Run OHS for Weblogic cluster - weblogic

I am using weblogic12.1.3
I was install the WebLogic cluster in the above format :
cluster name : cs1, cluster address 172.30.35.23:7003,172.30.35.23:7004
I have 2 manageserver : 172.30.35.23:7003,172.30.35.23:7004
and a Machine MCH1(added 2 manage server to this machine)
my console address is : 172.30.35.23:7001/console
I have installe OHS on the other server : IP:172.30.35.13 port:7777
===============================================================
My configuration in OHS (mod_wl_ohs.conf) is :
LoadModule weblogic_module /u01/app/product/fmw/ohs/mosules/mod_wl_ohs.so
<IfModule weblogic_module>
<Location /console>
WLSRequest On
WebLogicHost 172.30.35.23
WeblogicPort 7001
</Location>
</IfModule>
<IfModule weblogic_module>
<Location /Hello>
WLSRequest On
WebLogicCluster 172.30.35.23:7003,172.30.35.23:7004
</Location>
</IfModule>
=============================================================
my /etc/hosts on weblogic server is :
127:0.0.1 localhost.localdomain
172.30.35.23 weblogic2 weblogic2.localdomain
my /etc/hosts on OHS server is :
127:0.0.1 localhost.localdomain
172.30.35.13 OHS OHS.localdomain
==============================================================
I deployed Hello.war to cluster
My test result :
172.30.35.23:70001/console is ok
172.30.35.13:7777/console is ok
172.30.35.23:7003/Hello is ok
172.30.35.23:7004/Hello is ok
but i dont have any answer on 172.30.35.13:7777/Hello
why ?
It means OHS is not working with cluster ?
ohs1.log is :
[oracle#OHS logs]$ cat ohs1.log
[2015-10-05T18:21:50.6939+03:30] [OHS] [ERROR:32] [OHS-9999] [mod_weblogic.c] [client_id: 172.30.35.200] [host_id: OHS] [host_addr: 172.30.35.13] [tid: 140599950821120] [user: oracle] [ecid: 0058LmbHfxLDg^wawDedMG0005rH000006] [rid: 0] [VirtualHost: main] <0058LmbHfxLDg^wawDedMG0005rH000006> weblogic: parseServerList: 172.30.35.23:7102 apr_socket_connect error [111] Connection refused
[2015-10-05T18:21:50.6971+03:30] [OHS] [ERROR:32] [OHS-9999] [mod_weblogic.c] [client_id: 172.30.35.200] [host_id: OHS] [host_addr: 172.30.35.13] [tid: 140599950821120] [user: oracle] [ecid: 0058LmbHfxLDg^wawDedMG0005rH000006] [rid: 0] [VirtualHost: main] <0058LmbHfxLDg^wawDedMG0005rH000006> weblogic: parseJVMID: could not resolve hostname '-1407311080'. Returning NULL from parseJVMID
Thanks

You need to make WebLogic Server to accept OHS request
If the version of the Oracle WebLogic Server instances in the back end is 10.3.4 (or later releases), you must set the WebLogic Plug-In Enabled parameter.
1.
Log in to the Oracle WebLogic Server administration console.
The WebLogic Proxy Plug-In provides features that are
identical to those of the plug-in for Apache HTTP Server.
2.
In the Domain Structure pane, expand the
Environment node.
– If the server instances to which you want to proxy requests from Oracle
HTTP Server are in a cluster, select Clusters.
– Otherwise, select Servers.
3.
Select the server or cluster to which you want to proxy requests from Oracle
HTTP Server.
The Configuration: General tab is displayed.
4.
Scroll down to the Advanced section, expand it, and select the
WebLogic Plug-In Enabled checkbox. Or change value from default to yes if there isn't checkbox
5.
Click Save.
6.
If you selected Servers in step 2, repeat steps 3 and 4 for the other servers to which you want to proxy requests from Oracle HTTP Servers.
For the change to take effect, you must restart the server instances.

Related

Mercure keeps binding to port 80

I'm using the Mercure hub 0.13, everything works fine on my development machine, but on my test server the hub keeps on trying to bind on port 80, resulting in a error, as nginx is already running on port 80.
run: loading initial config: loading new config: http app module: start: tcp: listening on :80: listen tcp :80: bind: address already in use
I'm starting the hub with the following command:
MERCURE_PUBLISHER_JWT_KEY=$(cat publisher.key.pub) \
MERCURE_PUBLISHER_JWT_ALG=RS256 \
MERCURE_SUBSCRIBER_JWT_KEY=$(cat publisher.key.pub) \
MERCURE_SUBSCRIBER_JWT_ALG=RS256 \
./mercure run -config Caddyfile.dev
Caddyfile.dev is as follows:
# Learn how to configure the Mercure.rocks Hub on https://mercure.rocks/docs/hub/config
{
{$GLOBAL_OPTIONS}
}
{$SERVER_NAME:localhost:3000}
log
route {
redir / /.well-known/mercure/ui/
encode zstd gzip
mercure {
# Transport to use (default to Bolt)
transport_url {$MERCURE_TRANSPORT_URL:bolt://mercure.db}
# Publisher JWT key
publisher_jwt {env.MERCURE_PUBLISHER_JWT_KEY} {env.MERCURE_PUBLISHER_JWT_ALG}
# Subscriber JWT key
subscriber_jwt {env.MERCURE_SUBSCRIBER_JWT_KEY} {env.MERCURE_SUBSCRIBER_JWT_ALG}
# Permissive configuration for the development environment
cors_origins *
publish_origins *
demo
anonymous
subscriptions
# Extra directives
{$MERCURE_EXTRA_DIRECTIVES}
}
respond /healthz 200
respond "Not Found" 404
}
When I provider the SERVER_NAME as an environment variable, without a domain, SERVER_NAME=:3000, the hub actually starts on port 3000, but runs in http mode, which only allows for anonymous subscriptions and is not what I need.
Server:
Operating System: CentOS Stream 8
Kernel: Linux 4.18.0-383.el8.x86_64
Architecture: x86-64
Full output when trying to start the Mercure hub:
2022/05/10 04:50:29.605 INFO using provided configuration {"config_file": "Caddyfile.dev", "config_adapter": ""}
2022/05/10 04:50:29.606 WARN input is not formatted with 'caddy fmt' {"adapter": "caddyfile", "file": "Caddyfile.dev", "line": 3}
2022/05/10 04:50:29.609 INFO admin admin endpoint started {"address": "tcp/localhost:2019", "enforce_origin": false, "origins": ["localhost:2019", "[::1]:2019", "127.0.0.1:2019"]}
2022/05/10 04:50:29.610 INFO http enabling automatic HTTP->HTTPS redirects {"server_name": "srv0"}
2022/05/10 04:50:29.610 INFO tls.cache.maintenance started background certificate maintenance {"cache": "0xc0003d6150"}
2022/05/10 04:50:29.627 INFO tls cleaning storage unit {"description": "FileStorage:/root/.local/share/caddy"}
2022/05/10 04:50:29.628 INFO tls finished cleaning storage units
2022/05/10 04:50:29.642 INFO pki.ca.local root certificate is already trusted by system {"path": "storage:pki/authorities/local/root.crt"}
2022/05/10 04:50:29.643 INFO tls.cache.maintenance stopped background certificate maintenance {"cache": "0xc0003d6150"}
run: loading initial config: loading new config: http app module: start: tcp: listening on :80: listen tcp :80: bind: address already in use
I'm a bit late, but I hope that will help someone.
As mentionned here, you can specify the http_port manually in your caddy configuration file.

Apache Ranger Audit log connect with Solr Cloud Mode with SSL

I have three nodes with Solr and ZooKeeper with enabled TLS/SSL where the ZK listen only in securePort and Solr - HTTPS.
Now I want to connect Solr to Apache Ranger for audit logs
where I am setting:
ranger.audit.solr.urls = https://HOST1:8983/solr/ranger_audits
and
ranger_admin_solr_zookeepers = HOST1:2281,HOST2:2281,HOST3:2281
The Apache Ranger is not in SSL mode and listen only on HTTP.
For Solr I have successfully create ranger_audits configset and collection with the same name.
ZooKeeper election is also successful where I have 1 leader and 2 followers.
So everything works as expected except the Apache Ranger audit communication.
The version of the Apache Ranger is 2.0.
ZooKeeper version - 3.6.3
Solr version - 8.11.1
With the current settings I get the following exception when open audit tab in Ranger UI:
2022-03-22 06:54:08,189 [http-bio-6080-exec-2] INFO org.apache.ranger.common.RESTErrorUtil (RESTErrorUtil.java:326) - Operation error. response=VXResponse={org.apache.ranger.view.VXResponse#7ef95c52statusCode={1} msgDesc={Error running solr query, please check solr configs. java.util.concurrent.TimeoutException: Could not connect to ZooKeeper HOST1:2281,HOST2:2281,HOST3:2281 within 15000 ms} messageList={[VXMessage={org.apache.ranger.view.VXMessage#3bd495a3name={ERROR_SYSTEM} rbKey={xa.error.system} message={System Error. Please try later.} objectId={null} fieldName={null} }]} }
javax.ws.rs.WebApplicationException
UPDATE:
The solution is to provide jaas.conf and java properties which fixed the problem.
-Dzookeeper.client.secure=true
-Djava.security.auth.login.config=/etc/ranger/admin/conf/jaas.conf
The sample of the jaas.conf is:
Client {
org.apache.zookeeper.server.auth.DigestLoginModule required
username="admin"
password="admin-pass";
};
Please note that this is not complete solution and the connection from Ranger to through HTTPS ZooKeepers is still problematic.

Unable to get the cluster and node details in Web Console agent for Apache Ignite

I am trying to get the node and cluster details in the Apache Ignite WebConsole. Below are the steps i have performed:
1. Download the Apache Ignite WebConsole.
2. My applications is running the ignite node as a cache layer(Ignite node started OK (id=ac87a66c,)
3. Ignite is running on Ignite discovery url 192.168.0.102:47500
4. I ran the bat file: web-console-agent.bat. But it is not able to connect to the agent and hence the web console:
[2020-05-26T18:05:33,245][INFO ][main][AgentLauncher] Starting Apache GridGain Web Console Agent...
[2020-05-26T18:05:33,415][INFO ][main][AgentLauncher]
[2020-05-26T18:05:33,416][INFO ][main][AgentLauncher] Web Console Agent configuration :
[2020-05-26T18:05:33,535][INFO ][main][AgentLauncher] User's security tokens : ********************************af05
[2020-05-26T18:05:33,539][INFO ][main][AgentLauncher] URI to Ignite node REST server : http://localhost:8080
[2020-05-26T18:05:33,540][INFO ][main][AgentLauncher] URI to GridGain Web Console : https://console.gridgain.com
[2020-05-26T18:05:33,548][INFO ][main][AgentLauncher] Path to properties file : default.properties
[2020-05-26T18:05:33,548][INFO ][main][AgentLauncher] Path to JDBC drivers folder : C:\pluralsight\gridgain-web-console-agent-2020.03.01\jdbc-drivers
[2020-05-26T18:05:33,557][INFO ][main][AgentLauncher] Demo mode : enabled
[2020-05-26T18:05:33,560][INFO ][main][AgentLauncher]
[2020-05-26T18:05:33,621][INFO ][main][WebSocketRouter] Starting Web Console Agent...
[2020-05-26T18:05:33,635][INFO ][Connect thread][WebSocketRouter] Connecting to server: wss://console.gridgain.com
[2020-05-26T18:05:35,996][INFO ][http-client-16][WebSocketRouter] Successfully completes handshake with server
[2020-05-26T18:05:40,035][WARN ][pool-2-thread-1][ClusterHandler] Failed to connect to cluster.
[2020-05-26T18:05:40,036][WARN ][pool-2-thread-1][ClusterHandler] Check that '--node-uri' configured correctly.
[2020-05-26T18:05:40,039][WARN ][pool-2-thread-1][ClusterHandler] Ensure that cluster nodes have [ignite-rest-http] module in classpath (was copied from libs/optional to libs folder).
[2020-05-26T18:05:40,045][INFO ][pool-2-thread-1][ClustersWatcher] Failed to establish connection to node
Please let me know where i am missing steps

Apache JKmanager Activation Status is not updating

I have changed the Activation Status of JKManager node1 from Activate to Deactivate and once after access the application URL and login the status of the JKManager gets changed to activate status.And i couldn't find any errors in Apache logs.Does is there any other configuration required?
My application is using Server Version: Apache/2.2.15 (Win32) mod_jk/1.2.265,mod-jk and Jboss Application Server Version 6.And below is the configured worker.properties file
worker.list=workerlist
# Set properties for node1
worker.node1.type=ajp13
worker.node1.host=xxxx
worker.node1.port=xx
worker.node1.lbfactor=4
# Set properties for node2
worker.node2.type=ajp13
worker.node2.host=xxxx
worker.node2.port=xx
worker.node2.lbfactor=4
# Set properties for workerlist(lb)
worker.workerlist.type=lb
worker.workerlist.balance_workers=node1,node2
worker.workerlist.sticky_session=1
worker.list=jkstatus
worker.jkstatus.type=status
The issue is due to Jboss Application server(Server.xml) and Apache Server(V_host) are configured with same port and we have changed the Port of JBOSS in server.xml which resolved the issue.Thanks

How to connect Apache log to graylog2 server

I'm using Graylog2 server as my application log server. But couldn't connect apache log to graylog2. Is there any guide to send apache log to graylog2 server or can someone help me to solve this ?
I put this at the bottom of my /etc/rsyslog.conf on Ubuntu 14.04
# Apache access file:
$ModLoad imfile
$InputFileName /var/log/apache2/access.log
$InputFileTag apache-access:
$InputFileStateFile stat-apache-access
$InputFileSeverity info
$InputRunFileMonitor
#Apache Error file:
$InputFileName /var/log/apache2/error.log
$InputFileTag apache-errors:
$InputFileStateFile stat-apache-error
$InputFileSeverity error
$InputRunFileMonitor
$InputFilePollInterval 10
if $programname == 'apache-access' then #10.11.11.33:514
if $programname == 'apache-errors' then #10.11.11.33:514
where 10.x.x.x is my Graylog2 server.
There will be a GELF module for Apache soon. Until that is released I can recommend using Logstash to parse and forward the Apache log files. You could even send in the log lines to "Raw/Plaintext" inputs in Graylog2 using tail and netcat.