Configure Remote Search in Docker
This section shows how to configure Remote Search for your HCL Digital Experience 9.5 Docker containers.
Introduction
To support search services when deployed to Docker container platforms in Kubernetes, administrators should configure Remote Search services. This requires a different setup and configuration steps than those used to set up Remote Search on a non-Docker container platform.
- The serverindex.xml file on the Remote Search server when deployed to on-premises environments may have a host name that is not accurate in a container environment with respect to the actual host name of the server hosting the Remote Search server.
- Since Docker dynamically allocates the host names for the containers, the /etc/hosts file doesn’t have static entries for the HCL Digital Experience 9.5 container-based server nor the Remote Search server.
- The WebSphere Application Server ND Administration console will not have correct host names for the HCL Digital Experience container.
Deploying Remote Search in HCL Digital Experience 9.5 Docker containers
Prerequisite: Download the HCL Digital Experience 9.5 Docker containers from your HCL Digital Experience entitlements from the HCL Software License Portal.
The HCL DX 9.5 container update CF181 and higher packages will include a core software and Remote search container. Load both of these images into your Docker repository via the “docker load” command. Note that if your organization has deployed these containers to a corporate Docker repository, you might use “docker pull” instead to put it into your local repository.
hcl-dx-core-image-v95_CF181_xxxxxxxx-xxxx.tar.gz
hcl-dx-dxrs-image-v95_CF181_xxxxxxxx-xxxx.tar.gz
EJBs and host names
HCL Digital Experience 9.5 Container core and Portal Remote Search each use WebSphere Application Server as a base. As these components are on different hosts (containers), they need to communicate via IP. The initial conversation between HCL Digital Experience 9.5 core and the Remote Search server takes place over IIOP (rmi) which is the internet protocol of EJBs.
Ideally, the /etc/hosts file of both containers would have the host
name of the other. In other words, the /etc/hosts file of the HCL
Digital Experience Container core would have a host reference for the Remote Search and vice
versa. However, three factors make this impossible. The containers are based on Red Hat UBI,
the /etc/hosts file is owned by root
, and the
root
password (and sudo
) is not available. Apply the
command below to define host references for the Remote Search service from the Digital
Experience Container core. Therefore, a way to force Docker to write the
/etc/hosts file at container initialization time is needed.
This is done via the Docker switch add-host
.
The situation is further complicated (at least on Linux) by the fact that containers on the default bridge network of Docker cannot DNS name resolve other containers on the same subnet. Therefore, one uses the Docker host as a proxy and starts both containers with the following:
docker run –add-host=dockerhost:172.19.0.1 …
This has the effect of adding an entry in the /etc/hosts file on the HCL Digital Experience 9.5 Container core like this:
172.19.0.1 dockerhost
Those familiar with Docker deployment practices will recognize 171.19.0.1
as the IP bridge address of the host machine that starts the Docker containers. Since all
Docker containers have unique ports and the Docker host machine is not allowed to use these
unique ports, one can refer to a port on any container as
dockerhost:port_number
.
New ConfigEngine tasks
ConfigEngine tasks on the DX Portal Server
./ConfigEngine.sh configure-portal-for-remote-search -DWasPassword={Was Password}
-D
parameters, along with the default values for
each:-Dremote.search.host.name default="remotesearch"
-Dremote.search.host.port default="9043"
-Dremote.search.cert.alias default="remotesearchalias"
-Dremote.search.iiop.url default="iiop://remotesearch:2809"
-Dremote.search.index.directory default="/opt/HCL/AppServer/profiles/prs_profile/SearchCollections"
ConfigEngine
command
is executed: - Retrieve the remote SSL key from the remote search server.
- Export the LPTA key to a file for the Portal server.
- Suppress the automatic creation of the Default Search Server on Portal restart, if it doesn't already exist.
- Set all the Resource Environment Providers for the JCR for WCM Authoring search.
ConfigEngine tasks on the DX Remote Search Server
./ConfigEngine.sh configure-remote-search-server-for-remote-search -DWasPassword={Was Password}
-D
parameters, along with the default values for each:
-Dremote.search.host.name default="remotesearch"
-Dportal.host.name default="portaldocker"
-Dportal.port.number default="10042"
-Dportal.cert.alias default="portaldockeralias"
ConfigEngine
command is executed:- Retrieve remote SSL key from the Portal Server.
- Import the LTPA key exported from the Portal Server in the previous step.
- Edit the serverindex.xml file to have the correct Remote Search server host name.
ConfigEngine
tasks are complete. Since the changes
are IBM WebSphere Application Server Network Deployment-based cluster DX deployment
changes in the profile, the changes are not picked up until the restart. Launch the HCL Digital Experience 9.5 Core and Remote Search containers
To deploy, following is the complete docker run
command for both the HCL
Digital Experience 9.5 Core and Remote Search containers. In these examples,
wpsadmin / wpsadmin
are used as the HCL Digital Experience and WebSphere
Application Server admin user ID and password credentials.
docker run --add-host=dockerhost:172.19.0.1 -d -e WAS_ADMIN=wpsadmin -e WAS_PASSWORD=wpsadmin -e DX_ADMIN=wpsadmin -e DX_PASSWORD=wpsadmin -p 9043:9043 -p 9403:9403 -p 2809:2809 -p 9060:9060 -v /home/dxengineer/Documents/prs_profile:/opt/HCL/AppServer/profiles/prs_profile hcl/dx/dxrs:v95_CF181_20200622-1550
docker run --add-host=dockerhost:172.19.0.1 -d -e WAS_ADMIN=wpsadmin -e WAS_PASSWORD=wpsadmin -e DX_ADMIN=wpsadmin -e DX_PASSWORD=wpsadmin -p 10038:10038 -p 10039:10039 -p 10041:10041 -p 10042:10042 -v /home/dxengineer/Documents/wp_profile:/opt/HCL/wp_profile hcl/dx/core:v95_CF181_20200622-1550
The persisted profile for each container is located at /home/dxengineer/Documents/. The HCL Digital Experience admin username and password are passed as environment variables.
Defining serverindex.xml on the Remote Search server
/opt/HCL/AppServer/profiles/prs_profile/config/cells/{cell name}/nodes/{node name}
{persisted volume for remote search profile}/prs_profile/config/cells/{cell name}/nodes/{node name}
host=”{some hostname}”
where {some hostname}
might likely be "localhost"
or some
host name like “33b7e5004319”
. However, remote search will not work
correctly until this host name field is replaced with a host name exactly like the host name
in the “iiop” url in the search service is coded. So, for example, if your Portal search
service has coded the "iiop" URL as “iiop://some.host.com:2809”
, the
host
in serverindex.hml needs to be
host=”some.host.com”
. It could be that your "iiop" url has the host name
"dockerhost"
if your iiop url lets your docker host route that URL.
host=”dockerhost” (apply the string “dockerhost”)
Upon completion, when the HCL Digital Experience 9.5 Container core server communicates to
the container Remote Search server over "iiop", the Remote Search server will return
“dockerhost”
as the host name of the Remote Search server. The HCL
Digital Experience 9.5 Container has a configuration that will append the port to the host
name that was just returned.
Digital Experience instructions for Remote Search configuration
The following guidance aligns with the Remote Search services configuration instructions available in the Remote Search services topic for deployment to non-container HCL Digital Experience servers.
All of the instructions contained in the Remote Search services topic should also be completed in a Docker-based HCL Digital Experience deployment. The following guidance outlines specific settings that were used in the Remote Search service DX Docker deployment.
- Create a single sign-on (SSO) domain between HCL Digital Experience 9.5 container and
the Remote Search service container by following the non-container on-premises procedure
for Creating a single sign-on domain between HCL Portal and the Remote Search
service. This entails exchanging SSL certificates and LTPA domain
tokens.Note: When retrieving the SSL certificates from the host server, use dockerhost (as the host) and the appropriate port for the SSL access. In the examples, the Remote Search server is on dockerhost:9443 and the DX host is on dockerhost:10042. You must also complete Setting the search user ID and Removing search collections before creating a new search service.
- Create a new search service and use the following values for a Remote Search services
configuration to a Docker container deployment. See the section on Creating a new search service for more information.
Table 1. Docker container Remote Search services configuration Item Value IIOP_URL iiop://dockerhost:2809 PSE TYPE Select ejb from the pull down. EJB ejb/com/ibm/hrl/portlets/WsPse/WebScannerLiteEJBHome DefaultCollectionsDirectory Leave empty. Search service implementation Select Portal Search Service Type from the pull down. CONFIG_FOLDER_PATH Did not set (differs from non-container instructions). Note: Once completed and saved, the HCL Digital Experience 9.5 container deployment has a new search service called Remote PSE service EJB, with a green check mark confirming that the service was correctly set up and is able to communicate with the Remote Search container. - Based on the previously created Remote Search service, create a Portal
Search Collection and a JCR Search Collection using
the following parameters.
- Use the following parameters to create a Portal search
collection.
Table 2. Portal Search Collection configuration Parameter Value Search collection name Portal Search Collection Search collection location /opt/HCL/AppServer/profiles/prs_profile/SearchCollections/PortalSearchCollection - Portal Search Content Source Configuration. Use the following URL for
Collect documents linked from this
URL:
https://dockerhost:10042/wps/seedlist/myserver?Source=com.ibm.lotus.search.plugins.seedlist.retriever.portal.PortalRetrieverFactory&Action=GetDocuments&Range=100&locale=en-US
Note: The host and port are the Docker host and port to which10042
is mapped. In this case,10042
is theHttpQueueInboundDefaultSecure
port on the HCL Digital Experience server. Note that you can also put this URL in a browser (on the Docker host) and confirm that the response is an ATOM feed.On the Security panel, use
dockerhost
as the host name, along with the usernamewpsadmin
and the associated password forwpsadmin
. - Use the following parameters to create a JCR
search collection.
Table 3. JCR Search Collection configuration Parameter Value Search collection name JCRCollection1 Search collection location /opt/HCL/AppServer/profiles/prs_profile/SearchCollections/JCRCollection1 - JCR Content Source Configuration. Use the following URL for Collect
documents linked from this
URL:
https://dockerhost:10042/wps/seedlist/myserver?Action=GetDocuments&Format=ATOM&Locale=en_US&Range=100&Source=com.ibm.lotus.search.plugins.seedlist.retriever.jcr.JCRRetrieverFactory&Start=0&SeedlistId=1@OOTB_CRAWLER1
Note: The host and port are the Docker host and port to which10042
is mapped. In this case,10042
is theHttpQueueInboundDefaultSecure
port on the HCL Digital Experience server. Note that you can also put this URL in a browser (on the Docker host) and confirm that the response is an ATOM feed.On the Security panel, use
dockerhost
as the host name, along with the usernamewpsadmin
and the associated password forwpsadmin
.
- Use the following parameters to create a Portal search
collection.
- Configure WCM Authoring Portlet search function.Note: Even though the documents are gathered by the Remote Search function from the JCR, additional configuration is needed in order for the HCL Web Content Manager (WCM) Authoring Portlet search to use document search. Set the following values for this configuration.
- Set the Custom properties for the WebSphere Application
Server Resource Environment Provider, JCR ConfigService,
using the following values:
Table 4. JCR ConfigService custom properties Property Value jcr.textsearch.enabled true jcr.textsearch.indexdirectory /opt/HCL/AppServer/profiles/prs_profile/SearchCollections jcr.textsearch.PSE.type ejb jcr.textsearch.EJB.IIOP.URL iiop://dockerhost:2809 jcr.textsearch.EJB.EJBName ejb/com/ibm/hrl/portlets/WsPse/WebScannerLiteEJBHome Note: On the jcr.textsearch.indexdirectory, the sub-directory JCRCollection1 is NOT included in the path.
- Set the Custom properties for the WebSphere Application
Server Resource Environment Provider, JCR ConfigService,
using the following values: