Process Server to Process Center Server connectivity
overview
It's common to configure process server as
offline while creating BPM Process Server deployment environment.
Later when you want to convert offline process
server to online process server, you need couple of configuration changes as
detailed below
Before getting into configuration details, you
need to understand, how process server communicating with process center
server; technically process server publish itself to process center server that
I'm available for connection by sending signals at frequent intervals known as
heart beat interval
Understand the Basics
1. Heartbeat interval
Heartbeat interval value is
specified in seconds and it determine whether process server is offline or
online
Heartbeat value '-1'
denotes process server is offline one
Heartbeat value greater
than '0' denotes process server is online one
2.
Process server to Process
Center connectivity
Network connectivity between PS and PC can happen
via http/https protocol
Stated below is default connectivity type between
PS and PC on various BPM versions
3. Process center URL and Process Center Internal URL
Process server connects to process center server
by establishing connection at two end points known as
Process Center URL
'http: //process-center-host-name/ProcessCenter'
Process Center Internal URL
'http: //process-center-host-name/ProcessCenterInternal'
4. Authentication & Authorization
From authentication and authorization perspective
·
Process center should authenticate the process server while it's
getting connected
·
Process center should be able to deploy artifacts into online process
server
To connect to the Process Center
At the time of creating process server deployment
environment using 'BPMConfig'
command line utility you've option to specify separate user account for user
role known as 'ProcessCenterUser';
that'll be used while connecting to process center, if you don't specify
separate user account, it will be mapped to deployment environment administrator
user account
The user mapped to 'ProcessCenterUser' role should be available in both process
center server and process server and should have the same password at both PS
and PC
User doesn't require any special authorization in
Process Center.
To do
deployment on Process Server
To perform online deployment; user mapped to 'BPMAuthor' user role at process
center server should be same and should have same password as user referred
by 'BPMAuthor' user role at
process server
By default 'BPMAuthor'
user role mapped to 'DeAdminAlias',
this alias refers to deployment environment admin user
If you're changing the user mapped to 'BPMAuthor' user role, you should
make sure that the user should have sufficient authority to access and deploy
snapshots on the process server
This user is saved in the LSW_SERVER table in the Process Center database and used when the
process application is deployed to this Process Server
|
Configuring Online Process server
Detailed below is the configuration changes required at BPM 8.5.6
Process Server deployment environment to make it as online
http or https
|
For the sake of simplicity I've decided to use
http connectivity between PS and PC
As you know, BPM version 8.5.0.1 and later https
is default connectivity protocol between PS and PC
|
Heartbeat interval
|
Modify the heart beat interval value as 60 seconds
to make it online
|
URL
|
Specify the process center URL and process center
internal URL
|
ProcessCenterUser
|
Make sure ProcessCenter user role configured at
Process Server deployment environment and the user mapped to this role exists
and carry same password
|
BPMAuthor
|
Make sure user mapped to BPMAuthor user role is
same at PS and PC from all aspects
|
Protocol,
heartbeat interval and URL changes at Process Server
All 3 changes can be accomplished at one stretch as shown below
Following changes are made at Process Server deployment environment
Navigate to bin directory of BPM installation and connect to WSADMIN
Here at line 2, name of the process server cluster is highlighted
Screen shot below highlights the default connectivity type (https) and the heartbeat interval for offline process server before making the change
Line No
|
Commands
|
1
|
wsadmin -conntype NONE
-lang jython -profileName Dmgrprofile
|
2
|
ps = AdminConfig.getid("/Cell:/ServerCluster:PSDE1.SingleCluster/BPMClusterConfigExtension:/BPMProcessServer:/")
|
3
|
print
AdminConfig.show(ps)
|
Here at line 2, name of the process server cluster is highlighted
Screen shot below highlights the default connectivity type (https) and the heartbeat interval for offline process server before making the change
Screen shot below shows the successful execution of wsadmin commands
4
|
AdminConfig.modify(ps,
[['useHTTPSURLPrefixes', 'false']])
|
|
5
|
AdminConfig.modify(ps, [['heartBeatInterval',
'60']])
|
|
6
|
AdminConfig.modify(ps, [['processCenterUrl', 'http://rhelvm.com:9080/bpm/ProcessCenter’]])
|
|
7
|
AdminConfig.modify(ps, [['processCenterInternalUrl',
'http://rhelvm.com:9080/bpm/ProcessCenterInternal’]])
|
|
8
|
AdminConfig.save()
|
|
Screen shot below highlights the default connectivity type (http) and
the heartbeat interval for online process server after change
Protocol change at Process
Center Deployment Environment
Navigate to bin directory of BPM installation at process center host and launch wsadmin prompt
Execute the following command to change the value as false
for useHTTPSURLPrefixes variable
1
|
./wsadmin.sh
-conntype NONE -lang jython -profileName DmgrProfile
|
2
|
pc=AdminConfig.getid("/Cell:/ServerCluster:SingleCluster/BPMClusterConfigExtension:/BPMProcessCenter:/")
|
3
|
AdminConfig.modify(pc, [['useHTTPSURLPrefixes',
'false']])
|
4
|
AdminConfig.save()
|
Screen shot from PC after the change
Here at line 2, highlighted is the name of the process center cluster
Configuring
Process Center user
Login in to process server deployment manager
Navigate to
Deployment Environments >
PSDE1
Click on Authentication
Aliases under Related items
You will get list of authentication aliases configured for deployment
environment
As you see below, all user roles mapped to Deployment environment admin
user account via 'BPMAdminAlias_PSDE1'
We're primarily interested two user roles
ProcessCenterUser
BPMAuthor
|
PorcessCenterUser
By default ProcessCenterUser mapped to deployment environment
administrative user account
To ensure PS connectivity to PC, we need to make sure the user account
mapped to ProcessCenterUser role
should exists in both PS and PC with same password.
You can verify the existing process center connection information at
Deployment Environments >
PSDE1 > Process Server Settings
As you see below, the user name configured to connect with process
center is psadmin, which is the administrator user account for this deployment
environment
We've two options available with us to make this ProcessCenterUser role work
1.
Creating same user account at process center server with same password
as in PS deployment environment
2.
Create new user account at PS and PC with same password, map this user
account to ProcessCenterUser role at
PS
Personally I don't recommend option 1, as it's associated with risk of
using privileged user account to connect to PC
To proceed with option 2, we need to create new user account at PS
Navigate to Users and Groups > Manage Users
And create new user 'pcconnectuser'
Navigate to Security > Global security > JAAS – J2C authentication data
Create new authentication alias 'ProcessCenterUserAlias' with user
account as 'pcconnectuser'
Now, navigate to
Deployment Environments >
PSDE1
Click on Authentication
Aliases under Related items
Map the 'ProcessCenterUser' role to alias
'ProcessCenteruserAlias'
Create same user in Process Center deployment environment
It's not required to assign any roles to this user, creating
user account under manage users is alone sufficient
The above configuration of user role will ensure the
connectivity between PC and PS
Configuring
BPMAuthor user role alias at Process Center server to do deployment
To do online deployment from process center console we need
to make sure the 'BPMAuthor' role at PS and PC should point to same user
account
The simplest way to achieve it by creating user account at PC
same as the one referred by DeAdmin Alias at PS and assign this user with
Administrator, Deployer, Configurator roles
Say by example, the BPMAuthor role at PS deployment
environment mapped to DeAdmin alias which refers user account 'psadmin'
Create the same user account (i.e.) 'psadmin' at process center
deployment environment and map that user account to BPMAuthor role
Screen shot below shows the 'psadmin' user account at PC
Screen shot below shows the authentication alias BPMAuthor
which is mapped to user account psadmin
Screen shot below shows BPMAuthor role at PC mapped with
BPMAuthor alias
Make sure you restart both PS and PC deployment environment to
ensure connectivity between PS and PC
This concludes all configuration changes required to make
process server as online
References:
Hi Prasanna , Do you have any document or steps related to Prod and DR setup in IBM BPM 8.5.5 or 8.5.6
ReplyDeleteI really appreciate information shared above. It’s of great help. If someone want to learn Online (Virtual) instructor lead live training in IBM BPM, kindly contact us http://www.maxmunus.com/contact
ReplyDeleteMaxMunus Offer World Class Virtual Instructor led training on IBM BPM. We have industry expert trainer. We provide Training Material and Software Support. MaxMunus has successfully conducted 100000+ trainings in India, USA, UK, Australlia, Switzerland, Qatar, Saudi Arabia, Bangladesh, Bahrain and UAE etc.
For Free Demo Contact us:
Name : Arunkumar U
Email : arun@maxmunus.com
Skype id: training_maxmunus
Contact No.-+91-9738507310
Company Website –http://www.maxmunus.com
thank you for the tutorial
ReplyDeletetrabzon
ReplyDeleteedirne
van
bingöl
yalova
DRX6T