBM Corporation
  • Traveler Standalone InstallAuto Sync Settings• Defaults are pictured here • If all Traveler Clients are 8.5.2 or later set “Port for TCP Connections” to 0 • Must be Set to 0 for HA• For Traveler Standalone these are fine• We will touch more on these later for High Availability48 © 2013 IBM Corporation
  • DB2 Installation49 © 2013 IBM Corporation
  • DB2 Installation What You Will Learn ─ Steps necessary to install the IBM DB2 software ─ Do not name the DB2 server “DB2” What Has Been Completed So Far ─ IBM Lotus Domino Server version 8.5.3 has been installed ─ IBM Lotus Traveler version 8.5.3 UP2 has been installed in standalone mode50 © 2013 IBM Corporation
  • DB2 Installation Note on Supported Versions ─ For Traveler 8.5.3 UP2, the supported versions of DB2 are: • 9.7 FP5 • 10.1 ─ The install slides in this presentation were made with 9.7 FP4 during original install of 8.5.3 UP1 ─ Upgraded to 9.7 FP5 when upgrading Traveler to UP2 ─ The installation routine will be the same for 10.1 ─ If you already have DB2 (or MS SQL) administrators (be nice to them – lunch is good), work with them to determine if there are already systems running supported versions51 © 2013 IBM Corporation
  • DB2 Installation This is the Launchpad where you can view information or install the software Go to Install a Product Choose Install New for this server edition52 © 2013 IBM Corporation
  • DB2 Installation Wait for the Installer to go through the preparation process53 © 2013 IBM Corporation
  • DB2 Installation Click Next to proceed54 © 2013 IBM Corporation
  • DB2 Installation Accept the license agreement (to proceed) Click Next to continue55 © 2013 IBM Corporation
  • DB2 Installation Choose the installation type. Typical will suffice for the purposes of Traveler Click Next to continue56 © 2013 IBM Corporation
  • DB2 Installation Choose whether to install, save a response file, or both Choose response file location Click Next to continue57 © 2013 IBM Corporation
  • DB2 Installation Choose installation location (perhaps outside of “Program Files” path) Click Next to continue58 © 2013 IBM Corporation
  • DB2 Installation Specify DB2 administrative user account – Default username is db2admin Click Next to continue59 © 2013 IBM Corporation
  • DB2 Installation Specify the DB2 instance name Click Next to continue60 © 2013 IBM Corporation
  • DB2 Installation Recommended to prepare the DB2 tools catalog now – More difficult to add later – Needed for DB2 backups Click Next to continue61 © 2013 IBM Corporation
  • DB2 Installation Choose whether you wish to set up DB2 system email notifications Click Next to continue62 © 2013 IBM Corporation
  • DB2 Installation Enable OS security – The two groups above are created in Windows – Assigns certain OS-level privileges to the groups Click Next to continue63 © 2013 IBM Corporation
  • DB2 Installation ` Review the installation options Click Finish to install DB264 © 2013 IBM Corporation
  • Traveler Database Creation65 © 2013 IBM Corporation
  • Traveler Database Creation What You Will Learn ─ Steps necessary to create the Traveler DB2 Database What Has Been Completed So Far ─ IBM Lotus Domino Server version 8.5.3 has been installed ─ IBM Lotus Traveler version 8.5.3 UP1 has been installed in standalone mode ─ IBM DB2 version 9.7 Fixpack 5 has been installed66 © 2013 IBM Corporation
  • Traveler Database Creation After DB2 has been installed the TOOLSDB will be the only existing database67 © 2013 IBM Corporation
  • Traveler Database Creation• The SQL Files to create the Traveler Database can be found on a Domino Server with Traveler Installed • Located in <dominodata>travelercfgdb • Zip format for Windows • Compressed Tar format for Linux68 © 2013 IBM Corporation
  • Traveler Database Creation Extracted Traveler installation will have a TravelerSQLDB2 folder69 © 2013 IBM Corporation
  • Traveler Database Creation Launch DB2 Command window (db2cmd) • GUI is also available, but real admins will roll with command line Navigate to the TravelerSQLDB2 directory Run: db2cmd -c -w -i db2 -tvf createDb.sql – This creates the necessary database using the IBM- supplied createDb SQL command – tvf: termination character, echo to console, use input file70 © 2013 IBM Corporation
  • Traveler Database Creation If the command is entered correctly it will look like this briefly71 © 2013 IBM Corporation
  • Traveler Database Creation This is sample output from the executed SQL commands.72 © 2013 IBM Corporation
  • Traveler Database Creation In a DB2 Command Window, navigate to the TravelerSQLDB2 directory Run: db2 -tvf appGrants.sql – This grants permissions to the database, tables, etc...73 © 2013 IBM Corporation
  • Traveler Database Creation This is sample output from the executed SQL commands Once it has completed successfully, you may exit this window. As you can see, the default DB2 user account is LNTUSER74 © 2013 IBM Corporation
  • Traveler Database Creation Going back to the DB2 Control Center, you can see the new TRAVELER database75 © 2013 IBM Corporation
  • Traveler Database Creation Create an OS account for LNTUSER – The password you set for this user will be needed to configure Traveler later.76 © 2013 IBM Corporation
  • Migration Standalone Server to HA77 © 2013 IBM Corporation
  • Migrating Standalone server to HA What You Will Learn ─ Steps necessary to migrate a standalone Traveler server to HA What Has Been Completed So Far ─ IBM Lotus Domino Server version 8.5.3 has been installed ─ IBM Lotus Traveler version 8.5.3 UP2 has been installed in standalone mode ─ IBM DB2 version 9.7 Fixpack 5 has been installed ─ IBM Lotus Traveler database has been created78 © 2013 IBM Corporation
  • Migrating Standalone server to HAChecklist for database connectivity URL jdbc:db2://travdb.curi0.us Port 50000 Database Name traveler User Name lntuser Password 79 © 2013 IBM Corporation
  • Migrating Standalone server to HA• In Standalone Mode Traveler is administered via the Domino Admin Client80 © 2013 IBM Corporation
  • Migrating Standalone server to HA Copy the db2jcc4.jar from IBMSQLLIBjava on the DB2 server to the DominoTravelerlib folder Ensure that you copy over this file each time after any Database server upgrades81 © 2013 IBM Corporation
  • Migrating Standalone server to HA Open Windows command prompt and cd to the Dominodatatravelerutil folder Run the travelerUtil.cmd to set the jdbc url, port, and db name using the valid DB2 credentials This can be run while the Domino Server is up, but will not take effect until server is restarted82 © 2013 IBM Corporation
  • Migrating Standalone server to HA Database connection will next be validated83 © 2013 IBM Corporation
  • Migrating Standalone server to HA Check the output carefully to verify – Successful connection – DB configuration for Traveler has been saved Restart the Traveler server now84 © 2013 IBM Corporation
  • Migrating Standalone server to HA Use the travelerUtil.cmd db show command to show the current connectivity information.85 © 2013 IBM Corporation
  • Migrating Standalone server to HA• After Connecting the Traveler Server to the Database on the next server restart Traveler will migrate the data from Derby to DB2 (or MS SQL) • The following data is migrated • Client Installs • User Sync Data • Policies • If you migrate multiple standalone servers into one DB it will skip • Duplicate client installs • Duplicate User Data • Policies86 © 2013 IBM Corporation
  • Migrating Standalone server to HA• On Server restart watch the console for migration messages • Console will give frequent updates • Traveler does not start until migration is completed87 © 2013 IBM Corporation
  • Migrating Standalone server to HA• Example of Client migrating to DB288 © 2013 IBM Corporation
  • Migrating Standalone server to HA• Make sure you update the External Server URL to reflect the address of the Load Balancer in the Server Document • If clients are pointing to a URL of a specific server they will continue to sync mail, but not take advantage of HA • The value set here is what is populated to clients upon installation89 © 2013 IBM Corporation
  • Migrating Standalone server to HA• In Traveler Auto Sync Settings, change the TCP Port for Connections to = 090 © 2013 IBM Corporation
  • Migrating Standalone server to HA• Traveler is now administered via the web-based Traveler Admin Console • If you attempt to administer via the Domino Admin Client you will see this91 © 2013 IBM Corporation
  • Migrating Standalone server to HADisconnecting a Server from a database• You can remove a database config from a server if needed using the Travel Util Command92 © 2013 IBM Corporation
  • Migrating Standalone server to HA• You will need to confirm the change• This does not delete any data in the database it only disconnects the specific Traveler server from the database93 © 2013 IBM Corporation
  • Migrating Standalone server to HA• Look for confirmation that the changes were successful• Can be run with the Domino server up, but does not take effect until next restart94 © 2013 IBM Corporation
  • Migrating Standalone server to HA• On restart, Traveler will be in Standalone mode using a derby DB• If you remove a server make sure you also update your load balancer95 © 2013 IBM Corporation
  • Installing Additional Traveler Servers96 © 2013 IBM Corporation
  • Installing Additional Traveler Servers What You Will Learn ─ Steps to add additional Traveler servers to a cluster What Has Been Completed So Far ─ IBM Lotus Domino Server version 8.5.3 has been installed ─ IBM Lotus Traveler version 8.5.3 UP2 has been installed in standalone mode ─ IBM DB2 version 9.7 Fixpack 5 has been installed ─ Traveler DB2 database has been created ─ Traveler Server has been connected to DB297 © 2013 IBM Corporation
  • Installing Additional Traveler ServersTraveler is running in HA mode you can now add additional servers into the cluster.•Create your Server ID • Add the server to the Web Site • Add the server to the Web SSO Configuration • Set up Server Access consistent with existing Traveler Server•Install Domino•Install Traveler • For the initial server we first enabled Internet Site Docs to allow the installer to create the Web Site Document, for additional servers we will enable after install and add the server to the existing Web Site•Enable Internet Site Documents in Server Doc•Connect Traveler Server to Database98 © 2013 IBM Corporation
  • Installing Additional Traveler Servers• Once your configuration is complete and tested • Add the server to the Load Balancer • Since devices point to the load balancer the Workload Manager will automatically distribute the load across servers in the cluster • Monitor your server availability in the Web Admin console or via Tell Traveler HADR Show99 © 2013 IBM Corporation
  • Installing Additional Traveler ServersRemember... • Enforce Server Access settings for HTTP • Lotus Traveler Settings in Server Document • Maximum Memory Size • External Server URL • Access Server/Not access server • Auto Sync Settings100 © 2013 IBM Corporation
  • Installing Additional Traveler Servers• These settings will come from the Database and do not have to be manually configured for additional servers • Default Device Policy settings • Client Installs• Traveler clusters are NOT Domino Clusters101 © 2013 IBM Corporation
  • Migration Scenarios102 © 2013 IBM Corporation
  • Migration Scenarios What You Will Learn ─ Concepts to help you build a migration plan for your environment What Has Been Completed So Far ─ Standalone Traveler has been deployed ─ Traveler HA has been built and tested103 © 2013 IBM Corporation
  • Migration Scenarios• We will show you 3 common scenarios• Before you begin, determine your specific requirements. Consider the following: • How many standalone Traveler servers you have • How many HA Clusters you want • How fast you want to migrate • Can you ask your users to reconfigure their devices • Any limitations on placement of Load Balancers, Firewall • Will you upgrade in place or use another machine to migrate104 © 2013 IBM Corporation
  • Migration ScenariosI shouldnt have to remind you about this (but I will)• Before you begin your migration • Backups • Backups • Backups • Don’t forget to backup the Derby Database!105 © 2013 IBM Corporation
  • Migration ScenariosWhere exactly do I find the Derby Database? • <dominodata>travelerntsdb • Shut down Domino to copy or “backup”106 © 2013 IBM Corporation
  • Migration Scenarios• A word of caution about DNS Changes • iOS can take up to 24 hours to recognize a DNS change • This is not documented by Apple but has been experienced when changing the DNS of a Traveler server • If you can avoid a DNS Change when migrating you will make your life easier • If you have to change DNS • Lower the TTL of the DNS record prior to migrating • Set your users expectations appropriately107 © 2013 IBM Corporation
  • Migration Scenarios• No Migration build a new HA Environment • New install, or clients willing to manually reconfigure their devices• Standalone to Cluster Migration • One standalone server into one HA Cluster • URL For Traveler will remain the same• Many to One • If you have multiple standalone Traveler servers and you want to consolidate to one HA Cluster • Multiple URLs will point to one load balancer108 © 2013 IBM Corporation
  • Migration ScenariosScenario 1: No Migration build a new HA Environment•In this scenario • No users are Connected to Traveler or • Users are willing to reconfigure their devices manually • No data will be migrated from any existing servers•The URL you have chosen should be • Pointed at your load balancer • Configured in your server document on the Traveler tab • in our example the VIP is http://traveler.curi0.us109 © 2013 IBM Corporation
  • Migration Scenarios Scenario 1: No Migration build a new HA Environment Pros Cons • No Downtime • Requires User intervention • Easy to implement • Will need to maintain 2 environments during transition period110 © 2013 IBM Corporation
  • Migration ScenariosScenario 2: Standalone to Cluster Migration111 © 2013 IBM Corporation
  • Migration ScenariosScenario 2: Standalone to Cluster Migration• In this scenario you are migrating an existing traveler server • You should move the existing hostname to the load balancer • You will be migrating data from Derby to DB2 (or MS SQL) • You will need downtime• The URL you have chosen should be • Pointed at your load balancer • Configured in your server document on the Traveler tab for all servers • In our example the VIP is http://traveler.curi0.us112 © 2013 IBM Corporation
  • Migration ScenariosScenario 2: Standalone to Cluster Migration• In Place Server Migration • Backup the Derby Database • <dominodata>travelerntsdb • Upgrade Traveler to 8.5.3 UP2 • Connect Traveler Server to Database • On startup Traveler will automatically migrate into the Database: • Client Installs • User Sync Data • Policies113 © 2013 IBM Corporation
  • Migration ScenariosScenario 3: Many to OneIn this scenario you will collapse multiple standalone Traveler Servers into one HACluster • You should move the existing hostnames to the load balancer • You will be migrating data from Derby to DB2 (or MS SQL) • You will need downtime • Each Server can be done individually at different times114 © 2013 IBM Corporation
  • Migration ScenariosScenario 3: Many to OnePros Cons• One HA Environment • Downtime required for each server migration• Best use of HW resources • Supporting multiple URLs• Maximize redundancy • Complex Migration• No Device reconfiguration115 © 2013 IBM Corporation
  • Migration ScenariosScenario 3: Many to One116 © 2013 IBM Corporation
  • Migration ScenariosScenario 3: Many to OneFollowing are some sample steps one would use in a scenario such as this: • Make sure that server access is consistent for all Traveler servers • If you are running SSL on Domino • Will have to move SSL certificate to load balancer • Work with SSL provider to re-provision certificate for load balancer • Move IP address to load balancer • If at all possible, move the IP address to not change DNS • Verify that users and devices are showing in the HA Admin Console • Activate the servers on the load balancer to enable user access • There may be some resource utilization spikes when devices connect • Test and monitor117 © 2013 IBM Corporation
  • Migration ScenariosNotes.ini Parameters• NTS_AUTOSTART_HTTP • Automatically starts HTTP when Traveler starts even if it is not in the server tasks line • This defaults to True • During Upgrades or Migrations set this to false to allow Traveler to start but prevent client access118 © 2013 IBM Corporation
  • Traveler HA Administration119 © 2013 IBM Corporation
  • Traveler HA Administration What You Will Learn ─ How to Administer Traveler HA ─ Policy Administration ─ Client Configurations ─ User, Device and Security Administration What Has Been Completed So Far ─ IBM Lotus Domino Server version 8.5.3 has been installed ─ IBM Lotus Traveler version 8.5.3 UP1 has been installed in standalone mode ─ IBM DB2 version 9.7 Fixpack 5 has been installed ─ IBM DB2 Traveler Database has been created ─ Traveler has been Connected to DB2 and Configured for HA ─ Additional Traveler Server has been installed120 © 2013 IBM Corporation
  • Traveler HA Administration• In Standalone Mode, Traveler administration is performed through the Domino Administrator Client • User State Data stored in Derby (NTSDB) • Clients (Android, Nokia, Windows) Stored in <dominodata>dominohtmltravelerclients • Policies and Security Settings stored in LotusTraveler.nsf• Administration tasks are performed via the Notes Administrator Client • When migrating a Standalone server all the above settings are imported121 © 2013 IBM Corporation
  • Traveler Standalone Administration122 © 2013 IBM Corporation
  • Traveler Standalone Administration123 © 2013 IBM Corporation
  • Traveler HA Administration• In Traveler HA administration is web based • User State Data is stored in DB2 • Clients (Android, Nokia, Windows) are stored in DB2 and in <dominodata>dominohtmltravelerclients • New clients processed on one server are distributed to all servers for download • Policies and Security Settings are stored in DB2• The Admin client is accessed via your Load Balancer • http://fqdn/lotustraveler.nsf • In our example http://traveler.curi0.us/lotustraveler.nsf124 © 2013 IBM Corporation
  • Traveler HA Administration• In Traveler HA administration is web based • User State Data is stored in DB2 • Clients (Android, Nokia, Windows) are stored in DB2 and in <dominodata>dominohtmltravelerclients • New clients processed on one server are distributed to all servers for download • Policies and Security Settings are stored in DB2• The Admin client is accessed via your Load Balancer • http://fqdn/lotustraveler.nsf • In our example http://traveler.curi0.us/lotustraveler.nsf125 © 2013 IBM Corporation
  • Traveler HA Administration• Access to the Web Admin interface is controlled by the ACL on LotusTraveler.nsf • Must have Administrator Role to manage settings • Make sure the ACL is the same on all cluster members126 © 2013 IBM Corporation
  • Traveler HA Administration• Device Security • Deny Access • Wipe Device • Clear Deny/Wipe Access • Device Approvals127 © 2013 IBM Corporation
  • Traveler HA Administration• Device Settings • Sync Settings • Email • Calendar • To Do • Contacts • Journal • Peak and Off-peak Sync Times• Locking values prevents client changes on user devices128 © 2013 IBM Corporation
  • Traveler HA Administration• Filter Settings • Message size, attachment and date filters • Calendar past and future filters • Journal Date Filter • To Do Options• Locking values prevents client changes 129 © 2013 IBM Corporation
  • Traveler HA Administration• Device Settings • Log Level for clients130 © 2013 IBM Corporation
  • Traveler HA Administration• Security Settings • Security Policies per device (Windows, Nokia, Apple, Android) • Varies by device • Require Password / Password requirements • Encryption • Prohibit Camera • Android Only • Require Application Password • Prohibit copy to clipboard • Prohibit Export of attachments131 © 2013 IBM Corporation
  • Traveler HA Administration• Security Settings132 © 2013 IBM Corporation
  • Traveler HA Administration• Device Access • You can limit the number of devices a single user can have on the system • Device approvals are on the Device Security tab133 © 2013 IBM Corporation
  • Traveler HA Administration• Devices • Lists all Devices in the cluster • Searchable by User, Device, OS, Build Level (Traveler Clients Only) • iOS Devices do not have a Build Level134 © 2013 IBM Corporation
  • Traveler HA Administration• Users • Lists all Users in the cluster • If a user has multiple devices all devices will always be connected to the same server • Searchable by Name, Mail Server, Mail File135 © 2013 IBM Corporation
  • Traveler HA Administration• Servers • Displays the Status of all servers in the cluster • Shows the same information as “Tell Traveler HADR show” • Optionally you can set to Auto Refresh136 © 2013 IBM Corporation
  • Traveler HA Administration• Client Software • Manage Client Versions for Android, Nokia, and Windows • Set a Default Client Level for each OS • Individual Client levels can be assigned to specific users for testing137 © 2013 IBM Corporation
  • Traveler HA Administration• New client versions are installed either • Via server upgrade (i.e. UP1 to UP2) • Manually when interim fixes are available• To manually install a new client level • Copy the client file to the appropriate OS directory in <dominodata>dominohtmltravelerclients • At the server console run • set config NTS_CLIENT_UPDATE= • PATCH will upload client for testing only • FULL will upload client and set as default • tell traveler client refresh • The client will be copied in to DB2 and to all the servers in the cluster138 © 2013 IBM Corporation
  • Traveler HA AdministrationServer Console Commands• We will cover Tell commands related to HA• For a comprehensive list of commands visit: http://curi0.us/travtellcmd139 © 2013 IBM Corporation
  • Traveler HA AdministrationServer Tell Commands• Tell Traveler HADR Show • Shows the Servers in the pool in the server console, same information as displayed in the servers view of the web admin• Tell Traveler HADR Ping • Test Connectivity between cluster members• Tell Traveler HADR Delete • Delete a cluster member (must be offline before deleting)140 © 2013 IBM Corporation
  • Traveler HA AdministrationServer Tell Commands• Tell Traveler Bind • Used to bind or unbind a user to a specific server in the cluster • Useful for troubleshooting or monitoring• Tell Traveler Bind Enable <userid> • Binds a user to the server the command is issued on• Tell Traveler Bind Disable <userid> • unbinds a user to the server the command is issued on• Tell Traveler Bind Show • Shows users bound to the server the command is run on• Tell Traveler Bind Showall • Shows all user/server bindings in the cluster141 © 2013 IBM Corporation
  • Traveler HA Administration• Traveler Web Administration is accessible from anywhere Traveler is accessible • If Traveler is in your DMZ or externally accessible make sure your admins have strong HTTP passwords • Admin Console works well on iPad or other tablets • Admin Console is an Xpages app142 © 2013 IBM Corporation
  • Traveler HA AdministrationRepeated Crash Protection• Protects the Traveler server from repeat crashes on a document• Enabled by default in Notes.ini • NTS_BAN_DOC_LIMIT=2 • Default value of 2 prevents more than 2 crashes on any document • Will not push the banned document to a mobile device • NTS_BAN_DOC_SYNCS=3 • Default value of 3 limits number of device syncs per user that run crash protection • Setting either parameter to 0 will disable crash protection• See the documentation for Tell commands to show, remove or manually add a Banned Document • http://curi0.us/crashprotection143 © 2013 IBM Corporation
  • Traveler HA AdministrationTroubleshooting• The Traveler server has built-in commands to make collecting and uploading of diagnostic data to IBM very easy • Tell Traveler PMR • Used to collect and send logs to IBM under a specific PMR number • Tell Traveler –s * pmr <pmr_number> will collect logs from all servers in a cluster and send to IBM • To send to IBM your servers must be able to connect out via FTP • See the documentation for a full list of server troubleshooting commands • http://curi0.us/troubleshooting144 © 2013 IBM Corporation
  • Yada Yada Yada145 © 2013 IBM Corporation
  • General Resources • Domino and Traveler Documentation – http://curi0.us/documentation • IBM Fix Central – http://curi0.us/fixcentral – Modern Seinfeld – https://twitter.com/seinfeldtoday146 © 2013 IBM Corporation
  • Related SessionsINV104 : IBM Enterprise Mobile Strategy and PlatformWhen Tue, 29/Jan 03:00 PM - 04:00 PMWhere Dolphin S. Hem IID103 : Where Do We Go from Here? Whats New with IBM Lotus Notes TravelerWhen Tue, 29/Jan 04:15 PM - 05:15 PMWhere Dolphin S. Hem IV-VID108 : Real World Deployment for IBM Lotus Notes TravelerWhen Wed, 30/Jan 03:00 PM - 04:00 PMWhere Dolphin S. Hem II147 © 2013 IBM Corporation
  • Related SessionsID505 : BYOD at IBM: IBM Lotus Notes Traveler, IBM Connections Mobile, IBM Endpoint Manager and More!When Thu, 31/Jan 08:30 AM - 09:30 AMWhere Dolphin S. Hem ICUST114 : The Salvation Army - US Western: “People Count” and the Virtual, Mobile, Social EnvironmentWhen Wed, 30/Jan 05:30 PM - 06:30 PMWhere Swan SW 7148 © 2013 IBM Corporation
  • Don’t Miss Part 2 Making IBM Traveler Highly Available - Part 2: Extending and Securing The Network • René Winkelmeyer, midpoints GmbH • Detlev Pöttgen, midpoints GmbH • Tuesday January 29th 2:00 PM – 3:45 PM Swan Osprey 1 & 2 If you attended Part 1, you now have IBM Traveler running in a highly available mode. But what about the other points of failure? In this session, well show you how to place either IBM Mobile Connect or the IBM WebSphere Edge server in front of your Traveler environment. These two IBM products bring different approaches to implementing a highly available environment - once you understand what they do, youll be able to select the best fit for your business. This session is intended to introduce you to networking concepts and tools that will enable you to design a complete, resilient and highly available Traveler environment for your organization.149 © 2013 IBM Corporation
  • Contact Us• Mitch Cohen • Chris Whisonant• Blog: • Blog: http://www.curiousmitch.com http://www.bleedyellow.com/blogs/lotusnut• Twitter: @curiousmitch • Twitter: @cwhisonant• Email: mitch@curiousmitch.com • Email: chris.whisonant@bestmethods.com• Skype: curiousmitch • Skype: cwhisonant150 © 2013 IBM Corporation
  • Legal disclaimer © IBM Corporation 2013. All Rights Reserved. The information contained in this publication is provided for informational purposes only. While efforts were made to verify the completeness and accuracy of the information contained in this publication, it is provided AS IS without warranty of any kind, express or implied. In addition, this information is based on IBM’s current product plans and strategy, which are subject to change by IBM without notice. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this publication or any other materials. Nothing contained in this publication is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in this presentation to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in this presentation may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by you will result in any specific sales, revenue growth or other results.a controlled environment. The actual throughput or performance that any user will experience will vary depending upon many factors, including considerations such as the amount of multiprogramming in the users job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve results similar to those stated here. All customer examples described are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual environmental costs and performance characteristics may vary by customer. Adobe, the Adobe logo, PostScript, and the PostScript logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States, and/or other countries. Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both. Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other countries, or both. Intel, Intel Centrino, Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. UNIX is a registered trademark of The Open Group in the United States and other countries. Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. Other company, product, or service names may be trademarks or service marks of others. All references to [insert fictitious company name] refer to a fictitious company and are used for illustration purposes only. 151 © 2013 IBM Corporation