I would like to understand the steps for deploying a WSO2 server to a production environment.
Using WSO2 ESB as an example, I have seen instructions for extracting the binary and running the startup script, but just these steps don't seem robust enough for a production environment - in a production environment, I would expect to see some additional steps:
- what directory is the normally used for installing?
/opt,/usr/local, something else? - create a unix user account and unix group for running the service
- setting up ulimits - are ulimits normally configured for wso2 services?
- creating init.d scripts for starting the service automatically (there is a blog here, but as discussed in the blog comments, the blog seems to go against a warning in the official ESB document not to install the service as a daemon)
- to security harden the service:
- e.g. replace self signed certificates - which certificates?
- e.g. change default passwords - which user accounts?
- what else needs to be security hardened?
- configuring clustering (this seems to be documented here)
- configuring the credential store:
- production database credential store (this seems to be documented here), or
- ldap credential store
Question: What are the steps required to deploy a WSO2 server to a production environment?
Question: I've also seen some puppet scripts. Are these scripts production ready?
NOTE: I've previously posted this question on the wso2 mailing lists which is primarily attended by WSO2 employees. I'm also posting here to the user community who hopefully have put some wso2 servers into production.
