Just to share here are some of the commands you can use to check on the HP blades other than using iLO2/OA through HTTP.
For Blade Servers
Logging in
> ssh
- Displaying information in iLO2
In iLO2 CLI, information is organised in folders, therefore 'cd' is used to navigate around.
In the below example, there are 2 folders "system1" and "map1".
"system1" has all the hardware information for the blade you are in.
"map1" has all the iLO2 configuration for the blade you are in.
e.g.
hpiLO-> show
status=0
status_tag=COMMAND COMPLETED
/
Targets
system1
map1
Properties
Verbs
cd version exit show set
Basically, use the 'cd' command to navigate and "show" command to display the information.
You will know that you are at the end of the tree branch when you see nothing in the "Targets" listing.
when you "show", the information will be display under the "Properties".
e.g.
hpiLO-> cd /system1/fan1
status=0
status_tag=COMMAND COMPLETED
/system1/fan1
hpiLO-> show
status=0
status_tag=COMMAND COMPLETED
/system1/fan1
Targets
Properties
DeviceID=Virtual Fan
ElementName=System
OperationalStatus=Ok
VariableSpeed=Yes
DesiredSpeed=37
HealthState=Ok
Verbs
cd version exit show set
if you know the direct path, you can do the following as well.
e.g.
hpiLO-> show /system1/cpu1/logical_processor1
status=0
status_tag=COMMAND COMPLETED
/system1/cpu1/logical_processor1
Targets
Properties
current_pstate=1
pstate0_avg=0.0
pstate1_avg=100.0
pstate2_avg=0.0
pstate3_avg=0.0
pstate4_avg=0.0
pstate5_avg=0.0
pstate6_avg=0.0
pstate7_avg=0.0
Verbs
cd version exit show set
If you want to show everything to that you can pipe to somewhere else for further processing, try this.
e.g.
hpiLO-> show -l all system1
Reset the system
This will reboot the blade
hpiLO-> reset system1
Power off the system gracefully.
This will shutdown the blade gracefully.
hpiLO-> stop
Power off the system forcefully.
This will shutdown the blade forcefully without going through the OS levels.
hpiLO-> stop -f
Power up the system.
This will power up the blade
hpiLO-> start system1
Reset iLO2.
This will reset iLO2.
hpiLO-> reset map1
*tip* to backspace when you typo, use shirt+backspace.
Reference:
For Blade Enclosure OA
Logging in
> ssh
The OA CLI is different from iLO2 CLI. There is no need to "navigate".
The command set is as follows,
e.g.
OA-00237D382975> help
ADD ASSIGN CLEAR CONNECT DISABLE DOWNLOAD ENABLE EXIT FORCE GENERATE HELP
HISTORY HPONCFG LOGOUT PING POWEROFF POWERON QUIT REBOOT REMOVE RESTART SET SHOW
SLEEP TEST UNASSIGN UPDATE UPLOAD
OA-00237D382975> help show
SHOW { ALL | CA | CONFIG | DATE | DEVICE | DISPLAY EVENT(S) | EBIPA | ENCLOSURE
| FRU | HPSIM INFO | INTERCONNECT | LDAP | NETWORK | OA | PASSWORD SETTINGS |
POWER | RACK NAME | SERVER | SESSION TIMEOUT | SNMP | SSHFINGERPRINT | SSHKEY |
SYSLOG | TOPOLOGY | TWOFACTOR | UPDATE | USBKEY | USER | VCMODE }
Showing the c7000 enclosure information.
e.g.
OA-00237D382975> show enclosure info
Enclosure Information:
Enclosure Name: Your Enclosure Name
Enclosure Type: BladeSystem c7000 Enclosure
Part Number: 412152-B21
Serial Number: Your Serial Number
UUID: Your UUID
Asset Tag:
Midplane Spare Part Number: 414050-001
Power Distribution Unit:
PDU Type: HP AC Module, Single Phase
PDU Spare Part Number: 413494-001
Onboard Administrator Tray Information:
Type: HP BladeSystem c7000 Onboard Administrator Tray
Spare Part Number: 416000-001
Serial Number: Your OA Serial Number
Shown here for OA CLI are the "show" commands only since changing parameter in the OA may cause impact to the other blade systems.
Please refer to attached if you need to set parameters.
Friday, September 25, 2009
How to Access HP C-Class Blades iLO2 and C-Class Enclosure OA using SSH
HP Utilities for C-Class BL460c G1
Here is a little summary of the commands you can script it up or cron it to check the health of the blades.
I'm doing them on ProLiant Support Pack 8.12 in Linux
- Raid Health Check
This will list the logical drive in the blade.
If there is any replacement of disk, you will see the resyncing of the disk here.
If there is fault on the array, the error will be displayed here as well.
# hpacucli ctrl slot=0 logicaldrive all show
- Health Check for array controller, cache and battery
This list the health of the a/m.
# hpacucli ctrl all show status
- Detailed Information on the Smart Array
This display the serial number of the array controller as well as the cache.
Hardware revision and firmware version as well as other disk settings are also displayed.
# hpacucli ctrl slot=0 show
- Enable/Disable drive cache
Some controllers and drives support physical drive write cache, but since this is not backed by battery, it is recommended to disable the disk write cache or use a backup power supply.
# hpacucli ctrl slot=0 modify dwc=
- Display the list of arrays and the physical drives belonging to the array
This will display the logical mapping of the physical disk to the array.
# hpacucli controller all show config
- Display the list of arrays and the physical drives belonging to the array with more details
Includes the previous command with mount point, disk name, disk information and its firmware revision and serial number.
# hpacucli controller all show config detail
- Display a variety of health and information status of the blade
ASR, BOOT, DIMM, F1, FANS, HT, IML, IPL, NAME, PORTMAP, POWERSUPPLY,
PXE, SERIAL
# hpasmcli -s "show
How to Check warranty for HP blades
You can use the following link to check if the blade is under warranty.
http://h10025.www1.hp.com/ewfrf/wc/weInput?lc=en
Do note that HP database must be updated by 3rd party vendors if any support is purchased from 3rd party vendor in order for this to return meaningful results.
Also, the product number can be queried from either iLO2 page or from the label on the server. Serial number can be queried using hpasmcli -> show server.
Choose your Country, Serial and Product Number and you are good to go.
Thursday, September 24, 2009
Difference between prefork MPM and worker MPM in apache
What are MPM?
'Multi Processing Modules' aka MPM are modules that extends apache's capability to implement a hybrid multi-process multi-threaded server.
The default MPM for Unix is the Prefork module.
The Worker MPM was introduced in Apache2.
MPM uses a multi-process and multi-threaded structure.
Multi-process --> multi PIDs (use 'ps -aef' to find out)
Multi-thread --> more connections per PID. (use 'lsof' to find out. 'netstat -an' don't really see everything.)
The parent process (the one belonging to root) is started up which in turn start up the child processes.
Each child process creates a fixed number of threads as specified in the ThreadsPerChild directive.
Apache always try to maintain a pool of spare threads, which stand ready to serve incoming requests. The number of processes that will initially launched is set by the StartServers directive. Apache will try to keep the number of spare threads within the boundaries specified by MinSpareThreads and MaxSpareThreads.
The maximum number of clients that may be served simultaneously will equal to the maximum total number of threads in all processes. This is set using MaxClients directive.
Therefore, no of processes or PIDs you can have is
no of processes = MaxClients / ThreadsPerChild
Comparing Worker MPM and Prefork MPM,
Worker MPM
- worker MPM uses multiple child processes with many thread each.
- Each thread handle one connection at a time.
- Good for high-traffic, smaller memory footprint.
Prefork MPM
- prefork MPM uses multiple child processes with one thread each.
- Each process handle one connection at a time. uses more memory.
- Good for non-thread-safe third party modules.
Prefork MPM is prefered for better compatibility with older softwares or for better stability although it uses more memories.
Note that we can have one and only MPM module loaded in apache at any one time.
How to check which MPM is compiled?
# httpd -l
Compiled in modules:
core.c
prefork.c
http_core.c
mod_so.c
Reference: http://httpd.apache.org/docs/2.0/mod/worker.html
How to Configure Multiple Apache Instances based on the default Apache in RHEL 4.6
In my environment, there are requirements to have multiple apache instances in the same servers.
One advantage is of course the obvious economic or ROI sense. Another is easier management from systems administration point of view.
Here, i have summerised the steps used in creating 2 instances using the default apache from RHEL 4.6 64bit
In this example, let me know one apache as websvc1 and another as websvc2.
step 1)
Create 2 copies of the binaries /usr/sbin/httpd
# cp -p /usr/sbin/httpd /usr/sbin/httpd_websvc2
step 2)
Create 2 copies of the apache controller /usr/sbin/apachectl
# cp -p /usr/sbin/apachectl /usr/sbin/apachectl_websvc2
step 3)
Customise the apache controller /usr/sbin/apachectl_websvc2
...
...
# the path to your httpd binary, including options if necessary
HTTPD='/usr/sbin/httpd_websvc2'
...
...
# Source /etc/sysconfig/httpd_websvc2 for $HTTPD setting, etc.
if [ -r /etc/sysconfig/httpd_websvc2 ]; then
. /etc/sysconfig/httpd_websvc2
fi
...
...
Step 4)
Create 2 copies of the apache environment configuration /etc/sysconfig/httpd
# cp -p /etc/sysconfig/httpd /etc/sysconfig/httpd_websvc2
Step 5a)
if you need to source some environment files, say for your site protection or etc, put them in /etc/sysconfig/httpd or /etc/sysconfig/httpd_websvc2
Step 5b)
You need to specify different resources and path for the 2nd and subsequent apache instances, else the 2nd apache to start up will fail. One symptom below if this is not done
- Executing 'service httpd status' shows PID of those httpd_websvc2 as well.
Things to differentiate are not limited to the following,
- pid file
- document root
- lock file
- conf file
- environment source
- etc.
Therefore, edit and append in /etc/sysconfig/httpd_websvc2
...
...
OPTIONS='-f /etc/httpd_websvc2/conf/httpd.conf -DSSL'
PIDFILE=/var/run/httpd_websvc2.pid
LOCKFILE=/var/lock/subsys/httpd_websvc2
CONFFILE=/etc/httpd_websvc2/conf/httpd.conf
...
...
Step 6)
Create 2 copies of service script /etc/init.d/httpd
# cp -p /etc/init.d/httpd /etc/init.d/httpd_websvc2
Step 7)
While setting up this, i noticed the following few scenarios
- Executing 'service httpd stop' when httpd is not running, httpd_websvc2 will be killed as well.
- Executing 'service httpd restart' when httpd is not running, httpd_websvc2 will be killed as well.
Therefore add in /etc/init.d/httpd.
# Add in to check for for HTTPD process presence
checkHttpdPID() {
HTTPDPID=`pidof -o $$ -o $PPID -o %PPID -x /usr/sbin/httpd`
if [ -z "$HTTPDPID" ]; then
echo "/usr/sbin/httpd is not running..."
exit
fi
}
...
...
stop)
checkHttpdPID
stop
;;
status)
checkHttpdPID
status $httpd
RETVAL=$?
;;
restart)
checkHttpdPID
stop
start
;;
...
...
Therefore add in /etc/init.d/httpd_websvc2
...
...
# Add in to check for for HTTPD process presence
checkHttpdPID() {
HTTPDPID=`pidof -o $$ -o $PPID -o %PPID -x /usr/sbin/httpd_websvc2`
if [ -z "$HTTPDPID" ]; then
echo "/usr/sbin/httpd_websvc2 is not running..."
exit
fi
}
...
...
if [ -f /etc/sysconfig/httpd_websvc2 ]; then
. /etc/sysconfig/httpd_websvc2
fi
...
...
apachectl=/usr/sbin/apachectl_websvc2
httpd=${HTTPD-/usr/sbin/httpd_websvc2}
prog=httpd
pidfile=${PIDFILE-/var/run/httpd_websvc2.pid}
lockfile=${LOCKFILE-/var/lock/subsys/httpd_websvc2}
...
...
stop)
checkHttpdPID
stop
;;
status)
checkHttpdPID
status $httpd
RETVAL=$?
;;
restart)
checkHttpdPID
stop
start
;;
...
...
Done.
Commands to use as below.
For websvc1
# service httpd [start/stop/restart/status/configtest]
# apachectl -tS
For websvc2
# service httpd_websvc2 [start/stop/restart/status/configtest]
# apachectl_websvc2 -tS
Thats all.
For configuration of Apache, please refer to your SOP.
Sunday, September 20, 2009
Dinner at Si Chuan Dou Hua Restaurant @ UOB Plaza
Been hearing about the good view and nice food at Si Chuan Dou Hua Restaurant @ UOB Plaza for quite some time.
hungrygowhere put it at 7.2 and yum.sg put it at 6.1. should be quite safe i thought. Is it? let me pen down my experience.
The place is just a stone throw from Raffles MRT station. Though i find it a hassle to switch lift to get to level 60 but the way up is pretty smooth. not much people in the building on a sunday evening.
View from the window is actually pretty good though today the weather is a little too foggy/misty for taking photos.
I always like to bring my family during occasions to try out Cantonese and other good food. Cheap or expensive, no harm trying for once.
Here we were served with pickles while we browse through 1 set of menu for the 4 of us. er... how come only one set? no money to print because of recession? well, just joking. looks like the 'feel good' feeling is not there already. we were given ample time to go through the menu though.
First thing, i asked what tea do they served? knowing that my dad's habit of ordering "tie guan yin" tea, i asked if i can order one pot but was told they don't have serving in pot. i thought that this is very strange but never mind. 1 "tie guan yin" and 3 "ba bao cha" then. i worry that the drink might become a nightmare.
What they didn't say was that the guy with the special kettle will refill you tea cup. I like the "ba bao cha". the fragrance is balance and calming. The guy with the special kettle did refill our cups a few times, each time never fails to amaze me. Pardon for the rather weak camera in the phone.
Ordered chiken with mushroom in claypot. The chicken is tender and not too oily. Surprised that the garlic smell and taste is somewhat plain. mum says that the chef could have done something to prevent the garlic breath from us later. haha...
Now i see something. How come the pot is chipped? Feel that this is not right as the restaurant should be a fine chinese dinning place right? Would germs or other stuff get absorbed into the claypot? yucks!
See below for a closed up.
Next up is the celery with black fugus. The cooking is average. not too oily and the fried mee basket is done just crispy.
we also had some ee-fu noodle and yang chow fried rice. This 2 dishes, i find is quite good. nicely done and the ingredients are just right. in my opinion, the fried rice tasted better than the din tai fung restaurant i tried in Taiwan. i have not eaten any din tai fung in Singapore since the experience in din tai fung. Those who know me will know why. :P
After the food's eaten, the plates get collected one by one, what's left on the table are the 4 tea cups. What's next? i'm clueless on what to do next. Shouldn't the waitress ask me if i need deserts or more tea?
As i have reserved the table with informing them that we are celebrating a birthday there. They have a nice gesture of offering to give birthday cake if you pre-inform them. I asked if the birthday cake is ready. The waitress didn't know. asked my name, my phone number and checked. wasted more time. Then the cake comes.
They had a nice little chocolate cake. Surprise! The cake is purchased from Hans. Then another wait. we had out own singing of birthday song by ourselves, then wait. no plates. Asked for plates. Then one of the waitress offered to cut the cake for us. ok... but yet another surprise. we each received a small slice of the cake and never see the rest of the cake ever again. i'm like, huh? only a slice? what do they do to the rest of the cake? supper for the staff tonight? hahaa....
I'm fed up with the service rendered so far. While being served the cake, i asked for the bill to be served when we finish the cake. Didn't even want to order desert. Do inform that you can using your UOB card to enjoy 15% discount. Only for ala-carte.
oh yes. remembered that we were served pickles before ordering? The waitress actually took back one plate of the pickles that we didn't touch, leaving the one we have touched. emm.... does it mean that the pickles are kept and will be served to another customer? cost-saving measure? shouldn't it be left on the table in case we eat it during the meal? how unprofessional.
Overall, I think given the price point, the service given is very lacking. The good is just nicely done but not special nor very good. i have experienced much better Cantonese food else where at similar pricing. The waitress serving you don't even know that you have made a reservation with the birthday celebration.
Also given the rather nicely decorated place, the chipped claypot and the worn-out table cloth shouldn't be occuring here. Another thing, there is only one pathetic cheap serviette
I would rate the food at 6 / 10.
Service at 3 / 10.
Grand overall at a lousy 4 / 10 since my emphasis is always slight more on the service.
Moving large directories in Solaris
Learnt a neat way to transfer a large directory of files, esp useful if you are going to move more than 8Gb of data.
1) cd into that directory.
2) use the following command
# tar cpBEf - * | ( cd /
Do note that the "E" flag is very important if you are copying files that are larger than 8Gb.
Persistent route in Solaris 10
Found a neat feature in Solaris 10.
An improvement for static routing.
Simply type 'route -p' for persistent route which Solaris will store the entry in /etc/inet/static_routes.
One more excuse not to use your own routing file and putting into /etc/rc3.d/.
i.e.
# route -p add net 10.10.10.0 10.50.50.254 1
# more /etc/inet/static_routes
# File generated by route(1M) - do not edit.
net 10.10.10.0 10.50.50.254 1
Have fun!
Getting "Host key verification failed" error message when you try to ssh to any server including localhost
In case any of you ever get the "Host key verification failed" error message when you try to ssh to any server including localhost. Thanks kaisen.
Symptoms:
Unable to ssh to any server including localhost when using a non-root account.
Consistently getting the "Host key verification failed" error message even when
~/known_hosts is already empty or doesn't exist
~/known_hosts never gets updated with new host keys
Reason:
Device pointed to by /dev/tty is not of 666 permission.
Resolution:
chmod 666 /dev/tty
Example:
Failed ssh attempts to localhost and other servers:
root@myserver:/etc/ssh>su - account1
myserver% ssh devusr@localhost
Host key verification failed.
myserver% ssh devusr@myserver
Host key verification failed.
root@myserver:/etc/ssh>su - myname
-bash-3.00$ ssh -x myname@myserver
Host key verification failed.
-bash-3.00$ ssh -x myname@myserver
Host key verification failed.
The culprit:
root@myserver:/etc/ssh>ls -l /dev/tty
lrwxrwxrwx 1 root other 26 Sep 11 2006 /dev/tty -> ../devices/pseudo/sy@0:tty
root@myserver:/etc/ssh>ls -l /devices/pseudo/sy@0:tty
crw--w---- 1 root tty 22, 0 Dec 15 20:20 /devices/pseudo/sy@0:tty
chmod 666 /dev/tty:
root@myserver:/etc/ssh>chmod 666 /devices/pseudo/sy@0:tty
root@myserver:/etc/ssh>ls -l /devices/pseudo/sy@0:tty
crw-rw-rw- 1 root tty 22, 0 Dec 15 20:20 /devices/pseudo/sy@0:tty
root@myserver:/etc/ssh>su - account2
-bash-3.00$ ls -l /devices/pseudo/sy@0:tty
crw-rw-rw- 1 root tty 22, 0 Dec 15 20:20 /devices/pseudo/sy@0:tty
ssh should now works and you are able to add new host keys to ~/known_hosts:
-bash-3.00$ ssh -x myname@myserver
The authenticity of host 'myserver (10.100.10.100)' can't be established.
RSA key fingerprint is 43:27:c1:aa:b9:c9:f1:21:33:11:aa:dd:ee:ff:10:9f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'myserver,10.100.10.100' (RSA) to the list of known hosts.
Password:
Last login: Mon Dec 15 19:20:41 2008 from myserver2
Sun Microsystems Inc. SunOS 5.9 Generic May 2002
$ Connection to myserver closed.
-bash-3.00$ logout
Retrieving errors generated in FMA in Solaris 10
Found this script circulating.
NB: Matty, hope you don't mind me listing this useful stuff to share.
#!/bin/bash
#
# Program: E-mail fault manager errors
#
# Version 1.0
# Initial Release
#
# Last Updated: 08-18-2006
#
# Purpose:
# Fmadm.sh queries the fault manager to see if errors have been
# generated. If an error is detected, the script will email the
# admininstrator defined in the ADMIN vairable with the error
# details.
#
# License:
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
#
# Installation:
# Copy the shell script to a suitable location
#
# Usage:
# To check for events once per hour, add a cron job similar to the following:
#
# $ crontab -l | grep fmadmnotifier.sh
# 0 * * * * /etc/scripts/fmadmnotifier.sh
#
PATH=/usr/bin:/sbin:/usr/sbin:/usr/sfw/bin
# Who to E-mail with new updates
ADMIN="root"
# Location of binaries
AWK=$(which awk)
FMADM=$(which fmadm)
HOSTNAME=$(which hostname)
MAIL=$(which mailx)
MKTEMP=$(which mktemp)
# Check to make sure the mail binary exists if [ ! -f ${MAIL} ] then
echo "Cannot find ${MAIL}"
exit 1
fi
# Check to make sure the fmadm utility exists if [ ! -f ${FMADM} ] then
echo "Cannot find ${FMADM}"
exit 1
fi
# Verify that mktemp exists
if [ ! -f ${MKTEMP} ]
then
echo "Cannot find ${MKTEMP}"
exit 1
fi
# Run fmadm fauly to check for hardware errors FMADMOUTPUT=$(${FMADM} faulty | ${AWK} '$0 !~ /STATE/ && $0 !~ /^----/ { print $0 }')
if [ -n "${FMADMOUTPUT}" ]
then
WORK=`${MKTEMP} /tmp/fmadm.results.XXXXXX`
echo "The fault manager detected a problem with the system hardware." >> ${WORK}
echo "The fmadm and fmdump utilities can be run to retrieve additional" >> ${WORK}
echo "details on the faults and recommended next course of action. " >> ${WORK}
echo "" >> ${WORK}
echo "fmadm faulty output:" >> ${WORK}
echo "" >> ${WORK}
# TODO: Find a way to do all of the above in memory
${FMADM} faulty >> ${WORK}
HOST=$($HOSTNAME)
cat ${WORK} | ${MAIL} -s "Hardware fault on ${HOST}" ${ADMIN}
rm -f ${WORK}
fi
How to fix X forwarding broken by Aug 09 EIS on Solaris
Quite a while back, encountered X forwarding broken for many of the servers.
Basically, this is caused by the SSH patch due to regression in SSHD
Solaris 9 with patch 122300-28 or later
Solaris 10 with patch 126133-03 or later
Solaris 10 with patch 138060-03 and without patch 138060-04
To work around this issue, the following command can be executed as root user:
# ifconfig lo0 inet6 plumb up
More information can be found in this article - sun link
How to setup SSL certificate for MQ6
I have setup this for MQ communication with some external party.
In brief, the steps are as follows
1) Create a key store (key.kdb is the default name)
# gsk7cmd -keydb -create -db
i.e.
# gsk7cmd -keydb -create -db /var/mqm/qmgrs/
** Important to stash the password, otherwise MQ will not know what password to use. The password is stash to key.sth.
2) Generate a certificate (CSR)
# gsk7cmd -certreq -create -db
^^ dn --> distinguished name. X.500 distinguished name enclosed in double quotes.
Note that only the CN attribute is required.
You can supply multiple OU attributes.
*** VERY IMPT
For MQ server, please use ibmwebspheremq'queue manager name' without the quotes. Do not try to "learn" from the hard way. All small letters and do follow exactly.
For MQ clients, please use ibmwebspheremq'userid' without the quotes.
i.e.
# gsk7cmd -certreq -create -db key.kdb -pw
3) Sent to CA to sign it.
4) Add the certificate signed by CA to MQ6.
# gsk7cmd -cert -receive -file
[ Option -add --> add a CA cert so that the signer is trusted]
[ Option -receive --> receive a cert signed by a CA]
# gsk7cmd -cert -receive -file SSL.cert -db key.kdb -pw
4a) Display the certificate. Check that the Subject and Issuer is different.
# gsk7cmd -cert -list -db
# gsk7cmd -cert -details -db
i.e.
# gsk7cmd -cert -details -db key.kdb -pw
5a) Alter MQ6 key location to /var/mqm/qmgrs/
# runmqsc
# ALTER QMGR SSLKEYR ('
i.e.
# ALTER QMGR SSLKEYR ('/var/mqm/qmgrs/
5b) Refresh the security setting in MQ server.
# refresh security type(ssl)
6) configure MQ6 channels that needs SSL.
# runmqsc
# alter chl('
# alter chl('
i.e.
# runmqsc
# alter chl('
# alter chl('
7) Restart Channel for the changes to take effect.
# stop chl('
# start chl('
i.e.
# stop chl('
# start chl('
8) Done.
Tip:
In order for the gsk7cmd to run properly, you will need to set the environment # export JAVA_HOME=/opt/mqm/ssl/ # export PATH=$PATH:/bin:/usr/bin
To verify the certificate,
[Cert that you added in] gsk7cmd -cert -list personal -db key.kdb -pw
[All Cert in the DB] gsk7cmd -cert -list -db key.kdb -pw
[To show cert details] gsk7cmd -cert -details -db key.kdb -pw
[Extract cert from DB] gsk7cmd -cert -extract -db key.kdb -pw
[To check cert validity] gsk7cmd -cert -list all -expiry 720 -db key.kdb -pw
To import certificate,
[Import] gsk7cmd -cert -import -file
[Import with label change] gsk7cmd -cert -import -file
To Export certificate,
[Export to file] gsk7cmd -cert -export -db key.kdb -pw
To delete certificate,
What are the processes for MQ 6
1. RUNMQLSR - MQ TCP listener (multi-threaded)
2. AMQCLMAA - MQ TCP listener (single-threaded)
3. AMQRMPPA - Channel process pooling job
4. RUNMQCHI - MQ channel initiator
5. AMQCRSTA - MQ receiving MCA jobs
6. RUNMQCHL - MQ sending MCA jobs
7. AMQCRS6B - LU62 receiver channel
8. AMQPCSEA - MQ command server
9. RUNMQTRM - Application trigger monitor
10. RUNMQDLQ - Dead letter queue handler
11. AMQFCXBA - MQ Broker Worker Job
12. RUNMQBRK - MQ Broker Control Job
13. AMQZMUC0 ('0' is a zero) - MQ Utility Manager
14. AMQZMUR0 ('0' is a zero) - MQ Utility Manager
15. AMQZMGR0 ('0' is a zero) - MQ Process Controller
16. AMQRRMFA - MQ cluster repository manager
17. AMQZDMAA - MQ deferred message manager
18. AMQALMPX - MQ Log Manager
19. AMQZFUMA - MQ Object Authority Manager
20. AMQZLAS0 ('0' is a zero) - MQ LQM agents
21. AMQZLAA0 ('0' is a zero) - MQ LQM agents
22. AMQZXMA0 ('0' is a zero) - MQ Execution Controller
Problem
Q1. What is process amqzlaa0?
Q2. Why does it take so much cpu time?
Solution
A1. The 'amqzlaa0' process is the WebSphere® MQ agent.
A2. Agent processes act as buffers between the QMGR and applications. This is where most of the WebSphere® MQ work gets done.
Additional Information
The 'amqzlaa0' process is the agent process spawned by the execution controller ('amqzxma0') on behalf of the application. These agent processes are the buffer between the QMGR and applications, and it is where most of the WebSphere® MQ work gets done. Expected to see heavy CPU and memory utilization for amqzlaa0 on a busy box.
Each agent thread handles a request for one connection and these threads can be used to service multiple applications. A new agent is spawned when no threads are available for a new connection request.
Selective Display in MQ
There are times where we need to quickly display all the queue depth, trying to look for queues that have more than X messages. Note that this is applicable for MQ 6 and newer.
We used this command:
dis q(*) curdepth
Result is a very long list of output with much of it unwanted.
In MQ6, the 'WHERE' parameter in introduced. The same example, say X is 1.
dis q(*) where (curdepth gt 1)
1 : dis q(*) where (curdepth gt 1)
AMQ8409: Display Queue details.
QUEUE(SYSTEM.AUTH.DATA.QUEUE) TYPE(QLOCAL)
CURDEPTH(70)
AMQ8409: Display Queue details.
QUEUE(SYSTEM.CHANNEL.SYNCQ) TYPE(QLOCAL)
CURDEPTH(4)
This time, the result returns only those of more than 1 message in the queue.
If you wish to find out which channels are having problems, can try something like this
dis chs(*) where (status ne running)
Say if we want to trace messages mysteriously disappearing from a particular queue but we don't know which application is reading from it, we can try this..
dis conn(*) where (appltype eq USER) pid connopts appltag userid channel
Here, we listed all connections by the current Queue Manager where application type is USER. This excludes all system processes and objects. Also only display the PID, MQ connection option, name of binary, user ID and perhaps the channel that the application is connecting over.
Operators allowed for boolean comparison is as follows. Note that only simple boolean allowed. No compound usage yet.
operator := [ LT | GT | EQ | NE | LE | GE | CT | EX | LK | NL | CTG | EXG ]
Have fun.
How to configure UNIX IPC resources for Websphere MQ
Found this quite a while back.
Try to share this during my free time.
This is a good tool that will help to tune the system for MQ.
Has tried it for MQ 5.3, 6 and even 7 plus Solaris 8, 9 and 10.
There is a attachment which you need to download and try.
Reference: IBM MQ Link
Obtain yesterday's date using perl
On shell scripting,
YDATE=`date '+%y:%m:%d' | awk -F":" '{printf"20%2d%2d%2d\n",$1,$2,($3-1)}' | sed 's/ /0/g'`
YDATE=`$(perl -e '@y=localtime(time()-86400);printf "%04d%02d%02d",$y[5]+1900,$y[4]+1,$y[3];')`
On oracle cmd,
to_char(sysdate-1,'DDMMYY')
Alternative to Task Manager in Windows
As a Unix / Linux use for some time. i'm still used to command line.
i.e. We use the following to terminate processes in Unix and Linux.
# kill -9
Here's an alternative to task manager in windows. Lets look at sample commands.
C:\Documents and Settings\myname>tasklist
Image Name PID Session Name Session# Mem Usage
========================= ====== ================ ======== ============
System Idle Process 0 Console 0 16 K
System 4 Console 0 44 K
smss.exe 840 Console 0 48 K
csrss.exe 888 Console 0 4,332 K
winlogon.exe 924 Console 0 916 K
services.exe 968 Console 0 3,716 K
lsass.exe 980 Console 0 4,128 K
ati2evxx.exe 1164 Console 0 612 K
svchost.exe 1180 Console 0 2,740 K
svchost.exe 1272 Console 0 1,972 K
MsMpEng.exe 1416 Console 0 10,676 K
svchost.exe 1456 Console 0 22,128 K
svchost.exe 1616 Console 0 888 K
svchost.exe 1712 Console 0 2,032 K
ati2evxx.exe 1852 Console 0 920 K
spoolsv.exe 1948 Console 0 1,776 K
AppleMobileDeviceService. 444 Console 0 536 K
mDNSResponder.exe 484 Console 0 1,328 K
cvpnd.exe 604 Console 0 828 K
FrameworkService.exe 744 Console 0 8,236 K
mcshield.exe 872 Console 0 29,440 K
vstskmgr.exe 1056 Console 0 352 K
naPrdMgr.exe 1292 Console 0 888 K
cygrunsrv.exe 1332 Console 0 272 K
Wuser32.exe 1584 Console 0 416 K
CcmExec.exe 1660 Console 0 10,648 K
sshd.exe 1780 Console 0 64 K
wmiprvse.exe 188 Console 0 2,100 K
wmiprvse.exe 656 Console 0 3,292 K
explorer.exe 3724 Console 0 19,540 K
shstat.exe 2100 Console 0 536 K
tbmon.exe 2104 Console 0 340 K
TaskSwitch.exe 2152 Console 0 2,028 K
FAXCTRL.exe 2172 Console 0 432 K
soundman.exe 2212 Console 0 668 K
MSASCui.exe 2300 Console 0 3,336 K
UdaterUI.exe 2216 Console 0 1,756 K
jusched.exe 2364 Console 0 64 K
iTunesHelper.exe 2488 Console 0 1,236 K
Mctray.exe 2532 Console 0 740 K
ctfmon.exe 2576 Console 0 696 K
iPodService.exe 3140 Console 0 1,860 K
jucheck.exe 3636 Console 0 328 K
svchost.exe 2840 Console 0 288 K
firefox.exe 684 Console 0 110,700 K
notepad.exe 3464 Console 0 776 K
Putty.exe 3660 Console 0 6,472 K
scan32.exe 2892 Console 0 169,128 K
TSVNCache.exe 1192 Console 0 1,528 K
wisptis.exe 3968 Console 0 4,312 K
iTunes.exe 672 Console 0 75,064 K
OUTLOOK.EXE 2636 Console 0 15,772 K
Putty.exe 2284 Console 0 4,464 K
taskmgr.exe 3912 Console 0 5,328 K
cmd.exe 3820 Console 0 2,820 K
tasklist.exe 4072 Console 0 4,572 K
wmiprvse.exe 2748 Console 0 5,784 K
C:\Documents and Settings\myname>taskkill /im itunes.exe /t /f
SUCCESS: The process with PID 672 child of PID 684 has been terminated.
Easy does it.