This chapter provides information and procedures to install and configure different components for Content Filtering service support and management.Prior to performing the installation procedure, this section previews each step to ensure that you are ready to successfully complete the installation.The first thing that you need to do is to ensure that the system hardware has been provisioned properly for your application. This includes:
l Verifying the operating system using the uname -a command.
l
l To use these components different licenses are required from your vendor. To obtain these licenses, contact your local representative.This step is required to configure how the PostgreSQL database engine processes, stores, and retrieves information contained in the various databases stored using the UNIX file subsystem. Failure to configure these settings may cause data loss and will minimally cause errors in the operation. For information on setting the database environment strings, refer to the Setting the PostgreSQL Database System Environment Configurations section.CF Component installation files are distributed as a single compressed file. After the file is obtained, it must be copied to the server and unpacked. It is recommended that you copy the file to a temporary directory on the server.IMPORTANT: For URL Blacklisting functionality, only the WEM and CF-CDP components need to be installed. For Category-based Content Filtering functionality, the WEM, CF-CCI, and CF-CDP with RE components must be installed.
Setting the PostgreSQL Database System Environment ConfigurationsPrior to installing the CF software components onto the different server hardware, there are numerous system environment configuration settings that should be configured. While PostgreSQL will be installed during the GUI-based installation procedure, these settings must be configured manually.Add following values to the system file in the /etc directory and restart the system before continuing with the installation of the CF application components.set msgsys:msginfo_msgmnb=65536
set msgsys:msginfo_msgtql=1024
set shmsys:shminfo_shmmax=0x2000000
set shmsys:shminfo_shmmin=1
set shmsys:shminfo_shmmni=256
set shmsys:shminfo_shmseg=256
set semsys:seminfo_semmap=256
set semsys:seminfo_semmni=512
set semsys:seminfo_semmns=512
set semsys:seminfo_semmsl=32IMPORTANT: After adding the above values to the system file in the /etc directory, restart the system before installation of CF components.
CF application installation files are distributed as a single compressed file with a “.tar.gz” extension. After copying the installation file to the server, use the following procedure to unpack the file.
1 Create a directory, and move the distributed compressed application installation file to it by entering the following commands:mkdir CFAPPS_directory
2 x.x.xx is the version of the CF Component Application installation file. Unzipping this file creates the cf-apps_x.x.xx.tar file from cf-apps_x.x.xx.tar.gz.
4 Un-tar the cf-apps_x.x.xx.tar file by entering the following command:
l cdp_SunOS_x_x_xx.tar: A compressed file containing all of the application files required for CDP, Report Engine, and Database Deliver application.
l cci_x_x_xx.tar: A compressed file containing all of the application files required for CF Customer Care Interface application installation.This section describes the procedure to install Central Decision Point (CF-CDP) server application in GUI mode. The procedure described here assumes that you have already verified the minimum system requirements as specified in the Before You Begin section of this chapter and that the CF-CDP application installation tar file is in your user directory on the server.
l Login account to the server with display terminal (monitor) attached and some X-Windows client installed on server.
l Network connectivity to the CDP server via Telnet or SSH, using some X-Windows client on remote workstation.
l Console: This mode is available to users who do not have an X-Windows client available for remote network connectivity to the CDP server via Telnet or SSH.
l Silent: This mode is used only if the CF-CDP is already installed on the machine. For silent-based mode, user needs to update the installvariables.properties file in the Uninstall_CDP directory while executing “inst” script in silent mode.
1 Go to the directory where cdp_x.x.xx.tar file is located and un-tar it by entering the following command:
l CDP_Installer.bin: The CDP installation binary file.
l uninst: A script to uninstall CF-CDP application.
l README: A text file containing information pertaining to the release.
l inst: A script to install the CF-CDP server.
2 Go to CDP_Install_dir/cdp folder and initiate the installation procedure by entering the following command:
3 Respond to the on-screen prompts with the help of inputs given in the following table and configure various parameters as required.After you have provided the required inputs, the installation process starts and you receive a message indicating that CDP application installation starts on the basis of user inputs.WARNING: Please ensure that you have enough disk space for the installation of CDP application. If sufficient space is not available in the installation directory, cancel the installation process and free-up the disk space to proceed with the installation.
4 During the CF-CDP installation, the CDP Server Startup dialog box appears prompting the user with an option to start all the servers after installation.After all components have started, the Install Complete dialog box appears indicating that the installation was successful.
5 Copy the un-installation script to the cdp_base_directory directory by entering the following command:cp uninst cdp_base_directory/
6 Verify that all the CF-CDP components and processes are successfully started by entering the following command:PID Process Status- PS Monitor Application Not running- Report Engine Server Not running- Database Deliver application Not running- Central Decision Point Server Not running7315 Postgres Server RunningAll of the parameters configured get stored in configuration files located in /<application_base_directory>/etc directory. For more information on the configuration files, see the Modifying CF Components’ Configuration Files section.This section describes the procedure to install Central Decision Point (CF-CDP) server application in console mode. The procedure described here assumes that you have already verified the minimum system requirements as specified in the Before You Begin section of this chapter and that the CF-CDP application installation tar file is in your user directory on the server.The following procedure describes how to install the CF-CDP application in console mode through the installation script.
1 Go to the directory where cdp_x.x.xx.tar file is located and un-tar that by entering the following command:
l CDP_Installer.bin: The CDP installation binary file.
l uninst: A script to uninstall CF-CDP application.
l README: A text file containing information pertaining to the release.
l inst: A script to install the CF-CDP server.
2 Go to CDP_Install_dir/cdp folder and initiate the installation procedure by entering the following command:
3 Follow the on-screen prompts to proceed through the installation script and configure the various parameters as required. Refer to Table 3-1 for descriptions of the configurable parameters within each of the sections of the script.WARNING: Please ensure that you have enough disk space for the installation of CDP application. If sufficient space is not available in the installation directory, cancel the installation process and free-up the disk space to proceed with the installation.
After you have completed the installation configuration and all processes have started, you receive a message indicating that the CF-CDP was successfully installed.
4 Copy the uninstallation script to the cdp_base_directory directory by entering the following command:cp uninst cdp_base_directory/
5 Verify that all the CF-CDP components and processes are successfully started by entering the following command:PID Process Status- PS Monitor Application Not running- Report Engine Server Not running- Database Deliver application Not running- Central Decision Point Server Not running7315 Postgres Server RunningAll of the parameters configured get stored in configuration files located in /<application_base_directory>/etc directory. For more information on the configuration files, see the Modifying CF Components’ Configuration Files section.For WEM installation and configuration procedure, refer to the Web Element Manager Installation and Administration Guide.This section describes the procedure to install Customer Care Interface server application. The procedure described here assumes that you have already verified the minimum system requirements as specified in the Before You Begin section of this chapter and that the CCI application installation tar file is in your base directory on the server.
l Login account to the server with display terminal (monitor) attached and some X-Windows client installed on server.
l Network connectivity to the CCI server via Telnet or SSH, using some X-Windows client on remote workstation.
l Silent: This mode is used only if the CF-CCI is already installed on the machine. For silent-based mode, user needs to update the installvariables.properties file in Uninstall_CDP directory while executing 'inst' script in silent mode.IMPORTANT: Before the installation of this CF-CCI server application make sure that Central Decision Point (CF-CDP) application is installed and running on CF-CDP server.
The following procedure describes how to install the CF-CCI application through the GUI-based interface.
1 Change to the directory where the cci_x.x.xx.tar file is located and un-tar it by entering the following command:
l CCI_Installer.bin: The CCI installation binary file.
l README: A text file containing information pertaining to the release.
l inst: The installation script used to install Customer Care Interface server application.
2 Change to the base directory /cci and then enter the following command:
3 Respond to the on-screen prompts with the help of inputs given in following table and configure various parameters as required.
Enter the absolute installation path and directory on the server in which the CF-CCI server application is to be installed.This parameter creates a base directory cci_base_directory for CF-CCI installation. IP Address of machine Select the IP address of machine from the displayed list of IP address configured on the machine. Otherwise, enter the IP address in the field provided. Java development Kit (JDK) 5.0 Installation Root Directory Root Directory of java installation Enter the root directory on the server in which the Java Development Kit 5 (JDK5) is installed. Enter the IP address of the server on which the Central Decision Point server application is installed. This parameter creates common name cci_user for CCI users. Organization Unit [OU] This parameter creates organization unit name cci_user_org_unit for CCI users. This parameter creates organization name cci_user_org for CCI users. This parameter creates country name cci_user_country for CCI users. This parameter creates key and certificate files at the specified location as keystore_location/keyfile_name for CCI user with absolute path an. Certificate Validity (Days) Enter the validity duration of created certificate for specified user and organization in days. Any value from 1 through 99999 is acceptable. Administrator Password Enter the port number over which CCI PostgreSQL server will run. The valid range is from 1 through 65535.To ensure proper operation and data integrity, the PostgreSQL database instances installed with the CF Element Manager should only be used by this application. Port to Listen Shut Down Command Session Timeout (Mins) Enter the timeout duration in minutes to reset link connectivity. Any value from 1 through 30 is acceptable. Start CCI server during installation After you have provided the inputs, the installation process starts and you receive a message indicating that CCI application installation starts on the basis of user inputs.WARNING: Please ensure that you have enough disk space for the installation of CCI application. If sufficient space is not available in the installation directory, cancel the installation process and free-up the disk space to proceed with the installation.
The installation script starts different processes and the following dialog box appears reporting that the installation was successful.All of the parameters configured get stored in a configuration file located in the /<application_base_directory>/etc directory. For more information on the configuration files, see the Modifying CF Components’ Configuration Files section.
4 In case any of the process is stopped the PSMON process will restart all required processes. However you can stop and restart the CCI server manually by entering the following commands:After verifying the CF-CCI server application installation, user can access the CCI through client station with the following link in web browser address field:To start using CCI and Report Engine, refer to the Customer Care Interface and Report Engine appendix.
2
2 Change to the /cci_base_directory/cci directory and enter the following command:
3 To proceed with the uninstallation, click Uninstall.The uninstall script leaves the /cci_base_directory/ directory in place with several sub-directories.
4 Optional. Delete the secure key and certificate file keyfile_name from the key store locations provided during installation.Once the CF components have been installed according to the information and instructions in this chapter, this information can be used as a reference for performing further configuration of the CF components to customize it to your needs.The CF provides a number of configuration files which can be modified to fine-tune the operation of the application. These files are located in the /<application_base_directory>/etc directory by default.This section provides descriptions for each of the configuration files. Details on the parameters each file contains is located within the files. The default values for these parameters are suitable for most installations. However, the values can be modified using a text editor (such as Vi Editor) if required.CAUTION: For many of these files, the CF application must be stopped and restarted in order for the modifications to take effect. To ensure proper operation, be sure to read and understand all of the information provided in the files prior to making changes.
This section provides descriptions for each of the configuration files that are associated with the CF-CDP application.This file contains CF-CDP specific parameters that are configured for generation of ad-hoc reports. The parameters are also configured to export Optimized Customer Master Database (OPTCMDB) files to CF-CDP.
Minimum Value Maximum Value This indicates the time interval, in minutes, in which CF-CDP Server will check if any database is available from WEM in a preconfigured path. 1440 min (24 hrs) This is the local base directory where CF-CDP will be installed. <Absolute_Path>/cdp This is the directory where WEM can export the latest Optimized Database (OPTCMDB) in CF-CDP. <Absolute_Path>/cdp/cfems This is the path where CF-CDP will keep full DB to be loaded in memory. <Absolute_Path>/cdp/optcmdb This is the path to keep archives of full and incremental updates of OPTCMDB. <Absolute_Path>/cdp/archive This indicates the time interval, in minutes, in which CF-CDP Server will push incremental DBs to STxx in a preconfigured path. 1440 min (24 hrs) This identifies the debugging levels for the CF-CDP logs. The levels are:
n
n
n This config is used only in cdp_deliver script. This can be changed dynamically. This is a flag for suppressing alarms. The possible values are: This field will carry the IP address of the server where alarms and traps are to be sent. If this field is empty the CF-CDP will not generate and send traps. IP address of alarm server This field will carry the port number of the server where alarms and traps are to be sent. If this field is empty the CF-CDP will not generate and send traps. This field will configure community string of the server where alarms and traps are to be sent. If this field is empty the CF-CDP will not generate and send traps. This indicates the port that will be used to create POAs. This specifies the IP address that will be used by CF-CDP Server for generating IOR files.If the field has default loopback interface value then CF-CDP Server will take the first active interface present on the machine.If the specified IP is not active, the CF-CDP Server will not start. IP address of CF-CDP Server This file contains the parameters that are used for configuring the chassis. These parameters can be changed dynamically.
This is the remote Directory Path for each CF-STxx to where Optimized Database can be exported. This is the Black List Remote Directory Path for each CF-STxx to where Optimized Black Listing Database can be exported. This file contains parameters used by the Process Monitor module. These include parameters such as the directories from which CF-related processes are started, polling intervals, and maximum percentage thresholds.
Maximum Value This indicates the Absolute or Relative path for executable file. File name which contains PID of the process. This indicates the Absolute or Relative path for PID file. This is a flag indicating whether the process information should include the information of child processes or not. This indicates the Absolute or Relative path for executable file. File name which contains PID of the process. This indicates the Absolute or Relative path for PID file. This is a flag indicating whether the process information should include the information of child processes or not. This indicates the Absolute or Relative path for executable file. File name which contains PID of the process. This indicates the Absolute or Relative path for PID file. This is a flag indicating whether the process information should include the information of child processes or not. This is the directory path where CF-CDP Server exists. The process which changes frequently can be monitored for threshold limits with a smaller poll interval, say 5 seconds. The directory size does not change suddenly and can be monitored with 1 min or greater than 1min poll interval for threshold limit. Threshold Information: This section provides information needed for the configuration of default threshold values for various parameters monitored by the module. These values are used for default configuration of the threshold values for the parameters.These values indicate maximum percentage threshold limits for the individual parameters as the default values. This is the CPU Utilization Threshold for CF-CDP Server. This is the CPU Utilization Threshold for Report Engine server. This is the CPU Utilization Threshold for database server. This is the Swap space Utilization Threshold. This is the Disk Utilization Threshold for CF-CDP Server. This is the Disk Utilization Threshold for Report Engine server. This is the Disk Utilization Threshold for Database server. This calculates the average of 'NumberofSample' given in the cfg file. This file contains parameters for the operation of the PSMon (Process Monitor) function supported by CF.
Defines the IP address or hostname of the SMTP server to be used to send e-mail notifications. Defines the frequency of process table queries. This is the polling interval. The value must not be less than 10 seconds. This is the final directory threshold (in % on the file system where FinalDirPath present). Keep it blank if you do not want to monitor the final directory. When defined, psmon will never attempt to kill a process ID which is numerically less than or equal to the value defined by the last safe PID.Psmon will never attempt to kill its own process ID or a process ID that is lesser than or equal to 1. Accepts a boolean value of On or Off. Suppresses all notifications from preserved process IDs when used in conjunction with the last safepid directive. Forces this psmon as if the --dryrun command line switch had specified. This is useful if you want to force a specific configuration file to only report and never actually take any automated action. This is enabled in this default distribution configuration to prevent people from blindly executing psmon “out of the box” and causing damage in live environments.The <Process *> scope is commented out by default. It should be used with extreme care. If used, run psmon in 'DryRun' mode by adding the 'DryRun' directive in this configuration file.
n
Minimum Value Maximum Value This directory contains the EDR files to be parsed by Report Engine. <cdp_install_dir>/data This directory contains the reports which will be generated by Report Engine. <cdp_install_dir>/reports This directory contains the archive files which are moved from input directory after completion of parsing. <cdp_install_dir>/archive This flag enables the archiving of report engine files. Possible values are: This indicates the record insertion thread pool size.This parameter is used to open number of database connections. This is the file polling interval (in seconds) in the data directory. This Parser manager threads poll on file InfoMap and allocates file parsing jobs to worked threads. This DB Insert manager threads poll on DB insertion vector queue and allocates record insertion jobs to worked threads. This archive manager threads poll on archive file InfoMap and allocates file archiving jobs to worked threads. This is the time interval, in seconds, after which the statistics will be generated for Report Engine (RE). This is the IP address of the machine where the RE server is running. This indicates the Date-Time format that is supported in EDR files which are getting parsed by RE. Possible values are: This indicates the split interval of 'detailinfo' table in hours. This indicates the time interval after which the index table will be created. This is the retention period for reportsdb (detailinfo tables) in days. This file provides information on the configurables that are associated with the different report types.
This specifies the NAI/MSID (radius-user-name) of the user for which to generate report. This specifies the subscriber ID (radius-calling-station-id) of the user for which to generate report. ReportSchemaFields: The following fields are used for Subscriber Detail report. Each field represents the column in the report. You can select the columns to be represented in report by setting or unsetting these field values. Some fields are set by default.
n
n This is the absolute path of the file mentioning the list of URLs with each URL at new line. This is required for generating URL Summary report. This is the number of threads to be spawned to execute parallel distributed queries. The value must be an integer from 1 through 10.IMPORTANT: Any changes to the parameters in the thr.cfg file need server restart for the modifications to take effect.
Minimum Value Maximum Value This is a flag for enabling or disabling thread pool. The possible values are: This section provides descriptions for each of the parameters in the configuration file, psmon.cfg, associated with the CF-CCI application.This file contains parameters for the operation of the PSMon (Process Monitor) function supported by CF.
When defined, psmon will never attempt to kill a process ID which is numerically less than or equal to the value defined by the last safe PID.Psmon will never attempt to kill its own process ID or a process ID that is lesser than or equal to 1. Accepts a boolean value of On or Off. Suppresses all notifications from preserved process IDs when used in conjunction with the last safepid directive. Forces this psmon as if the --dryrun command line switch had specified. This is useful if you want to force a specific configuration file to only report and never actually take any automated action. This is enabled in this default distribution configuration to prevent people from blindly executing psmon “out of the box” and causing damage in live environments.The <Process *> scope is commented out by default. It should be used with extreme care. If used, run psmon in 'DryRun' mode by adding the 'DryRun' directive in this configuration file.
n This section describes the procedure to configure the application level traps and alarms for Content Filtering applications.All traps need to be defined manually in processmonitor.cfg file in /etc directory at the base directory of CF applications.
2 Change to the /etc directory by entering the following command:cd /application_base_directory/etc
3 Open the processmonitor.cfg file in vi editor by entering the following command:This configuration file contains the supported threshold and trap configuration fields for all CF applications.
4 After opening the file in vi editor, press the Insert key to enable the INSERT mode.
5 Go to the desired section in the processmonitor.cfg and edit the values as required:
6 Save and close the processmonitor.cfg file by entering the following commands:
7 For more information on supported traps and objects at the chassis and application level, refer to the Content Filtering Application MIB and Default Trap Severities in SNMP MIB Reference.
|
| Cisco Systems Inc. |
| Tel: 408-526-4000 |
| Fax: 408-527-0883 |