Connecting the Server and LaneThe main points: Since all computers involved are web servers, we use static IP's. Pick internal IP numbers. We cannot emphasize enough that because your server and lanes are web servers, your point of sales network must be internal. The lanes do not communicate with one another, but each lane must be able to see the server and the server must be able to see all the lanes. For now, ICMP has to be left on, because the lane makes the initial check for the availablity of the server, and vice versa, by pinging. We have since found a better way, but it's not in the code yet. leave ICMP on. The lane has everything it needs to conduct transactions independently of the server. The lane and server only communicate with each other under the following circumstances:
The lane reads from the local cache (opdata) and upload to the server. Each lane therefore connects to two MySQL servers: the local one within the lane, and the remote one on the server. The lane connects to the MySQL servers using the user names and passwords set in /pos/is4c/ini/ini.php. By default, the user name is "is4clane" with no password for both connections. This can be changed by editing ini.php, but the corresponding accounts must be already set up in the respective MySQL. In addition to the user names and passwords, MySQL security commands also need to know the hosts. use "localhost" for local connection, and the host IP for remote connection. As a reminder, for the lane to connect to the server, the accounts used by the lane is to be set up on the server The server takes data from the master table within itself (or locally, as they say) and update the data in the cache in the lanes. It also accept uploads of sales data from all the lanes. The server therefore needs to connect to the local MySQL server and the MySQL server on each lane The server connects to the local MySQL server and the remote MySQL servers on the lanes using the user names and passwords set in /pos/fannie/define.conf. By default, the user name is "is4cserver" with no password for all connections. Once again, if and when you change it, the new username and password has to be set up on the server and on all the lanes. The mysql command for granting persmission in MySQL is GRANT ALL PRIVILEGES ON *.* TO '<username>'@'<host>' -> IDENTIFIED BY '<password>' WITH GRANT OPTION;The default user account settings for te lane and the servers are in create_lane_acct and create_server_acct respectively in the /pos/installation/mysql/script directory. Edit them to reflect your user accounts. We do recommend that as long as your network is internal, use the most lenient secuity requirements to makes sure that everything works first, so that you have a baseline before you add layers of security to lock it down again. Note that on the server, unless you use wild card, you need to set up accounts for all the lanes. A peculiarity of MySQL account setting is that the wild card character % for hosts applies only to hosts other than the localhost. In other words, if you want the user "mikecollins" to be able to connect to the server MySQL from all hosts, local and remote, you will need to run two commands: GRANT ALL PRIVILEGES ON *.* TO 'mikecollins'@'localhost' -> IDENTIFIED BY '<password>' WITH GRANT OPTION; GRANT ALL PRIVILEGES ON *.* TO 'mikecollins'@'%' -> IDENTIFIED BY '<password>' WITH GRANT OPTION; To test that the lane can connect to the database on the server, open a shell on the lane and issue the following command mysql -h <server_ip> -u <username> -p<password>Notice that there is no space after the -p switch. The default is mysql -h <server_ip> -u is4clanewithout the -p switch. Similary, to test that the server can connect to a lane mysql -h <lane_ip> -u is4cserverRun the grant command as necessary until all database connectivity problems are resolved. Consult MySQL documentation for more indepth information on database security. And if you work better with a GUI for this kind of thing, consider using MyAdmin, given out free with MySQL. |
|