Friday, 5 September 2014

IBM Integration Bus / WebSphere Message Broker Tooling


MQ Explorer can remotely connect to queue managers on any supported platform – enabling your entire messaging backbone to be viewed, explored and altered from one place. The latest version of the SupportPac can be used to connect to remote queue managers from any currently supported version of IBM WebSphere MQ.


This SupportPac contains a utility that is useful for the development and testing of WebSphere MQ and IBM Integration Bus or WebSphere Message Broker applications. Test messages are stored as files, which are then read by the application and written to a WebSphere MQ queue. The program is GUI based. 

Command line performance measurement utilities are also provided.

Possible Uses
It allows test messages to be captured and stored in files, and then used to drive IBM Integration Bus or WebSphere Message Broker applications. Output messages can also be read and displayed in a variety of formats. The formats include two types of XML as well as matched against a COBOL copybook. The data can be in EBCDIC or ASCII. An RFH2 header can be added to the message before the message is sent.


at No comments:

IBM Software - In Video

One of my colleagues was looking for some video introductions to various IBM software products, including: -








This flash video will explore the various ways that enhanced decision management capabilities and real-time visibility into processes can help Energy & Utility (E&U) leaders respond faster to meter events, customer demands, and much more to meet the industry's unique challenges. Improved business event processing capabilities can help utility leaders transform insight into action and more effectively manage instrumented and intelligent utility networks.



Watch the video to learn how the capabilities in IBM Integration Bus can help you:

• Streamline integration between IT and business teams by applying routing rules and business logic as policies
• Achieve greater synergy between business process management and integration
• Improve workload management with traffic shaping and throttling
• Understand and more easily act upon in-flight data
at No comments:

Wednesday, 3 September 2014

Insufficient ulimit -u (NPROC) Value Contributes to Native OutOfMemory

I've hit this problem several times in the past few days, mainly on Red Hat Enterprise Linux 6.3 platforms: -

...
An out of memory may be observed on a system running WebSphere Application Server on Linux. Further investigation may reveal a "Failed to create a thread:" message within the generated javacore which would indicate a native out of memory issue has been encountered. The cause of the problem may be an insufficient ulimit setting. While this type of issue can occur on any level of Linux, more recent releases, such as Redhat Enterprise Linux 6, are more likely to encounter this issue due to a decreased default value for certain ulimits. The following will outline how to identify if a process ulimit is the culprit and what WebSphere Application Server Support recommends to fix the case.
...


The trick was to realise that it's not enough to merely extend the ulimits in /etc/security/limits.conf but that, with RHEL 6.X, it's also necessary to amend /etc/security/limits.d/90-nproc.conf as well.

Simples ....
at No comments:

Tuesday, 2 September 2014

AMQ5540 and AMQ5541 seen between WebSphere Application Server and WebSphere MQ

So I'm seeing: -

AMQ5540: Application 'WebSphere MQ Client for Java' did not supply a user ID and password

AMQ5541: The failed authentication check was caused by the queue manager
CONNAUTH CHCKCLNT(REQDADM) configuration.

from WebSphere MQ 8.0 when I attempt to connect from WebSphere Application Server (WAS) to a Queue Manager.

The solution ?

Read this IBM Technote: -


...
In MQ 8.0, a new function is introduced that requires MQ administrators using remote access to supply the userid and password. When the userid and password are not supplied or the password is incorrect, then the following error is displayed.
...

I chose to take the circumvention of setting the Queue Manager back to the pre-V8 days, with passing checking being optional: -

ALTER AUTHINFO(SYSTEM.DEFAULT.AUTHINFO.IDPWOS) AUTHTYPE(IDPWOS) CHCKCLNT(OPTIONAL)

Obviously, this goes AGAINST good practices around security, but, in this particular case, it's MY environment.

YOUR mileage WILL vary.

at 2 comments:

Installing IBM WebSphere MQ on Linux

Following on from a previous post: -


I'm getting to grips with IBM Integration Bus 9.0.0.2 and it's prerequisite dependency IBM WebSphere MQ 8.0.

First I'm going to install WMQ ...

I downloaded WMQ from the IBM software download site, resulting in a single TAR file: -

-rw-r--r--@  1 hayd  staff  558767000  2 Sep 06:14 WS_MQ_LINUX_ON_X86_64_V8.0_IMG.tar.gz

This I expanded onto my target RHEL 6.3 box: -

mkdir /tmp/Repo/WMQ
cd /tmp/Repo/WMQ
tar xvzf /mnt/hgfs/Software/WMQ8/WS_MQ_LINUX_ON_X86_64_V8.0_IMG.tar.gz 

This results in a number ( 30 ) of RPMs: -

MQSeriesAMS-8.0.0-0.x86_64.rpm
MQSeriesClient-8.0.0-0.x86_64.rpm
MQSeriesExplorer-8.0.0-0.x86_64.rpm
MQSeriesFTAgent-8.0.0-0.x86_64.rpm
MQSeriesFTBase-8.0.0-0.x86_64.rpm
MQSeriesFTLogger-8.0.0-0.x86_64.rpm
MQSeriesFTService-8.0.0-0.x86_64.rpm
MQSeriesFTTools-8.0.0-0.x86_64.rpm
MQSeriesGSKit-8.0.0-0.x86_64.rpm
MQSeriesJava-8.0.0-0.x86_64.rpm
MQSeriesJRE-8.0.0-0.x86_64.rpm
MQSeriesMan-8.0.0-0.x86_64.rpm
MQSeriesMsg_cs-8.0.0-0.x86_64.rpm
MQSeriesMsg_de-8.0.0-0.x86_64.rpm
MQSeriesMsg_es-8.0.0-0.x86_64.rpm
MQSeriesMsg_fr-8.0.0-0.x86_64.rpm
MQSeriesMsg_hu-8.0.0-0.x86_64.rpm
MQSeriesMsg_it-8.0.0-0.x86_64.rpm
MQSeriesMsg_ja-8.0.0-0.x86_64.rpm
MQSeriesMsg_ko-8.0.0-0.x86_64.rpm
MQSeriesMsg_pl-8.0.0-0.x86_64.rpm
MQSeriesMsg_pt-8.0.0-0.x86_64.rpm
MQSeriesMsg_ru-8.0.0-0.x86_64.rpm
MQSeriesMsg_Zh_CN-8.0.0-0.x86_64.rpm
MQSeriesMsg_Zh_TW-8.0.0-0.x86_64.rpm
MQSeriesRuntime-8.0.0-0.x86_64.rpm
MQSeriesSamples-8.0.0-0.x86_64.rpm
MQSeriesSDK-8.0.0-0.x86_64.rpm
MQSeriesServer-8.0.0-0.x86_64.rpm
MQSeriesXRService-8.0.0-0.x86_64.rpm

First I needed to accept the license agreement: -

./mqlicense.sh 

...
Press Enter to continue viewing the license agreement, or 
enter "1" to accept the agreement, "2" to decline it, "3" 
to print it, "4" to read non-IBM terms, or "99" to go back 
to the previous screen.
1

Agreement accepted:  Proceed with install.
...

I then ran a loop to install the RPMs: -

for i in *.rpm; do rpm --prefix /opt/ibm/mqm -ivh $i; done

I needed to run this several times as  some RPMs depend upon others that have yet to be installed.

Eventually, all were installed: -

...
Preparing...                ########################################### [100%]
package MQSeriesMsg_Zh_TW-8.0.0-0.x86_64 is already installed
Preparing...                ########################################### [100%]
package MQSeriesRuntime-8.0.0-0.x86_64 is already installed
...

which I validated: -

rpm -qa | grep MQSeries

MQSeriesServer-8.0.0-0.x86_64
MQSeriesJRE-8.0.0-0.x86_64
MQSeriesMsg_es-8.0.0-0.x86_64
MQSeriesMsg_ja-8.0.0-0.x86_64
MQSeriesMsg_ru-8.0.0-0.x86_64
MQSeriesExplorer-8.0.0-0.x86_64
MQSeriesGSKit-8.0.0-0.x86_64
MQSeriesRuntime-8.0.0-0.x86_64
MQSeriesSDK-8.0.0-0.x86_64
MQSeriesAMS-8.0.0-0.x86_64
MQSeriesJava-8.0.0-0.x86_64
MQSeriesMan-8.0.0-0.x86_64
MQSeriesMsg_de-8.0.0-0.x86_64
MQSeriesMsg_fr-8.0.0-0.x86_64
MQSeriesMsg_it-8.0.0-0.x86_64
MQSeriesMsg_ko-8.0.0-0.x86_64
MQSeriesMsg_pt-8.0.0-0.x86_64
MQSeriesMsg_Zh_CN-8.0.0-0.x86_64
MQSeriesXRService-8.0.0-0.x86_64
MQSeriesFTBase-8.0.0-0.x86_64
MQSeriesFTTools-8.0.0-0.x86_64
MQSeriesFTAgent-8.0.0-0.x86_64
MQSeriesSamples-8.0.0-0.x86_64
MQSeriesClient-8.0.0-0.x86_64
MQSeriesMsg_cs-8.0.0-0.x86_64
MQSeriesMsg_hu-8.0.0-0.x86_64
MQSeriesMsg_pl-8.0.0-0.x86_64
MQSeriesMsg_Zh_TW-8.0.0-0.x86_64
MQSeriesFTLogger-8.0.0-0.x86_64
MQSeriesFTService-8.0.0-0.x86_64

rpm -qa | grep MQSeries | wc

     30      30     905

I did have one small fright - when I listed the contents of the /opt/ibm/mqm/bin directory, this is what I saw: -


and I assumed that the use of the red font indicated a problem with the installation :-(

Actually, it's NOT a problem - it's merely my shell's way of showing me that the red-flagged binaries have the sticky bit set, meaning that they'll always be executed with the mqm user.

Unlike earlier versions, the MQConfig command is shipped with WMQ 8: -

ls -al `locate mqconfig`

-r-xr-xr-x 1 mqm mqm 51989 Apr 29 15:54 /opt/mqm/bin/mqconfig

This I ran: -

/opt/mqm/bin/mqconfig 

mqconfig: V3.7 analyzing Red Hat Enterprise Linux Server release 6.3
          (Santiago) settings for WebSphere MQ V8.0

System V Semaphores
  semmsl     (sem:1)  250 semaphores                     IBM>=32           PASS
  semmns     (sem:2)  122 of 256000 semaphores   (0%)    IBM>=4096         PASS
  semopm     (sem:3)  32 operations                      IBM>=32           PASS
  semmni     (sem:4)  109 of 2048 sets           (5%)    IBM>=128          PASS

System V Shared Memory
  shmmax              68719476736 bytes                  IBM>=268435456    PASS
  shmmni              8 of 4096 sets             (0%)    IBM>=4096         PASS
  shmall              425311 of 4294967296 pages (0%)    IBM>=2097152      PASS

System Settings
  file-max            4992 of 792980 files       (0%)    IBM>=524288       PASS

Current User Limits (root)
  nofile       (-Hn)  8800 files                         IBM>=10240        WARN
  nofile       (-Sn)  8800 files                         IBM>=10240        WARN
  nproc        (-Hu)  0 of 8800 processes        (0%)    IBM>=4096         PASS
  nproc        (-Su)  0 of 8800 processes        (0%)    IBM>=4096         PASS

Following the recommendations, I increased the nofile ulimits from 8800 to 10240, by editing /etc/security/limits.conf from: -

# End of file
* hard nofile 8800
* soft nofile 8800

to: -

# End of file
* hard nofile 10240
* soft nofile 10240

One log out later, and we're good to go: -

mqconfig: V3.7 analyzing Red Hat Enterprise Linux Server release 6.3
          (Santiago) settings for WebSphere MQ V8.0

System V Semaphores
  semmsl     (sem:1)  250 semaphores                     IBM>=32           PASS
  semmns     (sem:2)  122 of 256000 semaphores   (0%)    IBM>=4096         PASS
  semopm     (sem:3)  32 operations                      IBM>=32           PASS
  semmni     (sem:4)  109 of 2048 sets           (5%)    IBM>=128          PASS

System V Shared Memory
  shmmax              68719476736 bytes                  IBM>=268435456    PASS
  shmmni              8 of 4096 sets             (0%)    IBM>=4096         PASS
  shmall              425311 of 4294967296 pages (0%)    IBM>=2097152      PASS

System Settings
  file-max            4992 of 792980 files       (0%)    IBM>=524288       PASS

Current User Limits (root)
  nofile       (-Hn)  10240 files                        IBM>=10240        PASS
  nofile       (-Sn)  10240 files                        IBM>=10240        PASS
  nproc        (-Hu)  0 of 8800 processes        (0%)    IBM>=4096         PASS
  nproc        (-Su)  0 of 8800 processes        (0%)    IBM>=4096         PASS

I created a dedicated group/user for WMQ: -

groupadd mqm
useradd -g mqm -d /home/mqm mqm
passwd mqm

To test WMQ, I following part of the instructions in this excellent IBM White Paper: -


as user mqm.

...
Create queue manager, with a Dead Letter Queue (DLQ)

crtmqm -u SYSTEM.DEAD.LETTER.QUEUE QM_MDB

Start the queue manager

strmqm QM_MDB

Invoke the administration utility

runmqsc QM_MDB

Within runmqsc, define and start an MQ Listener:

DEFINE LISTENER(TCP.LISTENER) TRPTYPE(TCP) CONTROL(QMGR) PORT(1420)

START LISTENER(TCP.LISTENER)

Define a channel to be used with the MQ Explorer (optional but very useful!):

DEFINE CHANNEL(SYSTEM.ADMIN.SVRCONN) CHLTYPE(SVRCONN)

Define a local queue:

DEFINE QLOCAL(Q_MDB)


Define a topic object:

DEFINE TOPIC(T_MDB) TOPICSTR('sports')

For MQ 7.1 and 7.5, and if desiring to allow remote connections by an MQ Administrator:

set CHLAUTH(*) TYPE(BLOCKUSER) USERLIST('nobody','*MQADMIN')
set CHLAUTH(SYSTEM.ADMIN.*) TYPE(BLOCKUSER) USERLIST('nobody')

Exit runmqsc:

END
...

I then continued to follow the White Paper to configure WebSphere Application Server (WAS) to access the QM_MDB Queue Manager, using JMS / Activation Specifications.

Which is nice :-)
at 9 comments:

Creating a standalone Process Center profile in IBM Business Process Manager V8.5

Creating a standalone Process Center profile in IBM Business Process Manager V8.5

A standalone Process Center profile is useful for situations where memory and disk space are limited. Rather than install the Process Center as a network deployment environment with at least three profiles running, plus an additional profile to support the unit test environment server, this article describes how a single profile can provide both a Process Center server and a unit test environment server.

at No comments:

Monday, 1 September 2014

IBM HTTP Server - CTGSK3024W Invalid value for parameter from GSK

I hit a wee problem with the Global Security Toolkit (GSK) when creating a certificate for IBM HTTP Server 8.5.5.2

This is the command that I was running: - 

/opt/ibm/HTTPServer/bin/gskcapicmd -cert -create -db /opt/ibm/HTTPServer/ssl/keystore.kdb -pw passw0rd -size 2048 -dn "bam8012.uk.ibm.com,o=ibm,c=us" -label "bam8012.uk.ibm.com" -default_cert yes

which resulted in: -

CTGSK3024W Invalid value for parameter "-dn" (bam8012.uk.ibm.com,o=ibm,c=us). 

It was, of course, user error.

This is what I should have run: -

/opt/ibm/HTTPServer/bin/gskcapicmd -cert -create -db /opt/ibm/HTTPServer/ssl/keystore.kdb -pw rlmp56Hn3uWh -size 2048 -dn "bam8012.uk.ibm.com\\,o=ibm\\,c=us\\" -label "bam8012.uk.ibm.com" -default_cert yes

In other words, I needed to insert '\\' before each comma ( , )

at No comments:
Subscribe to: Posts (Atom)

Note to self - Firefox and local connections

 Whilst trying to hit my NAS from Firefox on my Mac, I kept seeing errors such as:- Unable to connect Firefox can’t establish a connection t...