Installation/rPath Appliance/Administration

Contents 1 Introduction 2 Accessing the Administration Console 3 Using the Configuration Wizard 3.1 Changing the admin password 3.2 Configuring notifications 3.3 Configuring networking 3.4 Back up and restore 3.5 System user password 3.6 System root password 3.7 Manage Entitlements 4 About the Administration Console 5 Status 6 System information 7 Configuration 7.1 SSL certificate 7.1.1 How to get Certified SSL cert 7.2 System user password 7.3 System root password 7.4 System Time 8 Maintenance 8.1 Back up and restore 8.1.1 Configuration 8.1.2 Restoring from a backup 8.2 Collection tool 8.3 Logs 8.4 Manage SSH keys 8.4.1 Linux/BSD/OSX 8.4.2 Windows 8.5 Manage services 8.6 Schedule reboot 8.7 Disaster recovery 9 System Updates menu 9.1 Updates 9.2 Rollbacks

Introduction

If you are using the Openbravo Appliance, you can manage your installation using a convenient web-based administration console.

Accessing the Administration Console

1. Launch your preferred Internet browser.
2. Type https://ip_address:8003 (where ip_address is the system's IP address) into the address bar of your Internet browser. This IP address is displayed at the end of every boot process.
3. The Administration Console appears.
4. The Yourcompany logo which is displayed is a placeholder image. If you configure Openbravo ERP to display your own company logo, the same logo appears in the administration console. If you are administrating more than one instance of Openbravo ERP you can use a different image for each instance of Openbravo ERP, making it easier to identify the console for each different system.
5. Enter the administrator's username and password:
   • User name: admin
   • Password: password
6. Click Sign In.

Using the Configuration Wizard

If you are accessing the Administration Console for the first time, the Configuration Wizard appears. The wizard only appears the first time you log in to the Administration Console. However, any settings you alter within the wizard can be changed later using the console.

Changing the admin password

For security, it is strongly recommended that you change the administrator's password immediately:

1. Enter the new password twice. The password must be at least seven characters long.
2. Click Save.

Configuring notifications

The Configuring e-mail window enables you to specify the address from which Openbravo Network will send system notifications, for example updates or backup notifications.

1. Specify a mail relay host from which e-mails will be sent, for example localhost. A local mail relay server is installed with the appliance. If there are multiple instances of the appliance in your organization, you can set up an address for instance, so that you can tell which address comes from which instance.
2. Specify an address that the appliance will use to send e-mails, for example openbravoerp@mycompany.com. You can enter any valid e-mail address.

Specify the e-mail address or addresses to which the appliance will send notification e-mails by clicking on Add email.

Configuring networking

The networking configuration window shows the network information you specified during the initial setup (if installed from an ISO image). To change any of the network settings, edit the information in the forms. Then click on Save, followed by Restart. Click in Skip Networking Configuration to skip this step.

Back up and restore

You can back up the appliance automatically by scheduling backups in this window. Specify when the backup will take place and where it will be stored.

System user password

For security reasons, it is strongly recommended that you immediately change the user password of the underlying operating system (Linux).

1. Enter the new password twice. The password must be at least seven characters long.
2. To validate this operation, you must enter the admin password as well.
3. Click Save.

System root password

The appliance's virtual machine uses a Linux operating system which has its own root user password. For security reasons, it is strongly recommended that you immediately change this root password.

1. Enter the new password twice. The password must be at least seven characters long.
2. To validate this operation, you must enter the admin password as well.
3. Click Save.

Manage Entitlements

The final page of the configuration wizard requests the optional Openbravo Appliance entitlement key, which provides additional benefits to subscribers of Openbravo 3 Professional & Basic Editions (like receiving system stack updates).

If you are evaluating Openbravo Community Edition, do not worry about the optional entitlement key--you are now ready to access the ERP! To do that, just type http://<IP_ADDRESS>/openbravo in your browser and log in with Openbravo as the username and openbravo as the password (case sensitive).

If you are a subscriber and do not have an entitlement key, please contact your Openbravo partner. Partners, please contact your Channel Business Manager if you need an Openbravo Appliance entitlement key. Note that at this point you are ready to access the ERP (same comment as above), and you can go back at any time to apply the Openbravo Appliance entitlement key.

About the Administration Console

Once you have completed the initial configuration using the Configuration Wizard, you can access the Administration Console to change the configuration settings and manage the system. Select which setting you want to manage:

• Status
• System Information
• Configuration
• Maintenance
• System Updates

Status

This window displays some appliance status information, such as:

• Last update (timestamp).
• Last check (timestamp).
• Next scheduled check (timestamp).
• Status of the configured backup system.

System information

In this window you can view information about the underlying hardware, disk usage, and installed software. The following is displayed:

• The DNS hostname of the appliance.
• The amount of memory (RAM) and swap space allocated to the appliance and free for appliance operations:
  • If the appliance is running directly on server hardware, this is the total amount of memory on that hardware.
  • If the appliance is running as a virtual machine, this is the amount of memory allocated to that virtual machine, which is only a part of the memory on which the hypervisor is running.
• The uptime, which is the amount of time the appliance has been running since its last boot
• The brand and specifications for the processor hardware on which the appliance is running
• The storage on and mounted to the appliance, including the total size of each disk partition, the type of filesystem on each partition, and the available space remaining for storage
• The version number of the appliance.

Configuration

The configuration area of the Administration Console enables you to configure the following:

• Admin Password: the password setting is the same as the one completed using the Configuration Wizard.
• Entitlement key: the Entitlement Key section is the same as the one in the Configuration Wizard.
• Internet Proxy: the proxy server settings are the same as the ones you completed using the Configuration Wizard.
• Networking: the network settings are the same as the ones you completed using the Configuration Wizard.
• Notifications: the notification settings are the same as the ones you completed using the Configuration Wizard.
• SSL Certificate.
• System user password: the user password section is the same as the one in the Configuration Wizard.
• System root password: the root password section is the same as the one in the Configuration Wizard.
• System Time.

SSL certificate

By default, the appliance has a self-signed SSL certificate. If you have an external certificate (for example from Verisign),You can upload the CERT: we recommend using a well known CA (Certificate Authority) how to.

1. Click Browse.
2. Navigate to the SSL certificate file. SSL certificate files have the .pem extension.
3. Click OK to begin uploading the certificate. It will be used by both Openbravo ERP and the Administration Console.
4. You can check for the new Fingerprints displayed

How to get Certified SSL cert

If the ERP is available to the Internet:

• Register a (sub)domain for your ERP server in a DNS server.
• Buy an SSL certificate from a well known CA.
• Upload the SSL certificate to the server via Administration console as described in SSL certificate

If the ERP is not available to a LAN only:

• Register a (sub)domain for your ERP server in a internal DNS server.
• Generate a self-signed certificate.
• Upload the SSL certificate to the server, as described in SSL certificate
• Install the SSL certificate in the JDK keystore, as follows:
  • Download the InstallCert utility

$ javac InstallCert.java
$ java InstallCert <(sub)domain>
$ cp jseecacerts $JAVA_HOME/jre/lib/security
#Restart Tomcat to apply the changes

System user password

Linux users can access the appliance server physically via a terminal. To access the system in this way, an additional password is required. The default is openbravo and the password is set by this window.

Note that this password does not allow you to SSH into the server. A public-private key pair is required for SSH, see TODO:add for more details.

System root password

This windows allows you to change the root password of the underlying Linux operating system. The usage of the root account should be avoided

System Time

Changes to the date and time could result in unexpected behavior such as service timeouts.

To update only the timezone:

1. Select Set Timezone Only.
2. Select the timezone you require.

To adjust the time and date manually:

1. Clear the Synchronize clock with Internet servers checkbox.
2. Select the timezone and time you require from the drop-down list.

To use a network time protocol (NTP) server to set the time:

1. Check the Synchronize clock with Internet servers checkbox. The drop down lists for selecting the time and time zone become unavailable.
2. Type the DNS hostname or IP address of the NTP server in the text box.
3. Click Save.

When you have set the time and time zone, click Proceed to continue, or Cancel to make further changes.

Maintenance

The Maintenance menu contains the following options:

• Back up and restore
• Collection tool
• Logs
• Manage Services
• Manage SSH keys
• Schedule reboot

Back up and restore

Configuration

The Backup and restore window enables you to launch a manual backup of the appliance, schedule regular backups, or restore the system from a backup.

To configure backups and set the backup schedule:

1. Select the Backup Configuration tab
2. From the Enable Backup Schedule option, click Yes.
3. Select how often you want the schedule to take place. You can choose to schedule backups daily, weekly or monthly.
4. If you have selected weekly backups specify which day of the week the backups will take place. If you have selected monthly backups, specify which day of the month the backups will take place.
5. Specify the time of day that the backup will take place.
6. In the Number of Backups box, type the maximum number of backups that will be stored at any one time.
7. From the Backup Type list, select the format of the backup. You can select a Mounted File System, or select one of the following remote shares:
   • Network File System Share (NFS).
   • Windows(R) File System Share (CIFS or SMB).
8. If you selected Mounted File System, label the disc by typing in the Disc Label box.
9. In the Connection Host box, type the IP address or host name and the shared resource name, for example 192.168.1.100/backups. You do not need to type // before the IP address.
10. Specify the connection path. For remote shares (NFS, CIFS, and SMB), this is the full path on the share where the backup should be stored. For mounted filesystems, this is the path relative to the mountpoint where the backups are to be stored.
11. For remote shares, specify a username and password to connect to the connection host, if required.
12. Click Save.

Once you have set up the backup location you can also back up the appliance at any time using the manual backup button:

1. Select the Backups tab.
2. Select Backup Now.

Backing up the system manually does not affect the normal backup schedule. You must set up the backup location in the Backup Configuration tab before performing a manual backup.

To keep informed of tasks that are due to take place without logging into the Administration console, subscribe to the Schedule RSS Feeds

Restoring from a backup

To restore the appliance from a backup, follow these steps:

1. Select the Backup and Restore menu option.
2. Select the Backup tab.
3. Select the backup file you want to restore.
4. Click Restore.
5. Click OK. When the restoration is complete, the appliance is restarted and a notification is sent to the administrator.

Collection tool

In this window you can run a collection operation which creates a compressed archive of important appliance information, and the user can download that file. This is especially useful for support tickets who need this information to help troubleshoot appliance issues.

Use the following steps to collect and download data from the appliance:

1. Click Collect Data to run the collection tool and create the compressed archive file.
2. Click OK when the page displays that the collection completed successfully.
3. Click Download to download the compressed archive file.

Logs

You can view the following Openbravo, Tomcat and Apache httpd logs from the Administration Console:

• Openbravo ERP log: /var/log/tomcat/openbravo.log
• Tomcat log: /var/log/tomcat/catalina.out
• Apache httpd access log: /var/log/httpd/access_log
• Apache httpd error log: /var/log/httpd/error_log

To view a log:

1. Select System Logs.
2. From the drop-down menu, select the log file you require.
3. Click Download to obtain the whole log file.

Manage SSH keys

This page is used to submit your SSH public key data. Multiple keys may be submitted at once; keys should be separated by a newline.

Password authentication is not accepted by the appliance's SSH system, a public/private key pair is required. This means you must create one if you already do not have it.

Linux/BSD/OSX

To generate a public/private key pair:

$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/johndoe/.ssh/id_dsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/johndoe/.ssh/id_dsa.
Your public key has been saved in /home/johndoe/.ssh/id_dsa.pub.
The key fingerprint is:
e9:f2:8f:06:0c:ee:b0:e0:48:3c:1b:ce:31:e8:62:e5 johndoe@laptop
The key's randomart image is:
+--[ DSA 1024]----+
|                 |
|                 |
|                 | 
|    .    .       |
|o  . o  S        |
|oB... o.         |
|B.O+  ...        |
|oB.E.  o..       |
|o      .o..      |
+-----------------+

The contents of /home/johndoe/.ssh/id_dsa.pub should be copied and added to the list of keys.

Windows

Use PuTTYgen to generate a public/private key pair:

1. Download and install Putty using the PuTTY installer.
2. Open PuTTYgen.
3. Make sure that SSH2 DSA is chosen in the parameters section.
4. Click Generate and move the mouse over the grey area to create entropy for the keys.
5. Enter a personal passphrase in Key passphrase and Confirm passphrase. Do not forget this passphrase, you will need it to access the server. Note that the chosen passphrase is a local one on your own machine that allows you access to your keys. This prevents other users accessing the server even if they intercept the private key.
6. Save the public key as, e.g. public_key_putty.txt on your hard drive.
7. Save the private key as, e.g. private_key.ppk on your hard drive.

At the top section of the window copy the contents of the section Public key for pasting into OpenSSH authorized keys file, and paste it into a new line of the Manage SSH keys window.

Manage services

Use the System services page to start, stop and restart the following services:

• Tomcat
• Apache httpd
• SSH
• PostgreSQL

You can also schedule restarts for each service at a particular time:

1. Click the calendar icon next to the service for which you want to schedule a restart.
2. Specify the date and time that the service will restart.
3. Click Save. The time and date of the restart appears underneath the service.

To cancel a scheduled restart:

1. Click the calendar icon next to the service for which the restart is scheduled.
2. Click the date that the restart is due to take place.
3. Click Remove. The restart is removed from the list.

Schedule reboot

Use the Schedule Reboot page to reboot the Administration Console, Schedule a reboot or close down the Administration Console.

To reboot the Administration Console:

1. Click Reboot.
2. Click Yes to confirm your choice.

To shut down the Administration Console:

1. Click Shutdown.
2. Click Yes to confirm your choice.

To schedule a reboot of the Administration Console:

1. Click Schedule.
2. Use the calendar to specify a date and time for the appliance to reboot.

To cancel a scheduled reboot:

1. Select Schedule.
2. Using the calendar, navigate to the date that the reboot is due to take place.
3. Click Remove. The scheduled reboot is removed from the list.

Disaster recovery

In the event of a disaster, complete the recovery process as follows:

1. Reinstall the appliance.
2. Access and log onto the administration console.
3. Select Management > Backup and Restore.
4. Specify the location of the existing backups.
5. Enable backup scheduling. This is necessary to enable a scan for existing backups.
6. In the Backup tab, choose the backup file from which to restore. Click Restore beside the desired backup in the list.
7. Click OK. When the restoration process is finished, the system will restart and a notification e-mail is sent to the administrator.

System Updates menu

The Update menu contains the following options:

• Updates
• Rollbacks

Updates

Use the System Updates window to check for and install updates.

To check for updates:

1. Select System Updates > Updatesfrom the menu.
2. Select Check for Updates.
3. A list of available updates appears in the window. If there are no available updates, a message appears saying that no updates are available.
4. Click the triangle icon to expand the list of updates.
5. To install the update, click Apply Now which will backup the existing ERP and system configuration and begin installing the update.
6. To schedule the update for installation at a later date, select Schedule and specify the time and date when you want the update to be installed.

You can also set up recurrent checks for updates that take place on the time and date of your choosing.

Scheduled checks for updates are performed at a random time between the hour selected and the next hour. The precise hour and minute of the check is displayed on the Updates window.

To schedule a recurrent check for updates:

1. Select System Updates > Updates from the menu.
2. Select the Preferences tab.
3. To enable scheduled updating, select the Check for updates checkbox.
4. Choose from the drop-down list whether you want to check for updates daily, weekly or monthly.
5. For daily updates, specify the time of day that the update will take place.
6. For weekly updates, specify the day of the week and the time that the update will take place.
7. For monthly updates, specify the day of the month and the time that the update will take place.
8. To automatically install any updates, select the Automatically Install Updates checkbox. Clear the checkbox if you want to only be notified when updates are available. It is recommended that you do not install updates automatically, in case the installation takes place while users are operating the system; installing updates while the system is in use can lead to database inconsistencies.
9. Click Save.

Rollbacks

A rollback is a prompt to reverse an update to the appliance software. When each update is made, a corresponding rollback is created. The underlying system places the rollback on top of a stack of previous rollbacks. To roll back the appliance software to a previous state, select how many updates must be reversed, and apply their corresponding rollbacks, starting from the top of the stack.

The rollbacks displayed are those corresponding to the most recent updates, with the highest number being the most recent. Click the corresponding arrow button for a rollback to see what software packages are affected, and click a package name in that display to see how that package will change if the rollback is applied.

Click the corresponding button in the Roll Back column to apply the rollback, returning the appliance software to its state prior to its corresponding update. Rollbacks must be applied in chronological order starting with the most recent. Click Roll Back in the dialog box to confirm your choice.

Category: Maintenance