Wednesday, August 28, 2013

Percussion CM System (Rhythmyx) and SQL Server Express on Amazon EC2

imageI am in the process of installing Percussion Rhythmyx 7.0.3 on an EC2 instance in Amazon's AWS cloud. This is a running log of the process that should serve as a how-to for even the most novice Percussion admin.

Amazon AWS EC2 AMI
I created a medium instance using the AMI with Windows Server 2008 R2 Datacenter Ed, IIS and SQL Server Express pre-installed. (Anything smaller than medium will be very slow.)
Windows_Server-2008-R2_SP1-English-64Bit-SQL_2008_R2_SP2_Express-2013.07.10 (ami-86c6baef)
I reserved 40gb storage for the primary drive. (This may have been shortsighted.)

Configure the Amazon Firewall
These are my firewall settings:

Port 80 is open to the world. The rest are locked down to the IP address of my machine at home.
Ports 20-22 are for FTP/sFTP.
Ports 1024-2048 are the fixed range for passive FTP connect mode.
Port 1433 is SQL Server
Port 3389 is Remote Desktop
and 9992-9998 is for CM System.
The read-me notes say that the 6 sequential ports after the main CM port are reserved.

Create the Database
To install CM System to SQL Server Express, you have to first create an empty database for the installer to use.
The SQL Server Management Studio is installed with dbo rights for the administrator, so just login with windows authentication.

Right click on [Databases] in the tree and choose [New Database...]. I called my database "rxMaster".

Since this is a test instance, I like to restrict the log file growth so it doesn't grow out of control...

and I set auto shrink to true under options.

Click [OK] to create.

Create the Percussion User and Set Permissions
Since this is for test use, these permissions are going to be wide open. Please lock everything down for production use.

Open [Security] in the Object Explorer tree and right click on [Logins]. Choose [New Login...]

Under the General tab, I used the login name "Percussion". Choose "SQL Server Authentication" and enter a password. Uncheck "Enforce password policy" to keep the password from expiring. Finally, choose "rxMaster" as the default database.

Under User Mapping, check "rxMaster" under "Users mapped to this login:" and in the default column, type "dbo". Choose "db_owner" for the "Database role membership for: rxMaster".

Click [Ok] to create the user

Enable SQL Server Authentication
I have heard that mixed-mode authentication with SQL Server poses security problems, but I was unable to get CM to install using a local Windows account.

Right click on the server (the topmost node in the object explorer) and choose [Properties]. Click the radio button beside "SQL Server and Windows Authentication mode"

Windows Firewall on the Windows Server
The Windows Firewall on this AMI should already be configured to allow SQL Server to operate... but it doesn't hurt to double check that it is allowed. (I am not sure whether this affects local app to app communications.)

In order to reach your installation from outside the server, create an inbound rule to allow TCP ports 9992-9998. To create this rule, double click [New Rule] on the upper right hand corner of the "Windows Firewall with Advanced Security"

SQL Server Configuration Manager
These steps are very important. If these options are not set, you will get the dreaded generic "Failed to establish connection to the database" error.

Under [SQL Native Client 10.0 Configuration] --> [Client Protocols], ensure that TCP/IP is Enabled. (It is by default in this AMI)

Under [SQL Server Network Configuration] --> [Protocols for MSSQLSERVER] ensure that TCP/IP is Enabled. (It is by default in this AMI.)

Double click TCP/IP above and ensure that [Listen All] is "Yes". (Again, it is by default in this AMI)


Follow the Percussion Installation Guide until you get to the Repository setup.
note: I chose not to install FastForward.
For SQL Server Express, this is how your entry should look:
If you receive the "Failed to establish connection to the database" error when clicking [Next], double check all of the preceding instructions.

Choose rxMaster as the Database

Accept the remaining defaults. Continue past the port warning.
When the installation is complete, click [Done]

I received no error messages, so this is the end of the install. Consult the Installation Guide p.52 to see what warnings and errors look like.

Starting CM System

CM System creates an auto-start windows service to run the CM server, but the server does not start automatically after install.The Rhythmyx Administration Manual covers the start-up process.

In Windows Services, find the entry "Percussion Rhythmyx Server". Right click and [Start]

A message will pop up saying a program is trying to display a message:

Click [View the message] if you want to see the console window while CM system starts up.
If everything runs properly, you should see the JBoss started message at the bottom:

Logging Into CM System 
On the rhythmyx server, you should be able to reach the login prompt here:
Use the default username and password credentials: admin1/demo
The password demo can be used for all of the default accounts.

Note: The usernames and passwords are stored as plain text in the database. For testing this is fine, but for production, use LDAP or some other authentication method.

Install Java
After logging in for the first time, you will be prompted to download and install Java 1.5.0_12. I tend to stick with this version unless other development efforts require a more recent version. As I have upgraded through the years - especially early versions of 1.6.0_xx, I had strange security problems and other compatibility problems crop up. Of course, being out of date, this version is vulnerable to exploits...
Note: If you run into bizarre problems, ensure that you do not have multiple versions of Java installed.

Installation Complete!
Once Java is installed, you are ready to start building your sites

Questions or comments are welcome!

[Edit 8/29/2013 to include server-side Windows Firewall configuration step]
[Edit 11/12/2013 I had an interesting side conversation with S.A. that I thought might be useful for others. An edit of the conversation is provided below.]

Hi Brain. I like to thank you for your blog post on installing Percussion CM on Amazon cloud. I have a couple of questions. Do I need a licensed copy of Percussion or is there a trial available? Also do you know if there is an Amazon ec2 instance that comes with Percussion already installed?
S.A. • Oct 22, 8:25 AM

I am not aware of an EC2 instance with Percussion pre-installed. And no... [as far as I know] They don't offer a demo version of CM System... [When I contacted them, I was told that I had to buy a $5000 developer license for CM system.]
Brien Oct 23, 2:46 AM

Hey thanks for the message. I did download CM1, and tried to install it on an AMI. I am stuck on an error message about Rhythmyx not being available. You don't think I am running into a license issue do you? The install wizard did not prompt me for a license. I think I am little confused about the products they offer. There is CMS, CM1, Rhythmyx. You seem to know quite a bit about them. What is the difference between these products?
S.A. • Oct 23, 5:08 AM

Their product lines are indeed confusing. Once upon a time, they only produced one content management system called Rhythmyx. A few years ago they changed the name of Rhythmyx to CM system. They simultaneously released a new product line called CM1, which is a light version of CM system intended for smaller businesses.

Make sure that Windows firewall is configured to allow all of the ports that I mentioned in my blog. I believe CM1 uses MySQL by default. Make sure that it is running and reachable. [That is the only thing I can think of to check. I made this post while re-tooling my skill set for a project bid that fell through, so I'm afraid I have stopped my re-discovery of Percussion for now.] Percussion has a very active forum full of helpful people. If you have not already, join that forum and post your questions there.
Brien Oct 23, 12:06 PM

No comments:

Post a Comment