Fix Readme
Abstract
Fix Readme for the 5.0.0.2-IBM-IMA-IFIT33689 ifix build.
Content
Interim Fix: 5.0.0.2-IBM-IMA-IFIT33689
Date: 07-31-2020
Build: 20200729-1714
IBM WIoTP MessageGateway 5.0.0.2 Cumulative interim fix
Liberty version: 20.0.0.5
(Note: all MessageGateway 2.x and 5.x ifixes and fixpacks are cumulative.
| Component | md5sum | File |
|---|---|---|
| Server | 8d4b2598412b992018e3218e4771bf39 | 5.0.0.2-IBM-IMA-IFIT33689-Server.tz |
| WebUI | 7e4e1f0d14f690f1958411b2f39cdeda | 5.0.0.2-IBM-IMA-IFIT33689-WebUI.tz |
| Bridge | c3db58a403e5c8cc3764fa7c8c5e26e5 | 5.0.0.2-IBM-IMA-IFIT33689-Bridge.tz |
| Server for SLES 12 | 16f90cccc9522dec9baae821d9b5a4da | 5.0.0.2-IBM-IMA-IFIT33689-Server-SLES.tz |
| WebUI for SLES 12 | f31f71f5ad9a192ab5e6931245d0396a | 5.0.0.2-IBM-IMA-IFIT33689-WebUI-SLES.tz |
| Bridge for SLES 12 | 59ae9c28c36c6da9827276de29883160 | 5.0.0.2-IBM-IMA-IFIT33689-Bridge-SLES.tz |
| APAR | Description |
|---|---|
| IT33689 | jquery cross-site scripting CVEs in demo app |
| IT33617 |
provide option to suppress info in server HTTP header
|
Stop server (eg: 'systemctl stop imaserver' or 'docker stop imaserver') Locate the server.cfg file. The location depends on the specific server deployment, but by default, for an rpm installed server, it is located at /var/messagesight/data/config/server.cfg. Edit the server.cfg file and add the following line: IncludeServerHTTPHeader = 0 It doesn't matter where in the server.cfg the line is added, as long as it is on a line by itself. Save the server.cfg
Start the server (eg: 'systemctl start imaserver' or 'docker start imaserver') - To test, use the following curl command (in this case, run locally on the server itself):
- curl -I -X GET http://localhost:1883
- When the header is not suppressed, the command will print a header (among others) that looks like this:
- Server: IBM WIoTP Message Gateway
- This header should not be returned when 'IncludeServerHTTPHeader = 0' is set properly in the server.cfg (and the server has been restarted).
Fix Instructions:
Before you install:
We strongly recommend performing a backup before upgrading the product software:
Backup and restore instructions
1. Preparing to install the fix:
Prepare the IBM WIoTP MessageGateway .tz files for installation. The preparation steps for installing MessageGateway as an update or for the first time are the same. For more information, see Preparing the IBM WIoTP MessageGateway .tz packages for installation.
These instructions will focus on providing instructions for updating MessageGateway. See the following instructions for installing MessageGateway for the first time:
Installing IBM WIoTP MessageGateway
2. Installing the fix:
A. RPM: In an environment where MessageGateway is installed with rpm:
I. Updating the MessageGateway Server package if Server is installed:
cd imaserver
sudo yum -y --nogpgcheck update IBMWIoTPMessageGatewayServer*.rpm
systemctl start IBMWIoTPMessageGatewayServer
II. Updating the MessageGateway Server package if the WebUI is installed:
cd imawebui
sudo yum -y --nogpgcheck update IBMWIoTPMessageGatewayWebUI*.rpm
systemctl start IBMWIoTPMessageGatewayWebUI
NOTE: these packages can also be installed using: rpm -Uvh IBMWIoTPMessageGateway*.rpm. However, you must never update using:
yum install IBMWIoTPMessageGatewayServer*.rpm
or uninstall and reinstall with rpm or yum (if you wish to preserve your existing data), since this will remove all of your data and config under /var/messagesight.
B. Docker: Installing the fix in an environment where MessageGateway is running in docker:
I. Build the IBM WIoTP MessageGateway Docker image.
Build the IBM WIoTP MessageGateway server image by issuing the following command:
cd imaserver
mv *.rpm imaserver.rpm
docker build --force-rm=true -t <server_image_name>:<fix_version>.<build> .
Eg:
docker build --force-rm=true -t imaserver:5.0.0.2.20200729-1714 .
II. Build the IBM WIoTP MessageGateway Web UI image by issuing the following command:
cd imawebui
mv *.rpm imawebui.rpm
docker build --force-rm=true -t <webui_image_name>:<fix_version>.<build> .
Eg:
docker build --force-rm=true -t imawebui:5.0.0.2.20200729-1714 .
III. Stop the existing containers.
Stop the server container by issuing the following command:
docker stop <server_container_name>
where <server_container_name> is the name of the container in which the IBM WIoTP MessageGateway server is running. For example,
docker stop imaserver
Stop the Web UI container by issuing the following command:
docker stop <webui_container_name>
where <webui_container_name> is the name of the container in which the IBM WIoTP MessageGateway Web UI is running. For example,
docker stop imawebui
IV. Remove the containers.
Remove the server container by issuing the following command:
docker rm <server_container_name>
where <server_container_name> is the name of the container in which the IBM WIoTP MessageGateway server was running. For example,
docker rm imaserver
Remove the Web UI container by issuing the following command:
docker rm <webui_container_name>
where <webui_container_name> is the name of the container in which the IBM WIoTP MessageGateway Web UI was running. For example,
docker rm imawebui
V. Remove the old MessageGateway images (optional)
This step is only required if you are not tagging MessageGateway docker images with version specific tags. For example, if you build a MessageGateway docker image like this:
docker build --force-rm=true -t imaserver:5.0 .
for every version of MessageGateway, then you need to remove the previous image by issuing the following command(s), before building the update image:
docker rmi -f $(docker ps | grep imaserver | awk '{print $3}')
Remove the IBM WIoTP MessageGateway Web UI image by issuing the following command:
docker rmi -f $(docker ps | grep imawebui | awk '{print $3}')
If, however, you tag each MessageGateway image with a build specific version, eg:
docker build --force-rm=true -t imaserver:<fix_version>.<build> .
then this step is not required.
VI. Start the new containers.
Use the same Docker run command that you had used for previous incarnations of the MessageGateway containers.
Here's the general syntax for how to start the IBM WIoTP MessageGateway server container:
docker run --cap-add SYS_ADMIN --net=host -P -it --name=<server_container_name> -env-file=IBMWIoTPMessageGatewayServer-docker.env -m <memory> -v <local_data_directory>:/var/messagesight -v <local_temp_directory>:/var/tmp -d <server_image_name>:<fix_version>.<build>
A more concrete example:
docker run --cap-add SYS_ADMIN --net=host -P -it --name=imaserver -env-file=IBMWIoTPMessageGatewayServer-docker.env -m 64G -v /data/messagesight:/var/messagesight -v /mnt/tmp:/var/tmp -d imaserver:5.0.0.2.20200729-1714
To start the IBM WIoTP MessageGateway Web UI container:
docker run --cap-add SYS_ADMIN --net=host -P -it --name=<webui_container_name> --env-file=IBMWIoTPMessageGatewayServer-docker.env -m <memory> -v <local_data_directory>:/var/messagesight -v <local_temp_directory>:/var/tmp -d <webui_image_name>:<fix_version>.<build>
A more concrete example:
docker run --cap-add SYS_ADMIN --net=host -P -it --name=imawebui --env-file=IBMWIoTPMessageGatewayServer-docker.env -m 2G -v /data/messagesight:/var/messagesight -v /mnt/tmp:/var/tmp -d imawebui:5.0.0.2.20200729-1714
3. Verifying the installation:
If this is your initial install of the product see Configuring the licensed usage for IBM WIoTP MessageGateway and accepting the license by using REST Administration APIs for accepting the product license.
If this is an update, then you can verify the status of the server see Viewing the status of an IBM WIoTP MessageGateway server and services by using REST Administration APIs.
Was this topic helpful?
Document Information
Modified date:
19 September 2020
UID
ibm16255218