Thursday, November 3, 2011

Working with the Deployment Engine

So the IBM Deployment Engine (aka ACSI, or Autonomic Computing Solution Installer is what I believe the acronym stands for) is a really nice product and works very well if you read the documentation and warnings. As luck would have it, I forgot to read some of the documentation and warnings, so I was able to learn some things.

The OMNIbus documentation states that if you use the DE as a regular user, then as root, that all installs from that point forward will only use the DE instance that was installed by root (the global instance). It also states that if you uninstall the global/common instance, then the DE is uninstalled everywhere.

The situation that brought me to this point is that I installed TBSM 6.1 on Linux as the user 'netcool' (so it uses a user-specific DE). I then tried to install CCMDB 7.2.1 on the same machine as the user 'root'. This failed early in the process, but not before a new global/common DE was installed. I gave up my CCMDB install dreams and proceeded to install an OMNIbus probe as the user 'netcool'. This gave me an error that I was currently using the global DE on an installation that had been performed using my user-specific DE and I should abort the installation. After reading the above OMNIbus documentation, I didn't want to uninstall the global DE (for fear that it would wipe out everything and I wouldn't be able to upgrade any products). However, since I had a copy of my VM, I gave it a shot. What I did was:

as root:

cd /usr/ibm/common/acsi/bin
export SI_JAVA_HOME=/usr/ibm/common/acsi/jre
./si_inst -r -f

This scared me a bit because it did COMPLETELY remove the /usr/ibm/common/acsi directory and killed all of the acsi processes ('ps -ef | grep acsi' showed nothing at this point). But my ~netcool/.acsi_* directories were still there (I don't know why, but I have two of these directories - ~/.acsi_netcool and ~/.acsi_myserverhostname). At this point, I re-ran the probe installation as user netcool (nco_install_integration), and I got no error messages, and the install information was added correctly to my local DE instance.

And the lesson I learned is that once you install any DE-based product on a machine as a non-root user, all of your subsequent DE-based installs need to be done as non-root users (it doesn't need to be the same user for different products, but you don't want to install anything DE-based as root).

Monday, October 10, 2011

Tips on the ITM Agent for Maximo (product code MI )

I recently found the Tivoli Monitoring Agent for Maximo 7.1.1 Feature Pack and wanted to share some tips on using it. You can find the Feature Pack (with downloads) here:

https://www-304.ibm.com/support/docview.wss?q1=itm&rs=3214&uid=swg24025477&context=SSLKT6&cs=utf-8&lang=en&loc=en_US

The instructions for installing the agent assume that you have Maximo, your ITM TEMS and ITM TEPS all on the same Windows machine, which I imagine would not be the case for most customers. You *can* install the TEMS and TEPS support on a non-windows machine using the following commands:

installIraAgentTEMS.sh /opt/IBM/ITM


installIraAgentTEPS.sh /opt/IBM/ITM

Where the first parameter is your ITM install directory. You can then install just the agent on a Windows machine with:

installIraAgent.bat C:\IBM\ITM

The agent itself is ONLY installable on Windows. However, this can be ANY Windows machine you want - it only needs to be able to access your Maximo server via URL. NOTE: The agent does get some information from the Log file dir that you specify; if you install the agent on a machine that is not your Maximo server, this data will not be available. (I'm not certain exactly what information it gets from the logs.)

A BIG caveat of the agent is that you CAN NOT use it if you have configured Application Server Security for authentication and authorization with Maximo. (I didn't test out the scenario of configuring Application Server Security only for authentication due to time constraints). So you can only use the agent to monitor a Maximo installation that is configured to use Maximo security.

The next tip has to do with configuration. When you configure the agent, you're required to provide a few pieces of information:

Instance Name: Do NOT use "maximo" as the value! I found this out the hard way - it simply doesn't work if you do this. I used "MXServer", but it looks like you can use anything OTHER than "maximo".

Log file dir: This is the location of your application server log files. For example:

/opt/IBM/WebSphere/AppServer/profiles/ctgAppSrv01/logs/MXServer

Port: This is the port you use to access Maximo. The default is 7001, which is the default http port for WebLogic. If you're using WebSphere, you should change this to 9080 for http access (or 9443 for https).

Java Home Directory: This can be set to any Java 1.5 (or above) install location on the system. I set mine to:

E:\IBM\SMP\sdk

Another tip is that you do NOT need to configure Maximo Performance Monitor for the agent to work.

The last tip is on usage, once you get the agent up and running. Let it run for a several minutes before assuming it's not working correctly. It just takes a few minutes to capture some of its data. Once it up and running correctly, the table in the Performance Object Status workspace should look similar to this:



SysInfo SysInfo ACTIVE NO ERROR
DataBaseInfo DataBaseInfo ACTIVE NO ERROR
InstalledApps InstalledApps ACTIVE NO ERROR
License License ACTIVE NO ERROR
InstalledProducts InstalledProducts ACTIVE NO ERROR
DBConnections DBConnections ACTIVE NO ERROR
MemGaugeForAllSrvrs MemGaugeForAllSrvrs ACTIVE NO ERROR
RuntimeMXBean RuntimeMXBean ACTIVE NO ERROR
Memory Memory ACTIVE NO ERROR
MemoryGauge MemoryGauge ACTIVE NO ERROR
MBOCountGauge MBOCountGauge ACTIVE NO ERROR
UPSGauge UPSGauge ACTIVE NO ERROR
CronTasks CronTasks ACTIVE NO ERROR
EscalationErrorLog EscalationErrorLog ACTIVE NO INSTANCES RETURNED



Sunday, October 2, 2011

PLAYterm: a New Way To Improve Command Line Skills

PLAYterm: a New Way To Improve Command Line Skills: chrb writes "Linux Journal points out PLAYterm, an interesting project that offers up recordings of Linux command line sessions, with the aim of helping viewers to improve their skills by watching gurus at work." And there's no bad excuse to link to Neal Stephenson's excellent (and free-to-download in delicious zipped-text form) In the Beginning was the Command Line.

Read more of this story at Slashdot.

I think this is a great resource for Windows people learning UNIX/Linux, and also for Linux people who just want to learn about some new commands.

Thursday, September 29, 2011

How to create a lock on a DB2 table

I spent a while figuring this out (to set up a problem/resolution scenario for ITCAM) and figured I would share.

By default, DB2 has auto-commit turned ON. So any time you run a SQL statement, it's automatically followed by a COMMIT. To change this, the easy way is:

db2 +c "delete from your_table_name where your_where_clause"

Then any other application or process trying to read or write this table will have to wait until the lock is cleared before returning. So if you open another window and run 'db2 select * from your_table_name', it will just sit there.

To clear the lock, run:

db2 commit

More info is here:


Monday, September 26, 2011

Tivoli Common Reporting Security - Removing users from administrator roles

In Tivoli Common Reporting, by default, all users will have administrative privileges.  So, every user you create in TCR will have access to the Launch->Administration option and he/she can edit data sources, cancel scheduled jobs and perform various administrative tasks.   While this is great for test environments, it is absolutely not desirable for production implementations.   So, how do we turn off this major security hole?   Fortunately, there is an easy but not well-documented way.
 
1. Logon as tipadmin/tcradmin in Tivoli Common Reporting portal and select Reporting->Common Reporting
2. Click Launch->Administration
3. Goto Security Tab.
4. Select Cognos.
5. Make sure you selected, Users, Groups and Roles option in the left pane.
6. The list of roles will be listed. Go to the next page on the list. 
7. Select "System Administrators" role that is listed at the very bottom.
8. Click on the "Properties" option to edit the role settings.
9. Click on the "members" tab.
10. Click on the "Add" link to add specific users to TCR administration role.  Typically, the TCR users you created will be under VMMProvider.
11. Next select the "Everyone" group by selecting the checkbox next to it and click "Remove" link.
12. Click OK to save the changes.
13. Log out and log back in as an ordinary user. Now the "Launch->Administration" option will not appear anymore.
 
Hope this helps,
 

Tuesday, September 6, 2011

Fixing perl's CPAN on CentOS

If you are using CentOS 5.5 and trying to download perl modules with CPAN, you may come across this error:

Undefined subroutine &Compress::Zlib::gzopen called at /usr/lib/perl5/5.8.8/CPAN.pm line 5721

When working with Tivoli software, it is helpful to use virtual machines. You can save images for different app/version combinations and retrieve them when you need to develop or test something. CentOS is the open source brand for Red Hat, so it works really well when you have to install multiple VMs but don't want the hassle of tracking RHEL licenses. Sometimes you may have to modify various file contents to look more like RHEL itself, but in general CentOS does the trick.

Recently, I was attempting to write a perl script to parse XML files.  I chose to download the XML::LibXML module because it is very flexible and pretty fast. I started CPAN with:

user@system> cpan

Then I attempted the install:

user@system> install XML::LibXML

but then I got the 'Undefined subroutine...' error above. I tried running CPAN with the alternate command:

user@system> perl -MCPAN -e shell

I also tried to install other packages (such as DBD::DB2), but they generated the same error. I have been using the same CentOS 5.5 image for a couple of years, so it made sense to update the perl packages. Same error.

After some Google research, it appears that another error may have a similar cause.
(note the different package and line #):

Undefined subroutine &Compress::Zlib::gzopen called at /usr/lib/perl5/5.8.8/CPAN/Tarzip.pm line 122

It took a while to piece together this solution in steps, so hopefully this can save someone else a little time.

1. Install the yum utilities:

user@system> yum install yum-utils
(This contains the yum-complete-transaction executable, which does what its name says.  Description here.)


2. Get libxml2:

user@system> yum install libxml2-devel

user@system> yum-complete-transaction
(notice it's yum-, NOT the normal yum with a space)


3. Update software packages:

But use yum from the command line to do it instead of the built-in CentOS  'Software Updater'.  Run this:

user@system> yum check-update

It will outline all the available updates and ask if you want to execute them. Go ahead and say yes. There may be libraries in some of those packages that will be required to build perl modules. (In a single run, I had 242 installs and 242 removes, and it completed all of them. In my previous attempts to do the same thing from the Software Updater, the Package Manager would hang every time.)

user@system> yum-complete-transaction
(this will just make sure they're all done)


4. Run CPAN:

user@system> perl -MCPAN -e shell

Within CPAN, run these commands in this order:

cpan> force install Scalar::Util

cpan> force install IO::Compress::Base

cpan> force install Compress::Raw::Zlib

cpan> force install IO::Compress::Gzip

cpan> force install Compress::Zlib


after running all of these, CPAN should run just fine. Go ahead and download any perl packages you want.

Saturday, August 27, 2011

Verify the CloudBurst 2.1 Tivoli software stack

Verify the CloudBurst 2.1 Tivoli software stack:

The advantages an appliance brings with it are often achieved by complex
tasks; many times this complexity is hidden by the interface to the appliance, giving the user a limited view of the entire configuration and integration points. But a user may need to verify or re-verify the software stack when the environment changes (restoring backup images in a disaster recovery scenario), making modifications to hardware configurations (like when you add new blades) or software configurations (like when you add new networks with VLAN tagging). In this article, the author provides a quick guide to verifying the IBM CloudBurst 2.1 Tivoli software stack.