Customizing MobileFirst Server containers

You must add projects and customize the related project components before building MobileFirst Server container images.

Custom applications built using MobileFirst Studio, or using Xcode and the MobileFirst Platform Command Line Interface can be deployed in a MobileFirst Server container.

The container gets created from the artifacts that are provided in the MobileFirst Platform Foundation on IBM® Containers package. For an overview of the package contents and folder structure, see Package structure and contents.

The customizable elements for the MobileFirst Server container are located in package_root/mfpf-server/usr. The following tables describe the sub folders and files to use for customization.

Table 1. Descriptions of the mfpf-server/ sub folders
Folder	Description
./usr	Contains the customization template for the MobileFirst Server container.
./usr/bin	Contains the script file (mfp-init) that gets executed when the container starts. You can add custom code to the script, however, do not modify the existing code.
./usr/config	Contains the server configuration fragments (keystore, server properties, user registry) used by MobileFirst Server. keystore.xml - the configuration of the repository of security certificates used for SSL encryption. The files listed must be referenced in the ./usr/security folder. mfpfproperties.xml - configuration properties for the MobileFirst Server. See the supported properties listed in these topics: List of JNDI properties for MobileFirst Server administration Configuration of MobileFirst applications on the server registry.xml - user registry configuration. The basicRegistry (a basic XML-based user-registry configuration is provided as the default. User names and passwords can be configured for basicRegistry or you can configure ldapRegistry.
./usr/env	Contains the environment properties used for server initialization (server.env) and custom JVM options jvm.options. See Table 2 for a list of supported server environment properties.
./usr/jre-security	Add JRE security-related files (such as the JRE truststore, policy .jar files, and so forth) to be updated on the container. The files in this folder get copied to the `JAVA_HOME`/jre/lib/security/ folder in the container.
./usr/projects	Contains the existing projects that have been deployed to MobileFirst Server. You can add MobileFirst project WAR files or add the entire folder structure of a MobileFirst project.
./usr/projects/`project_name`	Contains the project to deploy to MobileFirst Server.
./usr/projects/`project_name`/bin	Contains the project WAR file. The name of the project and the name of the project WAR file must be the same.
./usr/projects/`project_name`/server/conf	Contains authenticationConfig.xml and SMSConfig.xml . These settings override the settings provided in the project WAR file.
./usr/projects/`project_name`/server/lib	Contains the library (JAR) files that are required by the project.
./usr/security	Contains your keystore, truststore, and LTPA keys (ltpa.keys) files.
./usr/ssh	Contains the ssh public key file (id_rsa.pub) to enable ssh on the container.
./usr/wxs	Contains The WebSphere® eXtreme Scale client library when the IBM Data Cache service on Bluemix® is used as the attribute store for MobileFirst Server.

Table 2. Supported server environment properties (server.env)
Property	Default Value	Description
MFPF_SERVER_HTTPPORT	9080^*	The port used for client HTTP requests. Use -1 to disable this port.
MFPF_SERVER_HTTPSPORT	9443^*	The port used for client HTTP requests secured with SSL (HTTPS). Use -1 to disable this port.
MFPF_CLUSTER_MODE	Standalone	Configuration not required. Valid values are Standalone or Farm. The value Farm is automatically set when the container is run as a container group.
MFPF_ADMIN_ROOT	worklightadmin	The context root at which the MobileFirst Server Administration Services are made available.
MFPF_CONSOLE_ROOT	worklightconsole	The context root at which the MobileFirst Operations Console is made available.
MFPF_ADMIN_GROUP	worklightadmingroup	The name of the user group possessing the predefined role `worklightadmin`.
MFPF_DEPLOYER_GROUP	worklightdeployergroup	The name of the user group possessing the predefined role `worklightdeployer`.
MFPF_MONITOR_GROUP	worklightmonitorgroup	The name of the user group possessing the predefined role `worklightmonitor`.
MFPF_OPERATOR_GROUP	worklightoperatorgroup	The name of the user group possessing the predefined role `worklightoperator`.
MFPF_SERVER_ADMIN_USER	WorklightRESTUser	The Liberty server administrator user for MobileFirst Server Administration Services.
MFPF_SERVER_ADMIN_PASSWORD	worklightadmin Ensure that you change the default value to a private password before deploying to a production environment.	The password of the Liberty server administrator user for MobileFirst Server Administration Services.
MFPF_ADMIN_USER	admin	The user name for the administrator role for MobileFirst Server operations.
MFPF_ADMIN_PASSWORD	admin	The password for the administrator role for MobileFirst Server operations.
publicKeyServerUrl		The URL to the MobileFirst runtime that runs the mobile apps with MobileFirst Data Proxy.

^*Do not modify the default port number. Read more in the following section.

After you finish customizing an image, it is ready to be built and run on IBM Containers for Bluemix.

Important: If you are going to use MobileFirst Operational Analytics, you must build and run the MobileFirst Operational Analytics container before deploying and running the MobileFirst Server container.

Containers must be restarted after any configuration changes have been made (cf ic restart containerId). For container groups, you must restart each container instance within the group. For example, if a root certificate changes, each container instance must be restarted after the new certificate has been added.

Port number limitation

There is currently an IBM Containers limitation with the port numbers that are available for public domain. Therefore, the default port numbers given for the MobileFirst Operational Analytics container and the MobileFirst Server container (9080 for HTTP and 9443 for HTTPS) cannot be altered. Containers in a container group must use HTTP port 9080. Container groups do not support the use of multiple port numbers or HTTPS requests.