Differences

This shows you the differences between two versions of the page.

--- tutorial:adm:server_preparation_tmp [2020/07/24 08:29]
fiserp [DB server configuration]
+++ tutorial:adm:server_preparation_tmp [2020/07/24 08:51]
fiserp [Tomcat]
@@ Line 142: / Line 142: @@
-==== DB server configuration ====
+==== Database server configuration and sizing ====
   * Enable the password authentication.
@@ Line 158: / Line 158: @@
   * Adjust DB instance sizing.
-    * In following snippet, we presume the system has 3GB of memory dedicated for the database. **For your deployment, adjust the sizing accordingly. Use a [[https://pgtune.leopard.in.ua/#/|calculator]] if in doubt**.
+    * In following snippet, we presume the system has 3GB of memory dedicated for the database and about 100 db connections. **For your deployment, adjust the sizing accordingly. Use a [[https://pgtune.leopard.in.ua/#/|calculator]] if in doubt**.
     * We also log queries running longer than 200ms.
-In a file ''/data/pgsql/12/data/postgresql.conf'' edit (add those if not exist) lines:
+In a file ''/data/pgsql/12/data/postgresql.conf'' change (or add) following lines:
 <code>
-max_connections = 100			# (change requires restart)
+# This is an EXAMPLE. Use the calculator to adjust for your deployment!
-shared_buffers = 768MB			# min 128kB
+# DB Version: 12
+# OS Type: linux
+# DB Type: web
+# Total Memory (RAM): 3 GB
+# Connections num: 100
+# Data Storage: ssd
+max_connections = 100
+shared_buffers = 768MB
 effective_cache_size = 2304MB
-work_mem = 7864kB
 maintenance_work_mem = 192MB
-min_wal_size = 1GB
-max_wal_size = 2GB
 checkpoint_completion_target = 0.7
 wal_buffers = 16MB
 default_statistics_target = 100
+random_page_cost = 1.1
+effective_io_concurrency = 200
+work_mem = 3932kB
+min_wal_size = 1GB
+max_wal_size = 4GB
 log_min_duration_statement = 200
 </code>
-Restart DB: ''systemctl restart  postgresql.service''
+  * Restart the database
-<note>If you install the database to a different server than the CzechIdM application itself (Tomcat etc.), don't forget to configure PostgreSQL to allow remote SSL connection from that server.</note>
+<code>
+systemctl restart  postgresql.service
+</code>
+<note>If you install the database to a different server than the CzechIdM application itself, don't forget to configure PostgreSQL with SSL certificates and to enforce remote SSL connections.</note>
 ===== Java - CentOS8 =====
-Java must be installed before Tomcat start. It is recommended to use OpenJDK (at least 1.11) from standard OS repository.
+Tomcat application server needs Java installed. We recommend to use OpenJDK 11 from standard OS repository. (OpenJDK 1.8 is also supported, check [[devel:documentation:compatibility|compatibility page]]).
 Installation:
-<code bash>
+<code>
-yum install -y java-11-openjdk-headless java-11-openjdk-devel
+dnf install -y java-11-openjdk-headless java-11-openjdk-devel
 </code>
@@ Line 204: / Line 216: @@
 <code>
 groupadd -r tomcat
-useradd -r -s /bin/nologin -g tomcat -d /opt/tomcat tomcat
+useradd -r -s /usr/sbin/nologin -g tomcat -d /opt/tomcat tomcat
 getent passwd tomcat
 #tomcat:x:995:993::/opt/tomcat:/bin/nologin
@@ Line 216: / Line 228: @@
 </code>
-  * Download Apache Tomcat 8.5.x from the website [[https://tomcat.apache.org/download-80.cgi]] to **/opt/tomcat/**
+  * Download Apache Tomcat 8.5.x from the website [[https://tomcat.apache.org/download-80.cgi]] to ''/opt/tomcat/''
-    * In our exapmle the version is 8.5.8.
+    * In our exapmle the version is 8.5.57.
-  * extract files from archive:
+  * extract files from the archive:
 <code bash>
-tar xzf apache-tomcat-8.5.8.tar.gz
+tar xzf apache-tomcat-8.5.57.tar.gz
 </code>
@@ Line 229: / Line 241: @@
 <code bash>
 cd /opt/tomcat
-ln -s apache-tomcat-8.5.8 current
+ln -s apache-tomcat-8.5.57 current
 </code>
@@ Line 239: / Line 251: @@
 chmod 750 /opt/tomcat
 cd /opt/tomcat/current
-chmod o+rX -R ./
+chmod -R o+rX ./
 chgrp -R tomcat conf/ bin/ lib/
-chmod g+rwx conf
+chmod g+rx conf
 chmod g+r conf/*
 chown -R tomcat webapps/ work/ temp/ logs/