Installing CMDBuild on RHEL8

6 min read
Installing CMDBuild  on RHEL8

In the stoic world of the Opensource CMDb applications there are handful of stalwarts out there. During some recent testing I'd suggest for most Home Labs and small businesses the best option is Open-AudIT

Open-AudIT - The network inventory, audit, documentation and management tool.
The network inventory, audit, documentation and management tool.

It has a great discover feature, its free for up to 20 devices, and it looks pretty too.

However if you're venturing into a slightly larger environment and there is a need to follow different processes to ensure you are compliant you're going to need something with a little more power and customization.

Following a long hunt I stumbled upon CMDBuild, which is a foundation framework to build your own CMDB from scratch.


CMDBuild uses Postgres, Tomcat and needs JDK installed. It needs port 8080/TCP open and will run fine on 4Gb Ram and 2vCPU with 100Gb HDD. I've used the RHEL 8.4 image.



NOTE: I tried this with Postgres13 and it failed, so I've used the recommended version 10

sudo yum module list | grep postgresql
yum install -y @postgresql:10
yum install -y postgresql-contrib
yum install -y postgresql-libs
postgresql-setup --initdb

Configure the access rights

vi /var/lib/pgsql/data/pg_hba.conf

Ensure it looks as follows at the end of the file

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     trust
# IPv4 local connections:
host    all             all               md5
# IPv6 local connection
host    all             all             ::1/128                 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
local   replication     all                                     peer
host    replication     all               ident
host    replication     all             ::1/128                 ident

Start the Service

systemctl enable --now postgresql
systemctl status postgresql

Setup Users

su - postgres
CREATE DATABASE cmdbuild_db;
CREATE USER cmdbuild_user WITH encrypted password 'password';
GRANT ALL PRIVILEGES ON DATABASE cmdbuild_db TO cmdbuild_user;
DROP DATABASE cmdbuild_db;
CREATE USER cmdbuild_superuser WITH encrypted password 'password';
ALTER USER cmdbuild_superuser WITH SUPERUSER;

Note: The base db is removed on purpose since later it will be created by the installation script

Note: Set the password better than password (please)

Exit postgres




yum -y install java-latest-openjdk java-latest-openjdk-devel
java --version


Install Tomcat

useradd -m -U -d /opt/tomcat -s /bin/false tomcat
export VER="9.0.48"
tar -xf apache-tomcat-9.0.48.tar.gz
mv apache-tomcat-9.0.48 /opt/tomcat/
ln -s /opt/tomcat/apache-tomcat-9.0.48 /opt/tomcat/latest
chown -R tomcat:tomcat /opt/tomcat
sh -c 'chmod +x /opt/tomcat/latest/bin/*.sh'

Create Service

nano /etc/systemd/system/tomcat.service

Description=Tomcat 9 servlet container




Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC"



Start Service

$ sudo systemctl daemon-reload
$ sudo systemctl enable --now tomcat
$ sudo systemctl status tomcat

Add Firewall

firewall-cmd --zone=public --permanent --add-port=8080/tcp
firewall-cmd --reload

Configure Tomcat

Editing the file conf / tomcat-users.xml, set the login / password

nano /opt/tomcat/latest/conf/tomcat-users.xml
   <role rolename="admin-gui"/>
   <role rolename="manager-gui"/>
   <user username="admin" password="admin_password" roles="admin-gui,manager-gui"/>

Editing the file manager / META-INF / context.xml, add IP

nano /opt/tomcat/latest/webapps/manager/META-INF/context.xml
<Context antiResourceLocking="false" privileged="true" >
  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127.d+.d+.d+|::1|0:0:0:0:0:0:0:1|" />

Editing the file host-manager / META-INF / context.xml, add IP

nano /opt/tomcat/latest/webapps/host-manager/METAINF/context.xml
<Context antiResourceLocking="false" privileged="true" >
  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127.d+.d+.d+|::1|0:0:0:0:0:0:0:1|" />

where is the allowed IP (virtualbox host)

Or in these 2 files context.xml (manager / host-manager) comment out the line

<Valve className="org.apache.catalina.valves.RemoteAddrValve" ... />

You can also remove the default applications, but I left them

$ sudo rm -rf /opt/tomcat/latest/webapps/*

Install CMDBuild

wget -O cmdbuild-3.3.2.war
cp cmdbuild-3.3.2.war /opt/tomcat/latest/webapps/cmdbuild.war
chown tomcat:tomcat /opt/tomcat/latest/webapps/cmdbuild.war

Configure Postgresql Connections

mkdir -p /opt/tomcat/latest/conf/cmdbuild
nano /opt/tomcat/latest/conf/cmdbuild/database.conf

wget -O cmdbuild-3.3.2-resources.tar.gz
cp tomcat-libs/postgresql-*.jar /opt/tomcat/latest/lib/
chown -R tomcat:tomcat /opt/tomcat/latest/lib

Create the base structure with no Demo Data

systemctl stop tomcat

chmod +x /opt/tomcat/latest/webapps/cmdbuild/

bash /opt/tomcat/latest/webapps/cmdbuild/ dbconfig create empty -configfile /opt/tomcat/latest/conf/cmdbuild/database.conf

systemctl restart tomcat

Create the base structure with Demo Data

Remove the base db if you tried with no demo Data first

su - postgres

DROP DATABASE cmdbuild_db;



bash /opt/tomcat/latest/webapps/cmdbuild/ dbconfig create demo -configfile /opt/tomcat/latest/conf/cmdbuild/database.conf

Test Login


Basic Setup

This is a bit of a misnomer and one of the core reasons you really want to install the Demo data first. This will give you a good idea of how to set up workflows etc. The Technical and Administrator manual is also important reading.


How to install and setup PostgreSQL on RHEL 8
This page explans how to install and setup PostgreSQL on RHEL 8. Further, you will learn about creating users, database and tables.
Latest version

CMDBuild manuals
CMDBUILD 3 Deploying Step by Step
Tech Blog Posts - David Field