Posts

Posted on

VM Configuration for production

----- Reply message -----
From: Tripp, Donald (HAL)
Sent: Saturday, March 24, 2012 7:58 PM
To: HAL DistList: IS UNIX; Flach, Cynthia (HAL); Ruckman, Maurice (HAL); Guillaume Radde (guillaume.radde@redhat.com)
Subject: VMware status

I have tested the hot add cpu and memory function of VMware ESX5 on RHEL 5.8 ( what the prod cluster is running ), as well as RHEL 6, the latest version. For RHEL 5.8 the hot add cpu and memory caused no errors upon addition, however the OS does not recognize it. I had to manually enable the CPU and Memory, and afterwards the operating system recognized the addition, but any running processes or applications did not. In this scenario, if we added a CPU or memory to a running JBoss server, the server would not see any additional benefit unless it was restarted.

In RHEL 6, the story is a bit different. The CPU was immediately noticed by the operating system, but once again any running process or application did not see it until restarted. When attempting to add memory, the system failed.

I think it would be best to load test the JBoss environment prior to going live, and make any changes then. Any changes after going live will still require a restart.

----- Reply message -----
From: "Tripp, Donald (HAL)" <DTripp@HollandAmerica.com>
To: "Ruckman, Maurice (HAL)" <MRuckman@HollandAmerica.com>
Cc: "Augustine, Anila (HAL)" <AAugustine@HollandAmerica.com>, "Schumacher, Mike (HAL)" <MSchumacher@HollandAmerica.com>
Subject: Memory and config settings
Date: Fri, Mar 23, 2012 8:44 pm

The current configuration, which is has not been changed since there creation, is 2 CPUs and 4 gigs of ram for the jboss vms, and 2 CPUs and 3 gigs of ram for the web servers. As I mentioned, VMware 5 supports hot add resources, and I will be testing and verifying this over the weekend. I have made a few suggestions to Mike regarding resource allocation for the various environments. I feel it would be better to have extra memory available on the machines, and if the need arises we can add a second CPU. That way production it's negatively impacted if the servers are overwhelmed right from the start. Also, it time next week allows, i would like to schedule a time we can do the load testing we talked about today, so i can monitor both the vms and the VMware environment to see how it handles it. There is a very large difference between AIX and Linux, and between the P series IBM hardware and a virtualized x86 environment. I'm hoping to minimize the hardware impact on the production system. The nice aspect of this setup is if need be we can take offline once jboss server to modify it, and 3 are still operating and load balancing.

Posted on

Loop script example

Refer: https://www.cyberciti.biz/faq/bash-for-loop/

for i in `find . -name '*.xml'`
do
   echo $i
done

This type of for loop is characterized by counting. The range is specified by a beginning (#1) and ending number (#5). The for loop executes a sequence of commands for each member in a list of items. A representative example in BASH is as follows to display welcome message 5 times with for loop:

#!/bin/bash
for i in 1 2 3 4 5
do
   echo "Welcome $i times"
done

Sometimes you may need to set a step value (allowing one to count by two’s or to count backwards for instance). Latest bash version 3.0+ has inbuilt support for setting up ranges:

#!/bin/bash
for i in {1..5}
do
   echo "Welcome $i times"
done

Bash v4.0+ has inbuilt support for setting up a step value using {START..END..INCREMENT} syntax:

#!/bin/bash
echo "Bash version ${BASH_VERSION}..."
for i in {0..10..2}
do
  echo "Welcome $i times"
done
Posted on

Single Sign-on in Firefox

Use the about:config and then white list all of the URL that should use it, such as:

network.automatic-ntlm-auth.allow-proxies;true
network.automatic-ntlm-auth.trusted-uris;http://halprdtlf01.flagship.hal.com,http://halit

Posted on

SSB BART – ADA Report

From: Wilson, James (HAL Contractor)
Sent: Tuesday, March 13, 2012 1:11 PM
To: Sankar, Kousalya (HAL); Mirza, Masood (HAL Contractor); Vargas, Maximiliano (HAL Contractor); Thompson, Sonya (HAL); Fillman, Eric (HAL); Ruckman, Maurice (HAL); Phatak, Sheetal (HAL); 'mvargas@hexacta.com'
Cc: Augustine, Anila (HAL); O'Connor, Fran (HAL)
Subject: FW: Access to the SSB BART Group's online report tool for ADA Compliance

Hi all,

You now have access to the SSB BART Group's online accessibility report tool:  https://amp.ssbbartgroup.com/login.php.  This tool has all of the accessibility details on violations, as described in the JIRA Issues (ADACOMP project:  http://halpjira01:8080/browse/ADACOMP).

Please login by using the instructions below provided by Eduardo.  You can change the password after you login the first time. Let me know if you have any problems.

Thanks,
James

-----Original Message-----
From: Eduardo Meza-Etienne [mailto:eduardo.meza@ssbbartgroup.com]
Sent: Tuesday, March 13, 2012 12:53 PM
To: Wilson, James (HAL Contractor)
Subject: RE: Access to the SS

James:

I have created the user in our platform. Everybody should be able to login using their email address as the login and "Password#1" (without quotes) as the password.

Please let me know if there are any problems for people to login.

Regards,

Eduardo

Posted on

Checking rpm’s

-----Original Message-----
From: Guillaume Radde [mailto:guillaume.radde@redhat.com]
Sent: Monday, March 19, 2012 4:25 PM
To: Ruckman, Maurice (HAL)
Subject: A few RPM commands

To get the list of installed rpms:

$ rpm -qa

To get the list of files contained in an rpm:

$ rpm -ql java-1.6.0-sun

To know which rpm provides a file on your filesystem, or to know if a file is managed by rpm:

$ yum whatprovides /usr/lib/jvm/java-1.6.0/jre/lib/security/java.security

To verify the integrity of an rpm, or to know if the files installed by an rpm have been modified by the system admin:

$ rpm -Vv java-1.6.0-sun

To list the Red Hat Channels enabled on a system (Red Hat Channels are rpm repositories managed by Red Hat):

$ rhn-channel -l

-------------------------------------
Guillaume Radde
Senior Consultant, Red Hat Consulting
guillaume.radde@redhat.com
http://www.redhat.com
-------------------------------------

Posted on

XML files for Teamsite and WebMethods

From: Bojja, Sridhar (HAL Contractor)
Sent: Monday, March 19, 2012 3:11 PM
To: Ruckman, Maurice (HAL); De Vera, Marlon (HAL)
Cc: Augustine, Anila (HAL)
Subject: RE: Xml files

Talked to Marlon and Wayne and found out that they do use teamsite files that the web uses but they read it from a different location (for SBN docs we have 2. halexstreamtest and halexstreampd1)
We have redundant data one used by web and the other used by the DOX

For now we should be ok since we are going to have a new task to copy files from

\itnaswbiwebdevhalwebsite to \itnaswbihaldatawebdevhalwebsite

But when it comes time for decommissioning \itnaswbiwebdevhalwebsite and \itnaswbiwebdevcms we have to make sure that whatever process copies files to halexstreamtest and halexstreampd1 uses source as \itnaswbihaldatawebdevhalwebsite instead of \itnaswbiwebdevhalwebsite and likewise in other environments.

Also, the ftp process that sends files to fronted uses \itnaswbiwebdevhalwebsitecmsdocs

Posted on

Encrypting passwords for JBoss configuration

-----Original Message-----
From: Jeff Lindesmith [mailto:jlindesm@redhat.com]
Sent: Monday, March 19, 2012 2:47 PM
To: Ruckman, Maurice (HAL); Fillman, Eric (HAL); Thompson, Sonya (HAL); Bojja, Sridhar (HAL Contractor); Phatak, Sheetal (HAL)
Cc: Guillaume Radde
Subject: Fwd: Database credentials and JDBC settings for Staging, Prod and Webres

Hi All,

These are the instructions I sent to Mike for encrypting the passwords.

You can look at the /deploy/hal-ds.xml file and the /conf/login-config.xml file to see how the datasource credentials are configured.
Make sure you do an "svn update" on your local vms first so that you have the latest changes to these files.

Thanks,
Jeff

----- Forwarded Message -----
From: "Jeff Lindesmith" <jlindesm@redhat.com>
To: "Mike Schumacher (HAL)" <mschumacher@hollandamerica.com>
Sent: Thursday, March 15, 2012 8:34:50 AM
Subject: Fwd: Database credentials and JDBC settings for Staging, Prod and Webres

Hi Mike,

Got this response from Dave.

Sounds like these are passwords that do not work anymore.
We will of course need passwords that do work.

I was thinking as well about how the passwords can be communicated to me for JBoss datasource configuration.
All I really need is the encrypted password that JBoss can decrypt.

You or someone else on the team can perform the following steps to generate these encrypted passwords.

1. Login to one of the JBoss infrastructure VMs, say haldevjbs01 for example.
2. Change to the main JBoss app server directory: cd /var/lib/jbossas 3. Execute the following java command (testpassword represents the actual password you want to encrypt).

java -cp client/jboss-logging-spi.jar:lib/jbosssx.jar org.jboss.resource.security.SecureIdentityLoginModule testpassword

4. The resulting encrypted password will be displayed like the following.

Encoded password: 638fb8430bc67ad6c3bc376bef610c0a

This encrypted value is all I need. So, you could send me a list of usernames and corresponding encrypted passwords.

Thanks,
Jeff

----- Forwarded Message -----
From: "David Risley (HAL)" <DRisley@HollandAmerica.com>
To: "Anila Augustine (HAL)" <AAugustine@HollandAmerica.com>
Cc: "Jeff Lindesmith" <jlindesm@redhat.com>
Sent: Wednesday, March 14, 2012 1:43:27 PM
Subject: RE: Database credentials and JDBC settings for Staging, Prod and Webres

These were the original passwords that we set.  They should no longer work but you are welcome to try them:

web_owner/ befe2010
halw_dwh/ halw_dwh
siebel_ro/siebel_ro
hal_web/                 #never heard of this one.

DaveR

"Peace" - is the message really so hard to understand?

-----Original Message-----
From: Augustine, Anila (HAL)
Sent: Monday, March 12, 2012 3:03 PM
To: Risley, David (HAL)
Cc: Jeff Lindesmith; Schumacher, Mike (HAL)
Subject: RE: Database credentials and JDBC settings for Staging, Prod and Webres
Importance: High

Hi Dave,

Could you please help with the request below?

Thanks
Anila

________________________________________
From: Lindesmith, Jeff (HAL)
Sent: Thursday, March 08, 2012 12:51 PM
To: Risley, David (HAL)
Cc: guillaume.radde@redhat.com; rgullett@redhat.com; Schumacher, Mike (HAL)
Subject: Database credentials and JDBC settings for Staging, Prod and Webres

Hi Dave,

Basically, what we need are the username and passwords used by Websphere to connect to databases and the JDBC connection urls.

For example, on dev we have the following connection urls with corresponding credentials.

connection url = jdbc:oracle:thin:@//haltstdbs02:37200/devweb

username = web_owner
password = web_owner

connection url = jdbc:oracle:thin:@haltstdb01.hq.halw.com:17101:devdwh1

username = halw_dwh
password = halw_dwh

connection url = jdbc:oracle:thin:@//haltstcrm01:2900/tstcrm1

username = siebel_ro
password = siebel_ro

connection url = jdbc:oracle:thin:@10.194.100.103:1521:tsgp

username = hal_web
password = hal_web

connection url = jdbc:oracle:thin:@haltstdbs05.hq.halw.com:17401:tstdwh1

username = halw_dwh
password = halw_dwh

We need the equivalent settings for these connections for the Staging, Production and Webres environments.

Thanks,
Jeff Lindesmith
Senior Consultant
Red Hat Consulting

 

-----Original Message-----
From: Jeff Lindesmith [mailto:jlindesm@redhat.com]
Sent: Monday, March 19, 2012 2:47 PM
To: Ruckman, Maurice (HAL); Fillman, Eric (HAL); Thompson, Sonya (HAL); Bojja, Sridhar (HAL Contractor); Phatak, Sheetal (HAL)
Cc: Guillaume Radde
Subject: Fwd: Database credentials and JDBC settings for Staging, Prod and Webres

Hi All,

These are the instructions I sent to Mike for encrypting the passwords.

You can look at the /deploy/hal-ds.xml file and the /conf/login-config.xml file to see how the datasource credentials are configured.

Make sure you do an "svn update" on your local vms first so that you have the latest changes to these files.

Thanks,

Jeff

----- Forwarded Message -----

From: "Jeff Lindesmith" <jlindesm@redhat.com>

To: "Mike Schumacher (HAL)" <mschumacher@hollandamerica.com>

Sent: Thursday, March 15, 2012 8:34:50 AM

Subject: Fwd: Database credentials and JDBC settings for Staging, Prod and Webres

Hi Mike,

Got this response from Dave.

Sounds like these are passwords that do not work anymore.

We will of course need passwords that do work.

I was thinking as well about how the passwords can be communicated to me for JBoss datasource configuration.

All I really need is the encrypted password that JBoss can decrypt.

You or someone else on the team can perform the following steps to generate these encrypted passwords.

1. Login to one of the JBoss infrastructure VMs, say haldevjbs01 for example.

2. Change to the main JBoss app server directory: cd /var/lib/jbossas 3. Execute the following java command (testpassword represents the actual password you want to encrypt).

java -cp client/jboss-logging-spi.jar:lib/jbosssx.jar org.jboss.resource.security.SecureIdentityLoginModule testpassword

4. The resulting encrypted password will be displayed like the following.

Encoded password: 638fb8430bc67ad6c3bc376bef610c0a

This encrypted value is all I need. So, you could send me a list of usernames and corresponding encrypted passwords.

Thanks,

Jeff

----- Forwarded Message -----

From: "David Risley (HAL)" <DRisley@HollandAmerica.com>

To: "Anila Augustine (HAL)" <AAugustine@HollandAmerica.com>

Cc: "Jeff Lindesmith" <jlindesm@redhat.com>

Sent: Wednesday, March 14, 2012 1:43:27 PM

Subject: RE: Database credentials and JDBC settings for Staging, Prod and Webres

These were the original passwords that we set. They should no longer work but you are welcome to try them:

web_owner/ befe2010

halw_dwh/ halw_dwh

siebel_ro/siebel_ro

hal_web/ #never heard of this one.

DaveR

"Peace" - is the message really so hard to understand?

-----Original Message-----

From: Augustine, Anila (HAL)

Sent: Monday, March 12, 2012 3:03 PM

To: Risley, David (HAL)

Cc: Jeff Lindesmith; Schumacher, Mike (HAL)

Subject: RE: Database credentials and JDBC settings for Staging, Prod and Webres

Importance: High

Hi Dave,

Could you please help with the request below?

Thanks

Anila

________________________________________

From: Lindesmith, Jeff (HAL)

Sent: Thursday, March 08, 2012 12:51 PM

To: Risley, David (HAL)

Cc: guillaume.radde@redhat.com; rgullett@redhat.com; Schumacher, Mike (HAL)

Subject: Database credentials and JDBC settings for Staging, Prod and Webres

Hi Dave,

Basically, what we need are the username and passwords used by Websphere to connect to databases and the JDBC connection urls.

For example, on dev we have the following connection urls with corresponding credentials.

connection url = jdbc:oracle:thin:@//haltstdbs02:37200/devweb

username = web_owner

password = web_owner

connection url = jdbc:oracle:thin:@haltstdb01.hq.halw.com:17101:devdwh1

username = halw_dwh

password = halw_dwh

connection url = jdbc:oracle:thin:@//haltstcrm01:2900/tstcrm1

username = siebel_ro

password = siebel_ro

connection url = jdbc:oracle:thin:@10.194.100.103:1521:tsgp

username = hal_web

password = hal_web

connection url = jdbc:oracle:thin:@haltstdbs05.hq.halw.com:17401:tstdwh1

username = halw_dwh

password = halw_dwh

We need the equivalent settings for these connections for the Staging, Production and Webres environments.

Thanks,

Jeff Lindesmith

Senior Consultant

Red Hat Consulting

Posted on

Creating a RC (Release Candidate)

From command line:

1. http://halsvn01/websvn/ copy the link for SVN for the branch being tagged, remove trailing slash from source of copy on next step
2. svn copy http://halsvn01/svn/hal/branches/RC/12.11-RC http://halsvn01/svn/hal/tags/12.11-RC1 -m "Tagging current RC branch to 12.11-RC1"

Creating a Release Candidate from Eclipse:

1. Open SVN Repository Explorer in Eclipse
2. Expand to current RC branch (ex. 12.11-RC), and right-click
3. Choose branch/tags option
4. Choose "Copy to URL", "Select" and choose "tags" directory
5. http://halsvn01/svn/hal/tags/12.11-RC1 (YY.WK-RC1)
6. Next, Next
7. Use a comment, example: "Tagging current RC branch to 12.11-RC1"
8. Finish

Update Hudson Job
1. Login to Hudson
2. hal-tst
3. Configure
4. Refresh Page
5. Change Project description to reflect release candidate
6. Change Repository URL
7. Click save and answer prompts, if necessary
8. Go to Dashboard and hit refresh
9. Hit refresh

Posted on

Errors during VM update, JBoss no longer starts

The following two files were missing:

  • /usr/lib/jvm/java-1.6.0/jre/lib/security/US_export_policy.jar
  • /usr/lib/jvm/java-1.6.0/jre/lib/security/local_policy.jar

Example error log snippet:

15 Mar 2012 21:19:27,768 ERROR AbstractKernelController : incrementState : 959 - Error installing to Start: name=WebServer state=Create
java.lang.NoClassDefFoundError: Could not initialize class javax.crypto.SunJCE_b
at javax.crypto.Cipher.getInstance(DashoA13*..)
at com.sun.net.ssl.internal.ssl.JsseJce.getCipher(JsseJce.java:180)