Friday, April 24, 2015

Use WLST scripts just like SHELL scripts for automation

How to use wlst scripts for automation, with ease of shell script

 

Since I come from shell scripting background, the two wlst invocations methods i.e. interactive and script mode, caused discomfort to me due to my lack of expertise in java/jython programing. I will not even discuss about the third mode i.e. embedded mode, which requires much more java flare.

I often used to wonder about the way I can write and use wlst scripts just like I make use of shell scripts.

So sharing my finding which have made my life comfortable. I personally feel that this approach is better (at least for me), than most of the scripting approaches I found on net.

To make a point, let me give short example on how the other approaches lack the ease and flexibility that is so easily available from shell scripts.

Ø  Conventional Approach 1: Scripting Mode

java weblogic.WLST <<your wlst script.py>>

 

As per oracle documentation, this method helps you in automation since you can make use of loops, constructs based on jython.

BUT, why I do not like this method is, because using this approach, all your script files will have to have authentication and connection code. For e.g., script to stop the server and the other one to retrieve the status of the servers, both need to have code for authentication.

Another way to sooth this pain a bit, is to make use of functions in separate files and import those functions in the final code you write. Go ahead this method if you have time to practice scripting and gain expertise. Continue to read if you’d like to explore an easier option. J

Ø  Conventional Approach 2: Interactive Mode

Another usual way is to launch WLST shell and type your commands in the shell

WL_HOME/server/bin/setWLSEnv.sh

 

This is certainly is a good way of testing the wlst commands and constructs before you put them into a script, but it’s not an ultimate tool that will let you automate your tasks.

 

Ø  Easy Way: The Shell Script Way

An easier way, as per me, is to divide wlst code for basic tasks (like authentication, connection, executions, etc. tasks) in different files and call those snippet files from a single shell script file.

But to achieve the above we need to tweek the SHELL interpreter or SHE bang line, which is the very first line in any shell script, so as to use WLST as interpreter rather bash, ksh, or other shell.

 

The below example will make the things pretty clear.

Here, I have two wlst snippet files:

-          ConnectMyPOC.py: For authenticating and connecting to my wlst domain.

-          StatusAllServer.py: To check the status of the server in mydomain.

I’ll create a 3rd file to wrap first two files within the shell script like file and use wlst engine to interpret the later script rather than any other unix shell to do so.

 

Below are the wlst files with self-explanatory code.

# ConnectMyPOC.py wlst snippet file, to connect to domain

[oracle@POCSERVER WLSTScripts]$ vi ConnectMyPOC.py

#!/opt/app/oracle/middleware/oracle_common/common/bin/wlst.sh

connect(url='t3://10.xx.xx.xx:7001', userConfigFile='/home/oracle/.scripts/.wlstscriptkey/myconfigfile.secure', userKeyFile='/home/oracle/.scripts/.wlstscriptkey/mykeyfile.secure');

 

# StatusAllServer.py wlst snippet file, to check status of all servers in the domain

sList=ls('Servers', returnMap='true')

for i in sList:

state(i,'Server',returnMap='true')

 

# Wrapper script, calling the two scripts shown above. Notice the very first line in the script.

vi ServerStatus.wlst

#!/opt/app/oracle/middleware/oracle_common/common/bin/wlst.sh

execfile('/home/oracle/.scripts/WLSTScripts/ConnectMazdaPOC.py')

execfile('/home/oracle/.scripts/WLSTScripts/StatusAllServer.py')

 

# Now assign execute permission to the wrapper file.

chmod u+x ServerStatus.wlst

 

Now you are free to use it like a shell script and do your cron based scheduling or any automation activity you usually perform with shell scripts.

 

[oracle@POCSERVER WLSTScripts]$ ./ServerStatus.wlst

Java HotSpot(TM) 64-Bit Server VM warning: ignoring option MaxPermSize=256m; support was removed in 8.0

 

Initializing WebLogic Scripting Tool (WLST) ...

 

Welcome to WebLogic Server Administration Scripting Shell

 

Type help() for help on available commands

 

Connecting to t3://10.xx.xx.xx:7001 with userid weblogic ...

Successfully connected to Admin Server "AdminServer" that belongs to domain "mazdapoc_domain".

 

Warning: An insecure protocol was used to connect to the

server. To ensure on-the-wire security, the SSL port or

Admin port should be used instead.

 

dr-- AdminServer

dr-- ess_server1

dr-- odi_server1

dr-- osb_server1

dr-- soa_server1

 

Current state of "AdminServer" : RUNNING

Current state of "ess_server1" : SHUTDOWN

Current state of "odi_server1" : RUNNING

Current state of "osb_server1" : RUNNING

Current state of "soa_server1" : RUNNING

[oracle@POCSERVER WLSTScripts]$

 

Voila... For more, continue to SeeItWithSanjay!

 

Sunday, April 5, 2015

Domain Creation taking lot of time or hung

DOMAIN creation is hung or taking long time…

 

Or do you see your server startup is taking ages?

Or it takes hell lot of time for password less authentication (using configuration keys created by storeUserConfig wlst command), for weblogic and nodemanager.

 

Recently while installating 12c SOA Suite for a client, we faced a similar situation where in the domain creation was stuck at the 2nd last page (oui page no: 19 as in screen shot below) for more than 20 minutes.

By experience from the past installations it is known that the “Configuration Progress” page of domain creation using config.sh, usually gets stuck at 45%-55% of its progress. But this 20+ minutes of wait time is a killer.

 

 

Cause: Blame it on concept of computing entropy.

 

I learnt about the term “entropy”, which refers to randomness of a molecules, or something like that, in a chemistry class during my school days.

In computing world too, the concept of entropy plays significant role when it comes to generation of random numbers or bytes for various computing processes. A great example will be generation of random bytes for encryption.

 

Ø  Some Background

To check which all applications/modules on your machine make use of the entropy using /dev/random, just run grep for “/random” on your files. You’ll realize that java cryptography, weblogic environment configuration, nodemanager startup, etc. have reference to this device.

 

 

For Linux machines, this entropy is powered by the below device that which keeps generating random bytes.

$>ls /dev/random (Run cat /dev/etc in your sweet time)

 

You can list below file to view the default entropy size. This is 4096 bytes by default.

$>cat /proc/sys/kernel/random/poolsize

 

And to check how much of can your entropy still rock, you can list the below file.

$> cat /proc/sys/kernel/random/entropy_avail

A value lower than 500, worse case zero, indicates the device may be unable to shake off more randomness. Hence the dependent applications get hung.

 

 

Ø  Now the solution to our problem:

 

-          Quickie:

During time of issue, you may find that value in file “entropy_avail” is either 0 or very low. To fix this, you need to run below command as “root” user.

$ root> rngd -r /dev/urandom -o /dev/random –b

This will help you recycle the entropy, which will solve the slowness or hung state of your domain creation in a jiffy.

 

-          Permanent Fix :

Run below as root

$ root> echo "EXTRAOPTIONS=\"-r /dev/urandom\"" | cat >> /etc/sysconfig/rngd

$ root> /etc/init.d/rngd start

 

-          Caution:

The permanent solution, as you see, will replace the /dev/urandon to be the source of entropy. Now the urandom source is less secure than /dev/randon, as the former reuses the random bits, in order to ensure that it’s pool never runs out of entropy.

 

 

Ø  References:

-          Oracle Doc ID 1947394.1