Setting up Admin Center

Admin Center is a web user interface that runs on Liberty V8.5.5.2 and later servers. After installing Liberty and creating a server, configure the server.xml file.

Open LibertyIn version 21.0.0.4 and later, see the Open Liberty website for Admin Center documentation.

Before you begin

Open Liberty Starting with 19.0.0.12, Liberty supports the reader role for read-only access to select administrative REST APIs and the Admin Center UI. For more information, see the Open Liberty website.

Install WebSphere® Application Server Liberty with Liberty Administrative Center ("Admin Center"). The Installing Liberty Repository assets topic lists the ways to install assets such as Admin Center. The quickest way to install Admin Center is to run the installUtility command or the featureManager command:

  1. If you have not done so already, install WebSphere Application Server Liberty V8.5.5.2 or later.
    Restriction: Ensure that you use a Java virtual machine (JVM) that supports Liberty products and Secure Sockets Layer (SSL). Do not use an IBM JVM available with a WebSphere Application Server traditional product, such as Network Deployment, for your Liberty installation with Admin Center. By default, the IBM JVM available with a traditional product points to security classes that are available only with a traditional product, and not to security classes needed by Admin Center. Using an IBM JVM available with a traditional product can cause Admin Center to not display in a browser.
  2. Open a command window at the main directory of the Liberty installation. For example, open a command window at c:\wlp.
  3. Run a command to install the adminCenter-1.0 feature.
    For Version 8.5.5.6 or later, run the installUtility command:
    bin/installUtility install adminCenter-1.0
    For Version 8.5.5.5 or earlier, run the featureManager command:
    bin/featureManager install adminCenter-1.0 --when-file-exists=ignore

To install Admin Center on hosts that cannot access the internet-based Liberty repository, first install Liberty and the Admin Center feature on a host that can access the internet. Then transfer the installation to the target hosts. The following information discusses packaging.

About this task

You can set up Admin Center on stand-alone servers and on collective controllers. This topic focuses on setting up a stand-alone Liberty server.

To enable Admin Center on a collective controller, see Configuring a Liberty collective. Ensure the server.xml file of the collective controller includes <feature>adminCenter-1.0</feature> in the feature manager configuration and sets a host value in the httpEndpoint element, such as host="*" so all hosts can access the collective controller.

Procedure

  1. If your Liberty installation does not have a server, create a Liberty server.

    For example, in a command window at the wlp/bin directory, create a server named myServer.

    server create myServer

    The example command adds server files to the wlp/usr/servers/myServer directory.

  2. Open an editor on the server.xml file of the Liberty server, and configure the server for Admin Center.
    1. Add the adminCenter-1.0 feature to the feature manager. 
      <featureManager>
   <feature>adminCenter-1.0</feature>
</featureManager>

      For more timely updates to server and application status in the Explore tool, also add the websocket-1.1 or websocket-1.0 feature to the server configuration.

      <featureManager>
   <feature>adminCenter-1.0</feature>
   <feature>websocket-1.1</feature>
</featureManager>

      WebSocket provides a live view of the topology regardless of size. Without the WebSocket feature, Admin Center periodically and frequently polls for changes.

    2. Add one or more users to configure a secure login.
      For example:
      <quickStartSecurity userName="admin" userPassword="adminpwd" />
      If user names or passwords include non-English characters, create the jvm.options file for the server and define the default client encoding as UTF-8:
      -Ddefault.client.encoding=UTF-8
      For information about the jvm.options file, see Customizing the Liberty environment.
      Configure administrative roles.
      <basicRegistry realm="basicRealm">
   <user name="admin" password="adminpwd" />
   <user name="reader" password="readerpwd" />
</basicRegistry>
      If user names or passwords include non-English characters, create the jvm.options file for the server and define the default client encoding as UTF-8:

      -Ddefault.client.encoding=UTF-8

      For information about the jvm.options file, see Customizing the Liberty environment

    3. Configure administrative roles required to access the Admin Center.

      A user with the administrator-role has full access to the Admin Center.

      <administrator-role>
   <user>admin</user>
</administrator-role>

      A user with the reader-role has read-only access to the Admin Center.

      <reader-role>
   <user>reader</user>
</reader-role>
    4. To protect keystore files that have server authentication credentials, define a keystore and assign it a password. 
      <keyStore id="defaultKeyStore" password="Liberty" />

      For an example server.xml file that defines an Administrator and a non-Administrator and that defines a keystore, see the Example in this topic. For information about defining multiple administrative users, see Example: Using BasicRegistry and role mapping on Liberty.

    5. To access Admin Center from a smartphone, tablet, or remote computer, ensure that the server.xml file sets the host attribute of the httpEndpoint element to * (asterisk) or to a defined host name. By default, the host attribute is set to localhost. 
      <httpEndpoint id="defaultHttpEndpoint"
              host="*"
              httpPort="9080"
              httpsPort="9443" />
    6. Save your changes to the server.xml file.

      If you defined the default client encoding as UTF-8 for non-English characters in the jvm.options file and the user registry is in quickStartSecurity or basicRegistry elements, which store user names and passwords in the server.xml file, then save the server.xml file in UTF-8 encoding.

  3. If the server is not running, start the server.

    For example, in a command window at the wlp/bin directory, enter a run or start command.

    server run myServer

    Look for server messages that show the adminCenter web application is running. After Admin Center is running, you can point a web browser at the application and log in. See Logging in to Admin Center.

Example: server.xml file that defines two authorized users

<server description="new server">

   <!-- Enable features -->
   <featureManager>
      <feature>adminCenter-1.0</feature>
   </featureManager>

   <!-- Define the host name for use by the collective.
        If the host name needs to be changed, the server should be
        removed from the collective and re-joined. -->
   <variable name="defaultHostName" value="localhost" />

    <!-- Define an Administrator and non-Administrator -->
   <basicRegistry id="basic">
      <user name="admin" password="adminpwd" />
      <user name="nonadmin" password="nonadminpwd" />
   </basicRegistry>

   <!-- Assign 'admin' to Administrator -->
   <administrator-role>
      <user>admin</user>
   </administrator-role>

   <keyStore id="defaultKeyStore" password="Liberty" />

   <httpEndpoint id="defaultHttpEndpoint"
                 host="*"
                 httpPort="9080"
                 httpsPort="9443" />

</server>