ERP 2.50:Professional Appliance Functional Specs
| Languages: |
Introduction
This document contains the functional specifications for the Openbravo ERP Professional Appliance 2.50. At the time of writing this document the product is already developed and implemented. So even though it might look crazy to write the design after the product is already on production, the main purpose is to retrofit it from the product itself, so that it is clear what needs to be tested during the QA cycles.
Requirements
- PostgreSQL as database, version 8.3.x. Ant 1.7.1, Tomcat 6.0.x, Apache httpd 2.2.x, mod_jk 1.2.2x, tomcat-native 1.1.1x, Sun JDK 1.6.0_xx. Only minor version fixes will be provided for this software stack.
- Support both 32bit (x86) and 64bit (x86_64).
- Support for VMware, VMware ESX, VirtualBox, Xen, Parallels, QEMU.
- Stack updates managed by the web administration console.
- Openbravo ERP updates managed by the ERP itself, not the web administration console.
- Security is a high priority, so all passwords should be known by the system integrator and they should be set the first time the appliance is started.
- SSH must be secured with public-key authentication.
Processes
As a system integrator I want install the Professional Appliance for the first time
Depending on the chosen appliance flavor the deployment will be different:
- ISO CD/DVD installation:
- Start the machine with the CD/DVD inserted and reboot the machine.
- Follow the instructions on screen.
- Amazon EC2:
- Create a new security group.
- Create a EBS volume for the backups (e.g. 100GB).
- Boot an instance of the AMI in that security group.
- Attach the EBS to the instance.
- VMware, Xen, VirtualBox, Parallels, QEMU:
- Follow the instructions from the virtualization software to boot the appliance.
Additionally, the web management console requires a first time configuration, to change all the passwords, configure the networking and enable the system notifications, among others.
As a system integrator I want to update the operating system stack to the latest version
The operating system updates are managed by the rPath Administration Console (rAPA). These updates include everything except the ERP. On every update should perform backup
- Select System Updates > Updates from the menu.
- Select Check for Updates.
- A list of available updates appears in the window. If there are no available updates, a message appears saying that no updates are available.
- To install the update, click Apply Now to begin installing the update.
- To schedule the update for installation at a later date, select Schedule and specify the time and date when you want the update to be installed.
As a system integrator I want to update Openbravo ERP to the latest version
The ERP is not managed through the rAPA, but by using the Module Management Console (MMC). So the ERP takes care of this, completely isolated from the stack updates.
As a system integrator I want to back up the entire machine
The appliance includes a backup mechanism that includes the following items:
- Openbravo ERP: source tree directory, database dump and Tomcat context.
- Operating system: web administration console configuration, network configuration, backups settings.
It is possible to run a backup at any time manually, and also to schedule regular backups on a daily, weekly a monthly basis. Both using the web administration console. The backups can be stored in a local filesystem label, NFS share or Samba share. And it is possible to select the number of backups to be kept.
As a system integrator I want to restore Openbravo ERP from a backup
Restoring Openbravo ERP from a previous backup consists of selecting the preferred one from the list of backups in the administration console and clicking on the "Restore" button. Once the restoration process is finished a reboot is triggered.
As a system integrator I want to roll back the last stack update
The operating system software is update by using the web administration console. In some situation a system integration might want to roll back the latest stack updates (e.g. Tomcat was updated from 6.0.18 to 6.0.20. I want to use 6.0.18 again). This is possible by using the Updates -> Rollbacks menu item, and by clicking on the Roll back button on the desired update.
Note : This will rollback only the stack update and the openbravo ERP updates which is done using the ERP application console (https://<openravoer.mydomain.com>/openbravo) will not be restored. To restore one must do it through 'Backup and Restore' on Administration console (https://<openravoerp.mydomain.com:8003)
As a system integrator I want to customize the ERP
The ERP customization is out of the scope of the appliance. Starting from version 2.50 the ERP manages the customizations through modules, so this is the methiod that should be used by system integrators.
As a system integrator I want to clone the production system into a testing system
This can be achieves by using the backup mechanism. That is, by installing the appliance in the second system and restoring the backup there.
It should be noted that the backup also includes networking configuration. So this should be changed as soon as the second system is rebooted.
As a system integrator I want to security access the machine through a terminal session
During the first time web console configuration the user is asked to change the openbravo Linux password, as well as the root user password. The first one is useful to access the server when physical access is possible.
And SSH access is enabled to the system for those cases where remote access is a must. It should be noted however that password authentication is not allowed into this appliance. Instead, the user should use the public key authentication mechanism. The web administration console includes a window where the system integrator can add as many public keys as desired.
As a system integrator I want to install a SSL certificate for Openbravo ERP
As a system integrator I want to install my newly bought SSL certificate. This can be achieved by using the Configuration -> SSL certificate window. There is a form that allow the system integrator to upload a X.509 certificate in PEM format that is used in both the ERP and the administration console itself.
As a system integrator I want to access the system and ERP logs
There are some useful logs for a system integrator, such as the Apache error and access logs, the Openbravo ERP log4j and catalina.out logs, and some additional system logs. The appliance provides this by using the web administration console, in the Maintenance -> Logs menu item. It is possible to either view from directly through the web browser or download the raw files.
As a system integrator I want to manage the system services
The web administration console allows to start, stop and restart the system services that are useful for an Openbravo ERP system integrator. Namely:
- Tomcat.
- OpenSSH.
- Apache httpd.
- PostgreSQL database server.
As a system integrator I want to remotely reboot/shut down the system
Two possibilities to achieve this:
- Use the web administration console, the Maintenance -> Schedule reboot window. This window allows to either shut down or reboot a machine immediately or scheduled for an specific date and time.
- Access the system using SSH, gain root privileges with su and type either reboot or halt.
As a system integrator I want to access the database remotely and in a secure manner
No direct database is provided. The system has a firewall that prevents external users from accessing the database. So a SSH tunnel should be used to forward the database port from the appliance to the system integrator's machine. So that the system integrator is able to access it as if it was local.
As a support team member I want to have a tarball with useful information about the system
The support team usually needs to ask the same kind of initial questions and gather information about some common system files. To fix this problem the appliance provides the Collection Tool window, that basically provides a downloadable tarball file with useful information about the ERP and the system.
Required deliverables
Base
- Support for 32bit (x86) and 64bit (x86_64).
- Support for multiple virtualization systems: VMware Player/ESX, Xen, Virtualbox, QEMU, Parallels and Amazon EC2.
- PostgreSQL as the database server.
- Secure the machine by requiring SSH access through public key authentication.
Web administration console
The web administration console should provide the following features:
- Backup/restore mechanism that permits restoring completely the appliance in case of a complete disaster (e.g. hardware failure). Both in the local file system (e..g a separate disk) or in a remote share (NFS, Samba).
- Stack updates and rollbacks.
- Manage the services relevant to the ERP.
- Manage the SSH public keys required to access the system remotely.
- View the system and ERP logs, the revelant ones for a system integrator.
- Perform remote system maintenance operations, such as rebooting or shutting down the machine.
- Ability to upload a SSL certificate so that the ERP can use it.
- Force the user to change all the password on the first web console configuration (regular, root and, web console users).
- Provide an easy mechanism for system integrators to attach a collection tarball to a support ticket, with useful information about the system.