Brief Instructions for the initial launch

Mindbreeze InSpire G7

PreparationPermanent link for this heading

Please find inside a short guide to help you prepare your infrastructure for Mindbreeze InSpire.

Please provide us with the desired fully qualified host names for Mindbreeze InSpire (e.g. search.companyname.com), the technical contact for the implementation and suitable dates for the on-site support via our Mindbreeze InSpire contact form: https://www.mindbreeze.com/inspire-contact. Please also provide us with all data sources that you would like to link to the search. If necessary, also provide us with the authentication mechanism to be used for the search (e.g. Kerberos, SAML, etc.).

Necessary hardware resources Permanent link for this heading

  • Mindbreeze InSpire is envisaged for installation in a 19” server rack.
    2RU are required – please reserve this space.
  • We recommend making two power connections available for the Mindbreeze InSpire server to guarantee a failsafe power supply (each 750W rated output).
  • If possible, please prepare 2 Ethernet LAN connections so that the network bonding can be configured. For this both connections must be in the same sub-network. An Ethernet LAN connection is essential.
  • To connect the Remote Management Interface (iDRAC), you require a 3rd Ethernet port. Please make sure that it is assigned a correct IP address (DHCP/manual). The assigned IP address can then be viewed on the front panel display or in BIOS. This IP is mandatory for the initial contact with our consulting team.

Mindbreeze Service UsersPermanent link for this heading

For Kerberos-based authentication with Active Directory you must set up a service user in Active Directory, e.g. mindbreeze.service. Please ensure that the following requirements are met:

  • There must be an NTP server that is time synchronous with your Active Directory server and that the Mindbreeze InSpire appliance can access.
  • The user exists in Active Directory
  • The user has the service principal name
    HTTP/<fully qualified host name for Mindbreeze InSpire>
    As Active Directory domain administrator you can set the service principal name in a Windows prompt with the following command:
    setspn –s HTTP/<full qualified hostname for Mindbreeze InSpire><domain>\<mindbreeze.service>
    Sample:
    setspn –s HTTP/search.companyname.com company\mindbreeze.service
  • The fully qualified hostname must have a DNS listing.
  • The service user must have the “Trusted for Delegation (Kerberos only)” attribute set. You can set the attribute “Trusted for Delegation (Kerberos only)” for the user in the Microsoft Management Console under “Active Directory Users and Computers”.

Optional Service User Permanent link for this heading

To crawl the data sources, users with full read access rights for all data to be indexed should also be created. These are only used by Mindbreeze to index data.

Firewall ConfigurationPermanent link for this heading

Please note that the following network connections are activated for the Mindbreeze InSpire server:

  • At least Port 443 for the Mindbreeze Client Service must be accessible by all users
  • Port 8443 and 22 are accessible by administrators
  • Port 2222 is available for synchronization of InSpire Appliances
  • Ports 88 and 389 on all Active Directory servers must be accessible by the Mindbreeze InSpire Service
  • Among data sources, other services and the Mindbreeze InSpire Appliance appropriate ports must be unlocked (e.g. NTP: Port 123)


Technical RequirementsPermanent link for this heading

Electrical and Other Technical Requirements for installing your Mindbreeze InSpire Appliance

IntroductionPermanent link for this heading

Your Mindbreeze InSpire Appliance must be installed in a location meeting the temperature, electrical, refrigeration, and other requirements shown in the following tables.

Requirements for Mindbreeze InSpire R730Permanent link for this heading

Requirement

Mindbreeze InSpire

Typical Thermal Dissipation

2891 BTU/hr

Operating Temperature Range

Storage Temperature Range

10°C to 35°C (50°F to 95°F) with a maximum temperature gradient of 20°C/h (36°F/h).

–40°C to 65°C (–40°F to 149°F) with a maximum temperature gradient of 20°C/h (36°F/h).

Note: Maximum temperature is reduced by 1°C/300 m (1°F/547 ft) above 950 m (3,117 ft).

Operating Relative Humidity Range

Storage Relative Humidity Range

10% to 80% Relative Humidity with 29°C (84.2°F) maximum dew point.



5% to 95% RH with 33°C (91°F) maximum dew point. Atmosphere must be non-condensing at all times.

Maximum Operating vibration

Maximum Storage vibration

0.26 G rms at 5 Hz to 350 Hz (all operation orientations).

1.88 G rms at 10 Hz to 500 Hz for 15 min

Maximum Operating shock

Maximum Storage shock

Six consecutively executed shock pulses in the positive and negative x, y, and z axes of 40 G for up to 2.3 ms.


Six consecutively executed shock pulses in the positive and negative x, y, and z axes (one pulse on each side of the system) of 71 G for up to 2 ms.

Maximum Operating altitude

Maximum Storage altitude

3048 - 2000m (10,000 - 6560 ft)

12,000 m (39,370 ft)

Maximum System Power Consumption

750 W

Input Voltage (AC)

100 - 240 V AC, autoranging

Frequency

50/60 Hz

Weight

31.5 kg (69.45 lb) at maximum configuration

Physical Dimensions

Width: 48.2 cm (18.98 inch)

Depth: 75.58 cm (29.75 inch)

Height: 8.73 cm (3.44 inch)

Industry Rack Height

2U

Requirements for Mindbreeze InSpire R740Permanent link for this heading

Requirement

Mindbreeze InSpire

Typical Thermal Dissipation

2891 BTU/hr

Operating Temperature Range

Storage Temperature Range

10°C to 35°C (50°F to 95°F) with a maximum temperature gradient of 20°C/h (68°F/h).

–40°C to 65°C (–40°F to 149°F) with a maximum temperature gradient of 20°C/h (68°F/h).

Note: Maximum temperature is reduced by 1°C/300 m (1°F/547 ft) above 950 m (3,117 ft).

Operating Relative Humidity Range

Storage Relative Humidity Range

10% to 80% Relative Humidity with 29°C (84.2°F) maximum dew point.

5% to 95% RH with 33°C (91°F) maximum dew point. Atmosphere must be non-condensing at all times.

Maximum Operating vibration

Maximum Storage vibration

0.26 G rms at 5 Hz to 350 Hz (all three axes).

1.88 G rms at 10 Hz to 500 Hz for 15 min

Maximum Operating shock

Maximum Storage shock

Six consecutively executed shock pulses in the positive and negative x, y, and z axes of 6 G for up to 11 ms.

Six consecutively executed shock pulses in the positive and negative x, y, and z axes (one pulse on each side of the system) of 71 G for up to 2 ms.

Maximum Operating altitude

Maximum Storage altitude

3048 m (10,000 ft)

12,000 m (39,370 ft)

Maximum System Power Consumption

750 W

Input Voltage (AC)

100 - 240 V AC, autoranging

Frequency

50/60 Hz

Weight

22.5 kg (49,61 lb) at maximum configuration

Physical Dimensions

Xa:482.0 mm (18.98 inches)

Xb:434.0 mm (17.09 inches)

Y:86.8 mm (3.42 inches)

Za:35.84 mm (1.41 inches)

Zb:678.8 mm (26.72 inches)

Zc:715.5 mm (28.17 inches)

Industry Rack Height

2U


Mindbreeze Management CenterPermanent link for this heading

PreparationPermanent link for this heading

The Mindbreeze InSpire Management Center is the interface where administration and management tasks can be performed on a Mindbreeze InSpire Search Appliance.

Browser SupportPermanent link for this heading

The Mindbreeze InSpire Management Center is fully supported in the following browsers:
Google Chrome, Mozilla Firefox, Apple Safari.

Firewall ConfigurationPermanent link for this heading

For accessing the Mindbreeze InSpire Management Center make sure that the following network ports are accessible on the connected Mindbreeze InSpire server network interfaces.

Admin and Management Ports:

  • Port 8443 (HTTPS) for accessing the Mindbreeze Management Center
  • Port 22 (SSH) for accessing the Mindbreeze System Configuration Interface through one of our consultants.

General Mindbreeze Ports:

  • Port 443 (HTTPS) for accessing the Mindbreeze Client
  • Port 2222 (SSH) for synchronization between Mindbreeze Appliances

For using the iDRAC interface of the Mindbreeze InSpire Server the following Ports have to be accessible on the Mindbreeze InSpire Server’s iDRAC network interface:

  • Port 443 (HTTPS) for accessing the iDRAC Web Interface
  • Port 5900 (TCP, UDP) for accessing the iDRAC Virtual Console
  • Port 8080 (TCP, UDP) for accessing the iDRAC Virtual Console

Getting StartedPermanent link for this heading

Connect by WirePermanent link for this heading

Make sure that the Mindbreeze InSpire Appliance network interface cards (NICs) are connected by wire. At least the iDRAC interface as well as one of the host NICs. Per default the Mindbreeze InSpire NICs are set to DHCP. See below on how to use iDRAC to obtain the host MAC address for reserving a DHCP lease.

IP Address Configuration of the iDRAC Interface (physical access required)Permanent link for this heading

The IP address of the iDRAC interface after successful connection can be viewed locally on the front panel LCD by accessing the following menu:

  • Home > View > iDRAC IP > IPv4 | IPv6 and selecting IPv4 (if it is the case).

A short introduction about the Front Panel LCD is available at:

http://en.community.dell.com/techcenter/extras/w/wiki/3869.lcd-info-screen-and-led-alert-panel-on-poweredge-12th-generation-servers#Setting

With this information, you can retrieve from the DHCP server which IP address was leased for the network interfaces.

If DHCP is not available for the iDRAC network interface the IP Address can be set manually via the Front Panel LCD, as follows:

  • Navigate from home screen to setup screen and then to the Static IP tab:
    Home > Setup ->iDRAC -> DHCP | Static IP -> IP: 192.168.2.12
  • After IP v4 configuration from the same screen we can configure sub network mask and gateway as well:
    Home > Setup > IDRAC > Static IP - >Sub: 255.255.255.0
    Home > Setup > IDRAC > Static IP - >Gtw: 192.168.2.1

On the Front Panel LCD of the server also the MAC addresses of the host interfaces are listed. For viewing the MAC addresses, please follow this path:

  • Home > View > MAC >iDRAC| iSCSI1 | iSCSI2 | iSCSIn | NET1 | NET2 …NETn. Here the NET1..N interfaces are the host network interfaces.

Option 1) IP Address Configuration of the Host Interfaces via DHCPPermanent link for this heading

If DHCP is available the MAC addresses of the host interfaces (either obtained in the previous step) or obtained via the iDRAC Admin portal (https://<iDRAC_IP>:443) can be used to identify/or reserve the respective DHCP leases and therefore the obtained IP addreses.

Login for the iDRAC Admin Portal:

  • Username: root
  • Password: Appliance123

Option 2) IP Address Configuration of the Host Interfaces via iDRACPermanent link for this heading

If DHCP is not available to automatically assign network settings to the host network interfaces, the network configuration for these interfaces can be accomplished by connecting to the Virtual Console using the iDRAC Web Interface (https://<iDRAC_IP>:443).

In the Virtual Console, log in with the following credentials:

  • Username: config
  • Password: Appliance123

After a successful login the Network Configuration Interface is shown. Here the DNS Server and the static addresses of the network interface (bond0) can be configured. It is recommended to configure the DNS server only via “DNS configuration”.

Option 3) IP Address Configuration of the Host Interfaces via physical accessPermanent link for this heading

If access to iDRAC is not available log in using the config user can also performed physically. See above for the steps to set the Device and DNS configuration.

Management CenterPermanent link for this heading

Accessing the Mindbreeze InSpire Management CenterPermanent link for this heading

After a successful network configuration the Mindbreeze InSpire Management Center is accessible via the following Secure HTTP Link: https://<ip_address>:8443 . Here the <ip_address> tag is the IP address of one of the connected network interfaces.

For accessing the Mindbreeze InSpire Management Center login credentials are required. By default, the management center can be accessed with “admin” user and “Appliance123” password.

SectionsPermanent link for this heading

Below is the short description of the main sections in the Mindbreeze InSpire Management Center.

Search AppsPermanent link for this heading

In this section a preconfigured Mindbreeze Client Service and a Search App Editor can be accessed.

ReportingPermanent link for this heading

Here you can explore reports, telemetry data and statistics related to the Mindbreeze services.

Search ExperiencePermanent link for this heading

In this section various advanced search parameters can be configured such as “Synonyms”, “Stemmer Vocabulary” and “Relevance”. For more information visit Mindbreeze Query Expression Transformation.

ServicesPermanent link for this heading

In this section different operations related to the Mindbreeze services can be performed, such as starting and stopping the services or resetting the indices (reindexing).

ConfigurationPermanent link for this heading

The detailed configuration of the Mindbreeze services and components can be accessed and modified from this section. A detailed description of the configuration settings is available on help.mindbreeze.com.


SetupPermanent link for this heading

In this section you can setup Kerberos, generate keytabs, configure access to different parts of the appliance, configure a mail server and restart containers.

KerberosPermanent link for this heading

Kerberos configuration and keytab generation. Please find details in Configuration – Kerberos Authentication.

CredentialsPermanent link for this heading

Mindbreeze InSpire uses the software component Keycloak to manage backend-credentials. This section covers the most important use-cases (change password, create new users …). Please find additional documentation here: Keycloak 3.4 Server Administration

Change PasswordPermanent link for this heading

You will be prompted to change the admin password at first login in the management center. If you want to change the password later, please navigate to the menu entry “Credentials“ in the “Setup“ section. The password change option is available at “Manage“ - “Users“ and the Credential tab of the user you want to change the password for. The option “Temporary” forces the user to change the password at the next login. Apply your changes with “Reset Password“.

Create UserPermanent link for this heading

You can create users in the same menu section. Select “Mange“ – “Users“ – “Add user“. Supply an username and click on “Save”. Switch to the “Credentials“ tab to set a password. You also need to assign Roles to the user according to the following section. To be able to use the feature “Forgot Password”, you should provide a valid E-Mail address for every user.

Manage RolesPermanent link for this heading

Access to the sections of the management center (for example “Reporting“ or “Configuration“) is managed using predefined roles. You can access a list of all roles in the “Credentials” section of the management center at “Configure” – “Roles”. The user “admin” has already be assigned all roles. To assign roles to a user or remove them, please navigate to “Manage” – “Users”. Search for and select the user you want to manage. Select “Edit” – “Role Mapping” to assign or remove roles.

InSpirePermanent link for this heading

Global SettingsPermanent link for this heading

Mindbreeze InSpire needs to send emails for resetting the administration password and app.telemetry notifications. Please supply your mail server in “SMTP Server”. To use the same mail server for sending alerts, configure “localhost” for the Client Service Alerts setting “SMTP-Server”.

Container ManagementPermanent link for this heading

Restart or Stop “InSpire” and “Infrastructure” Container. If you stop the “InSpire” container, the Mindbreeze InSpire services are no longer available.

UpdatePermanent link for this heading

Install updates. Please find details in section 5: Mindbreeze InSpire Updates.

Continuous Updating of the Operating System Patches Permanent link for this heading

Operating system patches are provided as part of the Mindbreeze InSpire update package.

After applying the update a restart of the appliance is required.

Mindbreeze InSpire UpdatesPermanent link for this heading

IntroductionPermanent link for this heading

New versions of Mindbreeze InSpire can be installed via the Management Center. You need the (G7-)Image-File and a webbrowser with access to the Management Center. You can aquire the Image-File at the following link on the Mindbreeze website: Updates & PI

InstallationPermanent link for this heading

Open the Management Center and navigate to the section „Update“ „Upload“.

Select the image file via „Choose File“ and click on „Upload File“. A progress bar is displayed during the upload process.

The next step shows important information about the update.

You can choose if the appliance should reboot automatically if needed. A password is only required if the update does not start (please contact Mindbreeze support if that happens).

If you agree to the General Terms and Conditions, click on „Perform Update“ to start the update process. Notice: Services are not available during the update. The update step shows detailed information about the update process. The message „Success“ is displayed after the update is done successfully.

During the update you may be have to enter your credentials for the management center again.

If you do not want to start the update immediately after the upload your can always come back to the section “Update”->”Perform Update”.

Mindbreeze InSpire ManagementPermanent link for this heading

Mindbreeze InSpire Management allows you to configure global settings for the InSpire appliance and restart individual containers as needed.

Open the Management Center and navigate to the section Setup” “InSpire”.

Global settingsPermanent link for this heading

The SMTP server can be set in the “Global Settings” section. This is used for password reset, app.telemetry, and for sending alerts via the client service. To do this, set localhost as the SMTP server for the alerts in the client service.

Container managementPermanent link for this heading

The “Container Management” section enables you to restart the InSpire Container. If the InSpire Container is stopped, the InSpire services are not available.

You also have the option of restarting the InSpire infrastructure.

Uploading certificatesPermanent link for this heading

The “SSL Certificate” section enables you to exchange the SSL certificate for the Management Center of the appliance. You can install a p12 or pfx certificate file via upload. For encrypted certificates, the password for decrypting the certificate file must be entered.

Backup StrategyPermanent link for this heading

Mindbreeze InSpire Backup StrategyPermanent link for this heading

This document describes the key facts that should be regarded for backups of Mindbreeze InSpire configuration files and index data.

The backup strategy should include the following type of data and should especially be performed before installing product updates:

  • Mindbreeze Configuration data: after major changes in the Mindbreeze configuration you should take a backup of the main configuration files.
  • Custom SearchApps: after deploying custom Mindbreeze Search Apps) you should take a backup of those changed files.
  • Mindbreeze Index Data: before starting product updates or for huge data sources after they have been fully crawled you should take a backup of the index.
  • app.telemetry Configuration Data: also the app.telemetry configuration should be included in your backup strategy (at least if modified/extended for custom needs).
  • Credentials: The user database contains the credentials of the users and role mappings for the access control system and should be in the backup.
  • Other adjustments: Take a backup of any further adjustments that do not conform to the Mindbreeze standard product.

Backup StrategiesPermanent link for this heading

Backing up the Configuration DataPermanent link for this heading

The last 10 revisions of the Mindbreeze configuration data files are kept in the configuration directory. Nevertheless, you should take an external backup of those files:

  • Configuration files are stored in /etc/mindbreeze

Important configuration files:

  • mesconfig.xml
  • license
  • plugins
  • mesmasteruri.conf

Furthermore, please execute export_managerconfig.sh including a path (e.g. export_managerconfig.sh /data/export) and make a backup of the folder export.

Backing up Custom Search AppsPermanent link for this heading

If you have deployed your own Search Apps, you should take a backup of these changes:

  • Custom SearchApps
    (/data/apps/<yourApp>)

Backing up the Index DataPermanent link for this heading

Fabasoft Mindbreeze uses a file based index. These index files can be backed up completely in a consistent state.

To save index data, perform the following steps:

  1. Change the mode of the index service to „Mode: readonly”. This can be achieved by using the Mindbreeze Manager UI and simply clicking the icon for the index state on the overview page.
  2. Check the consistency of the index with mescontrol (adapt the index port for the desired index)
    mescontrol http://indexserver.yourcompany.com:23100 checkconsistency
  3. Verify the exit code (ERRORLEVEL) of mescontrol
    echo %ERRORLEVEL% (should return the value 0 on success)
  4. In order to start the backup process navigate to the directory where the index is stored and perform the backup (after a successful consistency check) as follows:
    1. Either copy the whole index directory to the target backup path using the operating system copy tools (e. g. Linux Console). You could compress this target folder later on to save disk space.
    2. Or directly create a backup archive of the index directory using any compression tool of your choice. But be careful and consider the following issues:
  5. Creating a compressed backup archive may take much longer than a simple copy task therefore the Mindbreeze index will stay in readonly-mode for a longer time.
  6. The backup tool must not modify any index files and must be able to handle open files with shared read access (locked by some Mindbreeze processes for read-access). For example using the 7-Zip tool you have to activate the option „Compress shared files“ (-ssw).

  1. Change the mode of the index service to “Mode: running”

Backing up the app.telemetry ConfigurationPermanent link for this heading

Just take a copy of the main app.telemetry configuration file (infra.xml) located at following location:

/etc/app.telemetry/

Backing up CredentialsPermanent link for this heading

The user database is exported daily into the following location within the keycloak container:

/data/backup/curr

This location is also accessible in the host under the location:

/var/data/keycloak/data/backup/curr

Add this location to your backup.

Running Third-Party SoftwarePermanent link for this heading

General notes about Mindbreeze InSpire as an appliancePermanent link for this heading

Mindbreeze InSpire is delivered to customers as a preconfigured appliance. The pre-installed software components were coordinated with one another and tested for possible side effects.

It is not foreseen that customers make changes to the software status on their own, except for security updates, for which the recommended procedure is explained in the brief guide entitled:
“Brief Instruction - Continuous Updating of the Operating System Patches”.

Possible examples of adverse changes to the software status include:

  • Software updates from installed applications (except Mindbreeze product updates)
  • Removing (uninstalling) preinstalled software
  • Installing new software (such as antivirus software)Backup Strategies

Impact of third-party software on Mindbreeze InSpirePermanent link for this heading

Depending on the type of third-party software components, the effects this may have on Mindbreeze can vary.

The possible effects of third-party software include:

  • Negative impact on system performance …
    • due to excessive hard disk access (e.g. antivirus software)
    • due to excessive storage usage of the third-party application
  • Stability problems due to unexpected file access …
    • File locking
    • Modification of file contents

The most common problems are to be expected through the use of antivirus software and can be minimized as described in the following chapter.

Minimizing the impact of antivirus software on MindbreezePermanent link for this heading

To minimize any negative impact on Mindbreeze performance and stability, the following directories should be specifically excluded from virus scanning runs:

  • Mindbreeze index directories (path depends on the configuration)
    • Example (Linux): /data/indices
  • Mindbreeze log directories (path depends on the configuration)
    • Example (Linux): /data/logs
  • Mindbreeze configuration directory
    • Linux: Configuration files are stored under: /etc/mindbreeze
  • Mindbreeze product directory:
    • Linux: /opt/mindbreeze
  • Fabasoft app.telemetry product directory:
    • Linux: /opt/app.telemetry
  • Fabasoft app.telemetry data directory:
    • Linux: /var/opt/app.telemetry/
  • Directory of the Fabasoft app.telemetry telemetry database:
    • Linux: /data/postgres/
  • Temp-directories used by the individual services:
    • Linux: /tmp sowie /var/opt/mindbreeze

However, any type of virus scan run can have a potential negative effect on the system performance and consequently the response time behaviour of Mindbreeze. If regular system scans are unavoidable, we recommend that they be performed in maintenance windows or outside the core time in which the search is offered.