Raw Iron to Enterprise Server: Installing Domino on Linux

Notes & Domino mit Verse und On-PremisesAdminCamp 2016 – 19. – 21. September
Raw Iron to
Enterprise Server
Devin S. Olson
Installing Domino on Linux

Raw Iron to Enterprise Server
Installing Domino on Linux
• Linux Operating Systems particularly well suited for Domino
• Many administrators hesitant, unfamiliarity with unknown
• Operational Domino Enterprise Server

Notes & Domino mit Verse und On-PremisesAdminCamp 2016 – 19.-21 September
Introduction
• Hands On Session
• Oracle VirtualBox
• Enough room for a 32 Gb VM
• Centos 6 64-bit
• Domino 9 Enterprise Server You MUST have a License!

Who Am I
• Christian
• Husband
• Father
• Biker
• Brewer
• Friend

What to I do?
• Collaborative Solutions Developer at
Czarnowski Display Services
• Notes / Domino consultant since
1995 (that’s R3 for young punks)
• PCLP SA/AD R4.6, R5, R6, R7
(stopped taking tests after that)
• Beer Snob (Anheuser-Busch Certified
Beer Master)
• IBM Champion
• LearningXPages.com
• Installing Domino 9 on Centos

Enough Talk, Let’s Rock!
Download and install Oracle VirtualBox
Latest versions available at
www.virtualbox.org/wiki/Downloads
Linux Host versions available at
www.virtualbox.org/wiki/Linux_Downloads
VirtualBox

Why CentOS 6?
• Using CentOS 6, not 7
• Issues with RPM repository availability
• Issues with glibc libraries
• 7 can be made to work, not recommended (yet)

https://wiki.centos.org/Download
CentOS

Domino Enterprise 9
IBM Passport Advantage Download Central
You MUST have a current license and valid id.
Domino Enterprise 9

VirtualBox Setup
CLASSROOM SETTINGS
Type = Linux
Version = Red Hat (64 bit)
RAM = 2 Gig
Image Type = VDI (Virtual Disk Image)
Image Footprint = Dynamically Allocated
Image Size = 32 Gig
Create VM

VirtualBox Configuration
CLASSROOM SETTINGS
• Add a Virtual Optical Disk Drive pointing CentOS iso.
• Enable Network Adapter 1 attached to NAT
• Enable Network Adapter 2 attached to Host-only Adapter
• Set Name to VirtualBox Host-Only Ethernet Adapter
• Verify different MAC addresses (Advanced settings)
• Start VM
Configure VM

CentOS Installation
• Choose Install or Upgrade Existing – Skip Media Test
• Specify Language
• Basic Storage Devices, discard any data
• Set server name and root password “ac16 | password”
• Specify Time Zone
• Use All Space, Write Changes to Disk
• Reboot when prompted
Install CentOS

CentOS Configuration
Login as root, and check network interface
># ip a
Edit the config files for eth0 and eth1 using vi.
># vi /etc/sysconfig/network-scripts/ifcfg-DEVICENAME
vi commands:
*i <return> to insert text
<esc> to finish inserting text
*:wq <return> to save and quit
Configure Network

(DHCP EXAMPLE)
DEVICE=eth0
HWADDR=123456
NM_CONTROLLED=yes
ONBOOT=yes
BOOTPROTO=dhcp
Configure Network
(STATIC EXAMPLE)
DEVICE=eth0
HWADDR=123456
NM_CONTROLLED=yes
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.0.45
NETMASK=255.255.255.0
GATEWAY=192.168.0.1
Start network when finished
># service network start

Install Packages
># yum –y install bind-utils file gcc lsof ntp patch rsync perl
sg3_utils sudo traceroute wget yum-utils zip unzip
># yum –y update

Verify Services and Security
• Verify cron service is running
• ># service crond status
• ># service crond start
• Turn off and disable SELinux (incompatible with Domino)
• Edit /etc/selinux/config and set SELINUX=disabled
• ># setenforce 0
• Enable and activate time service
• ># ntpdate pool.ntp.org
• ># chkconfig ntpd on
• ># service ntpd start

Configure Firewall 1/4
># chkconfig iptables off
># service iptables stop
># cp /etc/sysconfig/iptables /etc/sysconfig/iptables.bak
># vi /etc/sysconfig/iptables

Find the lines
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
Change default INPUT / FORWARD policies from ACCEPT to DROP
:INPUT DROP [0:0]
:FORWARD DROP [0:0]

Find the line:
-A INPUT -j REJECT --reject-with icmp-host-prohibited
Add the following information immediately prior to the line you just found. If that
line does not exist, add this prior to the COMMIT line.
-A INPUT -m state --state NEW -m tcp -p tcp --dport 389 -j ACCEPT

Save and close the file. *:wq
Verify changes if needed
># cat /etc/sysconfig/iptables
Enable and Start the firewall
># chkconfig iptables on
># service iptables start

User Accounts
Without going into too much unnecessary detail, all Linux user
accounts require a minimum of two things: a username, and a
primary group with which the user account is associated. Your
Domino server will need to run using a Linux account, which
means you need to decide upon a group name and a user name
for your Domino server. This can be as simple as “servergroup”
and “server”, or (if you follow IBM’s documentation), “Notes” and
“Notes”.
NEVER run Domino AS root

Create Group and User
Create the Group
># groupadd notesgroup
Add the User
># useradd -gnotesgroup -s/bin/bash -d/home/notes -m notes
Set a password
># passwd notes

SSH Service
SSH is used to remotely access and administer our Domino Server.
• Configure and Start the SSH Service
># chkconfig sshd on
># service sshd restart
• Note the IP address of the eth1 (Host-Only adapter) network card
># ip a
• Open an SSH session to the server
• Windows: use Putty and enter ip address, username, and password.
• Mac: Open a command window and enter
• ssh notes@ip address
• Change to Super User (root) and enter password
• >$ su

Domino Specific Configuration
># service httpd stop
># chkconfig httpd off
># chkconfig httpd --del
># service sendmail stop
># chkconfig sendmail off
># chkconfig sendmail --del
># yum remove sendmail
Remove Conflicting Services
Verify httpd, sendmail, and postfix services are stopped and disabled
># service postfix stop
># chkconfig postfix off
># chkconfig postfix --del
># yum remove postfix

Increase the number of file handles available for use, and
make them permanent for notes.
># ulimit -n 20000
># vi /etc/security/limits.conf
Add the following lines to the end of the file and save it:
notes soft nofile 65535
notes hard nofile 65535
Reboot the server
># reboot now
Set File Handles

After server reboots, reconnect using SSH as notes, then switch to super user.
Use the export command to set operating system variable.
># export DOMINO_LINUX_SET_PARMS=1
Use vi to add the command to the end of bashrc:
># vi /home/notes/.bashrc
Create the directory for your Domino server
># mkdir /local
># mkdir /local/notesdata
Kernel Tuning and Directory

Create the directory from which to install domino.
># mkdir /install
># mkdir /install/domino9
># cd /install/domino9
Copy the domino installation file to the new directory.
Windows:
Use WinSCP (provided on thumb drive) .
Mac:
scp –v filename root@ipaddress: /install/domino9/filename
Install Directory and Get Domino

From your SSH console, use the tar command to check the file.
># tar -tvf filename
Extract the file (assuming no problems with contents)
># tar -xvf Domino_Installation_file
Navigate down through the folders using the ls and cd command as
needed until you find the install file.
Run the file and follow the prompts:
># ./install
Verify, Unpack, Install

Change back to the userid you used to log into the SSH session:
># exit
Change to the /local/notesdata folder:
>$ cd /local/notesdata
Launch the server and put it into listen mode for remote setup:
>$ /opt/ibm/domino/bin/server -listen
Launch the Domino Remote Server Setup Utility and follow prompts to
configure server. Choose yes to shut down server when finished.
Configure Domino Server

STICKY BITS - IMPORTANT
Change su, navigate to the domino server program “root” directory, use the find
command to search for the bindsock program file, and change the permissions.
># su
># cd /opt/ibm/domino
># find -name 'bindsock'
># cd filepath
># ls -l bindsock
-r-sr-xr-x 1 root bin 9880 Sep 20 17:15 bindsock
># chmod +s bindsock
># ls -l bindsock
-r-sr-sr-x 1 root bin 9880 Sep 20 17:15 bindsock
Set Sticky-bit on Bindsock

Launch Domino
Change back to the userid you used to log into the SSH session,
then change to the /local/notesdata folder:
># exit
>$ cd /local/notesdata
Launch the server, only this time do not add any parameters.
>$ /opt/ibm/domino/bin/server

Celebrate

Call to Action
• Figure out who you are
• Be the best at what you do
• Mentor, teach, give

Additional Resources
• Daniel Nashed’s Domino on Unix/Linux Start Script:
- http://www.nashcom.de/nshweb/pages/startscript.htm
• Daniel Nashed’s Blog:
- http://blog.nashcom.de/nashcomblog.nsf
• Devin S. Olson's (that's me!) LearningXPages site:
- www.learningxpages.com
• David Leedy's Notes in 9:
- http://notesin9.com
• Open NTF:
- www.openntf.org
• Planet Lotus:
- http://planetlotus.org

Thank You!
• Devin S. Olson
• devin.olson@azlighthouse.com
• Twitter & Skype: @spanky762
• www.linkedin.com/in/devinolson
• www.facebook.com/default.xsp
• www.learningXPages.com

Raw Iron to Enterprise Server: Installing Domino on Linux

More Related Content

What's hot (18)

Similar to Raw Iron to Enterprise Server: Installing Domino on Linux (20)

More from Devin Olson (17)

Recently uploaded (20)

Raw Iron to Enterprise Server: Installing Domino on Linux