Arche @ Interface101: 2012

Friday, December 28, 2012

Maven - How to deploy WAR to vFabric TC Server remotely using Maven build?

Four easy steps on How to deploy the WAR file to vFabric TC 2.8.* server or Tomcat 7 remotely using Maven build (pom.xml)

Step 1: Open your tomcat-user.xml from your <CATALINA_HOME>/conf folder and insert the code:

Code:
<?xml version="1.0" encoding="UTF-8"?>
<tomcat-users>
<role rolename="manager-gui" />
<role rolename="manage-script" />
<role rolename="manager-status" />
<role rolename="manager-jmx" />
<user username="adminuser" password="adminpwd" roles="manager-gui" />
</tomcat-users>

Note: Role name script, status and jmx are optional. In previous version of tomcat, you can use role "manager" but for tomcat 7, it was divided into four role. For depolyment, we need only "manager-gui".

Step 2: Update your Maven settings.xml with the following code. To check where is your maven settings located, just open a command prompt and type maven -X and it will show the global settings and user settings. I choose global settings since I will be allowing other users to use the same settings.

Open <MAVEN_HOME>/conf/settings.xml then insert the code:

Code:
<?xml version="1.0" encoding="UTF-8"?>
<settings>
<servers>
<server>
<id>remoteserver</id>
<username>adminuser</username>
<password>adminpwd</password>
</server>
</servers>
</settings>

Step 3: Open your pom.xml and insert the following code

Code:
<plugin>
<groupId>org.apache.tomcat.maven</groupId>


<artifactId>tomcat7-maven-plugin</artifactId>
<configuration>
<url>http://<remote_ip_address>:<port>/manager/html</url>
<server>remoteserver</server>
<path>/your_web_context_path_here</path>
</configuration>
</plugin>

Note: if you have a parent pom.xml you need to insert the following code to your parent pom.xml

Code:
<plugin>
<groupId>org.apache.tomcat.maven</groupId>
<artifactId>tomcat7-maven-plugin</artifactId>
<version>2.0</version>
</plugin>

Step 4: Deploy or Redeploy
Run maven command to deploy
Code:
mvn tomcat7:deploy
For redeploy:
Code:
mvn tomcat7:redeploy

Wednesday, December 12, 2012

MuleSoft - Building the JKS for the HTTPS Services for ESB Standalone

After following this instruction https://docs.mulesoft.com/cloudhub/building-an-https-service to build a sample hello application. We need to replace the JKS file. Follow the instruction below:

1) Generate key with AES256

openssl genrsa -aes256 -out server.key 1024

2) Generate a Certificate Request for CA

openssl req -x509 -sha256 -new -key server.key -out server.csr

Enter pass phrase for server.key: <ENTER_YOUR_PASSWORD_YOU'VE_CREATED on STEP 1>

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [AU]:<ENTER THE COUNTRY 2 LETTER CODE i.e. US>

State or Province Name (full name) [Some-State]:<ENTER YOUR STATE IN FULL i.e. KANSAS>

Locality Name (eg, city) []:<ENTER YOUR CITY i.e. KANSAS CITY>

Organization Name (eg, company) [Internet Widgits Pty Ltd]:<ENTER YOUR COMPANY NAME i.e. MyCompany>

Organizational Unit Name (eg, section) []:<ENTER YOUR DEPARMENT i.e. Research>

Common Name (e.g. server FQDN or YOUR name) []:<ENTER YOUR DOMAIN NAME i.e. www.mywebsite.com or localhost>

Email Address []:<LEAVE IT BLANK just PRESS ENTER>

3) Generate a self signed certificate that will expire for 360 days

openssl x509 -sha256 -days 360 -in server.csr -signkey server.key -out selfsigned.crt

Getting Private key

Enter pass phrase for server.key:<ENTER_YOUR_PASSWORD_YOU'VE CREATED on STEP 1>

4) Create PKCS12 keystore from private key and public certificate

openssl pkcs12 -export -name servercert -in selfsigned.crt -inkey server.key -out keystore.p12

Enter pass phrase for server.key:

Enter Export Password:

Verifying - Enter Export Password:

5) Convert PKCS12 keystone into a JKS Keystore

keytool -importkeystore -destkeystore keystore.jks -srckeystore keystore.p12 -srcstoretype pkcs12 -alias servercert

Enter destination keystore password:

Re-enter new password:

Enter source keystore password:

6) Verify the content of the JKS

keytool -list -v -keystore keystore.jks

Enter keystore password:

Keystore type: JKS

Keystore provider: SUN

Your keystore contains 1 entry

Alias name: servercert

Creation date: Mar 15, 2016

Entry type: PrivateKeyEntry

Certificate chain length: 1

Certificate[1]:

Owner: O=Internet Widgits Pty Ltd, ST=Some-State, C=US

Issuer: O=Internet Widgits Pty Ltd, ST=Some-State, C=US

Serial number: a829076439b2c11f

Valid from: Tue Mar 15 08:31:22 CDT 2016 until: Fri Mar 10 07:31:22 CST 2017

Certificate fingerprints:

MD5: 0B:F0:2C:64:86:50:80:29:3F:41:09:80:9C:F0:FF:CA

SHA1: 8C:26:4A:4B:FA:55:49:B7:4E:FE:33:13:90:AA:6F:15:B7:A3:E6:DE

SHA256: BB:B2:7C:A2:A8:EF:F5:AE:E8:F1:2D:13:15:ED:46:F5:16:21:AF:18:9D:74:A0:AA:BE:2A:D2:55:68:27:68:D5

Signature algorithm name: SHA256withRSA

Version: 3

Extensions:

#1: ObjectId: 2.5.29.35 Criticality=false

AuthorityKeyIdentifier [

KeyIdentifier [

0000: 2B C6 1B 1C 65 24 F4 95 F2 46 E0 1F 07 94 B8 C9 +...e$...F......

0010: F4 25 F0 1C .%..

]

[O=Internet Widgits Pty Ltd, ST=Some-State, C=US]

SerialNumber: [ a8290764 39b2c11f]

]

#2: ObjectId: 2.5.29.19 Criticality=false

BasicConstraints:[

CA:true

PathLen:2147483647

]

#3: ObjectId: 2.5.29.14 Criticality=false

SubjectKeyIdentifier [

KeyIdentifier [

0000: 2B C6 1B 1C 65 24 F4 95 F2 46 E0 1F 07 94 B8 C9 +...e$...F......

0010: F4 25 F0 1C .%..

]

*******************************************

7) Copy the keystore.jks file to MuleSoft Project /<PROJECT>/src/main/resources

8) Run the application and invoke your HTTPS://<IP>:<PORT> using browser

Tuesday, October 30, 2012

Tips and trick

My common unix command while administering a server:

How to find text in a file:
find . -type f -exec grep -i "my string to find" {} \; -print

Find and replace text inside the file using unix
sed -e 's/OLD TEXT/NEW TEXT/' -i myfiles*

Thursday, October 18, 2012

Mule ESB Cluster - MMC - Server Not showing in Server List drop down

I couldn't find this in any of the MMC forum so I tried to solve it and I found a way how to make it work.

The problem was, when you have two ESB server and both server were in a Group Server and under your permission group, you don't want the user to restart the server or view what's inside the server. All you want to do is to allow the user to deploy the application and the user can view the flows and of course, it must be a cluster configuration so I make both server into Cluster using the MMC, unfortunately, after converting it to cluster, the server dropdown list is empty and error in flows like somekind of authority.

I found a workaround for this and it took me a while to solve it. The mule support suggested to check the Server View under Server Group Permission ALL, but this approach, the user will be able to see what's inside the Cluster like Node, JVM, Property, etc and I don't want that the user is allowed to do that because it is so risky especially the ESB has multiple application running.

The mule support create a defect ticket on this to MMC Engineering team.

If you want the solution for this, let me know...

To be continued...

Mulesoft MMC 3.3.1 Could not register server: Could not pair servers (500) with MuleSoft ESB 3.3.1

To fix this error:

For RedHat specific with Virtual IP running and load balancing using Pulse:

Configuration:
Server A - MMC IP : 110.100.100.1
Server B - ESB IP 1: 110.100.101.1

First and foremost, stop your ESB Server in Server B

Note: If you don't use PULSE in Virtual IP, please ignore Step 1 and Step 8.

1. Disable the "PULSE" service in Server B (i.e. sudo service pulse stop;)
2. Open your Server A hosts file (/etc/hosts)
Add the following to your hosts file
110.100.101.1 <your ESB dns name>
3. Open your Server B hosts file (/etc/hosts)
Add the following to your hosts file
110.100.101.1 <your ESB dns name>
4. Go to your Server B and open the wrapper.conf file under your <MULE_HOME>/conf and add the following:
wrapper.java.additional.4=-Dmule.mmc.bind.host=110.100.101.1
Note:
For wrapper.java.additional.4 I choose "4" because that's available
5. Delete the folder ".mule" (i.e. rm <MULE_HOME>/.mule -R)
6. Start your ESB Server B
7. Go to your MMC Web Console and now register it.
8. Start your PULSE service in Server B to enable the Load Balancing again (i.e. sudo service pulse start;)
9. Enjoy...

Wednesday, May 16, 2012

How To Remove Recommended For You pop-up from your browser?

I've been searching for the solution but most of the solution is to run a spyware which I don't like it because it will just slow down my machine and I think in my opinion, I'm just adding new risk for letting a software sniff my transaction.

The solution is pretty simple:
Replace your Windows "hosts" file or reset it.

Anyway, just follow the steps below:

Step 1: Open a command prompt. (If you're using Windows 7, make sure you "Run As Administrator")
Step 2: Backup Hosts File. "copy %systemroot%\system32\drivers\etc\hosts c:\hosts
Step 4: Open the hosts file "notepad %systemroot%\system32\drivers\etc\hosts"
Step 4: Delete all text below ::: localhost
Step 5: You now save the file and exit.

Lesson learned:
Don't install any software that you're not familiar with or not needed. Also, before clicking anything from the browser please Read Before Click.
For reference about "How to Reset Host File" : http://support.microsoft.com/kb/972034

Tuesday, April 17, 2012

How to copy files using robocopy Windows 7? Is it faster than normal copy or drag and drop?

First of all, I was on search for a utility that can copy a large size of directory into my external drive faster. I found some tools but don't want to install untrusted application into my laptop. I found a "ROBOCOPY" command for Windows 7. I played with it and familiarized myself on how to use it in efficient way. To cut the story short, I want to copy a files and don't print a log information into the console because it will take longer if you're copying or moving a file more than 500,000 files.

The command I used was:

robocopy [SOURCE] [TARGET] /e /copyall /np /fp /ndl /nfl /mt:32

Explanation:

[SOURCE] - Replace it with your source folder or file. This will be the location of your source folder.

[TARGET]- Replace it with target folder or file. This will be the location of your folder or file you want to save.

/E       - Include all empty directory

/COPYALL - Retain all the information like file properties, read-write access, date modified, etc.

/MT:[n] - This option can be range 1 - 128. If you don't specify this option, it will default to 8. This is a Multi-Threading option. This is the one that I like the most. It's like you're hiring 32 worker to do the job. The greater the number the faster the copying process or moving process. In my example above, I used 32 because I'm using other application (i.e. Photoshop CS5, IBM RSA, etc) while doing the copy. If you're not doing anything than copying, you can use 128 and the result is more faster than 32 multi-threaded.

Log Option:

/NP      - Don't display percentage copied

/NDL     - Don't display directory

/NFL     - Don't display file names

/FP      - Include full pathname of files in the output

Example command:

robocopy C:\mysrc L:\backup\mysrc /e /copyall /np /fp /ndl /nfl /mt:32

Output:

-------------------------------------------------------------------
   ROBOCOPY     ::     Robust File Copy for Windows
-------------------------------------------------------------------
Started : Tue Apr 17 09:01:21 2012
   Source : C:\mysrc\
     Dest : L:\backup\mysrc\
    Files : *.*
Options : *.* /FP /NDL /NFL /S /E /COPYALL /NP /MT:32 /R:1000000 /W:30
-------------------------------------------------------------------
100%
-------------------------------------------------------------------
               Total    Copied   Skipped Mismatch    FAILED    Extras
    Dirs :       126       125         1         0         0         0
   Files :       753       753         0         0         0         0
   Bytes : 254.38 m 254.38 m         0         0         0         0
   Times :   0:10:36   0:00:19                       0:00:00   0:00:00
   Ended : Tue Apr 17 09:01:41 2012

Note:

You don't need to include /FP option. In my example I purposely included it just to show the difference. The /FP option is useless because I included in a log option to hide any progress information (i.e. /NP /NDL /NFL). Also, make sure that you will run the command prompt as Administrator to avoid some security restriction when copying a file. You can do this by - START - ALL PROGRAMS - ACCESSORIES - then right Click in the Command Prompt and Run As Administrator

Summary:

I will use robocopy from now on to backup my folder/file into an external drive. Based on experience, this is faster than XCOPY in command prompt or Drag and Drop approach in Windows Explorer. I forgot to mention, the SOURCE and TARGET folder can be also a network location. Also, if you want to copy a folder with few files and want to display the percentage of copy just use robocopy C:\myFolderWithFewFiles L:\backup\myFolderWithFewFiles /mt:32 command.

Friday, March 9, 2012

Installing BIRT iServer in Ubuntu 11.10

First and foremost, I choose Ubuntu because it's easy and flexible. I can say that I've been using Ubuntu since it birth. As part of my POC/POT task, I would like to make iServer work in Ubuntu 11.10 server.

The instruction below is something that I've done personally for iServer in Ubuntu 11.10 as of March 9, 2012.

Before installing the iServer. You need to do the following steps:

Install xvfb first

sudo apt-get install xvfb

Install Motif

sudo apt-get install motif-clients

Install ia32

sudo apt-get install ia32-libs

After installing all the required library. I installed a new PostgreSQL because the OOTB (Out of the box) PostgreSQL in iServer installer failed during startup because of some error (i.e.

FATAL:  could not create shared memory segment: Invalid argument

DETAIL: Failed system call was shmget...
)

I don't want to dig more on the error because I'm not an expert of PostgreSQL and also I have limited time to finish things so I installed a new one.

Install your own postgresql

sudo apt-get install postgresql

After installing it, please make sure that you're not blocking the default port of PostgreSQL 5432. Now restart the Ubuntu server.

sudo reboot now

Assuming that you're login to your Ubuntu. Now lets configure the newly created PostgreSql. Please refer to your manual from Actuate website or If you want to do the shortcut jump to Section 101 below.

http://www.birt-exchange.com/be/documentation/Manuals11SP3/installing-iserver-linux-unix.pdf

Go to page 64 or press CTRL + SHIFT + N enter 64 and look for "Creating the system and Encyclopedia volume schemas and iserver user in a pre-existing PostgreSQL database"

Follow the instruction from "Creating the system and Encyclopedia volume schemas and iserver user in a pre-existing PostgreSQL database" until you reach the instruction to execute "GRANT USAGE ON SCHEMA ac_corp TO iserver;" and you're good to go

Section 101: Just copy and paste the command below.

Enter the command in your prompt:

sudo -u postgres psql postgres

Now you're inside the PostgreSQL

postgres=#

CREATE DATABASE iserver WITH OWNER = "postgres" TEMPLATE = template0 ENCODING = 'UTF-8';

REVOKE ALL ON DATABASE iserver FROM PUBLIC;

CREATE ROLE ac_corp_system LOGIN PASSWORD 'password';

GRANT CONNECT ON DATABASE iserver TO ac_corp_system;

CREATE ROLE ac_corp LOGIN PASSWORD 'password';

GRANT CONNECT ON DATABASE iserver TO ac_corp;

CREATE ROLE iserver LOGIN PASSWORD 'password';

GRANT CONNECT ON DATABASE iserver TO iserver;

CREATE SCHEMA ac_corp_system AUTHORIZATION ac_corp_system;

GRANT USAGE ON SCHEMA ac_corp_system TO iserver;

CREATE SCHEMA ac_corp AUTHORIZATION ac_corp;
GRANT USAGE ON SCHEMA ac_corp TO iserver;
\q

Now you're ready to install the iServer. Go to your installer folder then enter the command below:

sh ./iserver.sh

Note: Don't use the default OOTB PostgreSQL. Use the one that you just setup.

Default port of PostgreSQL is 5432.

If you're done installing everything, you may now access the Configuration console, Management Console and Information Console. Before doing that, make sure you don't block the port that you define for your HTTP, PMD and iServer Listener

If it is block issue the following command:

sudo iptables -A INPUT -p tcp --dport  -j ACCEPT

sudo iptables -A INPUT -p tcp --dport  -j ACCEPT

sudo iptables -A INPUT -p tcp --dport  -j ACCEPT

sudo iptables -A INPUT -p tcp --dport  -j ACCEPT

i.e.

cmd#: sudo iptables -A INPUT -p tcp --dport 5432 -j ACCEPT

cmd#: sudo iptables -A INPUT -p tcp --dport 8000 -j ACCEPT

cmd#: sudo iptables -A INPUT -p tcp --dport 8100 -j ACCEPT

cmd#: sudo iptables -A INPUT -p tcp --dport 8900 -j ACCEPT

Reboot your server
cmd#: sudo reboot

After rebooting start your iserver then check if your 8900 listen.
Go to your installed iServer application

cmd#: cd
cmd#: cd bin
cmd#: sh ./start_srvr.sh

Now lets check if port 8900 is active/open

cmd#: netstat -a | grep 89

If it's active, you can now check or browse the URL.

URL for Configuration Console
http://:/acadmin/config
i.e. http://10.10.10.10:8900/acadmin/config
Enter your password because the Username is default to Administrator

URL for Information Console
http://:/iportal
i.e. http://10.10.10.10:8900/iportal
Enter username as "Administrator" and leave the password blank

URL for Management Console

http://:/iportal
i.e. http://10.10.10.10:8900/acadmin
Enter username as "Administrator" and leave the password blank

Good luck...

Arche @ Interface101