Menu

โ„น️ What is JBoss? What is JBoss Domain Management ? ๐Ÿ› ️ Install JBOSS-EAP 6.4 ๐Ÿ“œ Start & Stop JBOSS script. ๐Ÿš€ Application Deployment Methods - 1. ๐Ÿš€ Application Deployment Methods - 2. ๐Ÿš€ Application Deployment Methods - 3. ⚙️ Multiple Instance of JBoss EAP. ๐Ÿ” SSL on JBOSS EAP. ๐Ÿงฐ WINDOWS service for JBOSS EAP. ๐Ÿ› ️ JBoss EAP 7 - DOMAIN Installation. ๐Ÿš€ DOMAIN DEPLOYMENT - GUI MODE. ๐Ÿ” SSL on JBOSS 7.1 Admin console & Application. ๐ŸŒ Apache mod_jk HTTP Connector - JBOSS AS 7.1 ๐ŸŒ Apache Configure mod_proxy as load balancer (LB)- JBoss 7.1 ๐Ÿงฏ Issue SocketTimeoutException ๐Ÿงฐ JBoss-Remote JMX Connection (jvisualvm) ๐ŸŒ Apache Mod Cluster as load balancer (LB) - JBoss 6.4 ๐Ÿงฏ Out of space in CodeCache ๐Ÿงฏ java.sql.SQLRecoverableException: Closed Connection ๐Ÿงฏ sun.security.provider.certpath.SunCertPathBuilderException ๐Ÿ“ˆ JBOSS EAP 6 TO 7 Migration ๐Ÿ” Host Header injection on JBOSS EAP 7.2 ๐Ÿ” Encrypting Datasource Passwords using Vault in JBOSS
โ„น️ Some useful links of IBM. ๐Ÿ› ️ WAS Installation using command line. ๐Ÿ› ️ Installing Suppliments (IHS/Plugins/WCT) command line. ๐Ÿ› ️ Uninstalling Suppliments (IHS/Plugins/WCT) command line. ๐Ÿ“ˆ Installing fix-pack using command line. โ„น️ Profiles in WebSphere® Application Server ND. ๐Ÿ“œ WebSphere Profiles list & Basics Commands ๐Ÿ› ️ Commands for Custom / Application server / Dmgr Profiles ๐Ÿ› ️ Creating WAS-ND Cluster using GUI MODE. ๐Ÿš€ Application Deployment on WAS-ND - Cluster Env. ๐Ÿ“œ Analyze - JVM logs. ๐Ÿงฐ What is MustGather script ? ๐Ÿงฏ PsList to troubleshoot high CPU usage in Windows ๐Ÿ› ️ WebSphere App Server - Updating ports in existing profiles ๐Ÿ› ️ Installation Manager (IM) on non-default location ๐Ÿ› ️ Websphere Base or ND Installation using Command ๐Ÿ“ˆ Install or Update FIXPACK on WebSphere 8.5.+ ๐Ÿ› ️ Install SDK 8.0 on Websphere 8.5.5.9+ using Command method. ๐Ÿ› ️ How to Create a Clone of any profiles on WAS. ๐Ÿ› ️ Installation Manager (IM) on non-Administrator user. ๐Ÿ› ️ WebSphere Application Server 7.0.0.X & FIXPACK install / Update on the non-default location. ๐Ÿ“ˆ WebSphere ND Migration 7.0 to 8.0 / 9.0 ๐Ÿ› ️ IBM WebSphere 9.0.0.0 and IHS (IBM HTTP SERVR) Installation with Fixapck using Command Line (non-root) user
๐Ÿ› ️ Configure IHS (IBM HTTP Server) with WAS 8.5.X.X. ๐Ÿ› ️ Multiple IHS in front of WAS (On Single Install). ๐Ÿ“Š Monitor IBM HTTP Server connections. ๐Ÿ” Self-signed Cert using ikeyman tool. ๐Ÿ” Self-Signed Cert using command line. ๐Ÿ” Decrypt Stash File.
๐ŸŒ Apache HTTP Server โ„น️ HTTP STATUS CODES ๐Ÿ“œ Apache Rewrite Rules ๐Ÿ› ️ How to configure Apache MPM. ๐Ÿ› ️ Install Apache HTTP Server 2.4.27 ver. on LINUX ๐Ÿ› ️ Apache Tomcat - 9.0.0.M21 Installation on WIN ๐ŸŒ Apache mod_jk HTTP Connector - JBOSS AS 7.1 ๐ŸŒ Apache Configure mod_proxy as load balancer (LB)- JBoss 7.1 ๐Ÿงฏ Apache error : Server ran out of threads to serve requests (Windows) ๐ŸŒ Apache Mod Cluster as load balancer (LB) - JBoss 6.4 ๐ŸŒ Redirect traffic during maintenance ๐Ÿงฏ httpd (Apache) Error: systemd-tty-ask-password-agent tool! ๐Ÿ” SSL certificate supports Weak Ciphers ๐Ÿ” How to install opensource mod_security on Apache 2.4 ๐Ÿ“ˆ How to upgrade opensource apache from 2.4.39 to 2.4.46 (Minor Version Upgrade). ๐Ÿ› ️ What is Nginx & How to install on RHEL ๐Ÿ› ️ Install Nginx plus on RHEL 7.4 / UNIX ๐Ÿ“Š Monitor Apache httpd process/thread status ๐Ÿ“Š Monitor Apache httpd ModJK status ๐Ÿ“Š Monitor Apache httpd Proxy balancer-manager status ๐Ÿ“Š Monitoring of JBoss servers through Nagios.
๐Ÿ›ก️ Tomcat ghostcat vulnerability (JBoss /Tomcat) ๐Ÿ›ก️ SSL certificate supports Weak Ciphers/Encoding (3DES) (Apache 2.4) ๐Ÿ›ก️ SSL Medium Strength Cipher Suites Supported (SWEET32) [Tomcat Server] ๐Ÿ›ก️ ETag vulnerability & X-Powered-By : jsp/2.2 ๐Ÿ›ก️ Missing Security Header(x-xss-protection) & Clickjacking ๐Ÿ›ก️ Disable HTTP TRACE / TRACK / OPTIONS/DELETE Method. ๐Ÿ›ก️ Information disclosure through server response headers Apache-Coyote & X-Powered-By (JBoss) ๐Ÿ›ก️ Local File Inclusion Vulnerabilities OR Directory traversal attack ๐Ÿ›ก️ HTTP Host Header Injection (Apache 2.4) ๐Ÿ›ก️ Restrict application Accessible by IP Address & HTTP Host Header Injection (Apache 2.4) ๐Ÿ›ก️ Disable/Remove Server: Apache header info version (Apache2.4) ๐Ÿ” TLS1.2 Protocol enable for IBM WebSphere with SSL Handshake Debug
๐ŸŒฉ️ How I Cleared My AZ-900 Microsoft Azure Fundamentals Exam ๐ŸŒ๐Ÿงฑ Enterprise Network Architecture — Akamai, DNS, WAF, DMZ, SSL & Firewall Flow Explained for Middleware & DevOps Engineers ๐ŸŒฉ️ AZ-104 Microsoft Azure Administrator ๐ŸŒฉ️ Azure Session 1 – Cloud Computing Basics
⚙️ DevOps vs DevSecOps Explained:Learning Path for Beginners ๐Ÿ’ป Top 100+ Linux Commands for Middleware & DevOps Engineers ๐Ÿง Linux Shell Scripting for Beginners – Complete Tutorial Series ๐Ÿ” Preparing WinRM on Windows Server over HTTPS for Automation (5986) ๐Ÿ” WAS Service Restart Using WinRM over HTTPS (5986) on Azure DevOps
☕ how-to-manually-install-new-java-path ☕ SunCertPathBuilderException ☕ out of space in CodeCache for adapters ☕ What is GC , Heap Memory & Metaspace ? ☕ Types of GC , analyze GC logging and REDHAT JVM Tool. ๐Ÿงช How to make datasource test-connection to Oracle / PostgreSql / MSSQL DB Instance.. ๐Ÿงช How to make datasource test-connection to MSSQL DB Instance ๐Ÿงช How to make datasource test-connection to Postgresql DB Instance ๐Ÿงช How to make datasource test-connection to Oracle DB Instance ๐Ÿงช How to Check DB latency using Datasource Test-Connection ☕ Install a new java path to the alternatives ๐Ÿงฐ Xmanager and Set Display. ๐Ÿ› ️ Install LAMP on SUSE Linux with example
๐Ÿ” Openssl Commands for Wildcard & SAN certificates. ๐Ÿ” What is SSL, What is One-Way SSL & Two-Way SSL? ๐Ÿ” Openssl Self-Signed SAN's certificate ๐Ÿ” SSL certificate supports Weak Ciphers ๐Ÿ” Some SSL issues (Client TLS1.2 , Truststore & SSL debug) with Solutions ๐Ÿ” TLS / SSL Certificate Lifetimes Reduced to 47 Days. ๐Ÿ” SSL Certificate Renewal on Akamai WAF and Its Impact on Applications. ✨ Worked on VMC SSL Today – A Simple Explanation for Everyone ๐Ÿ“ŒWebSphere Outbound SSL & SNI – Troubleshooting Guide
☁️ IBM Bluemix - Free 30 Days‎ ☁️ Create a IBM Bluemix Account ☁️ IBM WebSphere® Application Server on IBM Bluemix Cloud.
Showing posts with label Websphere. Show all posts
Showing posts with label Websphere. Show all posts

3 Apr 2026

๐Ÿ” WAS Service Restart Using WinRM over HTTPS (5986) on Azure DevOps

WAS Service Restart Using WinRM over HTTPS (5986) on Azure DevOps

This section explains the prerequisites, end‑to‑end pipeline flow, and a real‑world production use case for restarting Windows services securely using Azure DevOps and WinRM over HTTPS (5986).

๐Ÿ“š Table of Contents

๐Ÿ“Œ Prerequisites

๐Ÿ”ท Azure DevOps

  • Azure DevOps project and pipeline created
  • Manual trigger enabled for UAT / PROD
  • Pipeline parameters (START / STOP / RESTART)
  • Secrets stored in Variable Groups

๐ŸชŸ Windows DevOps Agent

  • Self‑hosted Windows agent installed
  • Agent pool access configured
  • Outbound connectivity to target servers
  • PowerShellOnTargetMachines available

๐Ÿ–ฅ️ Target Windows Server

  • WinRM enabled and running , Refrence link ( Secure WinRM Configuration Guide )
  • WinRM configured over HTTPS (5986)
  • CA SSL certificate installed
  • 5986 allowed in Firewall / NSG
  • Service credentials available

⬆️ Back to Top

๐Ÿ”„ Pipeline Flow: Service Restart Using WinRM over Secure Port (5986)

┌──────────────────────────────────────────────┐
│           Azure DevOps Pipeline              │
│          (Manual Trigger)                    │
└──────────────────────────────────────────────┘
                    │
                    ▼
┌──────────────────────────────────────────────┐
│      Parameter Selection (OPERATION)         │
│  ─ START_WAS                                 │
│  ─ STOP_WAS                                  │
│  ─ RESTART_WAS                               │
└──────────────────────────────────────────────┘
                    │
                    ▼
┌──────────────────────────────────────────────┐
│   Azure DevOps Windows Agent                 │
│   Pool: AppOps-Win-AgentPool                 │
│   Secrets: WinRM-Secrets (secure)            │
└──────────────────────────────────────────────┘
                    │
                    ▼
┌──────────────────────────────────────────────┐
│      Secure WinRM Session Initiated          │
│  ─ Protocol   : HTTPS                        │
│  ─ Port       : 5986                         │
│  ─ Auth       : Negotiate                    │
│  ─ SSL Cert   : CA Enterprise Certificate    │
└──────────────────────────────────────────────┘
                    │
                    ▼
┌──────────────────────────────────────────────┐
│        Target Windows Server                 │
│        WebSphere Application Server          │
└──────────────────────────────────────────────┘
                    │
                    ▼
┌──────────────────────────────────────────────┐
│   PowerShellOnTargetMachines@                │
│   Remote Session via WinRM                   │
└──────────────────────────────────────────────┘
                    │
                    ▼
┌──────────────────────────────────────────────┐
│        Operation Execution Logic             │
└──────────────────────────────────────────────┘
        │                 │                 │
        ▼                 ▼                 ▼
┌───────────────┐ ┌────────────────┐ ┌──────────────────────┐
│  START_WAS    │ │   STOP_WAS     │ │    RESTART_WAS       │
│ Start Service │ │ Stop Service   │ │ Stop → Cleanup       │
│ Validate Run  │ │ Validate Stop  │ │ Start → Validate     │
└───────────────┘ └────────────────┘ └──────────────────────┘
                    │
                    ▼
┌──────────────────────────────────────────────┐
│   Logs Printed to Azure DevOps Console       │
│  ─ Pre/Post Service Status                   │
│  ─ Cleanup Verification                      │
│  ─ Immediate Failure on Error                │
└──────────────────────────────────────────────┘
                    │
                    ▼
┌──────────────────────────────────────────────┐
│            Pipeline Result                   │
│   SUCCESS → Safe Completion                  │
│   FAILURE → Clear Error Output               │
└──────────────────────────────────────────────┘

⬆️ Back to Top

WAS Service Restart Using WinRM over HTTPS (5986) on Azure DevOps

๐Ÿ“Œ Code Example Pipeline (Azure DevOps YAML)

Below is a working Azure DevOps YAML pipeline example to START / STOP / RESTART an IBM WebSphere (WAS) Windows service using WinRM over HTTPS (5986). Secrets are stored securely in a Variable Group. 

# ============================================================
# PIPELINE: WinRM (HTTPS 5986) – START / STOP / RESTART WAS Service
# TARGET  : 172.23.XX.XX
# SERVICE : IBMWAS85Service - AppNode1
# AGENT   : AppOps-Win-AgentPool
# SECRETS : Variable Group "WinRM-Secrets" (expects remotePassword)
# ============================================================

# Manual run only (no CI trigger)
trigger: none

# Azure DevOps agent pool (Windows agent recommended for this task)
pool:
  name: AppOps-Win-AgentPool

# Runtime choice: which action to perform
parameters:
  - name: OPERATION
    displayName: "Select RESTART-APPNODE1 operation"
    type: string
    default: RESTART_WAS
    values:
      - START_WAS
      - STOP_WAS
      - RESTART_WAS

# Variables + Secret Variable Group
variables:
  # Secret variable group should contain:
  # - remotePassword (secret)
  - group: WinRM-Secrets

  # Target server (WinRM endpoint)
  - name: remoteHost
    value: "172.23.XX.XX"

  # WinRM HTTPS port
  - name: httpsPort
    value: "5986"

  # WAS Windows Service name (must match service name on target)
  - name: wasServiceName
    value: "IBMWAS85Service - AppNode1"

  # PSSession options (relaxed cert validation for internal IP use cases)
  # NOTE: For PROD hardening, remove Skip* flags and use proper cert CN/SAN.
  - name: pssOptions
    value: "-SkipCNCheck -SkipCACheck -SkipRevocationCheck -IdleTimeout 7200000 -OperationTimeout 0 -OutputBufferingMode Block"

steps:
  # ============================================================
  # START WAS
  # ============================================================
  # Runs ONLY when OPERATION = START_WAS
  - ${{ if eq(parameters.OPERATION, 'START_WAS') }}:
      - task: PowerShellOnTargetMachines@3
        displayName: "WAS START (Windows Service)"
        inputs:
          # Remote host + WinRM port
          Machines: "$(remoteHost):$(httpsPort)"

          # Local admin user on target (change to domain user if needed)
          UserName: ".\\username"

          # Password from secret variable group (WinRM-Secrets)
          UserPassword: "$(remotePassword)"

          # WinRM protocol
          CommunicationProtocol: "Https"

          # Default authentication (Negotiate)
          AuthenticationMechanism: "Default"

          # Session options passed to New-PSSessionOption on agent side
          NewPsSessionOptionArguments: "$(pssOptions)"

          # Fail fast on any error
          ErrorActionPreference: "Stop"
          FailOnScriptError: true

          # Single target execution
          RunPowershellInParallel: false

          # Inline PowerShell executed on target
          ScriptType: "Inline"
          InlineScript: |
            # Stop immediately if any command fails
            $ErrorActionPreference = 'Stop'

            # Service name from pipeline variable
            $service = '$(wasServiceName)'

            Write-Host "============================================================"
            Write-Host "ACTION  : START_WAS"
            Write-Host "SERVICE : $service"
            Write-Host "HOST    : $env:COMPUTERNAME"
            Write-Host "USER    : $(whoami)"
            Write-Host "============================================================"

            Write-Host "Starting service: $service"
            Start-Service -Name $service
            Start-Sleep -Seconds 5

            $status = (Get-Service -Name $service).Status
            Write-Host "Current service status: $status"

            if ($status -ne 'Running') {
              throw "WAS service failed to start"
            }

            Write-Host "RESULT: WAS service is RUNNING"

  # ============================================================
  # STOP WAS
  # ============================================================
  # Runs ONLY when OPERATION = STOP_WAS
  - ${{ if eq(parameters.OPERATION, 'STOP_WAS') }}:
      - task: PowerShellOnTargetMachines@3
        displayName: "WAS STOP (Service + Cleanup)"
        inputs:
          Machines: "$(remoteHost):$(httpsPort)"
          UserName: ".\\username"
          UserPassword: "$(remotePassword)"
          CommunicationProtocol: "Https"
          AuthenticationMechanism: "Default"
          NewPsSessionOptionArguments: "$(pssOptions)"
          ErrorActionPreference: "Stop"
          RunPowershellInParallel: false
          FailOnScriptError: true
          ScriptType: "Inline"
          InlineScript: |
            $ErrorActionPreference = 'Stop'

            $service     = '$(wasServiceName)'
            $profilePath = 'D:\IBM\WebSphere\AppServer\profiles\AppSrv02'
            $wstempPath  = Join-Path $profilePath 'wstemp'
            $tempPath    = Join-Path $profilePath 'temp'

            Write-Host "============================================================"
            Write-Host "ACTION  : STOP_WAS"
            Write-Host "SERVICE : $service"
            Write-Host "PROFILE : $profilePath"
            Write-Host "HOST    : $env:COMPUTERNAME"
            Write-Host "============================================================"

            Write-Host "Stopping service: $service"
            Stop-Service -Name $service -Force
            Start-Sleep -Seconds 5

            $status = (Get-Service -Name $service).Status
            Write-Host "Current service status: $status"

            if ($status -ne 'Stopped') {
              throw "WAS service failed to stop"
            }

            # Timestamped rename = safe backup (NO deletion)
            $timestamp = Get-Date -Format "yyyyMMdd_HHmmss"

            if (Test-Path $wstempPath) {
              Write-Host "Renaming wstemp -> wstemp_$timestamp"
              Rename-Item $wstempPath "wstemp_$timestamp" -Force
            } else {
              Write-Host "INFO: wstemp not found: $wstempPath"
            }

            if (Test-Path $tempPath) {
              Write-Host "Renaming temp   -> temp_$timestamp"
              Rename-Item $tempPath "temp_$timestamp" -Force
            } else {
              Write-Host "INFO: temp not found: $tempPath"
            }

            # Cleanup scripts (standard WAS maintenance)
            Write-Host "Running: clearClassCache.bat"
            & "$profilePath\bin\clearClassCache.bat"

            Write-Host "Running: osgiCfgInit.bat"
            & "$profilePath\bin\osgiCfgInit.bat"

            Write-Host "RESULT: STOP completed successfully (service stopped + cleanup done)"

  # ============================================================
  # RESTART WAS
  # ============================================================
  # Runs ONLY when OPERATION = RESTART_WAS
  - ${{ if eq(parameters.OPERATION, 'RESTART_WAS') }}:
      - task: PowerShellOnTargetMachines@3
        displayName: "WAS RESTART (Stop + Cleanup + Start)"
        inputs:
          Machines: "$(remoteHost):$(httpsPort)"
          UserName: ".\\username"
          UserPassword: "$(remotePassword)"
          CommunicationProtocol: "Https"
          AuthenticationMechanism: "Default"
          NewPsSessionOptionArguments: "$(pssOptions)"
          ErrorActionPreference: "Stop"
          RunPowershellInParallel: false
          FailOnScriptError: true
          ScriptType: "Inline"
          InlineScript: |
            $ErrorActionPreference = 'Stop'

            $service     = '$(wasServiceName)'
            $profilePath = 'D:\IBM\WebSphere\AppServer\profiles\AppSrv02'
            $wstempPath  = Join-Path $profilePath 'wstemp'
            $tempPath    = Join-Path $profilePath 'temp'

            Write-Host "============================================================"
            Write-Host "ACTION  : RESTART_WAS"
            Write-Host "SERVICE : $service"
            Write-Host "PROFILE : $profilePath"
            Write-Host "HOST    : $env:COMPUTERNAME"
            Write-Host "============================================================"

            # -------- 1) STOP --------
            Write-Host "Stopping service: $service"
            Stop-Service -Name $service -Force
            Start-Sleep -Seconds 5

            $status = (Get-Service -Name $service).Status
            Write-Host "Status after STOP: $status"

            if ($status -ne 'Stopped') {
              throw "WAS service failed to stop"
            }

            # -------- 2) CLEANUP (NO delete, only rename) --------
            $timestamp = Get-Date -Format "yyyyMMdd_HHmmss"

            if (Test-Path $wstempPath) {
              Write-Host "Renaming wstemp -> wstemp_$timestamp"
              Rename-Item $wstempPath "wstemp_$timestamp" -Force
            } else {
              Write-Host "INFO: wstemp not found: $wstempPath"
            }

            if (Test-Path $tempPath) {
              Write-Host "Renaming temp   -> temp_$timestamp"
              Rename-Item $tempPath "temp_$timestamp" -Force
            } else {
              Write-Host "INFO: temp not found: $tempPath"
            }

            Write-Host "Running: clearClassCache.bat"
            & "$profilePath\bin\clearClassCache.bat"

            Write-Host "Running: osgiCfgInit.bat"
            & "$profilePath\bin\osgiCfgInit.bat"

            # -------- 3) START --------
            Write-Host "Starting service: $service"
            Start-Service -Name $service
            Start-Sleep -Seconds 8

            $status = (Get-Service -Name $service).Status
            Write-Host "Status after START: $status"

            if ($status -ne 'Running') {
              throw "WAS service failed to restart"
            }

            Write-Host "RESULT: WAS restarted successfully"

✅ Notes

  • Manual run only: trigger: none
  • Secure channel: WinRM over HTTPS 5986
  • Safe cleanup: No delete, only rename (timestamped)
  • Audit logs: printed directly to Azure DevOps console
Posted by: No comments:
Tags: , , , , , , ,

6 Nov 2025

๐Ÿ“ŒWebSphere Outbound SSL & SNI – Troubleshooting Guide

  • ERROR : javax.net.ssl.SSLHandshakeException: No name matching found.
  • This guide helps you diagnose and fix WebSphere outbound HTTPS failures when the target requires SNI.
  • You'll get exact OpenSSL checks, JVM flags, and a support matrix.

WebSphere Outbound SSL & SNI – Troubleshooting Guide

๐Ÿ“‘ Table of Contents

๐Ÿ”Ž What is SNI?

  • Server Name Indication (SNI) is a TLS extension
  • Client includes the target hostname in the ClientHello message
  • Allows servers to present the correct certificate when multiple virtual hosts share the same IP address
Without SNI you often receive a default certificate → CN/SAN mismatch → hostname validation fails even if the trust chain is fine.

๐ŸŽฏ Why SNI matters in WebSphere

  • Outbound calls from WebSphere to cloud APIs, SaaS, and WAF/CDN fronted apps often terminate on shared VIPs
  • Older or non-default Java settings may not send SNI (Server Name Indication).
  • Without SNI, the remote server sends a default certificate.
  • Your client fails with hostname mismatch error.

๐Ÿšจ Common error patterns

javax.net.ssl.SSLHandshakeException: No name matching <api.company.com> found
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
PKIX path building failed: unable to find valid certification path to requested target
CWPKI0022E: SSL HANDSHAKE FAILURE
GSK_ERROR_BAD_CERT

๐Ÿงช Confirming an SNI issue (OpenSSL)

Compare results with and without SNI from the WebSphere host:

# Baseline ( May still send SNI implicitly)
openssl s_client -connect api.company.com:443 -showcerts


# Force SNI (ClientHello includes hostname)
openssl s_client -connect api.company.com:443 -servername api.company.com -showcerts
๐Ÿ’ฌ Interpretation
If CN/SAN only matches when -servername is used, the endpoint requires SNI and your client must send it.

⚙️ How to enable SNI in WebSphere

Add this JVM system property to the server's Generic JVM Arguments:

-Djsse.enableSNIExtension=true

Console path: Servers → Server Types → WebSphere application servers → <server> → Java and Process Management → Process Definition → Java Virtual Machine → Generic JVM Arguments

Save, synchronize nodes, restart the JVM.

Optional: align TLS baseline

-Dhttps.protocols=TLSv1.2

๐Ÿงญ Best practices checklist

  • Verify CN/SAN with openssl s_client -servername before go-live or on UAT
  • Standardize JVM args across environments; document SNI-dependent endpoints.
  • Keep Java 8+; enforce TLS1.2+ to match common provider baselines.

❓ FAQ

Question Answer
What is SNI and why does it matter? SNI makes the server present the right certificate on shared IPs. Without it, you'll likely hit hostname mismatch in WebSphere even if trust is correct.
How do I enable SNI? Add -Djsse.enableSNIExtension=true to Generic JVM Arguments, then save, sync, and restart.
Which versions support SNI? WAS 8.5.5.x (Java 8) and WAS 9.x (Java 8/11) support SNI; WAS 7.x doesn't; WAS 8.0.x is partial/inconsistent.
How do I confirm an SNI issue? Compare openssl s_client with/without -servername. If only the SNI run shows the correct CN/SAN, you need SNI.
Posted by: No comments:
Tags: , , , , , , , ,

2 Nov 2025

๐Ÿง Linux Shell Scripting for Beginners – Complete Tutorial Series.

  • A 13-part practical shell scripting course for DevOps and Middleware Engineers.

๐Ÿ’ก How This Tutorial Series Will Help You

  • ✔ Build a strong foundation in Linux Shell scripting — from basics to automation.
  • ✔ Automate daily Middleware and DevOps tasks: monitoring, backups, and log management.
  • ✔ Write scripts for Middleware platforms like Tomcat, Jenkins, and WebSphere.
  • ✔ Debug, schedule, and manage production-ready shell scripts confidently.
  • ✔ Perfect for Sysadmins, Middleware, and DevOps Engineers upgrading to Cloud roles.

๐Ÿ“š Complete Course Index

๐Ÿš Part 1: What is a Variable?
Learn how variables store data and simplify automation scripts. Foundation of all shell logic.
๐Ÿ“ฅ Part 2: Reading User Input in Shell
Make interactive scripts using read command with Jenkins and Tomcat examples.
๐Ÿงฉ Part 3: Conditional Statements (if, elif, else)
Use decision-making in your scripts with examples checking files, services, and network health.
๐Ÿ” Part 4: Loops in Shell (for, while, until)
Automate repetitive DevOps tasks like log cleanup, backups, and status monitoring.
⚙️ Part 5: Functions in Shell (Reusable Scripts)
Write modular, reusable functions — restart Tomcat or back up Jenkins in one click.
๐Ÿ“ฆ Part 6: Arrays & Arguments
Store multiple values, manage user inputs, and process server lists in scripts.
๐Ÿ“ Part 7: File Handling in Shell
Learn how to read, write, append, and handle configuration or log files safely.
๐Ÿ’ก Part 8: Debugging & Logging
Find and fix script errors, use logs, and enable debug mode for safe execution.
๐Ÿ•’ Part 9: Scheduling & Automation
Use cron and @reboot jobs to run scripts automatically for health checks or backups.
๐ŸŽฏ Part 10: Middleware Health Monitoring Project
Create a production-ready monitoring script for Tomcat, Jenkins, and NGINX with auto-restart.
๐Ÿงพ Part 11: Log Management & Rotation
Automate log rotation with logrotate and custom retention scripts for Middleware systems.
๐Ÿ’พ Part 12: Backup & Restore Automation Project
Perform automated backup and restore for Jenkins, Tomcat, and WebSphere with rollback support.
⚙️ Part 13: Subshells, Process Control & Parallel Execution
Run multiple jobs in parallel, monitor background processes, and speed up automation workflows.

๐Ÿš€ Why MiddlewareBox Shell Scripting Series?

  • ✅ Step-by-step, beginner-friendly explanations.
  • ✅ Each topic includes real DevOps & Middleware context.
  • ✅ Examples with Output and Error handling.
  • ✅ Simple language for better understanding.

✨ Start Learning Now → Part 1: What is a Variable?
& build your own scripts from scratch! ๐Ÿ’ช

Posted by: No comments:
Tags: , , , , , , , , , , , , ,

๐Ÿ’พ Shell Scripting for Beginners – Part 12: Backup & Restore Automation Project (DevOps & Middleware Edition)

  • Here we'll automate backup and restore tasks for real middleware & DevOps systems like Jenkins, Tomcat, WebSphere, MySQL, Docker, and Apache.
  • Each example includes a working restore script and troubleshooting tips. ⚙️

๐Ÿ“‘ Table of Contents

1️⃣ Jenkins Backup & Restore

#!/bin/bash
JENKINS_HOME="/var/lib/jenkins"
BACKUP_DIR="/opt/backups/jenkins"
mkdir -p $BACKUP_DIR
tar -czf $BACKUP_DIR/jenkins_$(date +%F_%H-%M).tar.gz -C $JENKINS_HOME .
echo "✅ Jenkins backup created in $BACKUP_DIR"

♻️ Restore Jenkins

#!/bin/bash
BACKUP_FILE="/opt/backups/jenkins/jenkins_2025-11-02_02-10.tar.gz"
service jenkins stop
tar -xzf "$BACKUP_FILE" -C /var/lib/jenkins
chown -R jenkins:jenkins /var/lib/jenkins
service jenkins start
echo "♻️ Jenkins restored successfully."

2️⃣ Tomcat Backup & Restore

#!/bin/bash
TOMCAT_HOME="/opt/tomcat"
BACKUP_DIR="/opt/backups/tomcat"
mkdir -p $BACKUP_DIR
tar -czf $BACKUP_DIR/tomcat_$(date +%F).tar.gz $TOMCAT_HOME/webapps $TOMCAT_HOME/conf
echo "๐Ÿ“ฆ Tomcat backup completed."

♻️ Restore Tomcat

#!/bin/bash
BACKUP_FILE="/opt/backups/tomcat/tomcat_2025-11-02.tar.gz"
service tomcat stop
tar -xzf "$BACKUP_FILE" -C /
service tomcat start
echo "♻️ Tomcat restored and restarted."

3️⃣ WebSphere Backup & Restore

#!/bin/bash
WAS_PROFILE="/opt/IBM/WebSphere/AppServer/profiles/AppSrv01"
BACKUP_DIR="/opt/backups/websphere"
mkdir -p $BACKUP_DIR
tar -czf $BACKUP_DIR/was_$(date +%F_%H-%M).tar.gz -C $WAS_PROFILE .
echo "๐Ÿ“ WebSphere configuration backup done."

♻️ Restore WebSphere

#!/bin/bash
BACKUP_FILE="/opt/backups/websphere/was_2025-11-02_03-00.tar.gz"
service was stop
tar -xzf "$BACKUP_FILE" -C /opt/IBM/WebSphere/AppServer/profiles/AppSrv01
service was start
echo "♻️ WebSphere restored successfully."

4️⃣ MySQL Database Backup & Restore

#!/bin/bash
DB="middlewaredb"
USER="root"
PASS="Secret123"
BACKUP_DIR="/opt/backups/mysql"
mkdir -p $BACKUP_DIR
mysqldump -u $USER -p$PASS $DB > $BACKUP_DIR/${DB}_$(date +%F).sql
gzip $BACKUP_DIR/${DB}_$(date +%F).sql
echo "๐Ÿ—„️ MySQL backup completed."

♻️ Restore MySQL

#!/bin/bash
BACKUP_FILE="/opt/backups/mysql/middlewaredb_2025-11-02.sql.gz"
gunzip "$BACKUP_FILE"
mysql -u root -pSecret123 middlewaredb < /opt/backups/mysql/middlewaredb_2025-11-02.sql
echo "✅ Database restored successfully."

5️⃣ Docker Containers Backup & Restore

#!/bin/bash
BACKUP_DIR="/opt/backups/docker"
mkdir -p $BACKUP_DIR
for cid in $(docker ps -q); do
  cname=$(docker inspect --format='{{.Name}}' $cid | cut -d'/' -f2)
  docker export $cid > $BACKUP_DIR/${cname}_$(date +%F).tar
done
echo "๐Ÿณ Docker containers exported successfully."

♻️ Restore Docker Container

#!/bin/bash
BACKUP_FILE="/opt/backups/docker/myapp_2025-11-02.tar"
docker import "$BACKUP_FILE" myapp_restored:latest
docker run -d --name myapp_restored myapp_restored:latest
echo "♻️ Docker container restored and running."

6️⃣ Apache Webserver Backup & Restore

#!/bin/bash
BACKUP_DIR="/opt/backups/apache"
mkdir -p $BACKUP_DIR
tar -czf $BACKUP_DIR/apache_$(date +%F).tar.gz /etc/apache2 /var/www/html /etc/ssl
echo "๐ŸŒ Apache configuration, website, and SSL backed up."

♻️ Restore Apache

#!/bin/bash
BACKUP_FILE="/opt/backups/apache/apache_2025-11-02.tar.gz"
tar -xzf "$BACKUP_FILE" -C /
service apache2 restart
echo "✅ Apache restored and running."

7️⃣ Automating Backups

Schedule automatic backups using cron so your systems stay protected 24×7.

# Run daily at 2 AM
0 2 * * * /opt/scripts/backup_all.sh >> /var/log/backup_all.log 2>&1

# Run on every reboot
@reboot /opt/scripts/backup_all.sh >> /var/log/backup_boot.log 2>&1
๐Ÿ’ฌ Output:
[CRON] Scheduled backup started…
✅ Jenkins, Tomcat, WebSphere, MySQL, Docker, Apache backed up successfully.

๐Ÿง  Pro Tips & Troubleshooting

✅ General Best Practices

  • Use a dedicated /opt/backups partition or NFS mount to avoid filling system drives.
  • Compress large backups with gzip or zstd [Developed by Meta] for better space efficiency.
  • Store daily, weekly, and monthly copies separately (retention policy).
  • Automate restores in a test environment weekly to ensure recovery works.

⚙️ Troubleshooting Common Issues

  • Permission Denied: Run backups as sudo or fix ownership using chown.
  • ๐Ÿ“ฆ Disk Full: Use df -h to check space before backup. Add cleanup logic for old files.
  • ๐Ÿงพ Log Rotation: Add logrotate entry to keep backup logs small and readable.

๐Ÿ Summary

  • ✅ Full backup & restore automation for all major middleware and DevOps tools.
  • ๐Ÿงฉ Scripts are modular, reusable, and easy to integrate in CI/CD pipelines.
  • ⚙️ Cron ensures zero manual intervention for daily protection.
← Previous: Part 11 – Log Management & Rotation Next: Part 13 – Subshells & Process Control →
Posted by: No comments:
Tags: , , , , , , , , , , , , ,

1 Nov 2025

๐Ÿ•’ Shell Scripting for Beginners – Part 9: Scheduling & Automation

  • In DevOps and Middleware environments, automation isn't complete until it's scheduled.
  • Here, we master cron, at, @reboot, and Jenkins integration — running scripts automatically for backups, restarts, monitoring, and cleanups.

๐Ÿ“‘ Table of Contents

⏰ 1️⃣ Automating with Cron

  • cron executes scripts periodically.
  • Perfect for recurring jobs like backups, cleanup, and health checks.

Example 1: Daily Jenkins Backup at 3 AM

0 3 * * * /opt/scripts/jenkins_backup.sh >> /var/log/jenkins_backup.log 2>&1
๐Ÿ’ฌ Output (log):
[03:00] Jenkins backup started
[03:03] ✅ Jenkins backup completed

Example 2: Weekly Tomcat Log Cleanup

0 2 * * 0 /opt/scripts/cleanup_tomcat_logs.sh >> /var/log/tomcat_cleanup.log 2>&1
๐Ÿ’ฌ Output:
๐Ÿงน Deleted old logs from /opt/tomcat/logs
✅ Weekly cleanup done

๐Ÿ• 2️⃣ One-Time Tasks with At

at executes a job once — ideal for maintenance windows, patches, or urgent restarts.

Example 3: Restart WebSphere at 11:30 PM

echo "/opt/IBM/WebSphere/AppServer/bin/stopServer.sh server1 && sleep 15 && /opt/IBM/WebSphere/AppServer/bin/startServer.sh server1" | at 23:30
๐Ÿ’ฌ Output:
job 17 at Sat Nov 1 23:30:00 2025

Example 4: Run Backup Once in 2 Hours

echo "/opt/scripts/backup_db.sh" | at now + 2 hours
๐Ÿ’ฌ Output:
job 18 at Sat Nov 1 05:30:00 2025

๐Ÿ”„ 3️⃣ Auto-Execute on System Reboot

The @reboot keyword in crontab ensures your scripts run every time Linux boots. Perfect for restarting services, mounting drives, or initializing environments.

Example 5: Auto-Start Tomcat After Reboot

@reboot /opt/tomcat/bin/startup.sh >> /var/log/tomcat_reboot.log 2>&1
๐Ÿ’ฌ Output (after reboot):
✅ Tomcat started automatically at boot.

Example 6: Health Check Script at Boot

@reboot /opt/scripts/health_check.sh >> /var/log/health_boot.log 2>&1
๐Ÿ’ฌ Output (log):
[BOOT] Checking WebSphere, Jenkins, NGINX...
✅ All services active.
๐Ÿ’ก To verify reboot jobs, check grep CRON /var/log/syslog after restart.

⚙️ 4️⃣ Jenkins Scheduler Integration

In CI/CD, Jenkins provides cron-like scheduling for build pipelines.

Example 7: Daily Jenkins Build at 2 AM

pipeline {
  triggers { cron('H 2 * * *') }
  stages {
    stage('Nightly Build') {
      steps {
        sh '/opt/scripts/build_app.sh'
      }
    }
  }
}
๐Ÿ’ฌ Output:
✅ Jenkins triggered build_app.sh
Build completed successfully.

๐Ÿงฐ 5️⃣ Real Middleware & DevOps Automation Examples

Example 8: NGINX Health Monitor Every 10 Minutes

*/10 * * * * /opt/scripts/nginx_health.sh >> /var/log/nginx_monitor.log 2>&1
๐Ÿ’ฌ Output:
[02:40] ๐ŸŒ NGINX is active
[02:50] ๐Ÿšจ NGINX down – restarted automatically.

Example 9: Database Backup Every 6 Hours

0 */6 * * * mysqldump -u root -pSecret middlewaredb > /backup/db_$(date +%F_%H).sql
๐Ÿ’ฌ Output:
✅ Backup completed: db_2025-11-01_06.sql

Example 10: Restart Jenkins After Crash Detection

*/15 * * * * pgrep jenkins >/dev/null || systemctl restart jenkins
๐Ÿ’ฌ Output:
[03:15] ๐Ÿšจ Jenkins was down, restarted successfully.

Example 11: Auto-Remount Missing Volume

@reboot mount | grep /mnt/backup >/dev/null || mount /dev/sdb1 /mnt/backup
๐Ÿ’ฌ Output:
✅ /mnt/backup auto-mounted on system startup.

๐Ÿง  6️⃣ Tips & Troubleshooting

  • ๐Ÿ“„ Check logs → grep CRON /var/log/syslog
  • ๐Ÿ”’ Ensure permissions → chmod +x /opt/scripts/*.sh
  • ⚙️ Test reboot jobs manually → sudo run-parts /etc/cron.d/
  • ๐Ÿ“ง Use MAILTO in crontab for notifications
  • ๐Ÿšจ For Jenkins jobs, check /var/lib/jenkins/jobs/*/builds

๐Ÿ Summary

  • Cron → Schedules recurring jobs
  • At → Runs one-time tasks
  • @reboot → Executes scripts on startup
  • Jenkins → Manages enterprise-level schedules
  • ๐Ÿ’ก Combine them to create self-healing, auto-starting Middleware environments.
← Previous: Part 8 – Debugging & Logging Next: Part 10 – Middleware Health Monitoring →
Posted by: No comments:
Tags: , , , , , , , , , , , ,

๐Ÿ“ Shell Scripting for Beginners – Part 7: File Handling in Shell.

  • In Middleware & DevOps automation, file handling is everywhere — reading logs, writing reports, rotating backups, or watching live output.
  • Let's learn how to read, write, append, and monitor files in shell scripts with real-world Middleware examples.

๐Ÿ“‘ Table of Contents

๐Ÿ“– 1️⃣ Reading Files

Example 1: Read File Line by Line

#!/bin/bash
filename="/opt/scripts/serverlist.txt"
while read -r line; do
  echo "Processing server: $line"
done < "$filename"
๐Ÿ’ฌ Output:
Processing server: app1
Processing server: app2
Processing server: app3

Example 2: Display Tomcat Log Errors

#!/bin/bash
grep "ERROR" /opt/tomcat/logs/catalina.out
๐Ÿ’ฌ Output:
ERROR [localhost-startStop-1] ... Application failed to start
ERROR [main] ... Database connection refused
๐Ÿ’ก Tip: Use grep -i error to ignore case.

✍️ 2️⃣ Writing & Appending Files

Example 3: Write Output to File

#!/bin/bash
echo "Backup started at $(date)" > /opt/scripts/backup.log
echo "Compressing files..." >> /opt/scripts/backup.log
tar -czf /tmp/backup.tar.gz /opt/data && echo "Backup successful" >> /opt/scripts/backup.log
๐Ÿ’ฌ Output File Content:
Backup started at Sat Nov 1 02:00:00 IST 2025
Compressing files...
Backup successful

Example 4: Append Deployment Status

#!/bin/bash
env=$1
status=$2
echo "$(date) - $env deployment $status" >> /opt/scripts/deploy_history.log
๐Ÿ’ฌ Output File Content:
Sat Nov 1 02:15:00 IST 2025 - dev deployment SUCCESS
Sat Nov 1 02:17:00 IST 2025 - prod deployment FAILED

Example 5: Log WebSphere Cleanup Activity

#!/bin/bash
logfile="/opt/IBM/WebSphere/AppServer/logs/cleanup.log"
echo "$(date): Cleaning old logs..." >> $logfile
find /opt/IBM/WebSphere/AppServer/logs -type f -mtime +7 -delete && echo "✅ Logs cleaned" >> $logfile
๐Ÿ’ฌ Output File:
Sat Nov 1 02:30:00 IST 2025: Cleaning old logs...
✅ Logs cleaned

๐Ÿ” 3️⃣ Monitoring Log Files

Example 6: Live Tail of Tomcat Logs

#!/bin/bash
echo "Monitoring Tomcat logs..."
tail -f /opt/tomcat/logs/catalina.out
๐Ÿ’ฌ Output:
Monitoring Tomcat logs...
[INFO] Server startup completed in 2200 ms
[WARN] Deprecated API in use
[ERROR] Connection timeout to DB

Example 7: Auto-restart Jenkins on Log Failure

#!/bin/bash
tail -Fn0 /var/log/jenkins/jenkins.log | \
while read line; do
  echo "$line" | grep "ERROR" &>/dev/null
  if [ $? = 0 ]; then
    echo "๐Ÿšจ Error detected, restarting Jenkins..."
    systemctl restart jenkins
  fi
done
๐Ÿ’ฌ Output:
[ERROR] Jenkins job queue stuck
๐Ÿšจ Error detected, restarting Jenkins...

Example 8: Monitor NGINX Access Logs for High Load

#!/bin/bash
tail -n 100 /var/log/nginx/access.log | awk '{print $9}' | sort | uniq -c
๐Ÿ’ฌ Output:
500 3
404 7
200 90
301 5
๐Ÿ’ก Tip: Use this for quick traffic analysis on your Middleware or DevOps pipeline servers.

⚠️ 4️⃣ Error Handling & Debugging

  • Use set -e to exit on first failure.
  • Redirect errors → 2>> error.log to capture exceptions.
  • Validate file existence before reading:
if [ ! -f "$filename" ]; then
  echo "❌ File not found: $filename"
  exit 1
fi
If your script suddenly exits, check for missing files or permission issues in /var/log/messages or your custom error log.

๐Ÿ Summary

  • Read files line by line to automate configuration or host processing.
  • Write and append logs for auditing and historical tracking.
  • Monitor live logs (Tomcat, Jenkins, NGINX) using tail -f.
  • Add error handling to avoid silent file issues in production.
← Previous: Part 6 – Arrays & Arguments Next: Part 8 – Debugging & Logging →
Posted by: No comments:
Tags: , , , , , , , , , , , ,

๐Ÿ“ฆ Shell Scripting for Beginners – Part 6: Arrays & Arguments

Arrays and arguments give your scripts flexibility — perfect for automating Middleware & DevOps tasks like restarting Tomcat across servers, cleaning WebSphere logs, or passing dynamic inputs to Jenkins jobs.

๐Ÿ“‘ Table of Contents

1️⃣ Arrays in Shell

๐ŸŽฏ Example 1 – Basic Array

#!/bin/bash
servers=("dev" "stage" "prod")
echo "First server: ${servers[0]}"
echo "All servers: ${servers[@]}"
๐Ÿ’ฌ Output:
First server: dev
All servers: dev stage prod

๐Ÿ” Example 2 – Loop through Array

#!/bin/bash
apps=("Tomcat" "WebSphere" "JBoss")
for app in "${apps[@]}"; do
  echo "Managing $app service..."
done
๐Ÿ’ฌ Output:
Managing Tomcat service...
Managing WebSphere service...
Managing JBoss service...

๐Ÿงฐ Example 3 – Restart Tomcat on Multiple Servers

#!/bin/bash
servers=("app1" "app2" "app3")
for s in "${servers[@]}"; do
  echo "Restarting Tomcat on $s..."
  ssh $s "systemctl restart tomcat" || echo "⚠️ Restart failed on $s"
done
echo "✅ Restart loop completed."
๐Ÿ’ฌ Output:
Restarting Tomcat on app1...
Restarting Tomcat on app2...
⚠️ Restart failed on app3
✅ Restart loop completed.

๐Ÿงน Example 4 – Cleanup WebSphere Logs

#!/bin/bash
logs=(SystemOut.log SystemErr.log activity.log)
for file in "${logs[@]}"; do
  echo "Deleting $file..."
  rm -f /opt/IBM/WebSphere/AppServer/logs/$file || echo "⚠️ Could not remove $file"
done
echo "๐Ÿงน Old WebSphere logs removed."
๐Ÿ’ฌ Output:
Deleting SystemOut.log...
Deleting SystemErr.log...
Deleting activity.log...
๐Ÿงน Old WebSphere logs removed.

2️⃣ Command-line Arguments

๐Ÿ“ฆ Example 5 – Access Arguments

#!/bin/bash
echo "Environment: $1"
echo "Version: $2"
๐Ÿ’ฌ Output:
$ ./deploy.sh prod v2.0
Environment: prod
Version: v2.0

๐Ÿš€ Example 6 – Trigger Jenkins Job

#!/bin/bash
job_name=$1
if [ -z "$job_name" ]; then
  echo "❌ Usage: $0 "
  exit 1
fi
curl -s -X POST "http://localhost:8080/job/$job_name/build?token=deploy123" || echo "⚠️ Failed to trigger job."
๐Ÿ’ฌ Output:
$ ./jenkins_trigger.sh BuildApp
✅ Triggered Jenkins job BuildApp

๐Ÿง  Example 7 – Argument Validation

#!/bin/bash
if [ $# -lt 2 ]; then
  echo "Usage: $0  "
  exit 1
fi
echo "Deploying $1 version $2..."
๐Ÿ’ฌ Output:
$ ./deploy.sh myapp v1.5
Deploying myapp version v1.5...

3️⃣ Combining Arrays & Arguments

๐ŸŒ Example 8 – Check NGINX on Multiple Hosts

#!/bin/bash
hosts=("$@")
for h in "${hosts[@]}"; do
  echo "Checking NGINX on $h..."
  ssh $h "systemctl is-active nginx" >/dev/null 2>&1 && echo "✅ $h OK" || echo "❌ $h DOWN"
done
๐Ÿ’ฌ Output:
$ ./check_nginx.sh host1 host2 host3
✅ host1 OK
✅ host2 OK
❌ host3 DOWN

๐Ÿ’พ Example 9 – Query Multiple Databases

#!/bin/bash
dbs=("salesdb" "hrdb" "logdb")
for db in "${dbs[@]}"; do
  echo "Checking $db connection..."
  mysql -h dbserver -u admin -psecret -e "use $db;" >/dev/null 2>&1 && echo "✅ $db reachable" || echo "⚠️ $db not reachable"
done
๐Ÿ’ฌ Output:
Checking salesdb connection... ✅ salesdb reachable
Checking hrdb connection... ⚠️ hrdb not reachable
Checking logdb connection... ✅ logdb reachable

๐Ÿงฉ Example 10 – CI/CD Pipeline Trigger

#!/bin/bash
branches=("main" "dev" "hotfix")
for b in "${branches[@]}"; do
  echo "Triggering pipeline for $b..."
  curl -s -X POST "https://ci.middlewarebox.com/job/build-$b/build" || echo "⚠️ Failed for $b"
done
๐Ÿ’ฌ Output:
Triggering pipeline for main... ✅ Done
Triggering pipeline for dev... ✅ Done
Triggering pipeline for hotfix... ⚠️ Failed for hotfix

4️⃣ Error Handling & Debugging

  • Use set -x to trace executed commands.
  • Check argument count with $#.
  • Use "$@" to safely pass all args to loops.
  • Handle SSH/curl/mysql failures with || and echo messages.
  • Log outputs → script.sh >> /var/log/script.log 2>&1

๐Ÿ Summary

  • Arrays – store lists of servers, apps, or files.
  • Arguments – pass values into scripts for dynamic execution.
  • Combine both for multi-server automation.
  • Always include error handling to avoid silent failures.
← Previous: Part 5 – Functions in Shell Next: Part 7 – File Handling in Shell →
Posted by: No comments:
Tags: , , , , , , , , , , , ,

21 Sept 2023

IBM WebSphere 9.0.0.0 and IHS (IBM HTTP SERVER) Installation with Fixpack using Command Line (non-root) user

###### IM (Installation Manager) installation version 1.8.9.6 or Greater than that (non-root) user.

/app/BIN/IM/userinstc -acceptLicense  -installationDirectory /app/IBM/InstallationManager  -record /app/IBM/InstallationManager/install.xml  -dataLocation /app/IBM/IMLogs -showProgress



*******************************************************************************************

###### Check listAvailablePackages 

/app/IBM/InstallationManager/eclipse/tools/imcl listAvailablePackages -repositories /app/BIN/WAS9/repository.config



###### WAS installation version 9.0.0.0 and SDK installation.

/app/IBM/InstallationManager/eclipse/tools/imcl install com.ibm.websphere.ND.v90_9.0.0.20160526_1854 com.ibm.java.jdk.v8_8.0.6007.20200324_1954 -repositories /app/BIN/WAS9/repository.config,/app/BIN/SDK8/repository.config -installationDirectory /app/IBM/WebSphere/AppServer -sharedResourcesDirectory /app/IBM/IMShared -acceptLicense -showProgress



###### WAS FP installation version 9.0.5.3 or Greater than that.

/app/IBM/InstallationManager/eclipse/tools/imcl updateAll -repositories /app/BIN/FP9.0.5.3/WASFP9/repository.config -installationDirectory /app/IBM/WebSphere/AppServer -acceptLicense -showProgress



*******************************************************************************************

###### IHS (IBM HTTP SERVER) installation version 9.0.0.0 and SDK installation.

/app/IBM/InstallationManager/eclipse/tools/imcl install com.ibm.websphere.IHS.v90_9.0.0.20160526_1854 com.ibm.java.jdk.v8_8.0.6007.20200324_1954 -repositories /app/BIN/IHS9/repository.config,/app/BIN/SDK8/repository.config -installationDirectory /app/IBM/HTTPServer -sharedResourcesDirectory /app/IBM/IMShared -properties user.ihs.httpPort=8080,user.ihs.allowNonRootSilentInstall=true -acceptLicense -showProgress




###### Plugin installation version 9.0.0.0 and SDK installation.

/app/IBM/InstallationManager/eclipse/tools/imcl install com.ibm.websphere.PLG.v90_9.0.0.20160526_1854 com.ibm.java.jdk.v8_8.0.6007.20200324_1954 -repositories /app/BIN/PLUGIN9/repository.config,/app/BIN/SDK8/repository.config -installationDirectory /app/IBM/Plugins -sharedResourcesDirectory /app/IBM/IMShared -acceptLicense -showProgress




###### IHS (IBM HTTP SERVER) FP installation version 9.0.5.3 or Greater than that.

/app/IBM/InstallationManager/eclipse/tools/imcl updateAll -repositories /app/BIN/FP9.0.5.3/IHSPLUG/repository.config -installationDirectory /app/IBM/HTTPServer -acceptLicense -showProgress




###### PLUGIN FP installation version 9.0.5.3 or Greater than that.

/app/IBM/InstallationManager/eclipse/tools/imcl updateAll -repositories /app/BIN/FP9.0.5.3/IHSPLUG/repository.config -installationDirectory /app/IBM/Plugins -acceptLicense -showProgress

*******************************************************************************************




###### SDK FP installation version 8.0.3.0 or Greater than that.

/app/IBM/InstallationManager/eclipse/tools/imcl updateAll -repositories /app/BIN/FPSDK8.0/repository.config -installationDirectory /app/IBM/WebSphere/AppServer -acceptLicense -showProgress


Thanks :-)

Read more posts »
Posted by: No comments:
Tags: , , , , , ,

1 May 2018

What is MustGather script ?

If you face any performance degradation, hang, no response, hung threads, CPU starvation, high CPU utilization, network delays, or deadlocks, this MustGather will assist you in collecting the critical data that is needed to troubleshoot your issue.

 Use below link and download MustGather document as per your environment.

 http://www-01.ibm.com/support/docview.wss
MustGather: Performance, hang, or high CPU issues on Windows

 Step 1 : Download the windowsperf.jacl script. This script works for WebSphere Application Server version 6.1 to version 9.1.

 windowsperf.jacl

 Screenshot :

Step 2 :  Use below command from WebSphereApplication home\bin:
Syntax :
wsadmin -lang jacl -javaoption -Xmx256M -f <path to file>\windowsperf.jacl servername <nodename if needed> 

 Screenshot :


Step 3 : Check the javacore files of same server.

 Screenshot :




















Step 4 :Check the set of javacores, tasklist, netstat, and some performance.

 Screenshot :
Note: the number of iterations and the pause time between collections are the first 2 executable lines in the script, The variable iters is the number of iteration and the ptime variable is the pause time .
normally this is set to 3 iterations and 120 second ptime as below: 
set iters 3
set ptime 120

Ref doc : https://www-01.ibm.com/support/docview.wss
Read more posts »
Posted by: No comments:
Tags: ,

PsList to troubleshoot high CPU usage in Windows - WebSphere® Application Server

While troubleshooting high CPU utilization in IBM WebSphere® Application Server on Windows operating systems, the perfmon tool may not provide enough information. The PsList tool can be used to collect CPU usage about individual threads in the Java process. PsList is a light-weight tool bundled in the PsTools utilities provided by Microsoft.

Before you restart the server always collect the logs.

Step 1: Download PsTools.zip from the below link:

https://docs.microsoft.com/en-us/sysinternals/downloads/pstools

Screenshot :



Step 2: Unzip the contents of PsTools.zip to a local directory. This will extract a couple of .exe files, one of which will be PsList.exe.

Screenshot :



Step 3: Copy the attached startpslist.bat file to the same directory as the output of the extracted PsTools.zip. This simple script is provided to automatically run PsList and collect its data. By default, it runs PsList.exe every 5 seconds. This interval can be changed by editing the TIME_SLEEP value in the script.


Use below link to download startpslist.bat & startpslistYYYYMMDD.bat

http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg21304776

Screenshot  :




Step 4: Run the command: startpslist.bat [Java Process ID] at same time run MustGather script and terminate using CTRL+C.

Screenshot  :



MustGather script



Step 5 : Locate  the same location directory for pslistlog.PID.yyyy.mm.dd.hh.mm.ss

Screenshot  :





Read more posts »
Posted by: No comments:
Tags: ,

14 Oct 2017

Steps to Configure IHS (IBM HTTP Server ) with WAS 8.5.X.X



Step 1: Create Web server  : http://www.middlewarebox.com/how-to-create-web-server



Step 2: Generate and  propagate plug ins via console :
                              http://www.middlewarebox.com/how-to-generate-and-propagate-plug-ins



Step 3: Configure IHS (httpd.conf ) for Port 80 :
                                                           http://www.middlewarebox.com/how-to-configure-ihs



Step 4: Create New Self - Sign Certificates using ikeyman :
                                              http://www.middlewarebox.com/how-to-create-self-sign-certificate



Step 5: Configure IHS (httpd.conf ) for Port 443 and install certificates. :
                                                                  http://www.middlewarebox.com/how-to-configure


Refrence Doc : https://www-01.ibm.com/




Thanks..:-) !


Read more posts »
Posted by: No comments:
Tags: , ,

8 Sept 2017

How to create CSR using openssl with SAN details. / How to create SAN certificate using openssl.


SAN stands for Subject Alternative Name certificates and allows you to secure multiple domain names with a single SSL certificate.
SAN is used where a single server can access with multiple domain address.


Step 1: Make sure that you have openssl rpm installed in unix machine.

Command  >>  rpm -qa | grep openssl

Screenshot 1:



Step 2: If you does not have openssl tool.

Command >>   yum  install  openssl

Screenshot 2:



Since i already installed the latest version its showing nothing to do.


Step 3: Create a directory open_ssl

Command >>    mkdir   open_ssl

Screenshot 3:




Step 4: Make one file newsan.cnf and paste below commands and save.

Command >>  vi   newsan.cnf


----------------------------------------------------------------------------------------------

[req]
default_bits       = 2048
distinguished_name = req_distinguished_name
req_extensions = v3_req
prompt = no
[req_distinguished_name]
countryName = IN
stateOrProvinceName = MAHA
organizationName = MiddlewareBox
commonName = www.openssltest.com
[v3_req]
subjectAltName = @alt_names
[alt_names]
DNS.1 = www.middbox.com
DNS.2 = www.mb.com

----------------------------------------------------------------------------------------------


Screenshot 4:




Step 5: Use below openssl command.

Command  >>   openssl req   -new -out opensslSan.csr -newkey rsa:2048 -nodes -keyout private.key -config newsan.cnf

Screenshot 5:




Step 6: Open the created xxxxx.csr

Command >>  cat  opensslSan.csr


-------------------------------------------------------------------------------------------------------

-----BEGIN CERTIFICATE REQUEST-----
MIIC0DCCAbgCAQAwUjELMAkGA1UEBhMCSU4xDTALBgNVBAgMBE1BSEExFjAUBgNV
BAoMDU1pZGRsZXdhcmVCb3gxHDAaBgNVBAMME3d3dy5vcGVuc3NsdGVzdC5jb20w
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8s3Qf2d3pYrqrZc5X45ls
o7gEHKf5lY6fKkL3Q58Emg5RK6dQd+9fDwRot0KstYYPKvh2CdVQ+3kUzjGsv5Sh
VMWhocxiiHtzwD794GIl+TnvJyvp6HGuWbjEuwLvs3X6bliUgDwRtV++aIF+023G
Pt+VkVHPZYOYcYJtCg3+GS/aYvXzTFvbC9wUgLEE+/sN4M9fAR+tf7zv6zvxK1l5
KPc7tyJDZUuKc9jpSGKl8WZnJlSpRI8tFTNDmwBOe92WGPrRHEkk0SuBLRJL05G3
Eec8ZTk+Q0YRhZmkQC6C4LynkkLlaE5dvcxy+OKWgZRiWz1ercw0HJgDW5s2/wUF
AgMBAAGgOTA3BgkqhkiG9w0BCQ4xKjAoMCYGA1UdEQQfMB2CD3d3dy5taWRkYm94
LmNvbYIKd3d3Lm1iLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAeOA3KbDjHytpEKUC
SvFkbnMEEz/aeAIc6HuxM7w5t3BofQYOxua0x2sROT9chuNPp02ENG5NrMVA62ue
5IrG1Yz//i/wP+YtHdy6svu1Z2tbQkPGvppJqCuzCH5de7wGJW/04VqkHP7GAWRe
PH5wxN+6PkDSGbI7+MlLqhX3O8rCSeXQ7oqj08S3GFZ4C9gAGEjreUNQ4lOFOXev
ncvp6AU9USa9vY+SJLrtnlA4Jysnv71sxJ9/C/3g489fHrEoTxY6wx7b1c2sLwwN
8LJA76COYAhyko1eF4E6OH6bfyO3YVV4nWwCRUny8tGy5ygykFDKjPt3LgT7KjKd
ggswEQ==
-----END CERTIFICATE REQUEST-----


-------------------------------------------------------------------------------------------------------


Screenshot 6:




Step 7: Copy the above cerificate content and paste on CSR decoder website

CSR decoder link : Https://certlogik.com/decoder/

Screenshot 7-1:



Screenshot 7-2:




Step 8: Reading a CSR to determine what information it contains.


Command >>   openssl req -text -noout -in <filename for csr>

Screenshot 8:



Reference link : https://www.ibm.com/support/

Reference link : https://www.phildev.net/ssl/opensslconf.html

Reference link : Most-common-openssl-commands.html

Reference link : https://www.websecurity.symantec.com/




Thanks :-)


Read more posts »
Posted by: No comments:
Tags: ,
Subscribe to: Comments (Atom)