IamWeblogicAdmin/Naveen: Weblogic bites

APACHE

Load Balancer:

· Load balancer divides the load across the destinations.

· For e.g. our hardware load balancer divides the load across the apache servers.

· Apache using proxy plug-in divides the load across the Web logic Servers.

Apache Configuration:

· Download the source code and extract

· Compile using make command.

· Install using make install command.

Integration of Apache with web logic:

· Load the proxy-plug in to Apache

· Create a of module

· Inside if module give “match expression” &web logic cluster

CLUSTERING

What is a cluster?

· Group of managed serves is cluster

· Cluster is used to achieve high arability.

· High availability is achieved by implementing failover through Http session replication

what is HA & Failover:

· Multiple servers can handle the request is HA

· If one server fails, other server will continue that request is a failover.

· If you implement failover, you achieve high availability

Horizontal/vertical/hybrid cluster:

· All different boxes horizontal

· All same box –vertical

· Some in same, others in different – hybrid. Our environment has hybrid

Http session replication:

· When request falls on a managed server in becomes primary server

· This primary chooses a secondary server from “proffered secondary replication group”

· Http session will be copied from primary to secondary. If the primary fails

LOAD BALANCER will redirect the request to secondary.

REPLICATION GROUPS:

· Used for http session replication

· Each server has “primary replication group” & preferred secondary replication group”

· When a request falls on a server the secondary will be chosen from “preferred secondary replication group”

DIFFRENCE BETWEEN UNICAST & MULTICAST:

· Unicast is one – to- one communication

· Multicast is many – to – many communication

· Unicast is TCP based & multicast UDP based.

DEPLOYMENT

DIFFRENCE BETWEEN DEVELOPMENT/PRODUCTION MODE:

· Auto deploy available in development mode but not in production mode

· Fast swap available in development mode but not in production mode

· JDBC connection pool default values 1,15 for dev,1,25 for production mode

DIFFRENCE BETWEEN STAGE/NO-STAGE/EXTRANAL:

· No stage is single copy for all managed servers from shared file system like NFS

· Stage is individual copies for each managed server copied by admin server

· External stage is also individual copies for each managed server copied manually

DIFFERENCE BETWEEN JAR/WAR/EAR:

· JAR is java Archive – EJBs bundled

· WAR is web Archive jsp, servlets bundled

· EAR is enterprise Archive bundled of JARs+WARs

SIDE BY SIDE:

· Two versions of the same application can exist at time

· Old users will continue to use old application. New sessions will be connected to new code.

· When all old users disconnect OR on RETIRE TIME OUT, old will change to “Retired” stage

TYPES OF DEPLOYMENT:

· Archive form, exploded from

· Fast-swap deployment, on demand deployment

· Hot deployment, auto deployment, side- by-side deployment

WHAT TOOLS CAN BE USED TO DEPLOY APPLICATION?

· Console

· Java web logic. Deplorer, ANT,WLST

DEPLOYMENT ORDER:

· Deployment order is a relative number that define when an application will be loaded to the JVM

· Apps with lower deployment order number will be deployment first.

· By default all apps have deployment order number 100. We can change it from console.

DEPLOYMENT PLAN:

· Plan .xml is called deployment plan

· Its used for changing the internal properties like URLs, file PATHs of archive (war/ear) without opening it.

· We can generate deployment plan using java web logic. Plan generator

JDBC

REASONS FOR CONNECTION FAILURE IN DB:

· Data base down

· Connect pool reached max capacity

· Connectivity between web logic box & DB box not there

WHAT HAPPENS WHEN DB IS DOWN?

· Web logic server SUSPENDS the data sources

· All connections used by the application will fail

· Web logic will try to enable the DS when the DB is up. But we restart the server after DB is brought up again.

XA/NON-XA, thin/thick:

· Xa driver supports 2 phase commit protocol, NON-XA driver does not support

· 2 phase commit protocol is used for global transactions. When more than 2 databases are involved it’s called a global transaction

· Thin driver is java based driver. Thick driver is C based driver

STATES OF DS?

· RUNNING

· SUSPENDED

JDBC PERFORMANCE TUNING:

· Set the max capacity & min capacity of connection pool to the same

· Use type 4 driver

· Increase the prepared statement cache size to 20 or 30 MB

NM (NODE MANAGER)

WHAT IS NM?

· NM is a background process for monitoring web logic servers

· Used for server startup from console

· Used for automatic server restart after server crash

TYPES OF NMs:

· Java based NM that runs as a java process just like admin or managed server

· Script based NM that works on SSH

CONFIGURATION OF NM:

· Setup the node manager. Properties file & node manager. Domains file & start the NM

· Go to admin , create a machine , add server to machine & give the details of NM in machine

· Start all the managed servers from console at least once to create

· $DOMAIN_HOME/servers/<server-name>/data/node manager directory

ENABLE AUTO RESTART USING NM:

· In node manager. Properties file set “crash recovery enabled=true”

· In $DOMINE_HOME/servers/<server-name>/data/node manager directory startup. properties file set auto restart enabled=yes

TROUBLE SHOOT WHEN THE APP IS DOWN:

· Make sure all the applications are in active state

· Look in the logos and see if there are any errors. If any errors proceed based on the error

· Enable debug mode using – verbose tag in set domain Env.sh JAVA_OPTIONS and see why the application not working. Then proceed based on errors

ANALYZING LOW PERFORMANCE:

· Check for any STRUCK threads in the log files. Take a thread dump and see if there are deadlocks

· Check for any other error, stack overflow errors, SQL errors

· Check the GC logs. If high GC pauses are there, when the performance will be low.

HOW TO SOLVE SERVER HANG ISSUE:

· Server hand may be heavy load or STRUCK threads

· If the load is high, you cannot do anything. Need to increase the no. of managed servers.

· If there are struck threads than take a thread dump and analyze the thread dump.

CPU 98%

HOW TO TROUBLE SHOOT:

· Do a TOP command on the system

· Check which process is consuming most CPU. Take the process ID

· Go to the log file of that process and see if there are any STRUCK threads or errors. Based on the errors proceed.

THREAD DUMP:

· Thread dump is the snapshot of threads

· We can use thread dump identify if there are any STRUCK threads or BLOCKING threads

· Or if there are any DEAD LOCKS

WHAT DO YOU ANALYZE IN THREAD DUMP :

· Check if there are any DEAD LOCKS

· Check if there are any STRUCK threads or BLOCKING threads. Identify which thread is causing the problem

· Developers will be able to see which part of the code is causing the problem.

TAKE HEAP DUM & HOW TO ANALYZE:

· Heap dump is the dump of HEAP. New & old generations objects

· Heap dump is used to analyze if there are any memory leaks in the application.

· Memory leaks cause “out of memory error” then heap dump to identify which objects are causing memory leak.

MEMORY LEAK AND HOW TO IDENTIFY:

· Memory leak causes “out of memory error” first thing you do is increase the –Xmx value

· Even after increasing the- Xmx if we still get “out of memory error” then it is PROBABLY a memory leak

· Then, take a heap dump and identify the problem causing objects. And developer will be able to fix them.

HOW TOSOLVE OUT OFMEMORY ISSUE:

· Out of memory error can because of 2 reasons

o Not sufficient memory

o Memory leak

· For first problem simply increase the heap size by changing –XMX value in set domain Env.sh. even after increasing the Xmx if we still get “out of memory error” then it is PROBABLY a memory leak

· Then take a heap dump and identify the problem causing objects. And developer will be able to fix them.

WHAT IS PROFILING & WHATARE THE TOOLS:

· Profiling is analyzing the live JVM stats like heap usage, GC frequency etc during trouble shooting

· We can use tools like visual IVM or j console for profiling

· We need to enable a JMX port so that the j console tool can be attached to the running managed server

J CONSOLE CONFIGURATION FOR WEB LOGIC:

· You need to open a remote JMX port on web logic server. Then launch j console on your desktop and attach to the web logic server

· To enable this, we need to JAVA_OPTIONS in set domain Env.sh

· If you want to setup username/password based access, then enable IIOP username/password and attach the j console

CORE DUMP:

· Core dump is because of a problem with reading a RAM block for that process. Most likely because of libraries problem

· OS will terminate the process and the state of the application will be dumped to a file called “core”

· “Core” file gets generated in the location where the process was started. Core dump tells which libraries are causing the problem.

STACK OVERFLOW ISSUE:

· Stack overflow is usually because of the recursive function call in the code.

· We give to the developers when “stack overflow” error or “null pointer exception” is encountered.

· They usually enable debug mode and ask for the logs and fix the problem by looking at the logs

PREFORMANCE TUNING

WHAT IS THE PERFORMANCE TUNING?

· Fine tuning the web logic JVMs response time performance tuning

· Performance tuning has to be done at web logic, database, sql queries

· We can change the JVM partners to get better performance from web logic

VARIOUS WAS OF PERFORMANCE TUNING AND EXPLAIN:

· Set up the – Xms & - Xms values to same. This will help JVM get all the required memory at the startup itself

· .change the compartment sizes using,-xx: New Ratio, - XX: survivor Ratio, - XX: max perm size depending on the application.

· Change the GC algorithm based on the application.

GENERATIONS IN JVM AND DESCRIBE:

· Total 3 generations. Young, old & permanent generations

· Young gen 3 compartments, EDEN, SS1, SS2. Old generation is one compartment & permgen is another compartment.

· Young gen + old gen is called heap permgen is separate. Young + old permgen is total JVM size.

GC:

· Process of removing dead objects from JVM for reclaiming memory

· GC thread of JVM performs Garbage collection when the compartment is 90 full

· Application slowness can be because of too much garbage collection

TYPES OF GC ALGORITHMS:

· Serial GC is a single threaded GC

· Parallel GC is a multi threaded GC – used by applications with high load

· Concurrent mark sweep GC – used by the applications that require real – time response. Like stock market quotes

TYPES OF GCs:

· Minor GC – young generation

· Major GC or full GC (young + old + permgen)

· GC thread will do these collections whenever they reach 90%. If GC thread cannot clear you will get “out of memory error”

WORKMANAGERS:

· Work managers are for request prioritization & custom thread allocation.

· They can be use for achieving SLAs by increasing & decreasing no. of threads allocated to a request.

· Each application can have a separate work manager

SSL

WHAT IS SSL?

· SSL providers transport layer security

· It allows a Clint to establish

o Trust and

o Identity. And then allows communication in the encrypted formatted using public/private key

· Identity and trust can be established using digital certificates.

HOW TO GET CA SIGNED CERTIFICATE?

· Generated a digital certificate, key repair &self signed certificate using key tool.

· Generate a CSR for the above certificate. Go to website of VeriSign or entrust and copy/past the CSR and pay the money.

· Once you receive the email with key from VeriSign, import that key into the key store using key tool – import command

WHAT IS IDENTIFY KEYSTORE & TRUST KEYSTORE:

· Identify store where a server’s digital certificate is stored.

· Trust store is where its friends certificates are strode. Like all the servers that it trusts.

· Caceres in JAVA_HOME/lib is where all the trusted cas list is available.

JMS

WHAT IS JMS? & WHY JMS?

· JMS is used for implementing asynchronous messaging.

· In asynchronous message to the sender need not wait for the response from the receiver.

· Sender will give the message to the JMS system. Receiver will read it from the JMS system. There is no direct communication.

ASYNCHRONOUS Vs. SYNCHRONOUS COMMUNICATION?

· Asynchronous is – sender is not waiting for the receiver or does not know about receiver.

· Synchronous is – sender will wait for the response from the receiver.

· For e.g. If you make a phone call its synchronous communication, if you leave a voice message it’s an asynchronous call. JMS is used for asynchronous communication

TYPES OF JMS COMMUNICATIONS?

· P2P – point to point & publish/ subscribe communications

· P2P is implemented using a Q and publish/ subscribe communication is implemented using topic

· Applications can send or receive messages to Q or topic

DIFFERENCE BETWEEN Q & TOPIC:

· Q is for P2P communication. Topic is for publish/ subscribe communication

· In a Q, each message will be delivered to only one receiver. Where as in a topic each message can be delivered to multiple receivers.

· Q and topic both are called JMS destination. They are part of JMS module

WHAT IS DURABLE SUBSCRIBER?

· Durable subscription is related to JMS topic. Topic can normally deliver to multiple scribers the same message

· But if subscribers is not available when a message arrived, it will be delivered to the available subscriber.

· The one which is absent will not generally receive that message. But if the subscriber is a durable subscriber then the JMS server will deliver all those message that arrived when it was absent.

JMS FLOW?

· Connection factory -> destination Q or topic -> JMS server -> persistence store -> Q or topic

WHAT IS SINGLETION SERVICE? OR WHAT IS PINNED SERVICE?

· Q and topic are called singleton services.

· It means at any point it can exist only on once JVM. you cannot have Q1 on two JVMs. Like managed server 2 cannot have a queue called Q1

· Because its available only at one location it’s also called pinned service.

WHAT IS A DISTRIBUTED QUEUE?

· Distributed Q is a logical group of physical Queues.

· You can have multiple queues as part of a DQ.The same way we can have a distributed topics also.

· If each member of the cluster has a Q then its called uniform distributed Queue or uniform distributed topic (UDD). Uniform distributed destination

WHAT IS A JMS MODULE?

· JMS module is the logical group of JMS resources

· It will have connection factories, Qs, topics, DQs & DTs (distributed Queues and distributed topics)

· It can seen at DOMAIN_HOME/config/jms as an xml file. Like JMS-MOD1.xml with its name

WHAT IS A JMS SERVER?

· JMS server is the container that holds the JMS destinations –Qs and topics

· Applications will talk to JMS server for sending and receiving message to Qs and topics

· If there is a persistence store then JMS server will manage it.

WHAT IS A FOREIGN SERVER

· A foreign server is a JMs server on another domain or another JMS product like MQ or TIBCO

· We refer to the JNDI name of the JMS server on the local JVM jndi.

· Applications can contact the remote JMS server by looking up the local JNDI.

WHAT IS A JMS BRIDGE?

· MS bridge can transfer messages from one JMS implementation to another JMS implementation

· For e.g. if there is a Q on web logic and we want to transfer these messages to a MQ server or TIBCO we can setup a bridge.

· A bridge will have two end points. Source dictation on left and target destination on the right.

WHEN TO USE JMS BRIDGE VS. JMS FOREIGN SERVER?

· Both of them provide the ability to send messages to a remote destination

· If the remote destination is highly available, then better to use JMS server

· If the remote destination is not-highly available then use a jms bridge that gives additional features of retry

SECURITY

WHAT IS REALM?

· Realm is everything about web logic security.

· It has providers. Users, groups, roles, security policies and embedded LDAP

· A default realm called “my realm” gets created when we create a domain.

WHAT ARE PROVIDERS?

· Providers are modules that give specific services

· Like authentication provider. Authorization provider, adjudication provider. Rolemapper etc.

· They are all part of security realm.

WHAT IS THE DIFFERENCE BETWEEN GROUP/ROLES?

· Group is static in nature. A group membership of a user does not change. For e.g. if you are member of administrators group then you are always group.

· Role is dynamic. You may have a role now may not gave that same roles 10min. later. It depends on role conditions.

· A group is static and role is dynamic.

WLST

DO YOU KNOW WLST?

· Yes I am ok with WLST fundamentals.

· I can write small small scripts. Or I usually use “record” button on the console to generate the skeleton script.

· Then I edit the script, add connect0, edit0 parameters and can make it ready.

WHAT SCRIPTS DID YOU WRITE FOR WLST?

· Recently I have written a script to create servers using recording button.

· Go to console -> click “record” button and continue with work. Once the changes are activated the skeleton script will be ready

· Modify the script little bit, add connect 0, edit etc. and I was able to execute it.

MISCILLANIOUS

WHAT IS MSI MODE:

· It managed server is already running and admin went down. Managed server wills swith to MSI mode.

· If managed server is not up, and admin not reachable, then managed server will use the read-only copy of config.xml and comes up in MSI mode

ARCHITECTURE OF WEB LOGIC :

· Admin server + configuration related files

· Admin server is for administering the domain. Managed servers are for hosting the applications

· Web logic server provides clusters for high availability, JDBC for database connection. And also other services

HOW MANY WAYS TO CREATE ADOMAIN?

· Using config.sh in WL_HOME/common/bin directory. Or using a template

· If we are using template we can use it again with config.sh for customizing or WLST for exact replica.

· Template based creation is easy.

HOW TO EXTEND A DOMAIN?

· Add the servers first from console. Take a tar of DOMAIN_HOME and transfer to box2

· Go to box2, install BEA_HOME, extract the tar file in the same path as box1

· Start the servers

HOW TO RECOVER WEB LOGIC ADMIN PASSWORD?

· I personally use a website available online. It basically uses web logic. Jar file to decrypt the password from boot. Properties

· There is some website called recover- admin –password. Appspot. Com. Just upload the serialized systemIni. Dat file and boot. Properties file. It will recover the password. I am using it for the last 2 years.

· Or else you can re-create another admin username. Using java web logic. Utils.security.adminaccount<new admin-name><new-admin-password>

HOW TO CONFIGURE EXTERNAL LDAP?

· I haven’t done it personally but I know the procedure.

· Create a separate authentication provider then click on that authentication provider and go to “provider specific” tab, give details on the tab.

· You have to give the details of external LDAP here like IP, uid etc. then all the users of external LDAP will be reflected on web logic console. This is the process but, I didn’t do it personally. When my lead was doing I just sat next to him.

WHAT ARE THE VARIOUS LOGS IN WEB LOGIC?

· Console log, server log

· Access log for http requests

· And finally there is a domain log & GC logs

DEPLOYMENT TO WEB SERER:

· We get the static content from the developer in a zip file

· Unzip this file into APACHE_HOME/htdocs directory

· Restart the apache server using apachectl restart

DIFFERENCES BETWEEN SUN JDK & JROCKIT

· Well, we are using AUN JDK at this moment. But I know some of the differences

· Sun jdk uses interpreter jrockit uses JIT (just-in-time) compiler.

· Byte code is converted to machine code. But not saved in sun jdk. Where as its saved in jrockit. So it tends to be faster sometimes

· There is NO PERMANENT GENERATION in jrockit..

· Console is used for live heap monitoring in sun JDK. Jrockit uses JRMC(jrockit mission control) for live heap monitoring

DOMAIN CREATION USING TEMPLATE AND WLST:

· Create a template from an existing domain.

· Launch WLST with java web logic. WLST command. Read domain0, write template0 close domain

· Scp the template jar file to another box.

· Install BEA_HOME on that box also, launch wlst.

· And create replica of the domain using create domain0 command

HOW DO YOU DEPLOY AN APPLICATION?

· Undeploy the existing version from console or web logic. Deployer

· Shutdown all the servers in the domain

· Purge the cache,tmp,stage directories in all servers

· Start the admin server

· Deploy new application using console or web logic. Deplorer. Stare managed servers.

HOW TO CONFIGURE SSL FOR APACHE:

· Download the source code and extract

· Configure using—enable—ssl&--enable-so options

· Compile using make command & install using make install

· Create a certificate& key file using open ssl.

· Configure http-ssl.conf file and enable virtual host with

HOW TO CONFIGURE SSL FOR WEB LOGIC:

· Generate a digital certificate, key pair self signed certificate using key tool.

· Generate a CSR for the above certificate. Go to website of VeriSign or entrust and copy/past the CSR and pay the money

· Once you receive the email with key from VeriSign import that key into the key store using key tool-import command go to console ->servers-><server-name>->key store tab and configure custom key store. And give the details of key store

· Go to the next tab “SSL” and configure the alias and give the key pass. Repeat it for all servers.

HOW TO CONFIGURE WORKMANAGERS?

· Create the “request class”

· Create max thread constraint, min thread constraint, capacity constraint

· Create a work manager and assign the above properties to this work manager

HOW TO CREATE A DATASOURCE?

· Give the name of data source and INDI name of data source, select the type of DB and driver type

· Then give the details of the backend database like.

· HOSTNAME/PORTNO/USERNAME/PASSWORD/SID

· Test the configuration

· Target the data source to all the managed servers.

· Check if the data source is enable/running state under monitor tab

HOW TO CREATE A JMS BRIDGE?

· Create a “source destination” and give CF & Q jndi names for local JMS

· Create a “target destination” and give CF &Q jndi names of the remote JMS (likeMQ,TIBCO)

· Create a bridge (from console) , give “Quality-of-service”

· Give “source destination” & provider. Same way give “target destination” & provider

· Target the bridge to the managed server.

· If the remote JMS is MQ or TIBO, we need to add the jar files to our web logic CLASSPATH

HOW TO CREATE JMS RESOURCES, FOR E.G. Q OR T

· Create a persistence store first target to the single JVM (one persistence store per JVM)

· Create a JMS server and target to the JVM (one JMS server per JVM)

· Create a JMS module and target to cluster or servers

· Create a sub-deployment and target to the JMS server

· Create the JMS resources like CFs/Q/Topics in this JMS module

IamWeblogicAdmin/Naveen

Monday, 4 March 2019

Weblogic bites

No comments:

Post a Comment