Tuesday, 19 March 2013
unix commands
cat filename Dump a file to the screen in ascii.
more filename Progressively dump a file to the screen: ENTER = one line down
SPACEBAR = page down q=quit
less filename Like more, but you can use Page-Up too. Not on all systems.
vi filename Edit a file using the vi editor. All UNIX systems will have vi in some form.
emacs filename Edit a file using the emacs editor. Not all systems will have emacs.
head filename Show the first few lines of a file.
head -n filename Show the first n lines of a file.
tail filename Show the last few lines of a file.
tail -n filename Show the last n lines of a file.
Monday, 18 March 2013
Question Answer for Interview
1.how do you create a cluster
go to servers -> clusters-> new ->give cluster_name->define first member->define other members->finish
2.how do you add a new cluster member
go to servers -> clusters->cluster_name ->cluster members ->new ->give name/node/others->apply->ok->save
go to servers -> clusters->cluster_name ->cluster members ->new ->give name/node/others->apply->ok->save
3.one of the cluster member (jvm) is having issues. To troubleshoot the issue, you decided to take it out of the cluster. How do you do that?
Make its runtime weight to 0
Make its runtime weight to 0
4.In a complex environment, there are 10 machines. Machine A is having 8GB RAM and machine B having 2GB of RAM. The administrator decided to send twice as many request as machineB to machineA. How can he achive it?
give machineA twice the weight as machineB
give machineA twice the weight as machineB
5.After making some changes on a cluster, it is required to recycle/restart all the cluster JVMs. The lead admin told you to make sure that there should not be any downtime during this recycle. Which option do you use to achieve it?
Ripplestart
Ripplestart
6.A large application which has 5web modules has been deployed on to a cluster. After some months, the developer asked you to update on of the 5web modules. How do you do it?
Rollout
Rollout
7.can you change the cluster name, once it was created
No
8.WHAT IS TRACING?
Tracing is when you go through an entire program and record the value of variables and the output. You trace a program when you want to find out what actually went wrong
Tracing is when you go through an entire program and record the value of variables and the output. You trace a program when you want to find out what actually went wrong
9.WHERE TO GIVE APPLICATION PRIORITY WHILE STARTING SERVER?
it will be under Enterprise applications ->app name -> startup behaviour ->Startup order in the admin console
it will be under Enterprise applications ->app name -> startup behaviour ->Startup order in the admin console
10.HOW TO MOVE CODE DEV ENVIRONMENT TO TESTING ENVIRONMENT?
I’m sure what they mean by code here. I think, incase of applications, export them from in DEC and deploy in TEST.
I’m sure what they mean by code here. I think, incase of applications, export them from in DEC and deploy in TEST.
11.WHAT IS SSL?WHEN IT ENCRYPT & DECRYPT THE DATA?
SSL are digital signed certificates. user for meesage/communication integrity and confidentiality. Generally encrypt at Sender side and decrypt at receiver side
SSL are digital signed certificates. user for meesage/communication integrity and confidentiality. Generally encrypt at Sender side and decrypt at receiver side
12.WHAT IS INCIDENT MANAGEMENT?
It is part of ITIL process….. simple explanation is, when there is a problem in ur WAS environment, which procedure do you follow.
It is part of ITIL process….. simple explanation is, when there is a problem in ur WAS environment, which procedure do you follow.
6.WHEN APPLICATION IS DOWN WHAT U WILL DO?
First look at the logs for errors. If you find the error, save the logs and start ur application. Then start trouble shoot.
If no error found, run a trace and look for FFDC etc..
First look at the logs for errors. If you find the error, save the logs and start ur application. Then start trouble shoot.
If no error found, run a trace and look for FFDC etc..
13.I HAVE 16GB RAM,WHAT IS THE MINIMUM & MAXIMUM HEAPSIZE ?
No relation. Heap settings should be made depends on application
No relation. Heap settings should be made depends on application
14.HOW TO OPEN ADMIN CONSOLE IN AIX/UNIX & WHAT IS THE DEFAULT FILE SYSTEM OF AIX?
admin console can be viewed from remote machine which has a browser, if not behind firewall.
admin console can be viewed from remote machine which has a browser, if not behind firewall.
15.WHAT IS FILE DESCRIPTORS IN AIX?
A file descriptor is a handle created by a process when a file is opened. There is a limit to the amount of file descriptors per process.If the file descriptor limit is exceeded for a process, you may see the following errors:”Too Many Open Files”
A file descriptor is a handle created by a process when a file is opened. There is a limit to the amount of file descriptors per process.If the file descriptor limit is exceeded for a process, you may see the following errors:”Too Many Open Files”
16.HOW TO RESOLVE PORT CONFLICTS IN PRODUCTION ENVIRONMENT?
check why there is port conflict
run updateports script in WAS
check why there is port conflict
run updateports script in WAS
17 what is a connection pool?
A connection pool is a cache of database connections maintained so that the connections can be reused when future requests to the database are required. Connection pools are used to enhance the performance of executing commands on a database. In connection pooling, after a connection is created, it is placed in the pool and it is used over again so that a new connection does not have to be established. If all the connections are being used, a new connection is made and is added to the pool. Connection pooling also cuts down on the amount of time a user must wait to establish a connection to the database.
18. What is virtual host in websphere application server?
Virtual host is a configuration not a physical one. A configuration that lets a single machine resemble multiple host machines. Each virtual host has a logical name and a list of one or more DNS host aliases by which it is known. By default, we wull have a default_house and admin_host virtual hosts defined in websphere application server.
19. how do i connect my application to talk to a database?
To achive this , you need to create a JDBC provider and datasource. The JDBC provider object encapsulates the specific JDBC driver implementation class for access to the specific vendor database of your environment. The data source object supplies your application with connections for accessing the database. The best way to learn more about this task is login to administration console –> guided activities –> connecting to a database.
20. How can i make sure that my servers are available while restarting a cluster?
Use the option ripplestart … It first stops and then restarts each member of the cluster.
21. I’ve made some changes to my applicaiton’s web.xml , how and where should i update this file?
You can do this from the administration console. Go to enterprise applications –>select your application and click update. on the next panel, you’ll have option to update the entire application, a single module or even a single file or multiple files.
Select the single file option and specify the file’s path you like to update. Specify a relative path to the file that starts from the root of the war/ear file. So it looks something like this: app1.war/WEB-INF/web.xml
22. How do i minimize the downtime while i’m updating the applications?
Use rollout update option. This option sequentially updates an application on multiple cluster members across a cluster. After you update an application’s files or configuration, click Rollout Update to install the application’s updated files or configuration on all cluster members of a cluster on which the application is installed.
Rollout update will save the application configurations then stops the cluster members on a node then syncs the configuration and stat the clusters members on that node. Then it proceeds to the next node and does the same steps.
Rollout update will save the application configurations then stops the cluster members on a node then syncs the configuration and stat the clusters members on that node. Then it proceeds to the next node and does the same steps.
23. We are getting a ‘class not found’ and developers like to know, if that class is being loaded or not. how can i assist them troubleshoot the issue?
WebSphere administration console has a utility using which you can see what classes are loaded at what scope for an application. Go to Troubleshooting –>class loader viewer and select the module.
24. We have some issue with our application server and we tried killing it using kill-9 command, the process disappeared for few seconds but it is back again. We did not start the server but it started. What would be the reason?
Servers > Application Servers > server_name. Then, under Server Infrastructure, click Java and Process Management > Process Definition > process > Monitoring Policy. Here we have an option Automatic Restart, this Specifies whether the process should restart automatically if it fails. On distributed systems, the default is to restart the process automatically.
25. Is there a way i can start my server along with nodeagent ?
Servers > Application Servers > server_name. Then, under Server Infrastructure, click Java and Process Management > Process Definition > process > Monitoring Policy. Here we have an option Node Restart State which specifies the desired behavior of the servers after the node completely shuts down and restarts.
- STOPPED – node agent does not start the server.
- RUNNING – the node agent always starts the server.
- PREVIOUS – the node agent starts the server only if the server was running when the node agent stopped.
Note: The questions answered in this series are some of the questions i was asked through email from my blog subscribers/users.
Next FAQ session is a compilation of questions on SSL
21. What is websphere?
The moment you ask this question, the first question that comes to mind is WebSphere application server. In reality, WebSphere is the name of a product family. IBM has many more products under the brand name WebSphere. WebSphere Application Server, WebSphere MQ, WebSphere Message broker, WebSphere business modeler, WebSphere process Server, WebSphere business monitor, WebSphere integration developer, WebSphere partner gateway are some of the products under this brand name.
22. What is a profile in websphere Application Server?
When you install WebSphere application server, executable files and configurations files are separated. This allows you install the product once and create multiple sets of configurations which use the same underlying core executables of the websphere application server installation. These are the profiles in websphere application server. As you know, there are many types of profiles and you can create multiple profiles.
23. What does nodeagent do in websphere Application Server?
We will have one nodeagnet per one node. The node agent acts as an mediator between the Deployment manmager and the node.
24. What is Sync in websphere Application Server?
WebSphere application server stores all the configuration data in one central location knows as ‘Master repository’. And every node/server will have the local configuration repository. The sycn process makes sure that the configuration in both local and master repositories are same and in-sync. The sync is a one dimensional process means; it will sync the configurations only from Master repository ==> local repository.
25. What is websphere plug-in for web server and where do i need to install the plug-in?
It is common practise to have web and app servers on different machines. WebSphere provides a plug-in which enables web server to talk to application server, this is known as web server plug-in. Web server plug-in will have a configuration file named plugin-config.xml which will have references to all the servers, clusters, applications, virtual hosts of the websphere application server. You can generate this configuration file from administration console, servers –>web servers. Select a web server and click generate plugin configuration file and then propagate the plugin. This plug-in needs to be installed on the web server machine
26. I don’t have WebSphere installed on my web server how do i add to the websphere administration console ?
If you like to add your web server to that WebSphere administration console, you can do that by creating a unmanaged node and then add from servers–>web servers
27. Do i need a web server if i have a websphere application server?
Web Server and WebSphere application server provide two different functionalities. WebSphere application server do has an inbuilt web server functionality but it is recommended to use a separate web server for many reasons. Some of them are: 1. By seperating web and application server activities, your application serving environment is more secure. 2. Using the webserver you can load balance the requests between multiple application servers.
28. How do edit/modify the property/configuration files?
It is recommended to modify all the configurations using the administration console. When you need to make any configuration changes, you need do the apply changes and sync them. Any changes you do at local repository level are discarded upon the next restart of that server because the sync is always from DMGR to local repository and changes are not saved to master repository. For example, if you edit a configuration file of server1 and restart it… the changes are lost. When the server starts it syncs the configuration from master repository.
29. What happens if my DMGR is not running?
DMGR is the single point of failure in WebSphere network deployment model. Even if DMGR is down, rest of the server will continue to run and serve the applications. However, any changes you make in this situation are not saved to master configuration repository.
30. I installed a new application, what do i need to do before i can access it from the web server URL?
When you install a new application or update an application, your web server needs to be aware of the changes. Which means you need to update the web server plug-in configuration file. So after a successful installation of an application with mapping to web server, you need to regenerate the plug-in configuration file and propagate it to web server..
1) What is the default user registry, if you enable Global Security at the time of installation
Its federated repositories…. actually it is a file
Its federated repositories…. actually it is a file
2) Which commands require username/password , if you enable admin security
all stop* , syncNode, addNode(?)
all stop* , syncNode, addNode(?)
3) When can you enable global security?
- while installing
- After installation also
- while installing
- After installation also
4) Does enabling admin security needs j2ee security to be enabled?
No
No
5) Does enabling admin security enables j2ee security?
yes
yes
6) What is the most important step to do, if you change your user repository.
recycle all the JVMs. otherwise the key tokens will not be updated for the new repo
recycle all the JVMs. otherwise the key tokens will not be updated for the new repo
7) who can change admin security settings?
Adminstrator
Adminstrator
8) what is the tool supplied by IBM for SSL management in Websphere
ikeyman
ikeyman
9) How do you change the cell wide SSL?
10) how do you replace the default plugin-key.kdb file with new kdb file?
11) can we use diffrent SSL for nodes and plugin ?
Yes
Yes
What is a ketstore?
A keystore is a database that contains private keys with their associated certificates. The keystore will be used for encrypting/signing something with your private key
What is A truststore ?
What is a Truststore contains certificates to trust like CA certs and remote server certs. Trust stores will be used mostly to authenticate remote servers etc.
What is root certificate?
a root certificate is either an unsigned public key certificate or a self-signed certificate that identifies the Root Certificate Authority (CA). Digital certificates are verified using a chain of trust. The trust anchor for the digital certificate is the Root Certificate Authority (CA).
A root certificate is the top-most certificate of the tree, the private key of which is used to “sign” other certificates. All certificates immediately below the root certificate inherit the trustworthiness of the root certificate. Certificates further down the tree also depend on the trustworthiness of the intermediates.
The root certificate is usually made trustworthy by some mechanism other than a certificate, such as by secure physical distribution. For example, some of the most well-known root certificates are distributed in the Internet browsers by their manufacturers. [From Wikipedia]
What is an intermediate certificate?
Trusted Root CA certificate can also be used to create another certificate, which in turn will then be used to issue SSL Certificates. So, an intermediate certificate is a subordinate certificate issued by the trusted root specifically to issue end-entity server certificates. The result is a certificate chain that begins at the trusted root CA, through the intermediate and ending with the SSL certificate issued to you. Such certificates are called chained root certificates. As the Intermediate Certificate is issued by the Trusted Root CA, any SSL Certificates issued by the Intermediate Certificate inherits the trust of the Trusted Root – effectively creating a certification chain of trust.
Why to use intermediate certificates?
There are mainly two advantages.
1) Creating certificates directly from the CA root certificate increases the risk of root certificate compromise, and if the CA root certificate is compromised, the entire trust infrastructure built by the SSL provider will fail. The usage of intermediate certificates for issuing SSL certificates to end entities, therefore, provides an added level of security.
2) Intermediates also help by constraining the size of the Certificate Revocation List (CRL) associated with a certificate product. By periodically rolling over the intermediate CA that signs the end entity certificates CRL’s are kept to a minimum. Maintaining optimal CRL sizes ensures that customers have a smooth and seamless experience visiting SSL-secured websites while full security is maintained transparently to customers/end users.
What is fix/interim fix/Emergency fix etc..?
These are single fixes published to resolve/fix an product defect/known issue. The next release of fixpack will contain these interim/emergency fixes and you are expected to apply the new fix pack.
Sunday, 17 March 2013
Cookie for session tracking
Cookie for session tracking
Cookies is the most commonly used method for tracking user session. The way it works is WebSphere Application server's session support generates a unique session ID for each user, and returns this ID to the users browser with cookie. There after whenver browser is making requests browser would send that cookie in header to the server and whenver server is generating response it will send that cookie information in header to the browser. By default websphere uses temporary cookies i.e. cookie which is not written to users machine to store session information, the cookie gets destroyed if the browser is closed. The cookie holds session identifier but the actual session information is stored on the server. The default name of the session management cookie is JSESSIONID
Main disadvantage with cookies is taht some users, either by choice or mandage, disable them from within their browsers.
Main disadvantage with cookies is taht some users, either by choice or mandage, disable them from within their browsers.
Subscribe to:
Posts (Atom)