Archive for October 7th, 2003

Faith

Tuesday, October 7th, 2003

You can’t earn your way into Heaven, but can you earn your way out of purgatory?

Replication

Tuesday, October 7th, 2003

Failover / Replication items:

1. mysql - replication
2. web site - tar / rsync, maybe amanda
3. mail files - ?
4. cron tables - tar / rsync, maybe amanda, maybe cvs
5. DNS condifuration - rsync
6. sendmail configuration - rsync
7. tomcat webapps - tar / rsync / cvs
8. cvs - unknown, rsync?

web site should have DNS failover to remote site
mail server has backup MX already
maybe config files get tarred together?

need to consider hot backup when failover won’t work. think about job to modify NAT forwarding in case of failure.

WebSphere Install

Tuesday, October 7th, 2003

I did a silent install of IHS 2.0.42 this morning. A few tweaks to the config and newton’s back on line. I’m trying the base silent install then will do the ND silent install. Scripting global security is the next big thing.

Base install took 24 minutes and installed the 1.3.26 admin service. It added plug-in lines tot he conf but left it the same otherwise.. IHS wouldn’t start:

The Apache service named  reported the following error:
>>> API module structure `ibm_app_server_http_module’ in file C:/WebSphere/AppServer/bin/mod_ibm_app_server_http.dll is garbled - perhaps this is not an Apache module DSO?

With Kali’s input, I changed the LoadModule line to:
LoadModule was_ap20_module “C:\WebSphere\AppServer/bin/mod_was_ap20_http.dll”
which worked nicely. The last configuration error was in the port directive inserted by the WAS install:
The Apache service named  reported the following error:
>>> Port was replaced with Listen in Apache 2.0


I removed the Port directive installed by WebSphere and the server started up fine (except the drive’s going nuts). On service stop apache GP faulted whe a memory write error. Interesting. It turns out that the http_plugin.log is full of these:
[Tue Oct 07 13:46:57 2003] [error] AfpaSockAcceptError
[Tue Oct 07 13:46:57 2003] [error] AfpaSockAcceptError
[Tue Oct 07 13:46:57 2003] [error] AfpaSockAcceptError
[Tue Oct 07 13:46:57 2003] [error] AfpaSockAcceptError
[Tue Oct 07 13:46:57 2003] [error] AfpaSockAcceptError
[Tue Oct 07 13:46:57 2003] [error] AfpaSockAcceptError

So maybe I need to turn the AFPA back on? Yes, that got it going. Here are the lines I uncommented:
#AfpaEnable
#AfpaCache on
AfpaPort 80
#AfpaLogFile “c:/WebSphere/IBMHTTPServer/logs/afpalog” V-ECLF


ND install took just over 28 minutes. netstat shows these ports:

  TCP    newton:8100            newton:0               LISTENING - cell ORB bootstrap
TCP newton:8101 newton:0 LISTENING - cell SOAP
TCP newton:8109 newton:0 LISTENING - cell discovery
TCP newton:8112 newton:0 LISTENING - cell http 2 (admin)
TCP newton:8113 newton:0 LISTENING - cell https 2
TCP newton:8114 newton:0 LISTENING - cell ORB listener
TCP newton:8120 newton:0 LISTENING - app bootstrap
TCP newton:8121 newton:0 LISTENING - app SOAP
TCP newton:8130 newton:0 LISTENING - app http 1
TCP newton:8131 newton:0 LISTENING - app https 1
TCP newton:8132 newton:0 LISTENING - app https 2 (admin)
TCP newton:8133 newton:0 LISTENING - app https 2


which seems to indicate that the customization worked. So, it’s time to federate. addNode dumps this out:
Usage: addNode cell_host [cell_port] [-conntype ] [-includeapps]
[-startingport ] [-noagent] [-quiet] [-nowait] [-logfile
] [-replacelog] [-trace] [-username ] [-password
] [-help]


So it’s off to the infocenter: http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp where we find this writeup:
http://publib.boulder.ibm.com/infocenter/wasinfo/topic/com.ibm.websphere.base.doc/info/aes/ae/rxml_addnode.html?resultof=%22%61%64%64%4e%6f%64%65%22%20%22%61%64%64%6e%6f%64%22%20

Eclipse GEF

Tuesday, October 7th, 2003

This article http://www.eclipse.org/articles/Article-GEF-Draw2d/GEF-Draw2d.html shows how to draw UML in GEF. It may be a good foundation for building a plug-in relationship editor for WSAD. This editor will represent web servers and app servers and the connections between them. The editor should be able to compile an xml plug-in configuration file to be loaded at each web server.

SpamCop Reporting

Tuesday, October 7th, 2003

My spamcop reporting avarage is 2 hours! http://www.spamcop.net/

SSL

Tuesday, October 7th, 2003

Starting on the SSL again today. Following the HOW-TO here: http://httpd.apache.org/docs-2.0/ssl/ssl_howto.html

This has some potential, if not local, redirect to SSL:
# Force clients from the Internet to use HTTPS
RewriteEngine on
RewriteCond %{REMOTE_ADDR} !^192\.168\.1\.[0-9]+$
RewriteCond %{HTTPS} !=on
RewriteRule .* - [F]

Have I done this before? find / -name \*.key 2>/dev/null (not found)
server key: openssl genrsa -des3 -out siwko.key 1024 (OK)
CA key: openssl genrsa -des3 -out siwko.ca.key 1024 (OK)
request: openssl req -new -x509 -days 365 -key siwko.ca.kay -out siwko.ca.crt (OK)
find / -name sign.sh 2>/dev/null… (not found)
research:
man openssl
man ca

Heaven

Tuesday, October 7th, 2003

Sister Gayanne made some comments over the weekend which got me thinking. Our God is a jealous God. Would he accept “perfect natural happiness” outside of His presence? Limbo was opened after the Passion. Christ proclaimed the good news to the dead! I imagine hs message was, “you can come home, I have paid for your sins.” There is no gate between Limbo and Heaven any more. Hell is chosen, not imposed. Does a child in Limbo get to choose to be with his Lord? Is it a sure thing, or do we rely on the mercy of God? (from CCC)