Andrew Siwko’s Blog #2

You can’t earn your way into Heaven, but can you earn your way out of purgatory?

Failover / Replication items:

1. mysql - replication
2. web site - tar / rsync, maybe amanda
3. mail files - ?
4. cron tables - tar / rsync, maybe amanda, maybe cvs
5. DNS condifuration - rsync
6. sendmail configuration - rsync
7. tomcat webapps - tar / rsync / cvs
8. cvs - unknown, rsync?

web site should have DNS failover to remote site
mail server has backup MX already
maybe config files get tarred together?

need to consider hot backup when failover won’t work. think about job to modify NAT forwarding in case of failure.

I did a silent install of IHS 2.0.42 this morning. A few tweaks to the config and newton’s back on line. I’m trying the base silent install then will do the ND silent install. Scripting global security is the next big thing.

Base install took 24 minutes and installed the 1.3.26 admin service. It added plug-in lines tot he conf but left it the same otherwise.. IHS wouldn’t start:

The Apache service named  reported the following error:
>>> API module structure `ibm_app_server_http_module’ in file C:/WebSphere/AppServer/bin/mod_ibm_app_server_http.dll is garbled - perhaps this is not an Apache module DSO? 

With Kali’s input, I changed the LoadModule line to:

LoadModule was_ap20_module “C:\WebSphere\AppServer/bin/mod_was_ap20_http.dll”

which worked nicely. The last configuration error was in the port directive inserted by the WAS install:

The Apache service named  reported the following error:
>>> Port was replaced with Listen in Apache 2.0 

I removed the Port directive installed by WebSphere and the server started up fine (except the drive’s going nuts). On service stop apache GP faulted whe a memory write error. Interesting. It turns out that the http_plugin.log is full of these:

[Tue Oct 07 13:46:57 2003] [error] AfpaSockAcceptError
[Tue Oct 07 13:46:57 2003] [error] AfpaSockAcceptError
[Tue Oct 07 13:46:57 2003] [error] AfpaSockAcceptError
[Tue Oct 07 13:46:57 2003] [error] AfpaSockAcceptError
[Tue Oct 07 13:46:57 2003] [error] AfpaSockAcceptError
[Tue Oct 07 13:46:57 2003] [error] AfpaSockAcceptError

So maybe I need to turn the AFPA back on? Yes, that got it going. Here are the lines I uncommented:

#AfpaEnable
#AfpaCache on
AfpaPort  80
#AfpaLogFile “c:/WebSphere/IBMHTTPServer/logs/afpalog” V-ECLF

ND install took just over 28 minutes. netstat shows these ports:

  TCP    newton:8100            newton:0               LISTENING - cell ORB bootstrap
  TCP    newton:8101            newton:0               LISTENING - cell SOAP
  TCP    newton:8109            newton:0               LISTENING - cell discovery
  TCP    newton:8112            newton:0               LISTENING - cell http 2 (admin)
  TCP    newton:8113            newton:0               LISTENING - cell https 2
  TCP    newton:8114            newton:0               LISTENING - cell ORB listener
  TCP    newton:8120            newton:0               LISTENING - app bootstrap
  TCP    newton:8121            newton:0               LISTENING - app SOAP
  TCP    newton:8130            newton:0               LISTENING - app http 1
  TCP    newton:8131            newton:0               LISTENING - app https 1
  TCP    newton:8132            newton:0               LISTENING - app https 2 (admin)
  TCP    newton:8133            newton:0               LISTENING - app https 2

which seems to indicate that the customization worked. So, it’s time to federate. addNode dumps this out:

Usage: addNode cell_host [cell_port] [-conntype ] [-includeapps]
           [-startingport ] [-noagent] [-quiet] [-nowait] [-logfile
           ] [-replacelog] [-trace] [-username ] [-password
           ] [-help]

So it’s off to the infocenter: http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp where we find this writeup:
http://publib.boulder.ibm.com/infocenter/wasinfo/topic/com.ibm.websphere.base.doc/info/aes/ae/rxml_addnode.html?resultof=%22%61%64%64%4e%6f%64%65%22%20%22%61%64%64%6e%6f%64%22%20

This article http://www.eclipse.org/articles/Article-GEF-Draw2d/GEF-Draw2d.html shows how to draw UML in GEF. It may be a good foundation for building a plug-in relationship editor for WSAD. This editor will represent web servers and app servers and the connections between them. The editor should be able to compile an xml plug-in configuration file to be loaded at each web server.

My spamcop reporting avarage is 2 hours! http://www.spamcop.net/

Starting on the SSL again today. Following the HOW-TO here: http://httpd.apache.org/docs-2.0/ssl/ssl_howto.html

This has some potential, if not local, redirect to SSL:
# Force clients from the Internet to use HTTPS
RewriteEngine on
RewriteCond %{REMOTE_ADDR} !^192\.168\.1\.[0-9]+$
RewriteCond %{HTTPS} !=on
RewriteRule .* - [F]

Have I done this before? find / -name \*.key 2>/dev/null (not found)
server key: openssl genrsa -des3 -out siwko.key 1024 (OK)
CA key: openssl genrsa -des3 -out siwko.ca.key 1024 (OK)
request: openssl req -new -x509 -days 365 -key siwko.ca.kay -out siwko.ca.crt (OK)
find / -name sign.sh 2>/dev/null… (not found)
research:
man openssl
man ca

Sister Gayanne made some comments over the weekend which got me thinking. Our God is a jealous God. Would he accept “perfect natural happiness” outside of His presence? Limbo was opened after the Passion. Christ proclaimed the good news to the dead! I imagine hs message was, “you can come home, I have paid for your sins.” There is no gate between Limbo and Heaven any more. Hell is chosen, not imposed. Does a child in Limbo get to choose to be with his Lord? Is it a sure thing, or do we rely on the mercy of God? (from CCC)