Installing Web Server and Web API Server

Multiple Web/Web API Servers can be installed and load-balanced under your load-balancing infrastructure. You can repeat the installation steps to install Web Servers paired with Web API Servers per data center location to reduce the response time for accessing web pages of Thin Clients.

Note: Don’t install multiple Web/Web API Servers at the same time; install them one after another on separate machines. Otherwise, it will cause the database initialization failure

Note: Web/Web API Servers are integrated into one installation package with Worker Server. It is highly recommended to install Worker Server on a standalone machine after the installation of Web/Web API Server. See Installing Worker Server on Windows for more details.

Note: It is highly recommended that the extended memory of your machine is larger than 16GB.

Note: Before the installation, the Existing Internet Information Services (IIS) must be removed, and the FIPS setting must be disabled by modifying the Enabled value to 0 under the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy directory of Windows registry.

Complete the following steps to install Web API Server and Web Server on the same machine with administrative privileges.

1.Download the netbrain-ie-windows-x86_64-8.0.3.zip file and save it in your local folder.

Tip: Contact NetBrain Support Team to get the download link.

2.Extract installation files from the netbrain-ie-windows-x86_64-8.0.3.zip file.

3.Right-click the netbrain-ie-windows-x86_64-8.0.3.exe file, and then select Run as administrator to start the Installation Wizard.

4.Follow the Installation Wizard to complete the installation step by step:

1).NET Framework 4.8 must be pre-installed on this machine before you install the Application Server. The Installation Wizard will automatically check this dependency. If it has not been installed, the wizard will guide you through the installation as follows; it has been installed, the wizard will directly go to step 2).

Note: Make sure the Windows update is of the latest. For Windows Server 2012, you might be asked to install some software patches before the .NET Framework 4.8 installation can start.

a)Click Install.

b)Read the license agreement of Microsoft .NET Framework 4.8, select the I agree to the license terms and conditions check box and click Install. It might take a few minutes for the installation to be completed.

Note: Some running applications must be closed during the installation of .NET Framework 4.8, such as Server Manager.

c)You must click Restart to restart the machine immediately. Otherwise, the upgrade will fail due to the failure of upgrading the new .Net Framework. After the machine reboots, continue with step 2).

Note: Ensure the FIPS is disabled after restarting the machine. To disable the FIPS setting, modify the Enabled value to 0 under the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy directory of Windows registry

2)On the Welcome page, click Next.

3)On the NetBrain Integrated Edition Prerequisites page, read the components that must be set up in your environment beforehand and click Next.

4)On the System Configuration page, review the system configuration summary and click Next.

5)On the License Agreement page, read the license agreements, select the I have read the subscription EULA… check box and then click I ACCEPT.

6)On the Customer Information page, enter your company name, and then click Next.

7)On the Destination Location page, click Next to install the Web Server and Web API Server under the default directory C:\Program Files\NetBrain\. If you want to install them under another location, click Change.

8)Select both the Web API Service and Web Server check boxes, and then click Next.

9)On the MongoDB Server Connection page, enter the following information to connect to MongoDB and then click Next.

Addressenter the IP address of MongoDB and the corresponding port number. By default, the port number is 27017.

Tip: You can enter the fully qualified domain name (FQDN) of MongoDB if all NetBrain servers are managed in the same domain. For example, test.netbraintech.com:27017.

User Name — enter the username that you created when installing MongoDB.

Password — enter the password that you created when installing MongoDB.

Replica Set Name — enter the replica set name of MongoDB. Keep the default value rs as it is.

Use SSL — used to encrypt the connections to MongoDB with SSL. If SSL is enabled on MongoDB, select this check box; otherwise, leave it unchecked.

10) On the License Agent Server Information page, enter the following information to connect to License Agent, and then click Next.

License Agent port — the port number that the service of License Agent Server listens to. By default, it is 27654.

Use SSL — used to encrypt the connections to License Agent Server with SSL. If SSL is enabled on License Agent Server, select it; otherwise, leave it unchecked.

11) On the Elasticsearch Connection page, enter the following information to connect to Elasticsearch, and then click Next.

Addressenter the IP address of Elasticsearch and the corresponding port number. For example, 10.10.3.142:9200.

Note: If a proxy server is configured on this machine to access the Internet, you must add the IP address and port number of Elasticsearch into the proxy exception list of the web browser, to ensure this NetBrain server can communicate with Elasticsearch.

Tip: You can enter the FQDN of Elasticsearch if all NetBrain servers are managed in the same domain. For example, test.netbraintech.com:9200.

User Name — enter the username that you created when installing Elasticsearch.

Password — enter the password that you created when installing Elasticsearch.

Use SSL — used to encrypt the connections to Elasticsearch with SSL. If SSL is enabled on Elasticsearch, select it; otherwise, leave it unchecked.

12) On the RabbitMQ Connection page, enter the following information to connect to RabbitMQ, and then click Next.

Address enter the IP address of RabbitMQ.

Tip: You can enter the FQDN of RabbitMQ if all NetBrain servers are managed in the same domain.  

User Name enter the admin username that you created when installing RabbitMQ.

Password enter the admin password corresponding to the username that you created when installing RabbitMQ.

Port Numberenter the port number used by RabbitMQ to communicate with Web API Server, Worker Server, and Task Engine. By default, it is 5672.

Use SSL — used to encrypt the connections to RabbitMQ with SSL. If SSL is enabled on RabbitMQ, select it; otherwise, leave it unchecked.

13) On the Redis Connection page. enter the following information to connect to Redis, and then click Next.

Master Address — enter the IP address of Redis.

Tip: You can enter the FQDN of Redis if all NetBrain servers are managed in the same domain.

Passwordenter the admin password that you created when installing Redis.

Use SSL — used to encrypt the connections to Redis with SSL. If SSL is enabled on Redis, select it; otherwise, leave it unchecked.

Redis Portenter the port number used by Redis to communicate with Web API Server, Worker Server, and Front Server Controller. By default, it is 6379.

Stunnel Port required only if Use SSL is enabled. Enter the port number of the secure stunnel used to forward all traffics on Redis. By default, it is 7000.

Use Sentinel — required only if you set up a Redis Cluster. Leave it unchecked.

14) (Required only if the Use Sentinel check box is selected in the previous step.) On the Redis Replication page, enter the following information to connect to Slave and Sentinel Redis, and then click Next.

Slave Address the IP address of Slave Redis Server.

Note: Don't use the FQDN or hostnames to connect to Slave Redis Server or Sentinel Redis Server.

Slave Port the port number used by Slave Redis Server to communicate with Web API Server and Worker Server.

Stunnel Port — required only if Use SSL is enabled. Enter the port number of the secure stunnel used to forward all traffics on the Slave Redis Server or Sentinel Redis Server.

Sentinel Address the IP address of Sentinel Redis Server.

Sentinel Port the port number used by the Sentinel to listen to the Master Redis Server.

15) (Required only if the Use SSL check box is selected when configuring the connections to MongoDB, License Agent, Elasticsearch, RabbitMQ, or Redis.) Configure whether to authenticate the Certificate Authority (CA) of the SSL certificates used on these servers, and then click Next.

To authenticate CA:

a)Select the Conduct Certificate Authority verification check box.

b)If the CA has not been installed on this machine, click Browse to import the CA certificate file, for example, ca.pem; otherwise, select I have already installed the Certificate Authority on this machine.

Note: Only the certificate in Base-64 encoded X.509 PEM format is supported.

Note: The following conditions must be met if you select I have already installed the Certificate Authority on this machine:
- The CA certificate must contain CRL Distribution Points property with valid CRL HTTP distribution point URL. (CRL stands for Certificate Revocation List.)
- The CRL Distribution Points URL must be accessible to Web Server/Worker Server.
- Internet access must be ensured if the certificate is signed by third-party CA.

16) On the KeyVault Administration Passphrase Settings page, create a passphrase to initialize and manage the system KeyVault which contains all encryption keys to protect data security. Type it twice and select the Enable Resetting KVAP check box to enable the KVAP resetting. Click Next.

Tip: The passphrase must contain at least one uppercase letter, one lowercase letter, one number, and one special character, and the minimum permissible length is 8 characters. All special characters except for the quotation mark (") are allowed.

Note: Keep notes of the passphrase because it is required when you scale up or upgrade the Application Server. In case of losing the passphrase, keep the Enable Resetting KVAP check box selected so that NetBrain system admin can reset the passphrase at any time. See Resetting KeyVault Administration Passphrase for more details.

17)  On the Web API Server Configuration page, create an API key for Web API Server to verify the connection request from Service Monitor Agent. Type it twice and click Next.

18) Review the summary of the installation settings and click Install.

5.After successfully installing the Web Server and Web API Server, click Finish to complete the installation process and exit the Installation Wizard.

6.Open the IIS Manager to check that the Default Web Site and ServicesAPI service exist.

7.Open the Task Manager to check that the NetBrainKCProxy service is running.

Tip: To have the required configurations auto-populated during the installation of other system components, you can copy the netbrain,ini file from the C:\NBIEInstall of this machine directly to the C:\ drive of the machines where Worker Server, Task Engine, and Front Server Controller will be installed.