Starting the first cluster instance

Start the first cluster instance and prepare the other instances to be configured.

The browser-based IBM® Safer Payments user interface is used to configure a cluster. To access it, you must start the first cluster instance.

  1. To start the first cluster instance, run the following commands from the console on the server:
    su SPUser 
    cd /instancePath/cfg 
    iris id=i createinstances=n
    • /instancePath is the path, where the instance configuration is stored.
    • SPUser is the user, which runs the instance.
    • i must be a unique ID of the instance you are currently installing. Preferably, start your first instance with 1. That is, if you set up three instances in total, use IDs 1, 2, and 3.
    • n is the number of instances that you want to create.
  2. Check the system event log messages on the console window, and verify that they indicate a proper start of the cluster instance. That is, no warning (W), error (E), or fatal (F) type messages.
    Exception: The status.iris file does not exist yet and is being created during the first start. An E155 message is created during the first start, followed by a message that the file was created. Therefore, this error message is expected.
  3. Depending on the configuration of the server that you are installing on, you might have to configure the firewall open port, the API port for HTTP access of the browser. The default HTTP port of the first instance is 8001.
    Open a browser and enter:
    http://127.0.0.1:8001
  4. The user interface login page is displayed.
  5. Enter user as login and 12345678 as password. You are prompted to change the password of this account immediately.
    Note: To comply with PA-DSS requirement 3.1, you must create new personalized users for your configuration and disable the default configuration user.
  6. Log in with one of your new users and continue the configuration.
  7. The full user interface is displayed.
  8. Click the Cluster tab.
  9. The Cluster Settings section shows a table with one row for each instance.
    Figure 1. Cluster settings
    This image is explained in the surrounding text.
  10. Click anywhere in the row (except the checkbox) to open the configuration details of an instance. Customize all cluster settings, including changing the IP addresses and ports, enabling SSL encryption as described in Configuring SSL encryption, limiting IP address ranges, and changing local file storage locations as described in Configuring cardholder data storage locations.

    Make the appropriate settings for all cluster instances, not only the instance you are currently working on, even if the others are not yet physically set up.

    Note: Changes to the local file storage are processed after a restart of a IBM Safer Payments instance. Thus, you can move the files while the instance is offline. All changes to the interfaces are processed immediately when the settings are saved.

Since IBM Safer Payments was started without a previous configuration, it uses default settings for the number of cluster instances you specified with the createinstances command.

To use all IBM Safer Payments interfaces, it might be required to open more ports in your firewall. By default IBM Safer Payments uses the following ports:

  • 8001 - Application Programming Interface
  • 27921 - Fast Link Interface
  • 27931 - Status Control Interface
  • 27941 - Encrypted Communication Interface
Note: If you plan to use an IBM MQ or Kafka server to deliver data to IBM Safer Payments, you must correctly set up your firewall.