Tuesday, 6 February 2018

How to make API gateway listen to Microservice deployed on ECS under ALB

Now that the ECS and Docekerisation is something every AWS enthsuiast will be familiar with.There are still some challenges that are left to solve till AWS comes up with new features.

Problem:--  Enable API gateway URL endpoints for Microservices that are deployed on ECS in a private subnet  and are accessible through the ALB.

Constraint  API gateway can talk to Load balancer through VPC links but only when we have NLB.
No-brainer that we cant have a replicate deployment of API's under NLB to be accessible through API Gateway. ( unnecessary additional costs)

Solution

  1. Capture the instances and the dynamic port allocated to them by ALB under the desired Microservice target group.
  2. Create a target group specifically to be registered under NLB on the desired traffic port and add the captured instnaces and their port in the target registration tab.
  3. Create a NLB and make it listen to the created target group of step 2.
  4. Go to API gateway and create a VPC link with the NLB, it will take 3-4 minutes to become active.

You are set to use the VPC link for API Gateway deployment.

**Note**
For secuity reasons will advise the use of API key.

Cheers!!

Wednesday, 28 September 2016

AWS Database migraton service..it gets more fantastic with AWS

AWS Database Migration Service is a web service you can use for migrating data from database. Various scenarios that DMS supports :--
Database that is on-premises, to an Amazon Relational Database Service (Amazon RDS) DB instance
 Database that is on-premises, to a database on an Amazon Elastic Compute Cloud (Amazon EC2)
Migrate a database from an AWS service to an on-premises database.
Supported DB types and versions
Oracle versions 10g, 11g, 12c, for the Enterprise, Standard, Standard One, and Standard Two edition
Microsoft SQL Server versions 2005, 2008, 2008R2, 2012, 2014, and 2016 for the Enterprise, Standard, Workgroup, and Developer editions.
MySQL versions 5.5, 5.6, and 5.7
PostgreSQL versions 9.3 and later
Types of DB migrations
Homogenous
The DB migrations between the same engine type versions.
Heterogeneous
The DB migrations between the different engine type versions.
                      DMS Components










AWS DMS uses a replication server that connects to the source database, reads the source data, formats the data for consumption by the target database, and loads the data into the target database
At Source DB endpoint DMS collates the data and collects necessary information to convert them in a meaningful way.

At Target DB endpoint DMS migrate all objects to the specified database and schema or create each database and schema for you as it finds the schema on the source

Typically DMS can have 3 types of tasks

Migrate existing data (Full Load)
Take a outage and migrate the complete data from source to target.

Migrate existing data and replicate ongoing changes
This option performs a full data load while capturing changes on the source. Once the
full load is complete, captured changes are applied to the target

Replicate data changes only
In some situations AWS DMS can be used only to replicate changes starting when you
start your bulk load( using any other tool) and keep your source and target databases in
sync


!!Keep experimenting!!

Wednesday, 16 December 2015

P2V(Physical to Virtual) movement with OracleASM

P2V (Physical to virtual) movement means, moving your current environments from physical stacks to Virtual stacks.

I had this task of moving the database server with ASM installed to move to virtual server created using VMware. Tasks involved are:--

1.) Creation of Virtual instance by taking the snapshot of the Physical machine w/o raw disk.
     All the raw disks for ASM mounted in Physical server will become invalid when moving to Virtual                  environment.
2.) Once the Virtual environment is created cross check all mount points and files system.
3.) Create a fresh ASM instance and start cluster services, remember the hostname assigned to Virtual               server have to be same as of Physical server.
4.) Assign new raw disks to Virtual server and slice them for ASM as per your discretion
5.) Take either cold backup by taking a downtime or RMAN backup of all the databases to be moved on a       shared mount point.
6.) Post backup map shared backup mount point to virtual server.
7.) Mapping of common backup mount point to virtual server.
8.) Creating individual Disk Groups in ASM and add multiple disks to each Disk Group.
9.) Restoration of backups on virtual server.

Just switch over the existing IP of Physical server to Virtual server and perform the sanity check after that.


!!Keep Experimenting!!


Friday, 24 July 2015

Weblogic warning Closing socket as no data read from it on 10.1.1.1,100

In the webserver logs every administrator of PeopleSoft must have seen this warning message.

Closing socket as no data read from it on 14.96.62.76:60,197 during the configured idle

This message is nothing to be worried about but do fills up the log files , to avoid this warning message entry in logfiles carry on the following steps

1.Set the parameter -Dweblogic.client.socket.ConnectTimeout=XXXX,measured in milliseconds under JAVA_OPTIONS

 Example:
 -Dweblogic.client.socket.ConnectTimeout=300

Second way of doing this change.

2. Change duration time to a higher value in the below Console path
 Server -> Protocols (tab) -> HTTP (sub-tab) -> Duration






Monday, 29 June 2015

Oracle SES silent installation on Linux using responsefile



Starting with Oracle SES installation and configuration make sure that the certified OS is checked.

SES is not certified on Linux 6

Oracle SES Linux Certifications

Oracle SES is certified to run only on the following Linux operating systems:
  • Oracle Enterprise Linux 4 (Update 6 or higher to support WebLogic)
  • Oracle Enterprise Linux 5
  • Red Hat Enterprise Linux 4 AS and ES (Update 3 or higher)
  • Red Hat Enterprise Linux 5 AS and ES (or later updates)
  • SUSE Linux Enterprise Server 10
  • SUSE Linux Enterprise Server 11

I will explain how to install  SES using a responsefile but you all have the option of running it in easy and friendly GUI mode by setting up the DISPLAY variable.
Oracle provides the SES dump on edelivery in two parts ,which need to be downloaded and unzipped.
SES creates its own database and has separate weblogic server to administer it.

Lets begin the SES installation and Configuration:--

>> Installation has to be done with a non-root user.
>> open the response file make the following changes.
response file includes two parts. You only need to provide values in the first part. Values in the second part have already been set. You should never change them.

ORACLE_HOME_NAME=sesdev --> This is unique and limited to just 8 characters.
ORACLE_BASE=/psoft/oracle --> your oracle software location
ORACLE_HOME=/psoft/oracle/seshome --> this is your ses home location where SES specific files are installed                                                        
SEARCH_DATA_STORAGE_LOCATION=/psoft/oracle/oradata -->directory for datafiles,control files,redo logs.                                                                                                                       
SEARCH_ADMIN_PASSWORD=xxxxxxxx--> this is search serve administrative password and has to be of atleast 8 characters with 1 numerical must.                                                                                
SEARCH_HTTP_PORT=7777 --> this is http port of search server, that will be configured in later stage,  not to mention ports less then 1024 will need root privileges to start the server so avoid that, and also avoid 1521 port
                                                         
COMPONENT_LANGUAGES=("en") --> choose the various languages from the options given.

The chraracter set is by default AL32UTF8 which is mentioned in part 2 of the response file.

>> i specifically skipped the prerequsite check done by oracle by running this:--

./runInstaller -ignoreSysPrereqs -silent -responseFile /psoft/dumps/ses_11_1_2_2_0_linux64/response/server.rsp

and the installation kicked off going into success






Rest of the configuration in abundance in other blogs, Let me know if any of you run into issues .

Keep Experimenting
Cheers!!


Thursday, 23 April 2015

IMAP setup in Peoplesoft

IMAP setup has become very interim in PeopleSoft to make it more user friendly for clients to have approval and reject buttons on the mail only.
Here I am going to only explain the configuration of IMAP and POP3 protocol with PeopleSoft.
I am considering imap.gmail.com as the imap server.

First of all download the certificates from google.com by logging into gmail and import through PIA.







Then import the root certificate in the pskey, make sure to take the backup of pskey. follow the following link how to do it

how to import certificates in PeopleSoft

Then go to Peopletools>Integration Broker>Integration setup>Nodes and search for the node
MCF_GETMAIL.
Go to the connectors tab and make the configuration as shown in the below screenshot.


MCF_AttRoot:-- Give the path where the mails will be stored
MCF_Attserv:-- http://xyz.com:8999/PSAttachServlet/<webserver domain>/
MCF_Password:-- the encrypted password of the id used to login into gmail
MCF_Port:-- default port on which IMAP is configured
MCF_Protocol:-- IMAP
MCF_Server:-- imap.gmail.com
MCF_UseSSL:-- this has to be mentioned as Y if your imap server is using SSL
MCF_User:-- the gmail user to login into gmail

After making the required entries save the page.
Go to the Main Menu>PeopleTools>MultiChannel Framework>Email>Sample Pages
Username:-- Gmail userID which was configured in the MCF_User
Password:-- password of the gmail user
Server:-- imap.gmail.com

Then fetch the message count, if it gives the count then the setup is complete.















Keep experimenting.
Cheers!!

Thursday, 16 April 2015

How to import certificates in PeopleSoft.

To import the root certificate, please do the following.

1. Put this address into the Browser Address bar;

http://www.gstatic.com/GoogleInternetAuthority/GoogleInternetAuthority.crt

2. In the pop up window, select Save button and Save the file into local directory with this filename;

GoogleInternetAuthority.crt.

3. Double click the certificate file and go to Certification Path tab.

4. Click root certificate GeoTrust and click View Certificate button.

5. In the new certificate window, go to Details tab.

6. Click Copy to File button.

7. Click Next and select Format of

Base-64 encoded X.509(.CER).

8. Click Next and fill in a file name.

9. Click Next and then Finish.

10. Close all the windows.

Copy the c:\temp\ps\rootca.cer to <PS_HOME>\webserv\<Domain> on web server box.

11. Open the command prompt on the web server box and cd to
PS_HOME\webserv\<Domain>.If on tools release 8.49+ the path is: PS_HOME\webserv\<Domain>\bin

12. Type ‘pskeymanager – import’

13. It will prompt you for the password; type password as ‘password’ (it’s default, if you want to change it, you can type something you can remember)


14. It will prompt you for Alias

 Before this open a duplicate command prompt window and go to PS_HOME\webserv\<Domain>\bin and check for existing certificates
Type " pskemanager -list"

15. come to the previous command prompt window and Enter an alias name for the root certificate, e.g. ‘PTTEST’ or any other name (Make sure it does not already exist in your keystore) and in the next step enter the rootca file name ‘rootca.cer’ which you have copied to a file from the certificate sent by certificate provider and then click ‘Enter’

If necessary enter the file path to the certificate.


16. You will see the ‘Trust this Certificate’ prompt as shown below; type ‘yes’

17. It will complete the process and you will see ‘Certificate was added to keystore’

18. Edit integrationGateway.properties file.
Peopletools>Integration Broker>Configuration>Gateways and choose the gateway. Once there click on the Gateway Setup Properties link, enter the userid and password, Click OK. Now, click on the Advanced Properties Page and locate the following code and enter the path to pskey (<PS_HOME>\webserv\<Domain> /keystore/pskey) and the password.
19. On tools release 8.50+ the password must be encrypted.
Uncomment following parameters and make sure they are correct.
secureFileKeystorePath=<path to pskey>
secureFileKeystorePasswd=password
20. Bounce web server.
21. Again type "pskemanager -list" to see the imported certificate listed.
22. Always take the backup of the pskey before doing any import or deletion of certificates.