Install Service Manager Service Portal

# export PROPEL_HOSTNAME=`hostname --fqdn`

Perform the following steps to install Service Manager Service Portal:

1. Log in to the Red Hat 7.2 system as the root user.

2. Create the Service Manager Service Portal directory structure:

   # mkdir /opt/hp
   # cd /opt/hp

3. From the Service Manager installation package SM950-1.zip, copy the archive file containing the installers and Ansible playbooks (propel_complete_installer.zip) to the /opt/hp directory on the Red Hat 7.2 system.

4. Unpack the propel_complete_installer.zip archive file:

   # unzip propel_complete_installer.zip

5. Install Ansible, depending on whether or not you need to use a proxy:

   • Without proxy:

     # cd /opt/hp/propel_complete_installer
     # ./install_ansible.sh 2>&1 | tee install_ansible.log

   • With proxy:

     # cd /opt/hp/propel_complete_installer
     # ./install_ansible.sh --proxy http://<Proxy_Hostname>:<Proxy_Port> 2>&1 | tee install_ansible.log

6. Prepare the Ansible environment for the Service Manager Service Portal prerequisites:

   1. Reset the SSH keys:

      # ssh-keygen -t rsa

      Type the file name in which to save the key ("/root/.ssh/id_rsa") and then press Enter. Type the passphrase (empty for no passphrase) and then press Enter. Type the same passphrase again and then press Enter.

      # ssh-copy-id -i /root/.ssh/id_rsa.pub root@$PROPEL_HOSTNAME

   2. Verify the SSH keys:

      # ssh 'root@$PROPEL_HOSTNAME'

   3. Prepare for the Ansible playbook:

      # mkdir /opt/hp/propel_complete_installer/ansible_content/ssh
      # cd /opt/hp/propel_complete_installer/ansible_content/ssh
      # cp ~/.ssh/* .
      # cp id_rsa id_rsa-propel

   4. Obtain the fully qualified domain name (FQDN) for the Red Hat 7.2 system by running the following command. It will be used in the next step as the <Host.Domain.Com> value:

      # hostname --fqdn

   5. Add the fully qualified domain name of the Red Hat 7.2 system to the [redhat] section in the ansible_targets file:

      # cd /opt/hp/propel_complete_installer/ansible_content
      # vim ansible_targets

      [redhat]
      <Host.Domain.Com> ansible_ssh_user=root ansible_ssh_private_key_file=./ssh/id_rsa-propel

7. Run the Ansible playbook to install the Service Manager Service Portal prerequisites, depending on whether or not you need to use a proxy:

   • Without proxy:

     # ansible-playbook -i ansible_targets deploy_rhel_complete.yml 2>&1 | tee ansible_deploy_rhel_complete.log

   • With proxy:

     # ansible-playbook -i ansible_targets deploy_rhel_complete.yml --extra-vars "httpproxy=http://<Proxy_Hostname>:<Proxy_Port> httpsproxy=http://<Proxy_Hostname>:<Proxy_Port>" 2>&1 | tee ansible_deploy_rhel_complete.log

8. Unpack the Service Manager Service Portal installer:

   # cd /opt/hp/propel_complete_installer
   # unzip propel-setup.zip -d /opt/hp

9. Create the Service Manager Service Portal-generated SSL certificates:

   Important Third-party or corporate CA-signed certificates should be used in production systems; however, self-signed certificates generated by Service Manager Service Portal can be used in nonproduction systems. The auto option of the propel-ssl-setup.sh utility creates Service Manager Service Portal-generated certificates. To replace these types of certificates, see Replace the Service Manager Service Portal generated SSL certificates.

   # cd /opt/hp/propel-setup*
   # export PROPEL_HOSTNAME=`hostname --fqdn`
   # ./propel-ssl-setup.sh auto --hostname $PROPEL_HOSTNAME [<CA_SUBJECT>] 2>&1 | tee ssl-setup.log

   Where $PROPEL_HOSTNAME is the fully qualified domain name for the Service Manager Service Portal system and CA_SUBJECT is the optional CA subject. By default the string "/CN=Generated Propel CA" is used. If you specify the CA_SUBJECT option, pay attention to the following:

   • The "CN" field must be present and in uppercase. The value for "CN" can be any string.
   • This is the subject of your private Service Manager Service Portal CA, not your Service Manager Service Portal system; it is not used for the hostname.
   • All fields must be separated with a slash ("/").

10. Make sure your OpenJDK version is set to Java 1.8.x. You can verify this by running the command:

    # java –version

    If the OpenJDK version is not Java 1.8.x, you can change it by running the following command:

    /usr/sbin/alternatives --config java

    Choose the correct version and confirm it by pressing Enter.

11. Run the Service Manager Service Portal setup utility:

    # ./setup.sh install $PROPEL_HOSTNAME 2>&1 | tee install.log

    Where $PROPEL_HOSTNAME is the fully qualified domain name for the Service Manager Service Portal system. The output and any errors from the setup.sh utility are captured in the install.log file.

12. Start the Service Manager Service Portal services:

    # propel start

13. Run the Ansible playbooks to finalize the Service Manager Service Portal installation:

    1. Configure LW-SSO:

       # cd /opt/hp/propel_complete_installer/ansible_content
       # ansible-playbook -i ansible_targets configure.yml --tags "initLWSSO" --extra-vars '{"lwsso_init_string":"LWSSO_INIT_STRING"}'

       Where the LWSSO_INIT_STRING must match the initString value in the lwssofmconfig.xml file located in the Service Manager Server's RUN directory.

       Note This step configures LW-SSO in the following files:

       • /opt/hp/propel/idm-service/idm-service.war/WEB-INF/hpssoConfig.xml
       • /opt/hp/propel/sx/WEB-INF/classes/config/lwssofmconf.xml

    2. Enable Chat:

       Important Before you proceed, make sure that you have Service Manager Collaboration successfully deployed.

       # ansible-playbook -i ansible_targets configure.yml --tags "enableChat" --extra-vars '{"toggle_chat":"true","chat_url":"https://<ChatUI_url>"}'

       Note You need to replace https://<ChatUI_url> with https://<Apache server host>/chatui, where <Apache server host> is the FQDN of the Apache server that you installed when deploying Service Manager Collaboration. For example: https://sm950.training.com/chatui.

       Important If using SSL, the Apache server and Service Manager Service Portal must use SSL certificates issued by the same Certificate Authority (CA), and the SSL certificates (or the CA) must be trusted by the user's browser.

    3. Enable Survey:

       # ansible-playbook -i ansible_targets configure.yml --tags "enableSurvey" --extra-vars '{"toggle_survey":"on","service_manager_url":"http(s)://<SM_url>"}'

       Note Replace the "service_manager_url" parameter value with your Service Manager Server web service base URL: For example: https://mysmhost.mycompany.net:13443. For security reasons, https is strongly recommended.

    4. Install the Service Manager Service Portal online help:

       # ansible-playbook -i ansible_targets configure.yml --tags "overrideDoc" --extra-vars '{"doc_mode":"sm"}'

    5. Enable rebranding:

       # ansible-playbook -i ansible_targets configure.yml --tags "enableServices" --extra-vars '{"toggle_services":"off"}' 

14. Restart the Service Manager Service Portal services:

    # propel stop
    # propel start

Congratulations, you have successfully installed Service Manager Service Portal. You can now log in to Service Manager Service Portal by opening a browser window and entering any of the following URLs for the three Service Manager Service Portal roles:

• Service Manager Service Portal Administrator: https://$PROPEL_HOSTNAME:9000/org/Provider (Use "admin" as the user and "propel" as the password.)

• Organization Administrator: https://$PROPEL_HOSTNAME:9000/org/CONSUMER (Use "orgadmin" as the user and "propel" as the password.)

• Consumer: https://$PROPEL_HOSTNAME:9000/org/CONSUMER (Use "consumer" as the user and "propel" as the password.)

Continue with the following tasks:

• Installing a permanent license. For details, see Install a permanent license. You can skip this step for a test environment.
• Setting up LDAP in Service Manager and Service Manager Service Portal. For details, see Configure LDAP.