Jama Software Deployment Model Overview for 8.x

By Steve posted 02-28-2017 17:09

  

Deployment Model

Jama is deployed on one or more Linux servers. The host operating system can be installed on bare metal hardware or on virtual mediums. We chose Replicated, an orchestration tool, to enhance the installation and configuration management experience of Jama. There are two methods of installation: an internet accessible server or an Airgap option to meet non-connectivity requirements where the internet will not be accessible from the server. The internet installation method is the most convenient and common method for the initial installation as well as deploying updated versions of Jama.

Starting with version 8.0, Jama customers can take advantage of the latest Private Cloud technologies, such as container-based delivery and deployment, a services oriented architecture (SOA) and flexible delivery cadences. These new technologies will greatly improve the installation process for a lower total cost of ownership through interoperable, modular systems that are easier to use and administer.

onprem1.png

Why Linux?

Jama has chosen Linux as the OS of choice for the new deployment model because it is tried-and-true. Our partner Replicated (more on that below) thoroughly tests on Docker for Linux, and Jama itself has long deployed CentOS (6.x) on our hosted environment. Docker for Windows was recently released but has not been thoroughly vetted by our partners and would require significant changes to how our software is packaged and configured. It is very important for us to support a model that most closely represents our hosted solution.

We do not intend to support Docker for Windows, but we will continue to monitor adoption and tools. The other alternative that Windows uses in claiming support of Docker is by running a Linux VM (Hyper V) that can support the Linux Docker Engine. While this may fall within our definition of a supported option, the industry has not embraced this as a production-ready option so we still require Linux. As far as supported versions of Linux go, we know many of our customers use Red Hat Enterprise, so we test on it and believe it to be another good choice for deploying Jama. Red Hat has made some different choices on how to support Docker so the performance profile is not identical to Ubuntu, but we feel either is a safe choice and we will confidently support you with either one. That said, Docker works with many Linux versions, and Jama should work on any version of Linux that supports docker-engine 1.6 or better (you'll need a 64-bit distribution with a kernel minimum of 3.10).  A recent version of CentOS (7.x) should be fine. Debian and Fedora are also good possibilities.  If you are familiar with one of these versions, it's very reasonable for you to run Jama on it: just know that if you run into platform-specific issues, we don't have a test environment set up to help you troubleshoot here. Our hope with Linux is to be generally compatible with most of the popular distributions, but if you want to stay on well-trodden ground, we recommend Ubuntu or Red Hat.


Why Replicated?

We chose Replicated as our Orchestration tool for many reasons. Primarily, it provides a convenient and reliable user experience for delivering a modern web application that consists of several standalone services. This in turn provides Jama with a consistent mechanism for delivering the same codebase we leverage in our hosted environment, which frees us to focus on delivering features and functionality. Some notable features are one-line installation, one-click updates, audit logging, Support Bundles, Snapshot and Restore Utilities, Airgap installations, and the delivery of the correct versions of supporting software like Tomcat and Java congruent to our known and tested configurations.

www.replicated.com/#features

In a nutshell

First, the orchestration tool is installed then the application-specific settings are configured. Once the configuration is saved the Jama application containers are downloaded and started. These containerized services would be downloaded by the orchestration tool or already be present following the Airgap installation method.

Requirements

The following can be found on help.jamasoftware.com under the Administration > Server section

Application Host

The application host is defined as any server hosting a Jama service.

Directory Options

  • The following directories can be mounted to an exported filesystem like NFS.
    • where attachments, reports and configuration files are stored
    • should be the largest storage space for growth
    • where log files are stored
    • minimum of 10GB available
    • /data
    • /logs
    • /var/lib/replicated
    • /var/lib/replicated/snapshots
      • other location examples
        • /snapshots
        • /data/snapshots
      • must be 3x the size of /data
      • where snapshot data will be stored
      • location configurable in the Admin Dashboard > Console Settings

Certificates

Jama requires certificates for two reasons, allowing browsers to trust the site and to trust remote services like SMTP and IMAP, for example. Three files are needed in PEM format.

  1. Domain/intermediary certificates
  2. Domain/host certificate key
  3. Root CA certificate

Network

  • Internet accessible server
    • One-line installation command
    • does support access through a proxy sever
    • must allow access to several domains used by Replicated and Jama
    • must allow a return response for license validation process
  • Non-Internet accessible server
    • all installation media is downloaded from separate network and transferred to the server
    • installation script and all necessary artifacts are local to the server filesystem
    • airgapped installation method

Security

Our installation utilizes Iptables to control inter-container traffic. Essentially, we use it to redirect traffic from particular source to a particular destination.

  • Web browser access to ports 443 and 8800 on the application host
  • Iptables restricts traffic between containers behind a private NAT network on the host 

0 comments
761 views