본문 바로가기
IBM - old/IBM BPM

[BPM]Topology, security, basic administration, and monitoring

by freeman98 2017. 7. 19.

https://www.ibm.com/developerworks/bpm/library/techarticles/1507_chan1-trs/1507_chan1.html?ca=drs-


IBM Business Process Manager operation overview, Part 1

Topology, security, basic administration, and monitoring

Comments
 
5

IT departments strive to maintain a healthy production environment for their systems. To help you maintain a clustered server environment for IBM BPM that interacts with many back-end and front-end systems and services, this series provides an operation overview. Part 1 introduces the following basic operations for IBM BPM:

  • Topology best practices
  • Security configuration
  • Administering applications and processes
  • Monitoring

Note: This operation overview covers IBM BPM on Microsoft® Windows, Linux, and UNIX platforms.

A typical IBM BPM project contains the following administrative user roles:

  • The IBM BPM administrator, who completes the following tasks:
    • Provides all system aspects for successfully installing, configuring, and running day-to-day maintenance of IBM BPM systems.
    • Provides all system and software aspects for successfully deploying process application snapshots from Process Center to both online and offline Process Servers.
    • Provides all IBM BPM process operations, for example, accessing the Process Admin Console and the Process Inspector.
    • Looks after the health of processes and services that are running in IBM BPM.
  • The database administrator, who provides information about database setup and configuration and the organization's corporate policies for governance and change management for databases. The database administrator is also responsible for maintaining the ongoing optimal operation of the database by monitoring database performance and operation parameters (for example, table spaces and indexing).
  • The WebSphere Application Server administrator, who provides information about the setup and configuration of the application server middleware layer and the organization's corporate policies for governance and change management for the application server. In some organizations, the IBM BPM administrator and the WebSphere administrator are the same person.
  • The system administrator, who provides information about hardware and network setup and configuration and the organization's corporate policies for governance and change management for hardware and networks.

Part 1 of this IBM BPM operation overview focuses on the basic operations tasks of the IBM BPM administrator.

IBM BPM administrator tasks

The IBM BPM administrator, who wants to maintain a healthy environment for IBM BPM systems needs to know topology best practices and basic operations for configuring security, administering applications and processes, and monitoring the IBM BPM system.

Topology best practices

A deployment environment is an IBM BPM term that describes the collection of clusters that IBM BPM requires.

IBM BPM offers the following three patterns for deployment environments:

  • IBM BPM Standard (Process Center or Process Server): All capabilities of IBM BPM Standard (Process Server, Performance Data Warehouse, and embedded Enterprise Content Management)
  • IBM BPM Advanced (Process Center or Process Server): All IBM BPM Standard capabilities plus advanced capabilities (includes service component architecture and Business Process Choreographer)
  • IBM BPM Advanced with only Process Server: Only IBM BPM Advanced capabilities (includes service component architecture and Business Process Choreographer)

IBM BPM Express is a stand-alone environment that includes the same capabilities as IBM BPM Standard for getting started with IBM BPM, but it is not intended for a highly available production environment.

Figure 1 shows examples of the three deployment environments for a Process Server.

Figure 1. Example of deployment environments for a Process Server

Example of deployment environment                     patterns for a Process Server

For each of the three types of deployment environments, you have the following two choices for a cluster pattern (as shown in Figure 2):

  • Single Cluster
  • Application, Remote Messaging, Remote Support (recommended)
Figure 2. Clusters per pattern

Clusters per pattern

Note: A three-cluster pattern (Application, Remote Messaging, Remote Support) is recommended for production. IBM BPM no longer offers the two-cluster or four-cluster patterns.

If you use three clusters, you can isolate your code on the application cluster and keep it separate from the messaging infrastructure cluster and from the supporting applications cluster, where much of the IBM BPM system infrastructure and support code runs. This approach can ease your operations and troubleshooting tasks. You get better runtime isolation and independent scaling with three clusters.

Figure 3 shows an illustration of the three-cluster pattern, with an application cluster, a remote messaging infrastructure cluster, and a remote supporting applications cluster. Figure 4 shows an example of the three-cluster pattern with the IBM BPM Standard Process Server deployment environment, Figure 5 shows an example of the three-cluster pattern with the IBM BPM Advanced Process Server deployment environment, and Figure 6 shows an example of the three-cluster pattern with the IBM BPM Advanced-only Process Server deployment environment.

Figure 3. The three-cluster pattern

The three-cluster                     pattern

Figure 4. IBM BPM Standard three-cluster pattern

IBM BPM V8.5 standard                 three-cluster pattern

Figure 5. IBM BPM Advanced three-cluster pattern

IBM BPM V8.5 standard                 three-cluster pattern

Figure 6. IBM BPM Advanced-only Process Server three-cluster pattern

IBM BPM V8.5 Advanced-only Process                     Server three-cluster pattern

For details about IBM BPM recommended topology, see the IBM Redbooks publication Business Process Management Deployment Guide: Using IBM Business Process Manager V8.5.

Security maintenance

Security is an important aspect for ongoing operation of the system and must be maintained regularly.

As part of your initial setup, complete the following steps:

  1. Review all IBM BPM security roles and the corresponding aliases and make sure that they are assigned to the correct security roles. See the IBM Business Process Manager security groups topic in IBM Knowledge Center.
  2. Review your user registry configuration as documented in the IBM Business Process Manager security overview topic in IBM Knowledge Center. For IBM BPM, the preferred user registry type is federated repositories (also referred to as Virtual Member Manager or VMM). Only this registry type allows you to use all features of IBM BPM and benefit from performance optimizations.

The following list includes regular security maintenance tasks:

Administering applications and processes

After you install or deploy your applications to the runtime environment, you need to manage them. Management includes administering the process applications or service modules themselves and administering all the processes and components that are associated with them.

The tools that you use depend on the type of administration task that you are doing. The following administrative tools are available:

  • Commands (wsadmin scripting): Many regular administration tasks as available as wsadmin commands. See the Commands (wsadmin scripting) topic in IBM Knowledge Center.
  • Process Admin Console: This console can be used to change your environment variables, monitor Event Manager, monitor caches, and monitor your Business Process Modeling Notation (BPMN)-based processes. See the Managing IBM Process Servers topic in IBM Knowledge Center.
  • Process Inspector: The Process Inspector is part of the Process Admin Console and can be used to inspect the status of BPMN process instances.
  • Process Center console: The main Process Center console is used to check the current snapshot and deployment status of your applications for online Process Servers. See the Managing the Process Center repository topic in IBM Knowledge Center.
  • Performance Admin Console: Similar to the Process Admin Console, this console can be used to change the operation of Performance Data Warehouses. See the Managing Business Performance Data Warehouses topic in IBM Knowledge Center.
  • WebSphere Application Server administrative console: Use this console for configuration that is related to security roles, database connections, and other WebSphere Application Server configuration.
  • Business Process Choreographer Explorer (in IBM BPM Advanced): Similar to the Process Inspector, the Business Process Choreographer Explorer is used to inspect the status of Business Process Execution Language (BPEL) process instances. See the Administering Business Process Choreographer topic in IBM Knowledge Center.
  • Failed event manager (in IBM BPM Advanced): Use this console to find and manage failed events for your IBM BPM Advanced applications on all servers in a deployment environment. See the Failed event manager topic in IBM Knowledge Center.

For details about administering applications and processes, see the Administering applications and processes in the runtime environment topic in IBM Knowledge Center. To learn more about maintaining and migrating applications, see part 2 for this series.

Monitoring

In IBM BPM, you need to regularly monitor the following items, but to learn more about tools to use when you monitor and troubleshoot, see part 3 of this series.

  • Check the JVM logs (SystemOut.logSystemErr.log) and the first-failure data that is captured regularly for error messages.
  • Check the JVM memory usage and maximum heap settings, and adjust as necessary when your payload changes.
  • Monitor disk space such as logs directories, temp space, and the database file system to make sure that there is enough free space.
  • Monitor the number of completed process and task instances in the system. By having an active purging policy so you do not keep completed instances for an extended period, you ensure that the total number of completed instances is as low as possible and is not growing over time.
  • Use Java Management Extentions (JMX) or the Process Admin Console > Process Monitor capability to monitor the set of processes instances that are running and for how long.
    • Check for looping business process definition (BPD) instances in Process Monitor if the CPU load is unusually high.
    • For JMX, you can use utilities like JConsole or other JMX-compliant monitor tools (such as IBM Tivoli Monitoring), or you can access the data through programmatic means.
    • Review and set up the system to check for infinite loops in JavaScript.
    • In IBM BPM V8.5.6, it is possible to set up an alert definition to query for the number of process instances or tasks.
    • See the Monitoring processes and services in the Process Admin Console for IBM Business Process Manager support document for IBM BPM V7.5.1.2 and later.
  • Monitor and act on failed BPD instances or instances with stopped activities for BPEL. All these instances might need manual interaction so that they complete.
  • Check the Event Manager on-hold tasks to replay any held Event Manager tasks.
  • Check the Event Manager Monitor for the execution state of schedulers. See the Maintaining and monitoring IBM Business Process Manager Event Manager topic in IBM Knowledge Center.
  • Monitor queue depths of all destinations in the system integration buses of the environment. Assign thresholds based on results of usual behavior that is seen during a performance test and ensure that notifications are sent or actions are taken if those thresholds get exceeded.
  • For IBM BPM Advanced: Monitor the number of failed events in the system. Ensure that failed events are processed regularly so that the number is always 0 or very close to 0.
  • For IBM BPM Advanced: Monitor the state of WebSphere MQ listeners, if applicable. Ensure that they are started.
  • For IBM BPM Advanced: Monitor for event sequencing locks, if applicable. Ensure that locks get released, if not done automatically.
  • For IBM BPM Advanced: Check the Store and Forward status (also available in the failed event manager) and initiate the Forward option if applicable.

Consider the following tips for monitoring:

Conclusion

In Part 1 of this IBM BPM operation overview series, you learned about the following basic operations that are necessary for an IBM BPM administrator: topology best practices, security configuration, administering applications and processes, and monitoring.

Read the next parts in the series to learn about maintenance and migration tasks and about advanced operations and monitoring tasks. Part 2 guides you through maintenance and migration. Part 3 helps with advanced operations such as troubleshooting, performance tuning, disaster recovery, and high availability. It includes an operation checklist that you can adapt for your organization.

Acknowledgments

The authors would like to thank Werner Tod, Chris Richardson, Erich Fussi, Shi Shu, Phil Coulthard, Ryan Claussen, and Shuo Zhang for their reviews and contributions to this tutorial.

Downloadable resources

Related topics


댓글