This chapter describes the procedure for installing GemStone/S 64 Bitâ„¢ version 3.6.7. We recommend that you set up GemStone initially on a single machine, to ensure that all the pieces work together. Further setup to run a distributed system are described in the System Administration Guide. You will need to adjust the installation process to meet your specific needs.
If you are upgrading to this release from a previous version of GemStone/S 64 Bit, follow the instructions in the appropriate later chapter of this Installation Guide. These upgrade instructions will provide details on steps that need to be taken before and after the installation described here.
While GemStone/S 64 Bit on Linux/x86 is fully supported for production use, GemStone/S 64 on Linux/ARM is supported for development use only, not for production.
The following list summarizes the steps to install GemStone/S 64 Bit.
Before you install GemStone/S 64 Bit, ensure that the following system requirements are satisfied. Additional system resources may be necessary to support large applications.
GemStone performs testing on a mixture of Red Hat, CentOS, Rocky and Alma servers; these are all considered fully certified platforms. Any reference to Red Hat applies to any Red Hat-compatible distribution.
Note that GemStone/S 64 Bit v3.6.7 will not run on Red Hat Linux ES 6.x.
A C debugger allows C-level stack traces when a GemStone error occurs, or when using the pstack command. While not required for GemStone execution, it is strongly recommended that a debugger be installed, so diagnostic error stacks will be available.
GemStone requires a C/C++ compiler only if you are developing C or C++ code for user actions or for a C or C++ application; as described in the GemBuilder for C manual. This compiler is required only for development work, not for execution.
An X Windows server allows you to use GemStone’s graphical VSD application on Linux. Alternatively, GemStone statistical data may be viewed on Windows, by transferring the data files, or by mounting the file system on Windows. X Windows is not required for GemStone execution.
Modern Linux installations default to settings that support most GemStone configurations; there is no longer a need to set kernel.shmall, kernel.shmmax, kernel.sem, or fs.file-max. The default limits on modern Linux kernels are sufficiently large even for very large GemStone configurations.
It is recommended that you have sufficient memory to avoid the need to swap to disk. If there is the risk of swapping, you can avoid problems with GemStone performance (at the expense of other processes running on this machine) by locking the shared page cache into memory. Locking the cache into memory is configured by the parameter SHR_PAGE_CACHE_LOCKED.
If you are using huge pages (Huge Memory Pages), the cache is inherently locked, so there is no further action needed.
Locking the cache into memory requires that the user starting GemStone has permission to lock the amount of memory required by the cache. There are several ways to do this.
gsAdminUser soft memlock sizeInKB
gsAdminUser hard memlock sizeInKB
Note that after editing this file, you do not need to reboot, but you will need a new shell.
os$ setcap cap_ipc_lock=pe $GEMSTONE/sys/shrpcmonitor
Note that setting this capability will prevent statmonitor and gdb from attaching to shrpcmonitor; statmonitor will not be able to record certain process statistics, and pstack cannot get C stack traces. See statmonitor additional permission
If your system runs low on memory, the Linux OOM killer may select GemStone processes to terminate. To protect the shared page cache and other critical GemStone processes, the process’s oom_score_adj, which is used to select processes to terminate, is reduced, making them less likely to be selected and killed.
Reducing the oom_score_adj requires configuring the process to have that capability. To set the capability on the required executables:
os$ setcap cap_sys_resource=pe $GEMSTONE/sys/stoned
os$ setcap cap_sys_resource=pe $GEMSTONE/sys/pgsvrmain
Only the Stone and pgsvrmain executables need the capability; other critical processes spawned by the Stone, such as the Shared Page Cache Monitor, inherit the Stone’s protection and adjust their oom_score_adj, and therefore also are protected. The capability is dropped as soon as the oom_score_adj has been updated.
Likewise, the pgsvrmain, which is responsible for spawning critical processes for distributed configurations with remote caches, protects processes such as the remote cache.
To examine the oom_score_adj for a process, check the contents of the file:
os$ cat /proc/pid/oom_score_adj
If you are using UNIX authentication for GemStone logins, or if you run NetLDI as root with setuid (i.e. not in guest mode), you must have PAM (Pluggable Authentication Module) configured on the server. You may include a specific GemStone authorization service name, or allow the default “other” authentication definitions to be used.
PAM authentication definitions are in files under the directory /etc/pam.d. Alternatively, they can be lines in the configuration file /etc/pam.conf, but this usage is deprecated on many distributions. On these distributions, the presence of the /etc/pam.d directory will cause /etc/pam.conf to be ignored.
The specific GemStone service file names are gemstone.gem for user authentication, and gemstone.netldi for a NetLDI running with authentication.
The libraries that are specified in the stack depend on how you are configuring PAM to perform the authentication. The examples below are for PAM configured to invoke LDAP for authentication.
/etc/pam.d/gemstone.gem
auth required pam_ldap.so
/etc/pam.d/gemstone.netldi
auth required pam_ldap.so
/etc/pam.d/other
includes the following contents:
auth required pam_ldap.so
Consult your System Administrators for more information on how authentication is handled on your system.
The default size for memory pages on Linux is 4KB. Linux supports 2MB and 1GB Huge Pages; this document, and GemStone code, refers to these page sizes and all larger-than-default memory pages using the generic term large pages. Using large pages will improve performance for large repositories with large shared page caches.
The Linux kernel allows you to explicitly allocate 2MB or 1GB large pages to a specific application (such as GemStone), and also allows you to take advantage of 2MB transparent large pages, which are managed automatically without application level configuration.
Specifically allocated large memory pages are described in the next section, Huge Memory Pages.
Transparent huge pages are limited to anonymous memory regions. If they are enabled (they are enabled by default), transparent huge pages are managed by the kernel without application level configuration.
To confirm these settings are correct in your Linux environment, cat the file; the enabled parameter is within the square brackets. E.g.,
os$ cat /sys/kernel/mm/transparent_hugepage/enabled
always [madvise] never
To confirm that GemStone is using transparent huge pages, after GemStone has been started up, execute:
os$ cat /proc/pid/smaps
and look for the /SYSV line, and the subsequent value for ShmemPmdMapped.
Linux supports explicit configuration for 2MB and 1GB large pages that are specifically allocated to an application, as well as transparent large pages (as described in the previous section).
A Linux installation may be configured to use either 2MB and 1GB large pages, or both. Using large pages may improve performance for large repositories with large shared page caches; by explicitly configuring large pages, they are allocated on boot and the GemStone executable can be explicitly configured to use them.
To use explicitly configured large pages, you must determine the page size and the number of pages needed, configure Linux to allocate the required number of pages, and configure GemStone to use these pages.
To configure the use of large pages:
a. Determine pages sizes available on your Linux system, and decide on the size you intend to use. Smaller repositories may use 2MB pages, but repositories with multi-GB shared page cache sizes may benefit more from 1GB pages.
To determine the default huge page size, execute:
os$ grep -e '^Huge' /proc/meminfo
HugePages_Total: 5000
HugePages_Free: 2756
HugePages_Rsvd: 0
HugePages_Surp: 0
Hugepagesize: 2048 kB
To determine if you have another page size available, execute:
os$ ls /sys/kernel/mm/hugepages/
If you have 2MB pages, it will return:
hugepages-2048kB
If you have both 2MB and 1GB pages, it will report:
hugepages-1048576kB hugepages-2048kB
b. Determine the number of huge pages that will be needed, based on your GemStone configuration. This is calculated by the utility largememorypages. This utility needs several details to compute the number of required pages: the shared page cache size, the maximum number of GemStone processes, and the number of shared counters. These can be provided by arguments or read from an existing configuration file.
largememorypages [-e path ] [-z path] [-F cacheFrames | -M cacheKB]
[ -P maxProcesses] [-C maxSharedCounters] [-p largeMemoryPageSize]
You may specify the required values using a valid configuration file. This is parsed as a Stone configuration file and the necessary values extracted.
-e path
specifies an executable config file (same as startstone -e).
-z path
specifies a system config file (same as startstone -z).
If a config file is not specified, then -M or -F and -P and -C are required. These arguments can be used in addition to the configuration file, in which case they override values set or computed in the configuration file:
-F cacheFrames
shared cache size expressed in 16 KB frames
-M cacheKB
shared cache size with a optional units suffix.
-P maxProcesses
setting for SHR_PAGE_CACHE_NUM_PROCS
-C maxSharedCounters
setting for SHR_PAGE_CACHE_NUM_SHARED_COUNTERS.
-p largeMemoryPageSize
setting for SHR_PAGE_CACHE_LARGE_MEMORY_PAGE_SIZE_MB. Optional; the default is 2MB, may also specify 1 GB (or equivalent using appropriate units).
The following example is for an (approximately) 20GB shared page cache, 200 processes, and 1900 shared counters, with 2 MB memory pages:
os$ largememorypages -p 2MB -M 20GB -C 1900 -P 200
Cache config is 1310720 pages = 20480 MB, total is 21384 MB,
overhead 4% of configured size
Large page size requested is: 2 MB.
Large page overhead: 1.12 MB
For 1310720 pages, 200 processes and 1900 shared counters, 10 pusherThreads
minimum sizing for cache shmmax 22422749184, shmall 5474304.
Number of 2 MB large pages required: 10692
<with further update commands>
c. Allow large memory pages to be allocated and accessed by GemStone processes
To ensure processes have permission to use large memory pages, you need to do one of the following. You must execute these commands as root.
Select or create a group that includes the Linux user that will be starting up the shared page cache, and all users who will be accessing the shared page cache
Then create a file /etc/sysctl.d/64-gemstone-local.conf, to set this group’s numeric id; add the line:
vm.hugetlb_shm_group = numericGidOfGroup
To determine the group id based on the group name, execute
os$ getent group nameOfGroup
This will take effect on reboot; you can apply immediately by executing:
os$ sysctl --system
To verify the current value, cat /proc/sys/vm/hugetlb_shm_group, which will show the group id. To enable large pages transiently without rebooting, you can set the gid of the group directly in /proc/sys/vm/hugetlb_shm_group. This will be reset on reboot if not configured as by /etc/sysctl.d/64-gemstone-local.conf.
os$ setcap cap_ipc_lock=pe $GEMSTONE/sys/shrpcmonitor
Setting this capability will prevent statmonitor and gdb from attaching to that process; statmonitor will not be able to record certain process statistics, and pstack cannot get C stack traces. See statmonitor additional permission.
d. Configure large pages on Linux
Linux must be configured according to the instructions for your Linux distribution. You must execute these commands as root.
(1) To enable hugepages, the file /etc/default/grub needs to contain an entry for GRUB_CMDLINE_LINUX_DEFAULT that defines the number of 2MB and 1 GB huge pages.
Edit the file /etc/default/grub, to append a line defining the number of each size of pages to the GRUB_CMDLINE_LINUX_DEFAULT entry, for example to configure with 1GB pages to support the 20GB cache in the above example:
"hugepagesz=1G hugepages=22 hugepagesz=2M hugepages=0 default_hugepagesz=1G"
(2) Run the command to update the kernel config.
os$ /usr/sbin/update-grub
os$ /usr/sbin/grub2-mkconfig -o /boot/grub2/grub.cfg
On Red Hat and CentOS UEFI systems:
os$ /usr/sbin/grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
os$ shutdown -r now
e. Configure GemStone to request large pages by set the configuration option SHR_PAGE_CACHE_LARGE_MEMORY_PAGE_POLICY. This can be set to 1 or 2; with a setting of 1, the cache will be started anyway if the request for large pages is denied, while a setting of 2 indicates that startup should fail if large pages cannot be allocated.
If you are using 1GB pages, you will also need to update the setting for SHR_PAGE_CACHE_LARGE_MEMORY_PAGE_SIZE_MB. By default, this is set to 2; if you are using 1GB pages, set this to 1024.
The system clock must be set to the correct time. When GemStone opens the repository at startup, it compares the current system time with the recorded checkpoint times; a system time earlier than the last checkpoint time may be taken as an indication of corrupted data and prevent GemStone from starting. The time comparisons use GMT.
GemStone processes ordinarily use the TCP keepalive option to determine how long they will wait after communications activity ceases unexpectedly. This setting can be useful for reaping stale RPC Gems, but the OS default may not be appropriate for your system. For further information, refer to your operating system documentation.
To avoid Stone shutdown when the session that started the Stone logs out, ensure that
/etc/systemd/logind.conf
RemoveIPC=no
With the default value of yes, when the session that started the Stone logs out, the Stone's shared semaphore array is deleted, causing fatal errors.
If you are running with the NetLDI owned as root with the s bit set, then statmonitor running as an ordinary user, including as the administrative user, will not be able to collect certain memory statistics for Gems started by other users.
os$ setcap cap_sys_ptrace=pe $GEMSTONE/bin/statmonitor
os$ cd $GEMSTONE/sys
os$ chown root $GEMSTONE/bin/statmonitor
os$ chmod u+s $GEMSTONE/bin/statmonitor
If you have set the Linux capacity cap_ipc_lock for shrpcmonitor, for huge pages or locking (this is permitted but not recommended), statmonitor will not be able to collect memory statistics for the shared page cache monitor, and the above workarounds may ba applied. The cap_sys_resource capability, for OOM protection, is dropped after the process has adjusted its oom_score_adj, and is not an issue.
Installing GemStone can be done as a regular user, but in order to set up shared security, some portions of the installation should be done when logged in as the root user. Other steps of the installation are done as the unix user who will be the GemStone administrative account.
In addition to the installation directory, /opt/gemstone is updated for new installations of GemStone. This is the default location for server lock files, host name id file, and log files for GemStone network servers (NetLDIs). See the System Administration Guide for details.
1. Log in as the GemStone administrator to the machine on which you are installing GemStone. This part of the installation should not be done as root, to ensure all the files are not owned by root.
2. Determine that adequate swap space is available.:
os$ cat /proc/swaps
3. Select the drive on which you will install the GemStone software, and the installation directory on this drive, InstallDir. Make this directory the current working directory.
We recommend that you avoid choosing either an NFS-mounted partition or one containing UNIX swap space for the initial installation. Mounted partitions can result in executables running on the wrong machine and in file permission problems. Existence of swap space on the same drive can dramatically slow GemStone disk accesses.
4. GemStone/S 64 Bit is provided as a compressed file with a name similar to GemStone64Bit3.6.7-x86_64.Linux.zip or GemStone64Bit3.6.7-arm64.Linux.zip. Move this distribution file to the directory location in which GemStone will be installed, InstallDir.
5. Unzip the distribution file using unzip.
6. The InstallDir now contains a GemStone directory with a name similar to GemStone64Bit3.6.7-x86_64.Linux or GemStone64Bit3.6.7-arm64.Linux.
In addition to subdirectories, this directory also contains the text file version.txt, which identifies this particular product and release of GemStone.
The GemStone server is now installed.
Perform the following steps to properly configure the operating environment.
1. Set the environment variable GEMSTONE.
a. If more than one installation of any GemStone/S product resides on this machine, check for existing GemStone environment variables:
os$ env | grep GEM
All GemStone environment variables are displayed.
b. If any environment variables exist and are not appropriate for the new installation, you must specifically unset each one. For example:
os$ unset GEMSTONE GEMSTONE_SYS_CONF
c. Set the environment variable GEMSTONE to the full pathname (starting with a slash) of your new GemStone installation directory. For example:
os$ export GEMSTONE=InstallDir/GemStone64Bit3.6.7-x86_64.Linux
os$ export GEMSTONE=InstallDir/GemStone64Bit3.6.7-arm64.Linux
To run GemStone, you must have a key file for the correct version of GemStone/S 64 Bit and for the appropriate platform. The keyfile must be located where GemStone can find it on startup:
You may use a keyfile from any v3.6.x version of the correct platform with v3.6.7; keyfiles from 3.5.x and earlier are not valid with v3.6.7. If you are upgrading from v3.5.x or earlier, or you have questions about your keyfile or license limits, email keyfiles@gemtalksystems.com, or contact GemTalk Technical Support.
The GemStone distribution includes a community key file, community.starter.key., with product and system limits per the Community and Web Edition License. See https://gemtalksystems.com/licensing for details on the license terms.
If you do not install a custom keyfile, this starter keyfile will be used instead.
To specify the location and name of the keyfile using the KEYFILE configuration parameter, edit the configuration file that will be used by the v3.6.7 stone to include the location and name of the keyfile.
You may also put the keyfile in the default location, $GEMSTONE/sys/gemstone.key. This requires modifying the write permissions of the $GEMSTONE/sys directory; ensure you change this back to not writable, after this update.
To run GemStone, TCP/IP must be functioning, even if your machine is not connected to a network.
Verify that TCP/IP networking software is functioning:
os$ /bin/ping hostname
where hostname is the name of your machine. If ping responds with statistics, TCP/IP is functioning.
The NetLDI service, by default gs64ldi, can be defined in your system services database to return the NetLDI listening port. A NetLDI is required for some local and all remote sessions to log into GemStone, and it can be resolved by name or directly by port number. If you are defining NetLDI services by name, the same NetLDI service name and port number must be defined on the remote machines as on the Stone’s node.
The following steps can be skipped if you will be using the NetLDI port rather than name. Using the port number requires that this same port be specified when the NetLDI is started up, and when sessions login. The details are described in the System Administration Guide.
If you are upgrading from a previous version, you may need to keep the NetLDI for that version running. In this case, select a distinct name and/or port for the NetLDI for GemStone/S 64 Bit 3.6.7.
1. Determine whether the gs64ldi service is already defined. How to do this will depend on how your system is set up. The GemStone distribution includes an executable that will allow you to do this:
os$ $GEMSTONE/install/getservbyname gs64ldi
s_name=gs64ldi s_port = 50377 s_proto = tcp
If gs64ldi is defined, skip the rest of this procedure and continue with the installation at Run the Installation Script.
If it is not defined, continue performing this procedure.
2. Add an entry similar to the following to the system services database:
gs64ldi 50377/tcp #GemStone/S 64 Bit 3.6.7
Choose a port number that is not being used by another service. The port number should be in the range 49152 <= port <= 65535, to confirm to IANA standards (http://www.iana.org/assignments/port-numbers).
3. If several machines will be running GemStone, have the UNIX system administrator update the system services database for each machine. This includes Windows client machines as well as UNIX nodes. Note that the port number must be the same for every machine.
The installation script verifies your environment, creates lock file directories, sets up the extent files, and can be used to configure certain types of security for multi-user systems. It is not required to run the installation script; however, if you are new to GemStone, or installing GemStone on a new server, running the install script is recommended.
For development systems without strict security requirements, it is recommended to run GemStone with the NetLDI in guest mode with captive account, which simplifies debugging. In this case, do not accept the default answers to the installation script questions regarding protecting the extent and running NetLDI as root.
You can run the installation script as a non-root user, however, some options are not available as a non-root user. To ensure that the installation is successful, you must install as root. See the System Administration Guide for details on setting up GemStone server file security.
2. Invoke the installation script from the install subdirectory:
os$ cd $GEMSTONE/install
os$ ./installgs
installgs is an interactive script that analyzes your system configuration and makes suggestions to guide you through installing GemStone on your machine. You can run the script multiple times; it will skip completed tasks.
NOTE
You can usually terminate execution of the installation script with Ctrl-C without risk to your files. When it is not safe to do so, the message Please do not interrupt appears on the screen.
During installation, you are asked several questions. The entire installation dialog is not reproduced here, but the main points are addressed. Some questions may not be asked, depending on answers to previous questions.
Whenever you are asked to answer “yes” or “no,” answer with y or n. When the script offers a default answer in square brackets (such as “[y]”), press Enter to accept the default.
The default location for server lock files and NetLDI log files is /opt/gemstone, although /usr/gemstone may be used in legacy installations. A different location can be specified using the environment variable GEMSTONE_GLOBAL_DIR; however, all Gemstone processes that will interact on this machine must have this environment variable set to the same directory.
If the directory does not exist, the installation script offers to create /opt/gemstone and the subdirectories locks and log, and to set access (770) to these directories.
If you answer no to creating the directories, you must create them (or provide a symbolic link) before starting the server.
If you answer yes, the script will prompt you for the owner and group you want to use. Refer to Chapter 1 of the System Administration Guide for more information about setting owner and group permissions.
If you answer no, the permissions will remain the same as when the files were extracted from the distribution media.
The default gives only the owner read and write access (600) through ordinary UNIX commands. Other users can read and write the repository through a GemStone session. If you choose not to protect the repository, the setuid bit is cleared from all executables, which causes them to run under ownership of the user who invokes them.
If you are running a development system without strict security requirements, we recommend not selecting the default.
Default: Set the repository permission to 600, and leave the setuid bit applied.
The NetLDI permits remote processes to interact with the repository. There are two ways to set up a NetLDI so that it can provide services to all GemStone users: it can run as root, or it can run in guest mode with a captive account.
If you are running a development system without strict security requirements, we recommend not selecting the default.
Default: Change ownership of the netldi executable to root, and set its setuid bit.
GemStone is distributed with a read-only copy of the initial repository in
$GEMSTONE/bin/extent0.dbf. Before you can start GemStone, this file must be copied to a suitable location and made writable. The script offers to copy the file to its default location of $GEMSTONE/data.
If you are a new GemStone user, we recommend that you answer y. If you are an existing GemStone user, you might prefer to answer n, then copy the extent to a different location yourself, and edit the configuration file to reference this location. For more information, see the System Administration Guide.
Default: Place a writable copy of extent0.dbf in $GEMSTONE/data.
You can start a NetLDI that runs as root by answering yes to this prompt and the confirmation that follows.
If you want to start the NetLDI in guest mode with a captive account, you must do that after completing the installation. For more information about guest mode with captive account, see the System Administration Guide.
The following should be done by an administrative user, not as root.
GemStone comes with a number of built-in System user accounts, which are needed to perform administrative operations (such as adding application user accounts).
The initial password for these administrative accounts is swordfish.
Access to each of these accounts should be restricted; you should always change the passwords for these accounts, to provide basic security for your application.
The chapter entitled “User Accounts and Security” in the System Administration Guide tells you how to change the passwords.
For each of the users in your system, you should establish GemStone accounts, which involves creating an individual UserProfile in GemStone.
The chapter entitled “User Accounts and Security” in the System Administration Guide provides information on how create accounts for GemStone users, and the options for authentication. This task can be done by executing Smalltalk code, or using GemBuilder for Smalltalk tools. See the GemBuilder for Smalltalk Users’s Guide for information on the GUI tools in GemBuilder.
After GemStone/S 64 Bit 3.6.7 has been installed, you should notify each person who will be using GemStone about the installation, and explain how to setup their environment.
These last two steps can be done using scripts that are part of the GemStone distribution. The directory $GEMSTONE/bin contains the files gemsetup.sh and gemsetup.csh, which define the GemStone environment for users by modifying the PATH and MANPATH variables to include $GEMSTONE/bin and $GEMSTONE/doc, respectively.
os$ export GEMSTONE=installdir
os$ export PATH=$GEMSTONE/bin:$PATH
os$ export MANPATH=$MANPATH:$GEMSTONE/doc
If the user will use GemStone frequently, consider adding these steps to the login shell initialization file.
This chapter has guided you through installation of GemStone/S 64 Bit 3.6.7, with the objective of getting a simple, default configuration up and running.
The next chapters explain the process of upgrading a previous version of GemStone/S 64 Bit to version 3.6.7; and Chapter 4 provides information on GemBuilder for Smalltalk.
For more information and details on customizing your GemStone object server, Gem client processes, and setting up distributed configurations, see the System Administration Guide.