Monday, 9 October 2017

Using Docker Container Technology with F5 Products and Services

I'm continuing to learn about, and tinker, with containers, in the context of Docker and Kubernetes.

I've also been working with various HTTPS load balancers, including the Edge Load Balancer (ELB) capability on Amazon Web Service (AWS) Elastic Cloud (EC2) and F5 Networks' BIG-IP.

So I started wondering whether there's a Docker image for the BIG-IP product.

That led me to Google, which led me here: -


and here: -


and, eventually this: -

F5 BIG‑IP cannot run inside of a Docker container; it is only available as a virtual or hardware appliance.
...


So I didn't find an image, but I did learn a few more things ….

Meantime, I can use the trial and evaluation versions of BIG-IP etc. from here: _


at No comments:

Tail on Unix - Why did I not know about this ?

Years ago, I wrote this: -


which referenced back to a podcast upon which I appeared in 2010 ….

This was all about using a 3rd party binary to allow me to view multiple log files in a single window ...

And yet, last week, I noticed a client using the stock version of tail to achieve precisely the same outcome.

So, whereas I was reduced to doing this ( without Multitail ): -

tail -f /opt/ibm/WebSphereProfiles/AppSrv01/logs/AppClusterMember1/SystemOut.log
tail -f /opt/ibm/WebSphereProfiles/AppSrv01/logs/SupClusterMember1/SystemOut.log
tail -f /opt/ibm/WebSphereProfiles/AppSrv01/logs/MEClusterMember1/SystemOut.log

I realised that I can do this: -

tail -f /opt/ibm/WebSphereProfiles/AppSrv01/logs/AppClusterMember1/SystemOut.log /opt/ibm/WebSphereProfiles/AppSrv01/logs/SupClusterMember1/SystemOut.log /opt/ibm/WebSphereProfiles/AppSrv01/logs/MEClusterMember1/SystemOut.log

and see this: -

==> /opt/ibm/WebSphereProfiles/AppSrv01/logs/AppClusterMember1/SystemOut.log <==
[09/10/17 13:48:11:718 BST] 00000171 AbstractReque W com.ibm.wps.resolver.resource.AbstractRequestDispatcherFactory matchesWebAppDefault(aResource) Servlet context [/BSpaceWidgetsHM] does not specify a blackwhite list when accessing resource [iWidget/widgets/hm/HM_iwidget.xml], falling back to the default [[(null), (WEB-INF/.*)]]. Applications can define a custom list by adding the keys [com.ibm.portal.resource.whitelist] and [com.ibm.portal.resource.blacklist] to their web.xml deployment descriptor. For details see information for APAR PI47714 related to CVE-2014-8912.
[09/10/17 13:48:12:677 BST] 00000171               I com.ibm.mm.framework.persistence.OOBSpaceCreator importOOBSpaces BMWFP0059I: The standard spaces have finished loading. 
[09/10/17 13:48:24:798 BST] 0000013d TaskLoader    I   CWLLG0597I: Trying to acquire synchronous queue SYNC_QUEUE_2.
[09/10/17 13:48:24:799 BST] 0000013d TaskLoader    I   CWLLG0581I: Acquired synchronous queue SYNC_QUEUE_2.
[09/10/17 13:48:40:694 BST] 0000013d TaskLoader    I   CWLLG0597I: Trying to acquire synchronous queue SYNC_QUEUE_3.
[09/10/17 13:48:40:695 BST] 0000013d TaskLoader    I   CWLLG0581I: Acquired synchronous queue SYNC_QUEUE_3.
[09/10/17 13:49:37:852 BST] 00000104 ArtifactIndex I com.ibm.bpm.index.core.impl.AdvancedIndexer updateIndex Log:There is no index to update. Starting a full index.
[09/10/17 13:49:37:853 BST] 00000104 ArtifactIndex I com.ibm.bpm.index.core.impl.AdvancedIndexer createIndex Entry: createIndex()
[09/10/17 13:49:44:804 BST] 00000104 ArtifactIndex I com.ibm.bpm.index.core.impl.AdvancedIndexer createIndex Log:Indexing elapsed time:6950
[09/10/17 13:49:44:805 BST] 00000104 ArtifactIndex I com.ibm.bpm.index.core.impl.AdvancedIndexer createIndex Exit: createIndex()

==> /opt/ibm/WebSphereProfiles/AppSrv01/logs/SupClusterMember1/SystemOut.log <==
[09/10/17 13:46:44:121 BST] 000000b0 authz         I   CWWIM2000I Initialization of the authorization component completed successfully.
[09/10/17 13:46:44:453 BST] 000000b0 InternalGener I   DSRA8225I: DataSource JNDI name : jdbc/TeamWorksDB
[09/10/17 13:46:44:455 BST] 000000b0 InternalGener I   DSRA8203I: Database product name : DB2/LINUXX8664
[09/10/17 13:46:44:456 BST] 000000b0 InternalGener I   DSRA8204I: Database product version : SQL11012
[09/10/17 13:46:44:457 BST] 000000b0 InternalGener I   DSRA8205I: JDBC driver name  : IBM Data Server Driver for JDBC and SQLJ
[09/10/17 13:46:44:458 BST] 000000b0 InternalGener I   DSRA8206I: JDBC driver version  : 4.21.29
[09/10/17 13:46:44:459 BST] 000000b0 InternalGener I   DSRA8218I: JDBC driver specification level  : 4.1
[09/10/17 13:46:44:459 BST] 000000b0 InternalDB2Un I   DSRA8212I: DataStoreHelper name is: com.ibm.websphere.rsadapter.DB2UniversalDataStoreHelper@59060d67.
[09/10/17 13:46:44:460 BST] 000000b0 WSRdbDataSour I   DSRA8208I: JDBC driver type  : 4
[09/10/17 13:47:54:712 BST] 0000005a NGUtil$Server I   ASND0002I: Detected server AppClusterMember1 started on node Node1

==> /opt/ibm/WebSphereProfiles/AppSrv01/logs/MEClusterMember1/SystemOut.log <==
[09/10/17 13:45:49:893 BST] 00000041 CoordinatorIm I   HMGR0228I: The Coordinator is not an Active Coordinator for core group DefaultCoreGroup. The active coordinator set is [PCCell1\Dmgr\dmgr].
[09/10/17 13:45:49:895 BST] 00000041 CoordinatorIm I   HMGR0218I: A new core group view has been installed. The core group is DefaultCoreGroup. The view identifier is (5:0.PCCell1\Dmgr\dmgr). The number of members in the new view is 5.
[09/10/17 13:45:49:897 BST] 00000041 CoreGroupMemb I   DCSV8050I: DCS Stack DefaultCoreGroup at Member PCCell1\Node1\MEClusterMember1: New view installed, identifier (5:0.PCCell1\Dmgr\dmgr), view size is 5 (AV=5, CD=5, CN=5, DF=5)
[09/10/17 13:45:50:003 BST] 00000050 ViewReceiver  I   DCSV1033I: DCS Stack DefaultCoreGroup at Member PCCell1\Node1\MEClusterMember1: Confirmed all new view members in view identifier (5:0.PCCell1\Dmgr\dmgr). View channel type is View|Ptp.
[09/10/17 13:46:13:635 BST] 00000059 NGUtil$Server I   ASND0002I: Detected server SupClusterMember1 started on node Node1
[09/10/17 13:46:16:666 BST] 000000c2 SibMessage    W   [:] CWSIP0181W: The maximum batch size for the consumer on destination DataDefLoaderQueueDestinationSupCluster, has been set to 1.
[09/10/17 13:46:16:667 BST] 000000c2 SibTr$Suppres I   CWSIU0006I: Future occurences of "CWSIP0181W: The maximum batch size for the consumer on destination DataDefLoaderQueueDestinationSupCluster, has been set to 1." will be suppressed.
[09/10/17 13:46:16:938 BST] 000000c2 SibMessage    W   [:] CWSIP0181W: The maximum batch size for the consumer on destination RepresentationManagerQueueDestinationSupCluster, has been set to 1.
[09/10/17 13:46:16:939 BST] 000000c2 SibTr$Suppres I   CWSIU0006I: Future occurences of "CWSIP0181W: The maximum batch size for the consumer on destination RepresentationManagerQueueDestinationSupCluster, has been set to 1." will be suppressed.
[09/10/17 13:47:54:697 BST] 00000059 NGUtil$Server I   ASND0002I: Detected server AppClusterMember1 started on node Node1

Why didn't I know this ?

Ah, well, every day IS a school day

at No comments:

"Kubernetes Microservices with Docker" - A Book Review

As mentioned a few weeks ago: -

I read and review books for the British Computer Society (BCS) on a semi-regular basis.

These books are provided to me by the publisher, via the BCS, at no cost to me. Apart from the book, I receive no inducement to produce the reviews.

I typically choose books related to my professional career, as an IT Specialist working with IBM Cloud technologies, and pick subjects and topics that are close to my heart, and my interests.

This time is no different … I've been working with Docker and Kubernetes for the past year or so, both on my own macOS machines and also on the IBM Bluemix PaaS solution.

Whilst I had a fairly good knowledge of Docker, Kubernetes was relatively new to me, so this book - Kubernetes Microservices with Docker - was a perfect introduction.

In the book, the author, Deepak Vohra, spends the first few chapters introducing the concepts of containerisation, Docker and then Kubernetes itself.

This, to me, was a perfect introduction, and allowed me to understand the core concept of pods; like whales, containers run in pods ( you have to admire the geek humour in there, given that the Docker logo is a whale ).

So the pod provides the core services, including networking and storage, to the containers that run therein.

Other than pods, Kubernetes has a number of other core capabilities, including services, replication and storage volumes.

As the book progresses, Deepak uses examples, leveraging commonly-used tools and technologies, including mySQL, Oracle, Cassandra, Hadoop and Kafka, to demonstrate how Kubernetes works, in terms of creating pods of containers, using stock images, accessing the underlying application services via command-line and browser, and then scaling the service up and down using the Kubernetes replication capabilities.

This is an extremely useful approach, and works on the Carnegie Hall principle ( "Q:How do I get to Carnegie Hall?" "A:Practice" ) where one repeats a method until it becomes "muscle-memory".

Finally, he concluded by describing AND demonstrating how Kubernetes supports the multiple-pod principle, which is essential to support a multi-layer architecture, where one has few/no single points of failure.

As an example, one might have a Kubernetes service comprising a web server ( e.g. Apache or Nginx ), a web application server ( e.g. WebSphere Liberty Profile ) and a database ( e.g. mySQL or Oracle ), with each capability running in a single pod, scaling up and down as required, with all three pods linked together, and sharing common services, such as networking.

So, to summarise this book, it's a concise but clear introduction to containers, Docker and Kubernetes, using simple real-world examples to pass on the core concepts, via repetition, and is a very useful enabler.

In terms of size, it's a 432 page ebook ( I'm reading it using Apple iBooks ) and was shipped to me in PDF form.

If you're interested in containerisation, I'd definitely advocate this book, whether you're a complete beginner, or already on your journey of enablement.

Out of 10, I'd give this book a clear 10, in the main because of it's relative brevity and it's use of worked examples.

at No comments:

"No more handles" seen trying to run X11 over SSH

A brief moment of "panic" this AM, whilst trying to tunnel X11 over SSH: -

ssh -X wasadmin@bpm86

wasadmin@bpm86's password: 
Warning: untrusted X11 forwarding setup failed: xauth key data not generated
Last login: Mon Oct  9 09:38:11 2017 from 192.168.153.1

/opt/ibm/InstallationManager/eclipse/IBMIM -record installJava8.rsp

00:00.29 ERROR [main] org.eclipse.equinox.log.internal.ExtendedLogReaderServiceFactory safeLogged
  Application error
  org.eclipse.swt.SWTError: No more handles [gtk_init_check() failed]
    at org.eclipse.swt.SWT.error(SWT.java:4394)
    at org.eclipse.swt.widgets.Display.createDisplay(Display.java:914)
    at org.eclipse.swt.widgets.Display.create(Display.java:900)
    at org.eclipse.swt.graphics.Device.<init>(Device.java:156)
    ...
IBMIM:
An error has occurred. See the log file
/opt/ibm/InstallationManager/eclipse/configuration/1507538359387.log.

Before getting too worried about ulimit and missing X11 RPMs, I tested using my good old friend xeyes : -

xeyes 

which immediately returned: -

Error: Can't open display: 

Looking back at the original SSH command: -

ssh -X wasadmin@bpm86

I realised where I was going wrong, and really should've visited this old blog post: -


which directed me to do this: -

ssh -Y wasadmin@bpm86

wasadmin@bpm86's password: 
Warning: No xauth data; using fake authentication data for X11 forwarding.
Last login: Mon Oct  9 09:39:05 2017 from 192.168.153.1

and now things just work

xeyes 


/opt/ibm/InstallationManager/eclipse/IBMIM -record installJava8.rsp


Noice :-)

at No comments:

IBM BPM - Exploring the REST API

This is definitely a starter-for-10, but I was talking with a couple of colleagues about the IBM BPM REST API last week, and made a few notes.

So I'm using IBM BPM 8.5.7 CF2017-06 on the IBM Cloud ( BPM is a Software-as-a-Service solution there, amongst other things ) as my testbed.

BPMoC has a REST UI : -





plus a retrievable Swagger document for the APIs: -



and, better still, a Swagger Generator: -



Note that, for BPMoC, the URLs are like this: -


as per this: -


This is all more fully documented here: -



at No comments:

Monday, 2 October 2017

Amazon AWS / EC2 - My first foray

Today I mainly be tinkering with AWS and EC2, as that's what my client is using.

Having built out a new Ubuntu VM, I hit a few newbie 101 errors, including: -

ssh -i ~/Downloads/IHS01.pem 1.2.3.4

The authenticity of host '52.23.166.202 (52.23.166.202)' can't be established.
ECDSA key fingerprint is SHA256:vKk0YZCPqhBS6sHPwjEySqMq2SISglIBMC3h7LdoX4Q.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '52.23.166.202' (ECDSA) to the list of known hosts.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/Users/foobar/Downloads/IHS01.pem' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "/Users/foobar/Downloads/IHS01.pem": bad permissions
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

So I fixed this: -

chmod 600 ~/Downloads/IHS01.pem 

and retried: -

ssh -i ~/Downloads/IHS01.pem 1.2.3.4

and then got this: -

Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

which flummoxed me for a while.

And then I realised that I wasn't actually asserting a user ID on the SSH command, so it was defaulting to my logged-in user ID.

Given that it's EC2, I tried this: -

ssh -i ~/Downloads/IHS01.pem ec2-user@1.2.3.4

and, c'est voila, I'm in: -

Last login: Mon Oct  2 12:26:03 2017 from 4.5.6.7.dyn.plus.net
[ec2-user@ip-1.2.3.4 ~]$ uname -a
Linux ip-1.2.3.4.ec2.internal 3.10.0-514.el7.x86_64 #1 SMP Wed Oct 19 11:24:13 EDT 2016 x86_64 x86_64 x86_64 GNU/Linux

Job's a good 'un :-)

at No comments:

Top 5 things you need to know about IBM BPM on Cloud

This came up in conversation today, so I thought I'd (re)share it: -


Moving your business process management solutions to IBM® Business Process Manager (BPM) on Cloud introduces some special considerations. For a successful transition, pay attention to five areas when you plan and implement a move to IBM BPM on Cloud: topology, security, administration and operations, application design, and application data and integration.

IBM BPM on Cloud is a software-as-a-service offering that is still undergoing enhancements and development changes. This article is updated regularly as new capabilities are added and existing capabilities are improved.

This article is not an exhaustive list of all the details you need to consider when you implement and deploy process applications on IBM BPM on Cloud. Use it as a checklist of important topics for IBM BPM on Cloud, based on implementations and deployments and experience from the authors.

If you are new to IBM BPM on Cloud, watch the following video for a brief introduction: Welcome to IBM Business Process Manager on Cloud.

at No comments:
Subscribe to: Posts (Atom)

Note to self - Firefox and local connections

 Whilst trying to hit my NAS from Firefox on my Mac, I kept seeing errors such as:- Unable to connect Firefox can’t establish a connection t...