show100: making ibm notes traveler highly available
DESCRIPTION
Session from IBM Connect 2013 on installing, configuring, and migrating to Traveler HATRANSCRIPT
© 2013 IBM Corporation
SHOW 100: Making Traveler Highly Available – Part 1: Traveler Design
Mitch Cohen | Manager of Messaging & Collaboration, Colgate-Palmolive Company
Chris Whisonant | Lead Consultant, Best Methods
2 © 2013 IBM Corporation
About us....
Chris Whisonant
Lead Consultant at Best Methods IBM Lotus Software Administrator since 2002 Blog at http://www.bleedyellow.com/blogs/lotusnut Twitter: @cwhisonant He’s a Slow Talker
3 © 2013 IBM Corporation
About us....
Mitch Cohen
Manager Messaging & Collaboration @ Colgate-Palmolive 2013 IBM Champion for Collaboration Solutions IBM Lotus Software Administrator since 1996 Blog at http://www.curiousmitch.com Twitter: @curiousmitch Mets & Giants fan He’s a Fast Talker
4 © 2013 IBM Corporation
Legalese
This session will include information about the following IBM® products:
IBM Lotus® IBM Lotus Notes® IBM Lotus Notes Traveler® IBM Lotus Domino® IBM DB2® IBM Websphere® Edge Components® IBM HTTP Server®
5 © 2013 IBM Corporation
IBM Software Part Numbers(well, at least some of them...)
IBM Lotus Notes Traveler V8.5.3 Upgrade Pack 2 for Windows Multilingual (CIB9RML)IBM Lotus Notes Traveler V8.5.3 Upgrade Pack 2 Linux for xSeries Multilingual (CIB9SML)IBM DB2 10.1 - Limited Use for Linux on 32-bit AMD and Intel systems (x86) Multilingual (CI6TPML)IBM DB2 10.1 - Limited Use for Linux on AMD64 and Intel EM64T systems (x64) Multilingual (CI6TQML)IBM DB2 10.1 - Limited Use for Windows on 32-bit AMD and Intel systems (x86) Multilingual (CI6TXML)IBM DB2 10.1 - Limited Use for Windows on AMD64 and Intel EM64T systems (x64) Multilingual (CI6TYML)IBM Lotus Domino V8.5.3 32 bit for Windows English (CI1L8EN)IBM Lotus Domino V8.5.3 64 bit for Windows English (CI1L9EN)IBM Lotus Domino V8.5.3 32 bit Linux for xSeries English (CI1LBEN)IBM Lotus Notes and Domino V8.5.3 Upgrade Pack 1 English (CI5HUEN)
6 © 2013 IBM Corporation
Agenda
The Set Up Prepare Domino for Traveler Install Traveler Standalone Installation DB2 Installation Creating the Traveler Database Migrating Standalone Server to HA Installing Additional Traveler Servers Migration Scenarios Traveler HA Administration Yada Yada Yada (Q&A)
7
The Set Up
© 2013 IBM Corporation
8
HA Traveler Architecture Map
• HTTP Load Balancer listening on single user-facing public DNS address
• Multiple Traveler Servers pointing to relational database server
• Pointing to one or more Domino mail servers
© 2013 IBM Corporation
9 © 2013 IBM Corporation
Load Balancer General Notes
Moving to an HA HTTP environment may be new to Domino Admins Many different options are available, ranging from open-source freeware to
licensed software to hardened appliances. Some options are below:– Big-IP F5– Apache or IBM HTTP Server– IBM WebSphere Edge Components– HAProxy– Amazon ELB (used in this session)– See also other options that may be mentioned in the follow-up session to this
one. Gets even more fun when you need to provide redundancy for the load balancers!
10 © 2013 IBM Corporation
Load Balancer General Notes You should configure your load balancer with Session Persistence– Once a device is connected it will sync with one server for the duration of the
persistence– Load Balancer Persistence should be longer than the Heartbeat Algorithm Max
Interval• Default is 15 minutes you should increase to at least 30• If Heartbeat Algorithm Max is 30 Load balancer persistence should be 31
11 © 2013 IBM Corporation
Load Balancer General Notes
Monitoring• Your Load Balancer needs to be able to determine if Traveler is available• Just pinging the box is not enough • The load balancer needs to understand when traveler is not running to mark
the node down and direct traffic to other nodes in the cluster
12
Standalone Traveler Architecture Map
• Firewall and/or DMZ placement is per corporate policies
• Single Traveler Server with Derby State Database
• Pointing to one or more Domino mail servers
© 2013 IBM Corporation
13
Kramer's Standalone Traveler Architecture Map
• Single Traveler Server with Derby State Database
• Pointing to single Festivus Domino mail server
© 2013 IBM Corporation
14
HA Traveler Architecture Map
• HTTP Load Balancer listening on single user-facing public DNS address
• Multiple Traveler Servers pointing to relational database server
• Pointing to one or more Domino mail servers
© 2013 IBM Corporation
15
Kramer's HA Traveler Architecture Map
• Amazon ELB listening on single user-facing public DNS address
• Multiple Traveler Servers pointing to DB2 server
• Pointing to single Festivus Domino mail server
© 2013 IBM Corporation© 2013 IBM Corporation
16
A word about Clusters
• We will be referring to Traveler Clusters
• These are Traveler Servers all connected to the same database to provide High Availability for Traveler
• These servers are NOT Domino Clusters
• Clustering of Traveler Servers is not supported or needed
© 2013 IBM Corporation
17
Prepare Domino for Traveler Install
© 2013 IBM Corporation
18 © 2013 IBM Corporation
Prepare Domino for Traveler Install
What You Will Learn─ Steps to prepare your Domino Server before installing Traveler─ Why you should use Internet Site Docs─ Security Recommendations
What Has Been Completed So Far─ IBM Lotus Domino Server version 8.5.3 has been installed
─ Remember to check for the latest Domino Fixpacks
19 © 2013 IBM Corporation
Prepare Domino for Traveler Install
The Traveler server should be installed on a dedicated system
• Don't install on existing mail server or other utility/application server
• Traveler server versions will be updated on different timeframes than other servers
• Traveler version may be higher than mail server's version
• Traveler network placement will likely be different than where you will place other servers
20
Prepare Domino for Traveler Install
• Mail File Access
• The Traveler Server(s) need to have access to:
• Mail files for Traveler Users
• LocalDomainServers can be added to ACL
• Mail servers for Traveler Users
• Mail Server must be Domino 7.0.2 or higher
• Template must be 6.5 or higher
• Consider other mail file cleanup
• Replicate unread marks between servers
© 2013 IBM Corporation
21
Prepare Domino for Traveler Install
• Mail File Access
– User can verify requirements are met by logging into Traveler server from computer or mobile device
© 2013 IBM Corporation
22
Prepare Domino for Traveler Install
• Decide on your server topology
• In our demo the Traveler servers are in their own Domino Domain, in the same Org as the mail servers
• Kramer is our Traveler domain
• Seinfeld is our Mail domain
© 2013 IBM Corporation
23
Prepare Domino for Traveler Install
• By default Internet Site Documents are disabled
• Change to enabled in the server doc
• Traveler will configure your Internet Site Document during installation
© 2013 IBM Corporation
24
Prepare Domino for Traveler Install
• Before Installing Traveler make sure Internet Site Documents is enabled
• Look for this in your server console or log
12/20/2012 02:25:36 PM HTTP Server: Warning, Internet Site Configuration View is enabled but does not contain any Web Sites12/20/2012 02:25:36 PM HTTP Server: Using Web Configuration View12/20/2012 02:25:39 PM JVM: Java Virtual Machine initialized.12/20/2012 02:25:39 PM HTTP Server: Java Virtual Machine loaded12/20/2012 02:25:44 PM XSP Command Manager initialized12/20/2012 02:25:48 PM HTTP Server: Started
© 2013 IBM Corporation
25
Prepare Domino for Traveler Install
• Security
• Set up your Server Access and Deny Access lists
• Make sure to Enforce Server Access Settings for HTTP
© 2013 IBM Corporation
26
Prepare Domino for Traveler Install
• Notes on enforcing server access settings for HTTP
• Forces the HTTP task to use the same Domino Server security settings as on the Server Document's Security tab
• Use in tandem with Anonymous HTTP access; if anonymous is open, then this setting is highly recommended
• Without this enabled, HTTP security will be wide open to the extent that ACL's have been properly restricted.
• Potential caveats with this on servers that could have access incoming that is external to the Domino Directory (DIIOP, etc...)
• Which is not a problem here because you installed Traveler on a dedicated server
© 2013 IBM Corporation
27
Prepare Domino for Traveler Install
• Check your FQDN on the server basics tab and on the Ports configuration
• Check your DNS
• You are ready to install Traveler
© 2013 IBM Corporation
28
Traveler StandaloneInstallation
© 2013 IBM Corporation
29 © 2013 IBM Corporation
Traveler Standalone Installation
What You Will Learn
– Steps necessary to install the IBM Traveler software
What Has Been Completed So Far
• IBM Lotus Domino Server version 8.5.3 has been installed
• Prepare the Domino Server Document per existing corporate standards
• Enabled Internet Site Documents
30
Traveler Standalone Installation
• Traveler Install is the same for standalone and high availability
• All Traveler Servers install using Derby (standalone)
• Connecting to DB2 or MS SQL is a post install step which we will cover later
© 2013 IBM Corporation
31 © 2013 IBM Corporation
Traveler Standalone Installation
Select your languageClick OK
32 © 2013 IBM Corporation
Traveler Standalone Installation
Optionally choose to view IBM's Information Site– http://curi0.us/documentation– Click Next
33 © 2013 IBM Corporation
Traveler Standalone Installation
Accept the license agreement (to continue)Click Next
34 © 2013 IBM Corporation
Traveler Standalone Installation
Select your Program and Data DirectoriesThis should automatically be detected
Click Next
35 © 2013 IBM Corporation
Traveler Standalone Installation
Choose whether or not to set /traveler as the default page for the Domino Web Server (Select this… trust us)
Click Next
36 © 2013 IBM Corporation
Traveler Standalone Installation
Choose whether the connection to Traveler is direct or via a proxy
Click Next
37 © 2013 IBM Corporation
Traveler Standalone Installation
Input the Traveler URLFor Production environments SSL is Strongly recommended
We did not configure SSL in our demoThis can be changed later
Click Next
38 © 2013 IBM Corporation
Traveler Standalone Installation
Use this option to upgrade Domino to UP1 as wellThis is mandatory if UP1 is not already installedYou Must use Domino 8.5.3 UP1 Not the OpenNTF XPages
Extension LibraryClick Next
39 © 2013 IBM Corporation
Traveler Standalone Installation
Review the Installation optionsClick Install
40
Traveler Standalone Installation
Validating Domino 8.5.3 UP1 Installation
•After starting Domino, issue the following command:
tell http xsp diag com.ibm.xsp.extlib
•If everything installed properly, you will get 2 lines echoed back:
– update@../../extlib/eclipse/plugins/com.ibm.xsp.extlib_8.5.3.20111208-0711.jar
– No unresolved constraints
•This will confirm that extlib is installed (as it is installed as part of Domino UP1)
•For this session we are running:
– Domino 8.5.3 FP3 Update Pack 1
– Traveler 8.5.3 Update Pack 2
© 2013 IBM Corporation
41
Traveler Standalone Installation
• When you start Domino the Traveler and HTTP Tasks will start up automatically
• Confirm the Internet Site Document and Redirect rules were created
© 2013 IBM Corporation
42
Traveler Standalone Installation
• To prepare for an HA Install create a Web SSO Configuration for your Internet Site
© 2013 IBM Corporation
43
Traveler Standalone Installation
Web SSO Configuration
• Give your configuration a unique name
• List all servers that will be running Traveler in the cluster
© 2013 IBM Corporation
44
Traveler Standalone Installation
Completed Internet Site
• Created by Traveler Install
• /Microsoft-Server-ActiveSync redirect
• /Servlet/Traveler redirect
• Manually Created for security
• /log.nsf redirect
• /names.nsf redirect
• Manually created to override Form Based Authentication for Traveler
• Override Session Authentication
© 2013 IBM Corporation
45
Installing Traveler Standalone
Our Complete Internet Site for Traveler
© 2013 IBM Corporation
46 © 2013 IBM Corporation
Traveler Standalone Installation
Set your number of active threads to 1.2 times the number of devices
Default is 100 threads (roughly 84 devices)Account for the maximum you may need in failover mode (total
devices in cluster)
47 © 2013 IBM Corporation
Traveler Standalone Installation
Maximum Memory Size for Traveler Server Task• Default is 512MB• Max is 4GB• This is NOT httpjvmmaxheapsize (that should not be set)
External Server URL (notice this is different than the actual Traveler server)Access (or Not Access) Server field is where you can specify a group who can
access Traveler
48
Traveler Standalone Install
Auto Sync Settings
• Defaults are pictured here
• If all Traveler Clients are 8.5.2 or later set “Port for TCP Connections” to 0
• Must be Set to 0 for HA
• For Traveler Standalone these are fine
• We will touch more on these later for High Availability
© 2013 IBM Corporation
49
DB2 Installation
© 2013 IBM Corporation
50 © 2013 IBM Corporation
DB2 Installation
What You Will Learn─ Steps necessary to install the IBM DB2 software─ Do not name the DB2 server “DB2”
What Has Been Completed So Far─ IBM Lotus Domino Server version 8.5.3 has been installed─ IBM Lotus Traveler version 8.5.3 UP2 has been installed in standalone mode
51 © 2013 IBM Corporation
DB2 Installation
Note on Supported Versions─ For Traveler 8.5.3 UP2, the supported versions of DB2 are:
• 9.7 FP5• 10.1
─ The install slides in this presentation were made with 9.7 FP4 during original install of 8.5.3 UP1
─ Upgraded to 9.7 FP5 when upgrading Traveler to UP2─ The installation routine will be the same for 10.1─ If you already have DB2 (or MS SQL) administrators (be nice to them – lunch is good),
work with them to determine if there are already systems running supported versions
52 © 2013 IBM Corporation
DB2 Installation
This is the Launchpad where you can view information or install the software
Go to Install a ProductChoose Install New for this server edition
53 © 2013 IBM Corporation
DB2 Installation
Wait for the Installer to go through the preparation process
54 © 2013 IBM Corporation
DB2 Installation
Click Next to proceed
55 © 2013 IBM Corporation
DB2 Installation
Accept the license agreement (to proceed)Click Next to continue
56 © 2013 IBM Corporation
DB2 Installation
Choose the installation type.Typical will suffice for the purposes of TravelerClick Next to continue
57 © 2013 IBM Corporation
DB2 Installation
Choose whether to install, save a response file, or bothChoose response file locationClick Next to continue
58 © 2013 IBM Corporation
DB2 Installation
Choose installation location (perhaps outside of “Program Files” path)
Click Next to continue
59 © 2013 IBM Corporation
DB2 Installation
Specify DB2 administrative user account– Default username is db2admin
Click Next to continue
60 © 2013 IBM Corporation
DB2 Installation
Specify the DB2 instance nameClick Next to continue
61 © 2013 IBM Corporation
DB2 Installation
Recommended to prepare the DB2 tools catalog now– More difficult to add later– Needed for DB2 backups
Click Next to continue
62 © 2013 IBM Corporation
DB2 Installation
Choose whether you wish to set up DB2 system email notifications
Click Next to continue
63 © 2013 IBM Corporation
DB2 Installation
Enable OS security– The two groups above are created in Windows– Assigns certain OS-level privileges to the groups
Click Next to continue
64 © 2013 IBM Corporation
DB2 Installation
Review the installation optionsClick Finish to install DB2
`
65
Traveler DatabaseCreation
© 2013 IBM Corporation
66 © 2013 IBM Corporation
Traveler Database Creation
What You Will Learn─ Steps necessary to create the Traveler DB2 Database
What Has Been Completed So Far─ IBM Lotus Domino Server version 8.5.3 has been installed─ IBM Lotus Traveler version 8.5.3 UP1 has been installed in standalone mode─ IBM DB2 version 9.7 Fixpack 5 has been installed
67 © 2013 IBM Corporation
Traveler Database Creation
After DB2 has been installed the TOOLSDB will be the only existing database
68
Traveler Database Creation
• The SQL Files to create the Traveler Database can be found on a Domino Server with Traveler Installed
• Located in <dominodata>\traveler\cfg\db
• Zip format for Windows
• Compressed Tar format for Linux
© 2013 IBM Corporation
69 © 2013 IBM Corporation
Traveler Database Creation
Extracted Traveler installation will have a TravelerSQL\DB2 folder
70 © 2013 IBM Corporation
Traveler Database Creation
Launch DB2 Command window (db2cmd)• GUI is also available, but real admins will roll with
command lineNavigate to the TravelerSQL\DB2 directoryRun: db2cmd -c -w -i db2 -tvf createDb.sql
– This creates the necessary database using the IBM-supplied createDb SQL command
– tvf: termination character, echo to console, use input file
71 © 2013 IBM Corporation
Traveler Database Creation
If the command is entered correctly it will look like this briefly
72 © 2013 IBM Corporation
Traveler Database Creation
This is sample output from the executed SQL commands.
73 © 2013 IBM Corporation
Traveler Database Creation
In a DB2 Command Window, navigate to the TravelerSQL\DB2 directory
Run: db2 -tvf appGrants.sql– This grants permissions to the database, tables, etc...
74 © 2013 IBM Corporation
Traveler Database Creation
This is sample output from the executed SQL commandsOnce it has completed successfully, you may exit this window.As you can see, the default DB2 user account is LNTUSER
75 © 2013 IBM Corporation
Traveler Database Creation
Going back to the DB2 Control Center, you can see the new TRAVELER database
76 © 2013 IBM Corporation
Traveler Database Creation
Create an OS account for LNTUSER– The password you set for this user will be needed to
configure Traveler later.
77
Migration Standalone Server to HA
© 2013 IBM Corporation
78 © 2013 IBM Corporation
Migrating Standalone server to HA
What You Will Learn─ Steps necessary to migrate a standalone Traveler server to HA
What Has Been Completed So Far─ IBM Lotus Domino Server version 8.5.3 has been installed─ IBM Lotus Traveler version 8.5.3 UP2 has been installed in standalone mode─ IBM DB2 version 9.7 Fixpack 5 has been installed ─ IBM Lotus Traveler database has been created
79 © 2013 IBM Corporation
Migrating Standalone server to HA
Checklist for database connectivity
URL jdbc:db2://travdb.curi0.us
Port 50000
Database Name traveler
User Name lntuser
Password 9MVRvy3cVMH0
80
Migrating Standalone server to HA
• In Standalone Mode Traveler is administered via the Domino Admin Client
© 2013 IBM Corporation
81 © 2013 IBM Corporation
Migrating Standalone server to HA
Copy the db2jcc4.jar from IBM\SQLLIB\java on the DB2 server to the Domino\Traveler\lib folder
Ensure that you copy over this file each time after any Database server upgrades
82 © 2013 IBM Corporation
Migrating Standalone server to HA
Open Windows command prompt and cd to the Domino\data\traveler\util folder
Run the travelerUtil.cmd to set the jdbc url, port, and db name using the valid DB2 credentials
This can be run while the Domino Server is up, but will not take effect until server is restarted
83 © 2013 IBM Corporation
Migrating Standalone server to HA
Database connection will next be validated
84 © 2013 IBM Corporation
Migrating Standalone server to HA
Check the output carefully to verify – Successful connection– DB configuration for Traveler has been saved
Restart the Traveler server now
85 © 2013 IBM Corporation
Migrating Standalone server to HA
Use the travelerUtil.cmd db show command to show the current connectivity information.
86
Migrating Standalone server to HA
• After Connecting the Traveler Server to the Database on the next server restart Traveler will migrate the data from Derby to DB2 (or MS SQL)
• The following data is migrated
• Client Installs
• User Sync Data
• Policies
• If you migrate multiple standalone servers into one DB it will skip
• Duplicate client installs
• Duplicate User Data
• Policies
© 2013 IBM Corporation
87
Migrating Standalone server to HA
• On Server restart watch the console for migration messages
• Console will give frequent updates
• Traveler does not start until migration is completed
© 2013 IBM Corporation
88
Migrating Standalone server to HA
• Example of Client migrating to DB2
© 2013 IBM Corporation
89
Migrating Standalone server to HA
• Make sure you update the External Server URL to reflect the address of the Load Balancer in the Server Document
• If clients are pointing to a URL of a specific server they will continue to sync mail, but not take advantage of HA
• The value set here is what is populated to clients upon installation
© 2013 IBM Corporation
90
Migrating Standalone server to HA
• In Traveler Auto Sync Settings, change the TCP Port for Connections to = 0
© 2013 IBM Corporation
91
Migrating Standalone server to HA
• Traveler is now administered via the web-based Traveler Admin Console
• If you attempt to administer via the Domino Admin Client you will see this
© 2013 IBM Corporation
92
Migrating Standalone server to HA
Disconnecting a Server from a database
• You can remove a database config from a server if needed using the Travel Util Command
© 2013 IBM Corporation
93
Migrating Standalone server to HA
• You will need to confirm the change
• This does not delete any data in the database it only disconnects the specific Traveler server from the database
© 2013 IBM Corporation
94
Migrating Standalone server to HA
• Look for confirmation that the changes were successful
• Can be run with the Domino server up, but does not take effect until next restart
© 2013 IBM Corporation
95
Migrating Standalone server to HA
• On restart, Traveler will be in Standalone mode using a derby DB
• If you remove a server make sure you also update your load balancer
© 2013 IBM Corporation
96
Installing AdditionalTraveler Servers
© 2013 IBM Corporation
97 © 2013 IBM Corporation
Installing Additional Traveler Servers
What You Will Learn─ Steps to add additional Traveler servers to a cluster
What Has Been Completed So Far─ IBM Lotus Domino Server version 8.5.3 has been installed─ IBM Lotus Traveler version 8.5.3 UP2 has been installed in standalone mode─ IBM DB2 version 9.7 Fixpack 5 has been installed ─ Traveler DB2 database has been created ─ Traveler Server has been connected to DB2
98
Installing Additional Traveler Servers
Traveler is running in HA mode you can now add additional servers into the cluster.
•Create your Server ID
• Add the server to the Web Site
• Add the server to the Web SSO Configuration
• Set up Server Access consistent with existing Traveler Server
•Install Domino
•Install Traveler
• For the initial server we first enabled Internet Site Docs to allow the installer to create the Web Site Document, for additional servers we will enable after install and add the server to the existing Web Site
•Enable Internet Site Documents in Server Doc
•Connect Traveler Server to Database
© 2013 IBM Corporation
99
Installing Additional Traveler Servers
• Once your configuration is complete and tested
• Add the server to the Load Balancer
• Since devices point to the load balancer the Workload Manager will automatically distribute the load across servers in the cluster
• Monitor your server availability in the Web Admin console or via Tell Traveler HADR Show
© 2013 IBM Corporation
100
Installing Additional Traveler Servers
Remember...
• Enforce Server Access settings for HTTP
• Lotus Traveler Settings in Server Document
• Maximum Memory Size
• External Server URL
• Access Server/Not access server
• Auto Sync Settings
© 2013 IBM Corporation
101
Installing Additional Traveler Servers
• These settings will come from the Database and do not have to be manually configured for additional servers
• Default Device Policy settings
• Client Installs
• Traveler clusters are NOT Domino Clusters
© 2013 IBM Corporation
102
Migration Scenarios
© 2013 IBM Corporation
103 © 2013 IBM Corporation
Migration Scenarios
What You Will Learn─ Concepts to help you build a migration plan for your environment
What Has Been Completed So Far─ Standalone Traveler has been deployed─ Traveler HA has been built and tested
104
Migration Scenarios
• We will show you 3 common scenarios
• Before you begin, determine your specific requirements. Consider the following:
• How many standalone Traveler servers you have
• How many HA Clusters you want
• How fast you want to migrate
• Can you ask your users to reconfigure their devices
• Any limitations on placement of Load Balancers, Firewall
• Will you upgrade in place or use another machine to migrate
© 2013 IBM Corporation
105
Migration Scenarios
I shouldn't have to remind you about this (but I will)
• Before you begin your migration
• Backups
• Backups
• Backups
• Don’t forget to backup the Derby Database!
© 2013 IBM Corporation
106
Migration Scenarios
Where exactly do I find the Derby Database?
• <dominodata>\traveler\ntsdb
• Shut down Domino to copy or “backup”
© 2013 IBM Corporation
107
Migration Scenarios
• A word of caution about DNS Changes
• iOS can take up to 24 hours to recognize a DNS change
• This is not documented by Apple but has been experienced when changing the DNS of a Traveler server
• If you can avoid a DNS Change when migrating you will make your life easier
• If you have to change DNS
• Lower the TTL of the DNS record prior to migrating
• Set your users expectations appropriately
© 2013 IBM Corporation
108
Migration Scenarios
• No Migration build a new HA Environment
• New install, or clients willing to manually reconfigure their devices
• Standalone to Cluster Migration
• One standalone server into one HA Cluster
• URL For Traveler will remain the same
• Many to One
• If you have multiple standalone Traveler servers and you want to consolidate to one HA Cluster
• Multiple URLs will point to one load balancer
© 2013 IBM Corporation
109
Migration Scenarios
Scenario 1: No Migration build a new HA Environment
•In this scenario
• No users are Connected to Traveler or
• Users are willing to reconfigure their devices manually
• No data will be migrated from any existing servers
•The URL you have chosen should be
• Pointed at your load balancer
• Configured in your server document on the Traveler tab
• in our example the VIP is http://traveler.curi0.us
© 2013 IBM Corporation
110
Migration Scenarios
Scenario 1: No Migration build a new HA Environment
Pros• No Downtime
• Easy to implement
Cons• Requires User intervention
• Will need to maintain 2 environments during transition period
© 2013 IBM Corporation
111
Migration Scenarios
Scenario 2: Standalone to Cluster Migration
© 2013 IBM Corporation
112
Migration Scenarios
Scenario 2: Standalone to Cluster Migration
• In this scenario you are migrating an existing traveler server
• You should move the existing hostname to the load balancer
• You will be migrating data from Derby to DB2 (or MS SQL)
• You will need downtime
• The URL you have chosen should be
• Pointed at your load balancer
• Configured in your server document on the Traveler tab for all servers
• In our example the VIP is http://traveler.curi0.us
© 2013 IBM Corporation
113
Migration Scenarios
Scenario 2: Standalone to Cluster Migration
• In Place Server Migration
• Backup the Derby Database
• <dominodata>\traveler\ntsdb
• Upgrade Traveler to 8.5.3 UP2
• Connect Traveler Server to Database
• On startup Traveler will automatically migrate into the Database:
• Client Installs
• User Sync Data
• Policies
© 2013 IBM Corporation
114
Migration Scenarios
Scenario 3: Many to One
In this scenario you will collapse multiple standalone Traveler Servers into one HA Cluster
• You should move the existing hostnames to the load balancer
• You will be migrating data from Derby to DB2 (or MS SQL)
• You will need downtime
• Each Server can be done individually at different times
© 2013 IBM Corporation
115
Migration Scenarios
Scenario 3: Many to One
Pros• One HA Environment
• Best use of HW resources
• Maximize redundancy
• No Device reconfiguration
Cons• Downtime required for each server
migration
• Supporting multiple URLs
• Complex Migration
© 2013 IBM Corporation
116
Migration Scenarios
Scenario 3: Many to One
© 2013 IBM Corporation
117
Migration Scenarios
Scenario 3: Many to One
Following are some sample steps one would use in a scenario such as this:
• Make sure that server access is consistent for all Traveler servers
• If you are running SSL on Domino
• Will have to move SSL certificate to load balancer
• Work with SSL provider to re-provision certificate for load balancer
• Move IP address to load balancer
• If at all possible, move the IP address to not change DNS
• Verify that users and devices are showing in the HA Admin Console
• Activate the servers on the load balancer to enable user access
• There may be some resource utilization spikes when devices connect
• Test and monitor
© 2013 IBM Corporation
118
Migration Scenarios
Notes.ini Parameters
• NTS_AUTOSTART_HTTP
• Automatically starts HTTP when Traveler starts even if it is not in the server tasks line
• This defaults to True
• During Upgrades or Migrations set this to false to allow Traveler to start but prevent client access
© 2013 IBM Corporation
119
Traveler HA Administration
© 2013 IBM Corporation
120 © 2013 IBM Corporation
Traveler HA Administration
What You Will Learn─ How to Administer Traveler HA
─ Policy Administration─ Client Configurations─ User, Device and Security Administration
What Has Been Completed So Far─ IBM Lotus Domino Server version 8.5.3 has been installed─ IBM Lotus Traveler version 8.5.3 UP1 has been installed in standalone mode─ IBM DB2 version 9.7 Fixpack 5 has been installed ─ IBM DB2 Traveler Database has been created─ Traveler has been Connected to DB2 and Configured for HA─ Additional Traveler Server has been installed
121
Traveler HA Administration
• In Standalone Mode, Traveler administration is performed through the Domino Administrator Client
• User State Data stored in Derby (NTSDB)
• Clients (Android, Nokia, Windows) Stored in <dominodata>\domino\html\travelerclients
• Policies and Security Settings stored in LotusTraveler.nsf
• Administration tasks are performed via the Notes Administrator Client
• When migrating a Standalone server all the above settings are imported
© 2013 IBM Corporation
122
Traveler Standalone Administration
© 2013 IBM Corporation
123
Traveler Standalone Administration
© 2013 IBM Corporation
124
Traveler HA Administration
• In Traveler HA administration is web based
• User State Data is stored in DB2
• Clients (Android, Nokia, Windows) are stored in DB2 and in <dominodata>\domino\html\travelerclients
• New clients processed on one server are distributed to all servers for download
• Policies and Security Settings are stored in DB2
• The Admin client is accessed via your Load Balancer
• http://fqdn/lotustraveler.nsf
• In our example http://traveler.curi0.us/lotustraveler.nsf
© 2013 IBM Corporation
125
Traveler HA Administration
• In Traveler HA administration is web based
• User State Data is stored in DB2
• Clients (Android, Nokia, Windows) are stored in DB2 and in <dominodata>\domino\html\travelerclients
• New clients processed on one server are distributed to all servers for download
• Policies and Security Settings are stored in DB2
• The Admin client is accessed via your Load Balancer
• http://fqdn/lotustraveler.nsf
• In our example http://traveler.curi0.us/lotustraveler.nsf
© 2013 IBM Corporation
126
Traveler HA Administration
• Access to the Web Admin interface is controlled by the ACL on LotusTraveler.nsf
• Must have Administrator Role to manage settings
• Make sure the ACL is the same on all cluster members
© 2013 IBM Corporation
127
Traveler HA Administration
• Device Security
• Deny Access
• Wipe Device
• Clear Deny/Wipe Access
• Device Approvals
© 2013 IBM Corporation
128
Traveler HA Administration
• Device Settings
• Sync Settings
• Calendar
• To Do
• Contacts
• Journal
• Peak and Off-peak Sync Times
• Locking values prevents client changeson user devices
© 2013 IBM Corporation
129
Traveler HA Administration
• Filter Settings
• Message size, attachment and date filters
• Calendar past and future filters
• Journal Date Filter
• To Do Options
• Locking values prevents client changes
© 2013 IBM Corporation
130
Traveler HA Administration
• Device Settings
• Log Level for clients
© 2013 IBM Corporation
131
Traveler HA Administration
• Security Settings
• Security Policies per device (Windows, Nokia, Apple, Android)
• Varies by device
• Require Password / Password requirements
• Encryption
• Prohibit Camera
• Android Only
• Require Application Password• Prohibit copy to clipboard• Prohibit Export of attachments
© 2013 IBM Corporation
132
Traveler HA Administration
• Security Settings
© 2013 IBM Corporation
133
Traveler HA Administration
• Device Access
• You can limit the number of devices a single user can have on the system
• Device approvals are on the Device Security tab
© 2013 IBM Corporation
134
Traveler HA Administration
• Devices
• Lists all Devices in the cluster
• Searchable by User, Device, OS, Build Level (Traveler Clients Only)
• iOS Devices do not have a Build Level
© 2013 IBM Corporation
135
Traveler HA Administration
• Users
• Lists all Users in the cluster
• If a user has multiple devices all devices will always be connected to the same server
• Searchable by Name, Mail Server, Mail File
© 2013 IBM Corporation
136
Traveler HA Administration
• Servers
• Displays the Status of all servers in the cluster
• Shows the same information as “Tell Traveler HADR show”
• Optionally you can set to Auto Refresh
© 2013 IBM Corporation
137
Traveler HA Administration
• Client Software
• Manage Client Versions for Android, Nokia, and Windows
• Set a Default Client Level for each OS
• Individual Client levels can be assigned to specific users for testing
© 2013 IBM Corporation
138
Traveler HA Administration
• New client versions are installed either
• Via server upgrade (i.e. UP1 to UP2)
• Manually when interim fixes are available
• To manually install a new client level
• Copy the client file to the appropriate OS directory in <dominodata>\domino\html\travelerclients
• At the server console run
• set config NTS_CLIENT_UPDATE=
• PATCH will upload client for testing only• FULL will upload client and set as default
• tell traveler client refresh
• The client will be copied in to DB2 and to all the servers in the cluster
© 2013 IBM Corporation
139
Traveler HA Administration
Server Console Commands
• We will cover Tell commands related to HA
• For a comprehensive list of commands visit:
http://curi0.us/travtellcmd
© 2013 IBM Corporation
140
Traveler HA Administration
Server Tell Commands
• Tell Traveler HADR Show
• Shows the Servers in the pool in the server console, same information as displayed in the servers view of the web admin
• Tell Traveler HADR Ping
• Test Connectivity between cluster members
• Tell Traveler HADR Delete
• Delete a cluster member (must be offline before deleting)
© 2013 IBM Corporation
141
Traveler HA Administration
Server Tell Commands
• Tell Traveler Bind
• Used to bind or unbind a user to a specific server in the cluster
• Useful for troubleshooting or monitoring
• Tell Traveler Bind Enable <userid>
• Binds a user to the server the command is issued on
• Tell Traveler Bind Disable <userid>
• unbinds a user to the server the command is issued on
• Tell Traveler Bind Show
• Shows users bound to the server the command is run on
• Tell Traveler Bind Showall
• Shows all user/server bindings in the cluster
© 2013 IBM Corporation
142
Traveler HA Administration
• Traveler Web Administration is accessible from anywhere Traveler is accessible
• If Traveler is in your DMZ or externally accessible make sure your admins have strong HTTP passwords
• Admin Console works well on iPad or other tablets
• Admin Console is an Xpages app
© 2013 IBM Corporation
143
Traveler HA Administration
Repeated Crash Protection
• Protects the Traveler server from repeat crashes on a document
• Enabled by default in Notes.ini
• NTS_BAN_DOC_LIMIT=2
• Default value of 2 prevents more than 2 crashes on any document
• Will not push the banned document to a mobile device
• NTS_BAN_DOC_SYNCS=3
• Default value of 3 limits number of device syncs per user that run crash protection
• Setting either parameter to 0 will disable crash protection
• See the documentation for Tell commands to show, remove or manually add a Banned Document
• http://curi0.us/crashprotection
© 2013 IBM Corporation
144
Traveler HA Administration
Troubleshooting
• The Traveler server has built-in commands to make collecting and uploading of diagnostic data to IBM very easy
• Tell Traveler PMR
• Used to collect and send logs to IBM under a specific PMR number
• Tell Traveler –s * pmr <pmr_number> will collect logs from all servers in a cluster and send to IBM
• To send to IBM your servers must be able to connect out via FTP
• See the documentation for a full list of server troubleshooting commands
• http://curi0.us/troubleshooting
© 2013 IBM Corporation
145
Yada Yada Yada
© 2013 IBM Corporation
146
General Resources
• Domino and Traveler Documentation
– http://curi0.us/documentation
• IBM Fix Central
– http://curi0.us/fixcentral
– Modern Seinfeld
– https://twitter.com/seinfeldtoday
© 2013 IBM Corporation
147
Related Sessions
INV104 : IBM Enterprise Mobile Strategy and Platform
When Tue, 29/Jan 03:00 PM - 04:00 PM
Where Dolphin S. Hem I
ID103 : Where Do We Go from Here? What's New with IBM Lotus Notes Traveler
When Tue, 29/Jan 04:15 PM - 05:15 PM
Where Dolphin S. Hem IV-V
ID108 : Real World Deployment for IBM Lotus Notes Traveler
When Wed, 30/Jan 03:00 PM - 04:00 PM
Where Dolphin S. Hem II
© 2013 IBM Corporation
148
Related Sessions
ID505 : BYOD at IBM: IBM Lotus Notes Traveler, IBM Connections Mobile, IBM Endpoint Manager and More!
When Thu, 31/Jan 08:30 AM - 09:30 AM
Where Dolphin S. Hem I
CUST114 : The Salvation Army - US Western: “People Count” and the Virtual, Mobile, Social Environment
When Wed, 30/Jan 05:30 PM - 06:30 PM
Where Swan SW 7
© 2013 IBM Corporation
149
Don’t Miss Part 2Making IBM Traveler Highly Available - Part 2: Extending and Securing The
Network
• René Winkelmeyer, midpoints GmbH
• Detlev Pöttgen, midpoints GmbH
• Tuesday January 29th 2:00 PM – 3:45 PM Swan Osprey 1 & 2
If you attended Part 1, you now have IBM Traveler running in a highly available mode. But what about the other points of failure? In this session, we'll show you how to place either IBM Mobile Connect or the IBM WebSphere Edge server in front of your Traveler environment. These two IBM products bring different approaches to implementing a highly available environment - once you understand what they do, you'll be able to select the best fit for your business. This session is intended to introduce you to networking concepts and tools that will enable you to design a complete, resilient and highly available Traveler environment for your organization.
© 2013 IBM Corporation
150
Contact Us• Mitch Cohen • Chris Whisonant• Blog:
http://www.curiousmitch.com
• Twitter: @curiousmitch
• Email: [email protected]
• Skype: curiousmitch
• Blog: http://www.bleedyellow.com/blogs/lotusnut
• Twitter: @cwhisonant
• Email: [email protected]
• Skype: cwhisonant
© 2013 IBM Corporation
151
Legal disclaimer
© IBM Corporation 2013. All Rights Reserved.
The information contained in this publication is provided for informational purposes only. While efforts were made to verify the completeness and accuracy of the information contained in this publication, it is provided AS IS without warranty of any kind, express or implied. In addition, this information is based on IBM’s current product plans and strategy, which are subject to change by IBM without notice. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this publication or any other materials. Nothing contained in this publication is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software.
References in this presentation to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in this presentation may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by you will result in any specific sales, revenue growth or other results.a controlled environment. The actual throughput or performance that any user will experience will vary depending upon many factors, including considerations such as the amount of multiprogramming in the user's job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve results similar to those stated here.
All customer examples described are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual environmental costs and performance characteristics may vary by customer.
Adobe, the Adobe logo, PostScript, and the PostScript logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States, and/or other countries.
Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both.
Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other countries, or both.
Intel, Intel Centrino, Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.
UNIX is a registered trademark of The Open Group in the United States and other countries.
Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. Other company, product, or service names may be trademarks or service marks of others.
All references to [insert fictitious company name] refer to a fictitious company and are used for illustration purposes only.
© 2013 IBM Corporation