Skip to Content
Version 60.1 by Theodore Petrosky on 2017/05/02 16:08
Show last authors
1 {{info}}
2 The packages will work on CentOS and RedHat Enterprise 5.x or 6.x, or Amazon Linux, with Apache httpd 2.2 or 2.4.
3 {{/info}}
4
5 Installing a deployment environment on platforms that uses RPM packages is now even easier than ever.
6
7 1. Install a JDK. You can install openjdk with Yum (//yum install java-1.6.0-openjdk//) or get the JDK from [[Oracle>>url:http://www.oracle.com/technetwork/java/index.html||shape="rect"]].
8 1. (((
9 Install the Yum repository of the WOCommunity like this:
10
11 {{code language="bash"}}
12 sudo curl -o /etc/yum.repos.d/wocommunity.repo https://raw.githubusercontent.com/wocommunity/wonder/master/Utilities/Linux/wocommunity.repo
13 {{/code}}
14 )))
15 1. (((
16 Once it's done, you can use Yum to install wotaskd and JavaMonitor.
17
18 {{code language="bash"}}
19 sudo yum install wotaskd; sudo yum install womonitor;
20 {{/code}}
21 )))
22 1. (((
23 To install the module for Apache httpd 2.2, run:
24
25 {{code language="bash"}}
26 sudo yum install woadaptor
27 {{/code}}
28
29 for Apache httpd 2.4:
30
31 {{code language="bash"}}
32 sudo yum install woadaptor-httpd24
33 {{/code}}
34 )))
35 1. (((
36 If SELinux is enabled on your system, wotaskd won't be reachable due to its preventing Apache from opening TCP connections. If you're comfortable with allowing Apache to connect to any TCP ports (including external hosts), you can run the following:
37
38 {{code language="bash"}}
39 sudo setsebool -P httpd_can_network_connect=1
40 {{/code}}
41
42
43
44 Alternatively, [[Steven Klassen>>url:http://www.mrxinu.com/||rel="nofollow" shape="rect" class="external-link"]] has written a blog post ([[Custom SELinux Port Access>>url:http://www.mrxinu.com/2013/06/07/custom-selinux-port-access/||rel="nofollow" shape="rect" class="external-link"]]) that outlines how to create and install a wotaskd SELinux module that specifically allows connections to port 1085.
45 )))
46
47 And you're done! When the packages are installed, the services are started automatically. JavaMonitor will be running on port 56789. Your Project Wonder applications goes into ///opt/Local/Library/WebObjects/Applications//.
48
49 If you wish to restart wotaskd or Monitor, startup scripts are located in ///etc/init.d//. You can use the //service// tool to stop or restart them:
50
51 {{code language="bash"}}
52 sudo /sbin/service wotaskd stop
53 sudo /sbin/service womonitor stop
54
55 {{/code}}
56
57 (replace //stop// with //restart// to restart them in one step).
58
59 When Monitor is started, it will report to the console that is available at address like "ip-10-212-110-28" but that is the **internal** address of the Amazon server. The **external** address, which you must use, is available in the AWS console, and of the form "ec2-xx-vv-zz-ww.compute-1.amazonaws.com".
60
61 {{warning}}
62 Don't forget to change the password in JavaMonitor after you made the installation!
63 {{/warning}}
64
65 == Notes on CentOS 7 64/ Apache 2.4 ==
66
67 The yum repositories for deployment artifacts is a little out of date, so these instructions are based on wonder source and compiling the adaptor on the target system.
68
69 ==== Compiling the Apache Adaptor ====
70
71 {{code language="bash" title="Compiling Apache 2.4 WebObjects Adaptor"}}
72 $ sudo yum install httpd httpd-devel
73 $ #I had to use: sudo yum install httpd24 httpd24-devel
74 $ # get the latest wonder source
75 $ git clone https://github.com/wocommunity/wonder.git
76 $ cd wonder/Utilities/Adaptors
77 $ # thanks to alextu for these commands to fix the make.config file
78 $ # (from his docker recipe)
79 $ sed -ri 's/ADAPTOR_OS = MACOS/ADAPTOR_OS = LINUX/g' make.config
80 $ sed -ri 's/ADAPTORS = CGI Apache2.2/ADAPTORS = Apache2.4/g' make.config
81 $ make
82 $ # move the compiled module to the modules directory (check your apache config
83 $ # but the default on CentOS7 is /usr/lib64/httpd/modules
84 $ cp Apache2.4/mod_WebObjects.so /usr/lib64/httpd/modules/
85 {{/code}}
86
87 ==== Configuring Apache for WebObjects ====
88
89 The standard apache.conf (found in the wonder source at wonder/Utilities/Adaptors/Apache2.4/apache.conf) should work fine. Here are a couple of modifications that worked for me:
90
91 The authorization for Apache changed between 2.2 and 2.4. If you're used to "Allow from all" or "Deny from all" you should know that Apache 2.4 syntax has changed so this is how those allows/denies work now. This is a mostly permissive structure restricting some of the verbs that are not used (We have some configs that allow PUT, DELETE, PROPFIND, etc... but they don'tcall me "Little Paranoid Larry" for nothing.
92
93 {{code language="xml" title="Apache Permissions Config"}}
94 WebObjectsAlias /cgi-bin/WebObjects
95 <Location /cgi-bin/WebObjects/>
96 <Limit GET POST OPTIONS >
97 Require all granted
98 </Limit>
99 Require all denied
100 </Location>
101 {{/code}}
102
103 ==== FirewallD ====
104
105 CentOS7 switched to using FirewallD from IP Tables. I've tried to understand firewalld and I'm actually digging it even though it's a big change from IP Tables. Useful info on Firewalld can be found at [[Linux firewalld information at Oracle>>url:http://oracle-base.com/articles/linux/linux-firewall-firewalld.php||shape="rect"]] or [[FirewallD at Fedora>>url:https://fedoraproject.org/wiki/FirewallD||shape="rect"]].
106
107 The cheat sheet commands that help get started are:
108
109 {{panel title="FirewallD Cheat Sheet"}}
110 getting help on the command line: {{code language="none"}}# firewall-cmd --help{{/code}}
111
112 checking the state of the firewall: {{code language="none"}}# firewall-cmd --state{{/code}}
113
114 panic: firewall-cmd ~-~-panic-on{{code language="none"}}# {{/code}}
115
116 stop panic:{{code language="none"}} # firewall-cmd --panic-off{{/code}}
117
118 set a service to a zone for runtime (not persistent) : {{code language="none"}}# {{/code}}{{code language="none"}}firewall-cmd --zone=public --add-service=https{{/code}}
119
120 set a service to a zone permanently: {{code language="none"}}# {{/code}}{{code language="none"}}firewall-cmd --permanent --zone=public --add-service=https{{/code}}
121
122 setup specific ports (like for WO instances) # firewall-cmd ~-~-zone=public ~-~-permanent ~-~-add-port=2000-2020/tcp{{code language="none"}}{{/code}}
123
124 reload the configuration: {{code language="none"}}# {{/code}}{{code language="none"}}firewall-cmd --reload{{/code}}
125
126 find out what services the zone thinks should be handled at runtime (or permanently) :{{code language="none"}} # {{/code}}{{code language="none"}}firewall-cmd (–permanent) --zone=public --list-services{{/code}}
127
128 go nuts and specify rules to within an inch of their lives: # firewall-cmd ~-~-permanent ~-~-zone=public ~-~-add-rich-rule="rule family="ipv4" source address="192.168.0.4/24" service name="http" accept"{{code language="none"}}{{/code}}
129 {{/panel}}
130
131
132
133 ==== SELinux ====
134
135 As is mentioned in [[https:~~/~~/wiki.wocommunity.org/display/documentation/Installing+a+deployment+environment+on+RedHat,+CentOS+or+Amazon+Linux>>doc:documentation.Installing a deployment environment on RedHat, CentOS or Amazon Linux||shape="rect"]],
136 you can open up apache to network connections using the command:
137 \\
138
139 {{code language="bash" title="SELinux "}}
140 $ # make sure you have the policy utils (yum install policycoreutils-python)
141 $ sudo setsebool -P httpd_can_network_connect=1
142 {{/code}}
143
144
145 If you have additional problems with the SELinux configuration, check the context and ownership of files. More useful information on SELinux can be found at [[http:~~/~~/wiki.centos.org/HowTos/SELinux>>url:http://wiki.centos.org/HowTos/SELinux||shape="rect"]].