D2 Config zip export without D2-Config

In a previous post I explained how to perform a full import of the D2 configuration without using D2-Config (D2-Config without ActiveX). You can also export the D2-Configuration to a XML file by using the bundled d2configutils in D2-Config. But how about exporting a full D2-Config as a zip file (including images, etc.)?. Well, here you go:

getSManager();
session=sm.getSession("repository");

D2Session.initTBOEx(session,false);
D2Config config=new D2Config(session);

//this will place the zip file in your temp folder
File zipConfigfile = config.getZipExport(null, null, false, new ArrayList());

sm.release(session);

If you want to export just a single application/configuration, just change the second parameter to the name of your application/configuration.

 

DCTM 16.4 Docker+Oracle installation guide

Since v16.4, Opentext doesn’t provide a “preconfigured” Docker image for Documentum running on Oracle. If you want to use a docker image running PostgreSQL you can use the same procedure as described for Full docker CS7.3 PostgreSQL + D2 4.7 installation guide or DCTM 7.3 PostgreSQL with Docker install guide, and you should not have too many issues 😀

This guide will help you setup a VM running CentOS 7 where we will install Oracle (Express) and docker, and will be building a Documentum image. We will split the build in several images to avoid having to do a full rebuild if something goes wrong 😀

Environment

Host:
Windows 10 x64 8GB RAM
VMware Workstation Player 12

Guest:
CentOS 7 x64 25GB HD 4GB RAM 2 cores
Docker 1.13.1

VM Creation

Mount the CentOS 7 DVD image, boot the machine and follow the steps. You can choose to let EasyInstall do the work for you. I used minimal package install to save resources, named the machine vm-dctmdocker, configure the network and set the root password.

Oracle XE setup

  • I copied every installer in $DOCUMENTUM/installers, so:

[dmadmin@vm-dctmdocker opt]$ sudo mkdir documentum
[dmadmin@vm-dctmdocker opt]$ sudo chown dmadmin.dmadmin documentum
[dmadmin@vm-dctmdocker documentum]$ mkdir installers
[dmadmin@dctmdocker installers]$ cp /mnt/hgfs/dctm72/oracle-xe-11.2.0-1.0.x86_64.rpm/Disk1/oracle-xe-11.2.0-1.0.x86_64.rpm .

  • Install needed libraries, run installer, run configuration tool (remember to change the default 8080 port to something else to avoid conflicts with tomcat if you want to use an application server):

[dmadmin@vm-dctmdocker installers]$ sudo yum install libaio bc
[dmadmin@vm-dctmdocker installers]$ sudo rpm -ivh oracle-xe-11.2.0-1.0.x86_64.rpm
[dmadmin@vm-dctmdocker installers]$ sudo /etc/init.d/oracle-xe configure

  • Launch sqlplus to enable remote access and remove the password expiration:

[dmadmin@vm-dctmdocker installers]$ . /u01/app/oracle/product/11.2.0/xe/bin/oracle_env.sh

[dmadmin@vm-dctmdocker installers]$ /u01/app/oracle/product/11.2.0/xe/bin/sqlplus system
EXEC DBMS_XDB.SETLISTENERLOCALACCESS(FALSE);
ALTER PROFILE DEFAULT LIMIT PASSWORD_LIFE_TIME UNLIMITED;
quit

Docker setup

We’ll just install docker, adding dmadmin user to the docker group so we don’t need to use sudo every time we want to run the “docker” command

[dmadmin@vm-dctmdocker installers]$ sudo yum install docker
[dmadmin@vm-dctmdocker installers]$ sudo usermod -a -G docker dmadmin
[dmadmin@vm-dctmdocker installers]$ systemctl restart docker.service

Centos docker image setup

This base image will just add required packages and minor configurations:

[dmadmin@vm-dctmdocker installers]$ docker pull centos
[dmadmin@vm-dctmdocker installers]$ docker build –no-cache -f ./customCentosDockerfile -t custom_centos .

customCentosDockerfile:

FROM centos

MAINTAINER aldago

RUN echo root:root | chpasswd

RUN yum install -y rng-tools.x86_64 unzip libaio sudo tail vi openssh-server; \
yum clean all; \
sed -i ‘s/PermitRootLogin without-password/PermitRootLogin yes/’ /etc/ssh/sshd_config; \
sed ‘s@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g’ -i /etc/pam.d/sshd

RUN /sbin/rngd -b -r /dev/urandom -p /dev/random

Documentum base image setup

This image will install Documentum binaries and Oracle client:

[dmadmin@vm-dctmdocker installers]$ docker build –no-cache -f ./dctmcentosDockerfile -t centos_dctm .

Dockerfile:

FROM custom_centos

MAINTAINER aldago

RUN echo root:root | chpasswd

ADD db/install/oracle-instantclient11.2-sqlplus-11.2.0.3.0-1.x86_64.rpm /tmp/oracle-instantclient11.2-sqlplus-11.2.0.3.0-1.x86_64.rpm
ADD db/install/oracle-instantclient11.2-basic-11.2.0.3.0-1.x86_64.rpm /tmp/oracle-instantclient11.2-basic-11.2.0.3.0-1.x86_64.rpm

RUN rpm -ivh /tmp/oracle-instantclient11.2-sqlplus-11.2.0.3.0-1.x86_64.rpm /tmp/oracle-instantclient11.2-basic-11.2.0.3.0-1.x86_64.rpm; \
rm /tmp/oracle-instantclient11.2-sqlplus-11.2.0.3.0-1.x86_64.rpm; \
rm /tmp/oracle-instantclient11.2-basic-11.2.0.3.0-1.x86_64.rpm

## create dmadmin user
RUN useradd dmadmin; \
passwd -f -u dmadmin; \
mkdir -p /home/dmadmin/.ssh; chown dmadmin /home/dmadmin/.ssh; chmod 700 /home/dmadmin/.ssh; \
echo “dmadmin ALL=(ALL) ALL” >> /etc/sudoers.d/dmadmin; \
sed -i -e ‘s/Defaults requiretty.*/ #Defaults requiretty/g’ /etc/sudoers

# Create folder structure
RUN mkdir /opt/documentum; \
mkdir /opt/documentum/product; \
mkdir /opt/documentum/product/16.4; \
mkdir /opt/documentum/install; \
mkdir /opt/documentum/db; \
chown -R dmadmin:dmadmin /opt/documentum

ADD cs/install/* /opt/documentum/install/
ADD cs/config/installProperties.properties /opt/documentum/install/
ADD cs/config/configProperties.properties /opt/documentum/install/
ADD cs/config/configPropertiesDoc.properties /opt/documentum/install/

ADD db/config/tnsnames.ora /opt/documentum/db/
ADD db/config/fix_tnsnames.sh /opt/documentum/
RUN chown dmadmin.dmadmin /opt/documentum/fix_tnsnames.sh; \
chown dmadmin.dmadmin /opt/documentum/db/tnsnames.ora; \
chmod u+x /opt/documentum/fix_tnsnames.sh; \
chmod u+g /opt/documentum/db/tnsnames.ora

RUN echo “#dctm services” >> /etc/services ; \
echo “dctm164 49001/tcp # 16.4 Repository native connection” >> /etc/services ; \
echo “dctm164_s 49002/tcp # 16.4 Repository secure connection” >> /etc/services ; \
ln /usr/lib64/libsasl2.so.3 /usr/lib64/libsasl2.so.2; \
ln -s /usr/lib/oracle/11.2/client64/lib/libclntsh.so.11.1 /usr/lib/oracle/11.2/client64/lib/libclntsh.so; \
ln -s /usr/lib/oracle/11.2/client64/lib/libocci.so.11.1 /usr/lib/oracle/11.2/client64/lib/libocci.so; \
chown -R dmadmin:dmadmin /opt/documentum/install; \
chmod u+x /opt/documentum/install/serverSetup.bin

USER dmadmin

ENV DOCUMENTUM /opt/documentum
ENV DM_HOME $DOCUMENTUM/product/16.4
ENV LC_ALL C
ENV JAVA_HOME /opt/documentum/java64/1.8.0_152
ENV ORACLE_HOME /usr/lib/oracle/11.2/client64
ENV ORACLE_SID XE
ENV PATH $ORACLE_HOME/bin:$DM_HOME/bin:$PATH
ENV NLS_LANG AMERICAN_AMERICA.AL32UTF8
ENV LD_LIBRARY_PATH=/usr/lib/oracle/11.2/client64/lib:$DM_HOME/bin/FIPS/:$JAVA_HOME/jre/lib/amd64/server:$DM_HOME/bin:$LD_LIBRARY_PATH
ENV R_SHLIB_LD_LIBRARY_PATH=$DM_HOME/bin/FIPS
ENV PATH=/usr/lib/oracle/11.2/client64/bin:$PATH
ENV TNS_ADMIN=/opt/documentum/db

RUN $DOCUMENTUM/install/serverSetup.bin -f installProperties.properties

ENV DBHOST 192.168.231.135

RUN /opt/documentum/fix_tnsnames.sh; \
mv $DM_HOME/bin/dmdbtest $DM_HOME/bin/dmdbtest.bak; \
echo “exit 0” >> $DM_HOME/bin/dmdbtest; \
chmod u+x $DM_HOME/bin/dmdbtest

EXPOSE 22

Documentum repository:

This image will run the repository configuration:

[dmadmin@vm-dctmdocker installers]$ docker build –no-cache -t dctm164 .

Dockerfile:

FROM centos_dctm

MAINTAINER aldago

USER dmadmin

ENV DBHOST 192.168.231.135

RUN sed -i “/SERVER.PROJECTED_DOCBROKER_HOST/cSERVER.PROJECTED_DOCBROKER_HOST=$HOSTNAME” /opt/documentum/install/configProperties.properties; \
sed -i “/SERVER.SMTP_SERVER_NAME/cSERVER.SMTP_SERVER_NAME=$HOSTNAME” /opt/documentum/install/configProperties.properties; \
sed -i “/SERVER.FQDN/cSERVER.FQDN=$HOSTNAME” /opt/documentum/install/configProperties.properties; \
/opt/documentum/product/16.4/install/dm_launch_server_config_program.sh -f /opt/documentum/install/configProperties.properties

RUN sed -i “/dfc.session.secure_connect_default/cdfc.session.secure_connect_default=try_native_first” /opt/documentum/config/dfc.properties

EXPOSE 22 1489 1492 49001 49002

ADD cs/config/startup-dctm.sh /opt/documentum/startup-dctm.sh

USER root
RUN chown dmadmin.dmadmin /opt/documentum/startup-dctm.sh; \
chmod u+x /opt/documentum/startup-dctm.sh

USER dmadmin
CMD /opt/documentum/fix_tnsnames.sh; /opt/documentum/startup-dctm.sh ; bash

Additional information

Custom scripts created for the install:

  • startup-dctm.sh: updates hostname, dfc.properties, runs dm_crypto_boot and starts the repository services.
  • fix_tnsnames.sh: updates tnsnames with Oracle server public IP (which in this example is hardcoded)
  • configProperties.properties: Standard silent install script

If something goes wrong at some point, remember you’ll need to:

  • Delete docker dangling containers
  • Delete user created on database by the installer
  • Delete tablespaces created on database by the installer

 

 

Multiple environments with Composer

Similar to the previous posts about configuring dqMan/DQLTester (Multiple environments with dqMan/DQLTester) and tomcat (Multiple environments with Tomcat/DA), Composer can be launched the same way:

Folder structure:

  • composer.bat
  • properties
    • env1
      • dev
        • dfc.properties
      • prod
        • dfc.properties
    • env2
      • dev
        • dfc.properties
      • prod
        • dfc.properties
  • etc.

Composer.bat:

@Echo off
SETLOCAL ENABLEEXTENSIONS

SET composerfolder=path to composer folder<span id="mce_SELREST_start" style="overflow:hidden;line-height:0;">&#65279;</span>
SET folderbase=dfcproperties
SET parambase=-Ddfc.properties.file=

echo ****************
echo 1. env1 dev
echo 2. env2 prod
...
echo ****************

SET /p var= ^&gt; Choose option:

if "%var%"=="1" goto op1
if "%var%"=="2" goto op2
...

:op1
SET JAVA_TOOL_OPTIONS=%parambase%%cd%\%folderbase%\env1\dev\dfc.properties
goto finish

:op2
SET JAVA_TOOL_OPTIONS=%parambase%%cd%\%folderbase%\env1\prod\dfc.properties
goto finish
...

:finish

start "" /D %composerfolder% /B %composerfolder%\composer.exe
cls&amp;exit

D2-Config without ActiveX

If somehow you find yourself working for a customer with very strict security policies that don’t allow ActiveX components, you can still work with D2-Config even if you cannot install the activex component.

You can access /D2-Config/ConnectDialog.html, ignore the popups and login as usual, then you’ll be redirected to /D2-Config/interface.html?interfaceId=null# which is the page with D2-Config matrix.

Every time you click somewhere you’ll get a popup stating the C6 ActiveX is not loaded but you can simply ignore it, as most of the application will work.

If you need to perform a full import of a configuration, you can do so with the following code (note that this will reset D2-Config configurations):

getSManager();
session=sm.getSession("repository");

D2Session.initTBOEx(session,false);
D2Config config=new D2Config(session);

config.importZip(new File("full path to Zip file with configuration"),
true, null, null, true, true, null);

Map arguments = new HashMap();
arguments.put("-callerUrl", "http://server/D2/");
arguments.put("-all", Boolean.TRUE);
D2Method.start(session, D2RefreshCacheMethod.class, arguments);

sm.release(session);

You’ll need to add to your project d2-api.jar and c6-common.jar, mark as approved the dfc instance used by the program’s dfc, and set the java.security parameter as explained in D2 4.7/16.4 configuration in eclipse

D2 4.7/16.4 configuration in eclipse

This post is quite similar to the Debugging D2 4.5/4.6 previously posted, explaining how to set up D2 without lockbox, but much more simple due to the missing lockbox.

Extract all files from D2/D2-Config to a local folder in your computer, configure a new (tomcat) server in Eclipse, and configure the following parameters:

  • JVM arguments:
    • -Djava.io.tmpdir=”<absolute path to some temp folder>\d2″ (make sure this folder exists)
    • -Djava.security.policy=file:///<absolute path to java.policy file> (the documentation states to change java.policy in your JRE, but I rather use this cleaner solution: create a local java.policy file with a single line:

      grant { permission com.documentum.fc.client.impl.bof.security.RolePermission “*”, “propagate”;}; and reference it with the java.security.policy parameter)

    • Additional memory/custom parameters

Now, start the server, take note of the dfc.keystore id, mark it as approved privilege client in DA and you are good to go.

OTEW 2018 fun

I’m not attending the event being held in Toronto, but I found through twitter this nice url:

http://hol-host05.eastus.cloudapp.azure.com:81/d2-unity-web/ui/app.html -> This is the new D2 UI (and yes, you can use the you-know-which-default-user(s) to log in and check it by yourself) deployed on Azure (which is weird, considering Opentext has its own cloud…)

But, the really funny thing here, are these urls:

http://hol-host05.eastus.cloudapp.azure.com:81/da -> da 7.3 (but with CS 16.4/SQL Server)

http://hol-host05.eastus.cloudapp.azure.com:81/D2 -> hello old D2 vulnerabilities 🙂

http://hol-host05.eastus.cloudapp.azure.com:81/d2-unity-web/repositories -> and you can log in with you-know-which-default-user(s), and you have a nice DQL tool provided by REST services 🙂