DTW - Deployment RunBook

Dependent Tuition Waiver Deployment Guide

This document describes the steps for deploying the Dependent Tuition Waiver (DTW) Application to a new environment.

 

KRAPPS node


 

External Config File

There is one used by an application on the box to which it has been deployed(i.e <env>.krapps):

  • workflow_clientapp.xml – This file contains configuration information that is common to all client applications. This file resides in the following location: /srv/uconn_configs/workflow/conf

The contents of the workflow_clientapp.xml look like this:

<config>
<param name="encryption.key">7IC64w6ksLU</param>
    <param name="keystore.alias">rice</param>
    <param name="keystore.file">/usr/local/rice/rice.keystore</param>
    <param name="keystore.password">r1c3pw</param>
    <param name="webservices.settings.url">
        http://dev.kfs.uconn.edu/kr-dev/remoting/WorkflowDocumentActionsService
    </param>
    <param name="workflowutility.javaservice.endpoint">
        http://dev.kfs.uconn.edu/kr-dev/remoting/WorkflowUtilityService
    </param>
    <param name="workflowdocument.javaservice.endpoint">http://dev.kfs.uconn.edu/kr-dev/remoting/WorkflowDocumentActionsService</param>
    <param name="identity.javaservice.endpoint">http://dev.kfs.uconn.edu/kr-dev/remoting/kimIdentityService</param>
    <param name="identitymanagement.javaservice.endpoint">http://dev.kfs.uconn.edu/kr-dev/remoting/kimIdentityManagementService</param>
    <param name="group.javaservice.endpoint">http://dev.kfs.uconn.edu/kr-dev/remoting/kimGroupService</param>
    <param name="clientapp.environment">dev</param>
    <param name="engine.url">http://dev.kfs.uconn.edu/kr-dev</param>


        <!-- externalized configuration for workflow -->
    <param name="ldapwsdl">http://dev.kfs.uconn.edu/kr-dev/remoting/uconnLdapService?wsdl</param>
    <param name="mudwsdl">http://dev.kfs.uconn.edu/kr-dev/remoting/ucMudOrgWsService?wsdl</param>
    <param name="kimwsdl">http://dev.kfs.uconn.edu/kr-dev/remoting/kimIdentityServiceSOAP?wsdl</param>
    <param name="uconnwfwsdl">http://dev.kfs.uconn.edu/kr-dev/remoting/ucWorkFlowWsService?wsdl</param>
    <param name="kewutilwsdl">http://dev.kfs.uconn.edu/kr-dev/remoting/WorkflowUtilityServiceSOAP?wsdl</param>
</config>

The encryption.key and keystore.password values highlighted above have to match the values in the rice-config.xml file. The rice-config.xml file resides on the machine that hosts the rice server. The rice server host name that is highlighted above will change depending on the environment on which the application is being deployed.

JNDI Entries

Apart from the two files mentioned above, there are JNDI entries that need to be made in tomcat’s server.xml. This file is found in $CATALINA_BASE/conf.

Enter the following resources between the <GlobalNamingResources></GlobalNamingResources> tags (with the appropriate url for the environment in question)

<!--  rice -->
        <Resource auth="Container"
            connectionProperties="MaxStatementsLimit=5, MinLimit=1, MaxLimit=1, ValidateConnection=true"
            defaultAutoCommit="false" defaultReadOnly="false"
            defaultTransactionIsolation="READ_COMMITTED"
            driverClassName="oracle.jdbc.driver.OracleDriver"
            factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
            fairQueue="false" initialSize="10"
            jdbcInterceptors="ConnectionState;StatementFinalizer"
            jmxEnabled="true" logAbandoned="true" maxActive="100"
            maxIdle="100" maxWait="30000"
            minEvictableIdleTimeMillis="5000" minIdle="10"
            name="jdbc/krice" password="xxxxx" username="xxxxx"
            removeAbandoned="true"
            removeAbandonedTimeout="60" testOnBorrow="true"
            testOnReturn="false" testWhileIdle="false"
            timeBetweenEvictionRunsMillis="5000"
            type="javax.sql.DataSource"
                url="jdbc:oracle:thin:@dbserver02.uits.uconn.edu:1521:kfs40t"
                useEquals="false"
            validationInterval="30000" validationQuery="select 1 from dual"/>


<!¿tuition waiver -->
<Resource auth="Container"
          connectionProperties="MaxStatementsLimit=5, MinLimit=1, MaxLimit=1, ValidateConnection=true"
          defaultAutoCommit="false" defaultReadOnly="false"
          defaultTransactionIsolation="READ_COMMITTED"
          driverClassName="oracle.jdbc.driver.OracleDriver"
          factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
          fairQueue="false" initialSize="10"
          jdbcInterceptors="ConnectionState;StatementFinalizer"
          jmxEnabled="true" logAbandoned="true" maxActive="100"
          maxIdle="100" maxWait="30000"
          minEvictableIdleTimeMillis="5000" minIdle="10"
          removeAbandonedTimeout="60" testOnBorrow="true"
          testOnReturn="false" testWhileIdle="false"
          timeBetweenEvictionRunsMillis="5000"
          type="javax.sql.DataSource"
          removeAbandoned="true"
          name="jdbc/dtw" password="xxxxx" username="xxxxx"
          url="jdbc:oracle:thin:@dbserver02.uits.uconn.edu:1521:kfs40t"
          useEquals="false"
          validationInterval="30000" validationQuery="select 1 from dual"/>

<!-- peoplesoft view -->
<Resource auth="Container"
connectionProperties="MaxStatementsLimit=5,MinLimit=1,ValidateConnection=true"
defaultAutoCommit="false" defaultReadOnly="false"
defaultTransactionIsolation="READ_COMMITTED"
driverClassName="oracle.jdbc.driver.OracleDriver"
factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
fairQueue="false" initialSize="10"
jdbcInterceptors="ConnectionState;StatementFinalizer"
jmxEnabled="true" logAbandoned="true" maxActive="100"
maxIdle="100" maxWait="30000"
minEvictableIdleTimeMillis="5000" minIdle="10"
name="jdbc/tw_psview" password="bursar123" removeAbandoned="true"
removeAbandonedTimeout="60" testOnBorrow="true"
testOnReturn="false" testWhileIdle="false"
timeBetweenEvictionRunsMillis="5000"
type="javax.sql.DataSource"
url="jdbc:oracle:thin:@cstestdb.psoft.uconn.edu:1521:csdv"
useEquals="false" username="bursar"
validationInterval="30000" validationQuery="select 1 from dual"/>

CAS Rule

Must add this location definition to /etc/httpd/conf.d/ssl.conf (make sure *.conf of cond.d is loaded on apache startup)

<Location /dtw/*.do>
# ProxyPass ajp://localhost:8009/dtw
# ProxyPassReverse ajp://localhost:8009/dtw
# commented out as requested in Jira (Spew-16) by Mike Oatley
# Uncommented by Matt as requested in DTW-21
AuthType CAS
Require valid-user
</Location>

 

depwaivers.prn File

/home/dtw/depwaivers.prn file must be touched (owned by dtw/dtw, but read / writable by tomcat & dtw)

 

The password, username and url entries have been highlighted above as they may change (ideally, they should be different) from environment to environment.  You can obtain that information from the appropriate individual(s) (DBAs?).

Database Schema creation

To create the DTW database schema, run the following sql script. This script can be found in SVN at this location https://svn0.uits.uconn.edu/kuali/dtw2/trunk/dtw-maven/dtw-war/src/main/resources


The name of the script to run is create_tuitionwaiver_tables.sql


You will see some error messages that state table not found (or something to that effect). These messages are generated because the script tries to drop the tables before creating them. This is to ensure that a clean schema is created. In short ignore those errors.

Build / Deploy

  1. run the 'dtw' jenkins job
  2. copy war to webapps on krapps server

RICE node


 

External Config File PLUGIN

Another file is placed on the same server (<env>.kr) as the rice application. This file is used by the plugin:

  • dtwPlugin-config.xml – This file contains application specific information

This file resides in the following location: /srv/uconn_configs/workflow/en-plugins/conf

The dtwPlugin-config.xml file looks like this:

<?xml version="1.0" encoding="UTF-8"?>
<config>
    <param name="datasource.username">xxxxx</param>
    <param name="datasource.password">xxxxx</param>
    <param name="datasource.url">jdbc:oracle:thin:@dbserver02.uits.uconn.edu:1521:kfs40t</param>


    <param name="datasource.ojb.platform">Oracle10g</param>
    <param name="datasource.platform">org.kuali.rice.core.database.platform.OracleDatabasePlatform</param>
    <param name="datasource.driver.name">oracle.jdbc.driver.OracleDriver</param>
    <param name="datasource.validationQuery">select 1 from dual</param>
    <param name="datasource.minIdle">300</param>
    <param name="datasource.initialSize">8</param>
    <param name="datasource.maxActive">8</param>
    <param name="datasource.pool.maxSize">32</param>
    <param name="datasource.accessToUnderlyingConnectionAllowed">true</param>


</config>

Ingestion of the xml

Assuming that rice has been deployed and is up and running, and the configurations specified in the previous section have been completed, all that remains to be done is to deploy the dtw.war, tuitionWaiverPlugin.zip and the ingestion of the following files:

  • src/main/resources/HCTuitionWaiverDoc.xml
  • src/main/resources/HCTuitionWaiverRuleAttribute.xml
  • src/main/resources/HCTuitionWaiverRules.xml
  • src/main/resources/HCTuitionWaiverRuleTemplate.xml
  • src/main/resources/TuitionWaiverDoc.xml
  • src/main/resources/TuitionWaiverRuleAttribute.xml
  • src/main/resources/TuitionWaiverRules.xml
  • src/main/resources/TuitionWaiverRuleTemplate.xml

These files are saved in subversion under dtw2/trunk/dtw-maven/dtw-war/src/main/resources

One element in the HCTuitionWaiverDoc.xml and TuitionWaiverDoc.xml files that needs to be changed is the value of docHandler. There are two ways this can be done.  Selecting which way to change depends entirely on individual preference.

One way is to edit the file and enter the appropriate url and then continue with the ingestion steps a little further down below.

The value that needs to be changed is highlighted below:

<docHandler> http://dev.krapps.uconn.edu/dtw/tuitionWaiverDocument.do?methodToCall=docHandler</docHandler>

The second way to change the docHandler url is to use the functionality provided by the Kuali portal. This is done post ingestion. The steps to do this are provided after the ingestion steps listed below.

The ingestion steps are as follows:

  1. Log into the Kuali Portal as admin (you can login as you and use the ‘admin’ backdoor id)
  2. Go to the Administration Tab.
  3. In the Workflow section, click on XML ingester.
  4. Click on the Choose File button, select the file.
  5. Upon exiting the dialog. Click on the “upload xml data” button. This will ingest the file.

If you have already modified the docHandler url, then there is nothing else to be done. However should you need to modify the url post-ingestion follow the steps below.

  1. Log into the Kuali Portal if you have not done so already.
  2. Click on the Administration tab.
  3. Click on the Document Type link in the Workflow section.
  4. Enter “UCONN-tuitionWaiverDocument” in the name field and click on the search button.
  5. Click on edit under the Actions section displayed in the information returned.
  6. Enter a description of the change (example: Changing the doc handler url)
  7. Enter the new Document Handler URL in the Edit Document Type/New section.
  8.  Click on Save.

Rice Data needed for workflow

The following data would have to be added to Rice to enable the workflow.

FIRST CREATE NAMESPACES AND GROUPS, THEN INGEST, THEN CREATE RESPONSIBILITIES THEN ROLES.

 

In general save then submit, blanket aprove might not always be necessary.

Default for role type name, doesn't really show up unless you do a blank role seach, then select return value next to the Kuali Default entry. 

Namespaces:

Namespace Code

Name

Application Code

Active

UCONN-KR-DTW

UCONN DEPENDENT TUITION WAIVER

 

Y

Groups:

Group Type Name

Group Namespace

Group Name

Group Description

Active

Default

UCONN-KR-DTW

DTW-Admin-GROUP

 

Y

Default

UCONN-KR-DTW

DTW-HR1-GROUP

 

Y

DefaultUCONN-KR-DTWDTW-HR4HC-GROUP Y

Default

UCONN-KR-DTW

DTW-HR2-GROUP

 

Y

Default

UCONN-KR-DTW

DTW-Report-GROUP

 

Y

Group Members:

Members need to be assigned to the groups listed above so that requests can be approved at the appropriate level.

In production, configurations of group members are as following:

1.  DTW-HR1-GROUP - Patty Geissler & Pamela Heath-Johnston (pag07007, pah02003)

2.  DTW-HR2-GROUP- JP Lacombe & Francoise Murphy (jal03008, fmm06001)

3.  DTW-HR4HC-GROUP- Erin Ransford & Jessica Van Alstyne (enr05002, jav04007)

4.  DTW-Admin- (pag07007, jal03008, glo02001, nab02003, rkk98002, enr05002)

5.  DTW-Report-GROUP - (pag07007, jal03008, glo02001, nab02003, rkk98002, enr05002

Roles:

when you select 'create new role' it will take you to a kim type lookup, type 'Default' into Role Type Name, and click search, then select 'return value' for the returned result

 

Role Type Name

Namespace

Role Name

Role Description

Active

Default

UCONN-KR-DTW

HR1 Reviewer

 

Y

DefaultUCONN-KR-DTWHR4HC Reviewer Y

Default

UCONN-KR-DTW

HR2 Reviewer

 

Y

Default

UCONN-KR-DTW

DTW Admin

 

Y

Default

UCONN-KR-DTW

DTW Report

 

Y

 

 

 

 

 

Add Members to Roles:

Namespace

Role Name

Member Type Code

Member Name

UCONN-KR-DTW

HR1 Reviewer

Group

DTW-HR1-GROUP

UCONN-KR-DTWHR4HC ReviewerGroupDTW-HR4HC-GROUP

UCONN-KR-DTW

HR2 Reviewer

Group

DTW-HR2-GROUP

UCONN-KR-DTW

DTW Admin

Group

DTW-Admin

UCONN-KR-DTW

DTW Report

Group

DTW-Report-GROUP

 

Database:

For production deployment, update TUITIONWAIVER_OPTIONS table with the following data:

EmailFromAddrUchc = ransford@uchc.edu

EmailFromAddrStorrs = hr-osd@uconn.edu

EmailFromAddrBursar = bursar@uconn.edu


Build / Deploy plugin

  1. run the 'dtw' jenkins job
  2. copy zip to /usr/local/rice/plugins folder of RICE node**

** make sure in unzipped correctly it should read /TuitionWaiverPlugin/classes, not /TuitionWaiverPlugin/TuitionWaiverPlugin/classes, etc.