Server v6.4

Introduction

TickStream.Activity Server consists of the communication, computation and storage components needed to process TickStream.Activity client data.

System Requirements

Installing the software on-premises requires at least one physical or virtual server running:

  • Microsoft Windows Server 2012 (or greater)
  • Internet Information Services (IIS)
  • Microsoft SQL Server 2012 (or greater) with SQL Authentication enabled
  • SYSADMIN SQL Server credentials
  • FIPS mode disabled

It is recommended that your SQL server installation have sufficient resources and meet the availability requirements of your application (using technologies such as database mirroring, clustering or availability groups.)

It is recommended that your web service server(s) have sufficient resources and meet the availability requirements of your application (using hardware or software load balancing.)

It is recommended that you create DNS records for each web service and configure split-DNS if you plan to access the services from behind and in front of a firewall.

basetickstreamservices.yourdomain.com
cohorttickstreamservices.yourdomain.com
datatickstreamservices.yourdomain.com
cvtickstreamservices.yourdomain.com

Setup Wizard

  1. Download the TickStream.Activity Server setup package using the link provided to you.
  2. Run the setup package from the intended web service server. Press the ‘Next’ button when the welcome screen appears.

  3. Accept the licensing agreement. Press the ‘Next’ button to continue.

  4. Select the components you want to install and configure. Choose the path to install the TickStream.Activity Server files. Press the ‘Next’ button to continue.

  5. Enter your server license key.

  6. Enter the hostname (FQDN) that will point to each web service, i.e. basetickstreamservices.yourdomain.com These addresses should be added to DNS or resolvable by system hosts file entries. Enter the TCP port that the web services will run on (default 80.) This step will configure the site bindings in IIS. Press the ‘Next’ button to continue.

  7. Enter the the MSSQL Server address, for example localhost\sqlexpress or an IP address. Specify the passwords that will be assigned to the TickStream.Activity and TickStream.Explicator SQL users created during the database installation and keep them in a safe place.

    If you are using Impala functionality, you may also configure the connection string during installation.

    Web.config files are encrypted by default during installation using system level encryption provided by IIS. If your SQL server requires SSL encryption you may enable it.

    If an existing database installation is detected, you will be prompted that the databases will be overwritten!

  8. Provide SQL server credentials that have SYSADMIN rights to the SQL server. If you are logged in as a windows user that has permissions, you may select ‘Windows authentication’. Otherwise, select ‘SQL Server authentication’ and provide a username and password. Press the ‘Next’ button to continue and test connectivity to the server.

  9. Press the ‘Install’ button to start installation and wait while installation is completed.

  10. Press the ‘Finish’ button to complete setup.

Configuring SSL

Activity Server and Activity Client can communicate with eachother using HTTP or HTTPS (SSL encryption.) By default, the TickStream Activity Server installation package configures HTTP bindings for each of the webservices in Internet Information Systems (IIS).

To configure SSL encryption:

  • Obtain a valid SSL certificate from a trusted 3rd party or enterprise certificate authority.
  • Install the certificate on the system hosting TickStream Activity Server webservices.
  • Create HTTPS bindings using TCP port 443 for each TickStream Activity Server webservice.
  • Ensure HTTPS traffic is allowed through any local or intervening firewall services (i.e. Windows Firewall.)
  • Specify https:// webservice URLs when installing the Activity client.

Configuration Encryption

It is recommended that the web service configuration files be encrypted during installation. To modify the configuration files they must be decrypted first and then encrypted again. You must use the aspnet_regiis.exe tool to accomplish this.

To decrypt from an elevated command prompt:

cd C:\Windows\Microsoft.NET\Framework\v4.0.30319
aspnet_regiis.exe -pd "appSettings" -site "basetickstreamservices" -app "/"
aspnet_regiis.exe -pd "appSettings" -site "cohorttickstreamservices" -app "/"
aspnet_regiis.exe -pd "appSettings" -site "cvtickstreamservices" -app "/"
aspnet_regiis.exe -pd "appSettings" -site "datatickstreamservices" -app "/"
aspnet_regiis.exe -pd "connectionStrings" -site "cvtickstreamservices" -app "/"

To encrypt from an elevated command prompt:

cd C:\Windows\Microsoft.NET\Framework\v4.0.30319
aspnet_regiis.exe -pe "appSettings" -site "basetickstreamservices" -app "/"
aspnet_regiis.exe -pe "appSettings" -site "cohorttickstreamservices" -app "/"
aspnet_regiis.exe -pe "appSettings" -site "cvtickstreamservices" -app "/"
aspnet_regiis.exe -pe "appSettings" -site "datatickstreamservices" -app "/"
aspnet_regiis.exe -pe "connectionStrings" -site "cvtickstreamservices" -app "/"

If you are using configuration encryption in a web farm, you will need to manually configure encryption using a custom RSA key container and grant it privileges to the tickstreamservices IIS application pools.

Upgrades

It is recommended that you backup the web service files and databases before performing an upgrade. Upgrades may be performed in place and are cumulative.

When upgrading a single server installation the tickstreamservices IIS application pool will be stopped and started automatically.

When upgrading web services in a web farm, you must stop the tickstreamservices IIS application pool on all web servers before running the setup package.

Database upgrades use a transaction based schema versioning system to safely make changes and should only be run from one server.

Uninstallation

  1. To remove the TickStream.Activity Server databases and database users you must remove the database feature using the setup package's modify/change feature by running the setup package or selecting 'Modify' from Add or Remove programs in the Windows control panel.

  2. Provide SQL server credentials that have SYSADMIN rights to the SQL server. If you are logged in as a windows user that has permissions, you may select ‘Windows authentication’. Otherwise, select ‘SQL Server authentication’ and provide a username and password. Press the ‘Next’ button to continue and test connectivity to the server.

  3. You will be prompted to confirm that you wish to remove the databases and backup history.

  4. Press the Change button to complete the uninstall.

High Availability

The Activity web services and database must be available for all functionality to work. Please evaluate your organization's needs carefully to ensure uninterrupted operation. The Activity client will cache information if it is unable to reach the Activity web services, and will then gradually upload the information when the web services become available again.

All Activity web service operations are atomic, allowing the web services to be deployed across multiple IIS servers to increase availability and throughput. A load balancer is recommended to distribute incoming connections and handle servers that become unavailable. Round robin DNS can be used to distribute incoming connections, but may not provide availability if a balanced server is off line.

The Activity database may be deployed using any of Microsoft SQL Server's supported availability methods which are detailed here: https://msdn.microsoft.com/en-us/ms190202.aspx.

Backups

The Activity databases should be backed up appropriately. You may use any supported methodology supported by Microsoft SQL Server. We recommend making frequent transaction log backups to prevent gaps in data and reporting.