March 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
25262728293031

Categories

March 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
25262728293031

Websphere Aric Diagram

Untitled

 

 

 

Port Name Default Port Value
Administrative console 9060
Administrative console secure 9043
HTTP transport 9080
HTTPS transport 9443
Boostrap 2809
SIP 5060
SIP secure 5061
SOAP connector 8880
Administrative inter-process communication 9633
SAS SSL ServerAuth 9401
CSIV2 ServerAuth listener 9403
CSIV2 MultiAuth listener 9402
ORB listener 9100
High availability-manager communication 9353
Service integration 7276
Service integration secure 7286
Service integration MQ interoperability 5559

 

WAS

à
Provides the infrastructure for running applications that run your business.

à Common environment and programming model for your applications.

àPlatform for developing and Deploying web services and SOA based apps

à Secure, Scalable, reliable transaction engine for ERP

à IBM WebSphere is architected to enable you to build business-critical applications for the Web

à
WebSphere includes a wide range of products that help you develop and serve Web applications.

à They are designed to make it easier for clients to build, deploy, and manage dynamic Web sites more productively

à WAS implements J2EE specification

WebSphere Application Server provides the environment to run your Web-enabled e-business applications. An application server functions as Web
middleware or a middle tier in a three-tier e-business environment. The first tier is the HTTP server that handles requests from the browser client. The third tier is the business database (for example, DB2 UDB for iSeries) and the business logic (for example, traditional business applications, such as order processing). The middle tier is WebSphere Application Server, which provides a framework for a consistent and architected link between the HTTP requests and the  nd the business data and logic.

 

062611_1613_1

With the Base and Express packages, you are limited to single application server environments. The Network Deployment package allows you to extend this environment to include multiple application servers that are administered from a single point of control and can be clustered to provide scalability and high availability environments.

062611_1613_2

 

 

 

The typical application flow is as follows:

1. A Web client requests a URL in the browser (input page).

2. The request is routed to the Web server over the Internet.

3. The Web server immediately passes the request to the Web server plug-in.

All requests go to the Web server plug-in first.

4. The Web server plug-in examines the URL, verifies the list of host name

aliases from which it will accept traffic based on the virtual host information,

and chooses a server to handle the request.

5. A stream is created. A stream is a connection to the Web container. It is

possible to maintain a connection (stream) over a number of requests. The

Web container receives the request and, based on the URL, dispatches it to

the proper servlet.

6. If the servlet class is not loaded, the dynamic class loader loads the servlet

(servlet init(), then doGet() or doPost()).

7. JNDI is used for lookup of either datasources or EJBs required by the servlet.

8. Depending upon whether a datasource is specified or an EJB is requested,

the JNDI directs the servlet:

– To the corresponding database and gets a connection from its connection

pool in the case of a data source.

– To the corresponding EJB container, which then instantiates the EJB when

an EJB is requested.

9. If the EJB request involves an SQL transaction, it goes back to the JNDI to

look up the datasource.

10.The SQL statement is executed and the retrieved data is sent back either to

the servlet or to the EJB.

11.Data beans are created and handed off to JSPs in the case of EJBs.

12.The servlet sends data to JSPs.

13.The JSP generates the HTML that is sent back through the plug-in to the Web

server.

14.The Web server sends the output page (output HTML) to the browser.

Functionality of WAS

WebSphere Application Server supports asynchronous messaging through the use of a JMS provider and its related messaging system.(JMS 1.1 Messaging Provider)

WebSphere Application Server provides authentication and authorization capabilities to secure administrative functions and applications, using LDAP

WebSphere Application Server works with a Web server (such as the IBM HTTP Server) to route requests from browsers to the applications that run in WebSphere Application Server. Web server plug-ins are provided for installation with supported Web browsers. The plug-ins direct requests to the appropriate application server and perform workload balancing among servers in a cluster.

Web services enable businesses to connect applications to other business applications, deliver business functions to a broader set of clients and partners, interact with marketplaces more efficiently, and create new business models dynamically.

Delivers a high performance and extremely scalable transaction engine for dynamic e-business applications

Packaging

WebSphere Application Server is available in multiple packaging options.

WebSphere Application Server – Express V6.0

à Single Server environment.(No Clustering or multi server management)

à J2EE 1.4 support

àMedium-sized business

àContains Rational Web Developer application tool

à Doesn’t handle EJB and JCA

à Limited to 2 CPU’s

WebSphere Application Server V6.1 (Base)

àSlightly differs in packaging and licensing

à Contains Application Server toolkit

à Includes a trial version of Rational Application Developer

àUnlimited CPU’s

WebSphere Application Server Network Deployment V6

àExtends Base version

àClustering capabilities

àEdge Components which provide high performance and availability (Caching Proxy and Load Balancer)

àHA for distributed configurations

àLarge Enterprise applications

àScalability, Availability and Performance

àWeb Server plug-in supports weighted WLM

àAll V6 application servers have the same core and base functionality

àWebSphere Application Server – Express V6 node can be upgraded to a WebSphere Application Server V6 node(.Can be done without any software upgrades .Only a paper license upgrade is required)

àWebSphere Application Server- Express V6 and WebSphere Application Server V6 node can be federated into a WebSphere Application Server – Network Deployment V6 cell (Can be done without any software upgrades .Only a paper license upgrade is required)

Differences b/n WAS Version

WAS 5: J2EE 1.2/1.3 support

JDK 1.3 support

Web Services based on Apache engine

WAS 6.0: J2EE 1.2/1.3/1.4 support

JDK 1.4 support (JDK 1.4.2)

Web Services based on J2EE 1.4

High Availability Manager

Java Based Messaging Engine

EJB 2.1, JMS 1.1, JCA 1.5, Servlet 2.4, and JSP 2.0

Supports Java Server Faces (JSF)

Creates Archive of the existing WAS configurations and the archive can be

used to create new configurations.

Profiles and all profiles use same WebSphere binaries(Less storage)

Node groups

Service integration functionality provides both message-oriented and service

Oriented applications

WAS 6.1: J2EE 1.2/1.3/1.4 support

JDK 5.0 support

JSF-a framework for Web applications

Integrated Console

Security changes

Secure and Scalable runtime

Edge Components

Using Edge components can reduce Web server congestion, increase content availability, and improve Web server performance. As the name indicates, Edge components usually run on machines that are close (in a network configuration sense) to the boundary between an enterprise’s intranet and the Internet.

Web container

àA Web container, which processes HTTP requests, servlets, and JavaServer Pages (JSPs)

à Web container transport chains:

Requests are directed to the Web container using the Web container inbound transport chain. The chain consists of a TCP inbound channel that provides the connection to the network, an HTTP inbound channel that serves HTTP 1.0 and 1.1 requests, and a Web container channel over which requests for servlets and JSPs are sent to the Web container for processing

à
Servlet processing

When handling servlets, the Web container creates a request object and a response object, then invokes the servlet service method. The Web container invokes the servlet’s destroy method when appropriate and unloads the servlet, after which the JVM performs garbage collection.

à HTML and other static content processing

Requests for HTML and other static content that are directed to the Web container are served by the Web container inbound chain. However, in most cases, using an external Web server and Web server plug-in as a front-end to a Web container is more appropriate for a production environment.

_

àSession management

Support is provided for the javax.servlet.http.HttpSession interface as described in the Servlet application program interface (API) specification.

_

à Web services engine

Web services are provided as a set of APIs in cooperation with the J2EE applications. Web services engines are provided to support Simple Object Access Protocol (SOAP).

EJB Container

àThe Enterprise JavaBeans (EJB) container provides all the runtime services that are needed to deploy and manage enterprise beans. It is a server process that handles requests for both session and entity beans.

àThe enterprise beans, packaged in EJB modules, installed in an application server do not communicate directly with the server. Instead, the EJB container provides an interface between the enterprise beans and the server. Together, the container and the server provide the enterprise bean runtime environment.

àThe container provides many low-level services, including threading and transaction support. From an administrative viewpoint, the container manages data storage and retrieval for the contained enterprise beans. A single container can host more than one EJB Java archive (JAR) file.

WAS Services

J2EE Connector Architecture services

Transaction service

Dynamic cache service

Message listener service

Object Request Broker service

Administrative service (Java Management Extensions)

Diagnostic trace service

Debugging service

Name service (Java Naming Directory Interface)

Performance Monitoring Interface service

Security service (JAAS and Java 2 security)

Service Integration Bus service

The Web server:

A Web server handles the HTTP protocol. When the Web server receives an HTTP request, it responds with an HTTP response, such as sending back an HTML page. To process a request, a Web server may respond with a static HTML page or image, send a redirect, or delegate the dynamic response generation to some other program such as CGI scripts, JSPs (JavaServer Pages), servlets, ASPs (Active Server Pages), server-side JavaScripts, or some other server-side technology. Whatever their purpose, such server-side programs generate a response, most often in HTML, for viewing in a Web browser.

Understand that a Web server’s delegation model is fairly simple. When a request comes into the Web server, the Web server simply passes the request to the program best able to handle it. The Web server doesn’t provide any functionality beyond simply providing an environment in which the server-side program can execute and pass back the generated responses. The server-side program usually provides for itself such functions as transaction processing, database connectivity, and messaging.

While a Web server may not itself support transactions or database connection pooling, it may employ various strategies for fault tolerance and scalability such as load balancing, caching, and clustering—features oftentimes erroneously assigned as features reserved only for application servers.

Eg: Apache HTTP Server, Sun ONE Web Server, iPlanet Web Server

The application server:

As for the application server, according to our definition, an application server exposes business logic to client applications through various protocols, possibly including HTTP. While a Web server mainly deals with sending HTML for display in a Web browser, an application server provides access to business logic for use by client application programs. The application program can use this logic just as it would call a method on an object (or a function in the procedural world).

Such application server clients can include GUIs (graphical user interface) running on a PC, a Web server, or even other application servers. The information traveling back and forth between an application server and its client is not restricted to simple display markup. Instead, the information is program logic. Since the logic takes the form of data and method calls and not static HTML, the client can employ the exposed business logic however it wants.

In most cases, the server exposes this business logic through a component API, such as the EJB (Enterprise JavaBean) component model found on J2EE (Java 2 Platform, Enterprise Edition) application servers. Moreover, the application server manages its own resources. Such gate-keeping duties include security, transaction processing, resource pooling, and messaging.

Like a Web server, an application server may also employ various scalability and fault-tolerance techniques.

Difference between AppServer and a Web server :
(1) Webserver serves pages for viewing in web browser, application server provides exposes businness logic for client applications through various protocols

(2) Webserver exclusively handles http requests.application server serves bussiness logic to application programs through any number of protocols.

(3) Webserver delegation model is fairly simple,when the request comes into the webserver,it simply passes the request to the program best able to handle it(Server side program). It may not support transactions and database connection pooling.

(4) Application server is more capable of dynamic behaviour than webserver. We can also configure application server to work as a webserver.Simply applic! ation server is a superset of webserver.

In J2EE application modules are packaged as EAR, JAR and WAR based on their functionality .These files are simply zipped files using java jar tool. These files are created for different purposes.

.jar files:

JAR files (Java ARchive) allows aggregating many files into one, it is usually used to hold Java classes in a library. i.e. Math.jar These files are with the .jar extension. The .jar files contain the libraries, resources and accessories files like property files.

.war files:

WAR files (Web Application aRchive) stores XML, java classes, and JavaServer pages for Web Application purposes. These files are with the .war extension. The war file contains the web application that can be deployed on the any servlet/jsp container. The .war file contains jsp, html, javascript and other files for necessary for the development of web applications.

.ear files:

EAR files (Enterprise ARchive) combines JAR and WAR files to make a combined archive for Enterprise Applications. The .ear file contains the EJB modules of the applications

1. Roles & Responsibilities

2. Explain your work in your previous environment (Your script)

3. What is wsadmin / jacl scripting

WSADMIN is a scripting interface (or command-line interface) into WebSphere Application Server that permits the automation of many different tasks that we can do using a (web interface) or graphical user admin console.

JACL scripting is the scripting language that is supported by the WebSphere Application Server to administer or write any custom-based task.

What are the different wsadmin objects.

AdminConfig

AdminControl

AdminApp

AdminTask

Help

How do you invoke wsadmin command

Go to the appropriate <profile_home> and type wsdmin.

How do you execute a jacl script

>wsadmin -f myScript.jacl

What did you use wsadmin / jacl scripting for.

4. Explain

Session affinity:

Most servers use the term “Session Affinity” to indicate that within a cluster of servers, requests from the same client always get routed back to the same server. (or) In a clustered environment, any HTTP requests associated with an HTTP session must be routed to the same Web application in the same JVM.

Session Persistance:

You use session persistence to permanently store data from an HTTP session object to enable failover and load balancing across a cluster of WebSphere Applicaiton Servers.
Sessiontracking:

Session tracking enables you to track a user’s progress over multiple servlets or HTML pages, which, by nature, are stateless.

How do you set session time out :

You can specify an interval of time after which HTTP sessions expire.

click Servers > Application servers > server_name > Web container settings > Session management > Session Timeout

What are the different levels at which session timeout can be set

application level, web module level, server level

5. How do you upgrade WAS        

GUI Upgrade

Silent Upgrade

Logs files and their paths for both

6. Back Ups

How do you take back ups in WAS

backupConfig.sh [filename] -nostop

What is the out put file

WebSphereConfig_yyyy-mm-dd.zip

How do you restore back ups

restoreConfig.sh <filename.zip> -nostop
What is the Backup policy in your previous company

Incremental Backups every week.

7. Explain profiles and what is the equivalent command in WAS 5.x

In WAS 5.x —-> wsInstance.sh -name instanceName -path instanceLoacation -host hostName -create | delete

8. What are the different kinds of sync operations

1. Automatic synchronization.

2. Manual synchronization.

3. Startup synchronization.

How do you disable auto sync

System Administration > nodeagent > file synchronization service > Uncheck automatic synchronization.

What is the default interval for auto sync

60 seconds.

9. What are the different UserRoles in WAS

1. Monitor    2. Operator     3. Configurator     4. Administrator

10. Explain JNDI in WAS

Each application server hosts a name service that provides a Java Naming and Directory Interface (JNDI) name space. The service is used to register resources hosted by the application server. The JNDI implementation in WebSphere Application Server is built on top of a Common Object Request Broker Architecture (CORBA) naming service (CosNaming).

JNDI provides the client-side access to naming and presents the programming model that application developers use. CosNaming provides the server-side implementation and is where the name space is actually stored. JNDI essentially provides a client-side wrapper of the name space stored in CosNaming and interacts with the CosNaming server on behalf of the client.

Simple

Simple name

The simple name binding is guaranteed to succeed if lookup is within the same server or when connected directly to the name space of the server containing the target of the lookup. It can be used in a servlet or EJB, if it is certain that the object is located on the same application server. Here is an example of a simple name:

ejb/webbank/Account

Corba

Corbaname

The corbaname binding is always guaranteed to work. However, it requires that you know the correct path to the object at deployment time. Here is an example of a corbaname:

corbaname::myhost1:9812/NameServiceServerRoot#ejb/webbank/Account

Complex names

Compound name/remote/complex

Applications that do not run in the same server cannot use simple name lookup because the simple name is not local to the application. Instead, an application of this type must look the object up directly from the name server. Each application server contains a name server. System artifacts such as EJB homes are bound relative to the server root context in that name server. The fully qualified (compound name) JNDI name is always guaranteed to work.

Here is an example of a compound name:

cell/nodes/node1/servers/server1/ejb/webbank/Account

When do you use dumpNameSpace.sh

Run the dumpNameSpace command against any bootstrap port to get a listing of the names bound with that provider URL.

 

11. Explain JDBC Connection Pooling

Each JDBC data source has a pool of JDBC connections that are created when the data source is deployed or at server startup. Applications use a connection from the pool then return it when finished using the connection. Connection pooling enhances performance by eliminating the costly task of creating database connections for the application.

 

Each data source that you configure contains a pool of database connections that are created when the data source instance is created-when it is deployed or targeted, or at server startup.

Connection Timeout

This value indicates the number of seconds a request for a connection waits when there are no connections available in the free pool and no new connections can be created.

Max Connections

Specifies the maximum number of physical connections that you can create in this pool.

Min Connections

Specifies the minimum number of physical connections that you can create in this pool.

Reap Time

Specifies the interval in seconds between runs of pool maintenance thread.

Unused Timeout

Specifies the interval in seconds after which an idle or unused connection is discarded.

Aged Timeout

Specifies the interval in seconds before a physical connection is discarded.

Which one should be the highest and which one should be the lowest in the reap/unused/aged timeouts.

Aged timeout should be the highest and Reap timeout should be lowest.

Purge Policy

Specifies how to purge connections when a stale connections or fatal connection error is detected.

What are stale connection exceptions

When an application receives a stale connection exception on a database operation, it indicates that the connection currently held is no longer valid.

(or)

Whenever a troubled connection is encountered, a staleConnectionException is raised. (A troubled connection is an inconsitent connection object in a connection pool)

12. Explain the Deployment steps of a J2EE application to WAS

13. How would you go about when a new application comes into ur environment (resources, settings, heaps etc)

14. What is rollover update

It is used to rollover the updates to all the cluster members in a cluster whenever any changes are made to even one of the cluster member.

15. What is ripple start

RippleStart combines stopping and starting operations. It first stops and then restarts each member of the cluster.

16. Explain 2 Troubleshooting scenarios

17. How would you set up introscope profiles/probes

Wily’s Introscope is an enterprise application performance monitoring tool. It provides an overview of application and server health and statistics.

 

18. VerboseGC

 

VerboseGC is the logging mechanism implemented by the JVM to diagnose memory/storage problems. Here Garbage collection identifies and frees previously allocated storage that is no longer in use. An understanding of the way that the Garbage Collector works will help you to diagnose problems.

Verbose logging is intended as the first tool to be used when attempting to diagnose garbage collector problems; more detailed analysis can be performed by invoking one or more (trace garbage collector) traces.

How do set it up

In Admin Console goto Servers > Application Servers > Java and Process Management > Process Definition > Java Virtual Machine > Check Verbose Garbage Colletion option.

 

What files have verbosegc information

That particular server’s (<profile_home>/logs/servername/) native_stderr.log

What tool did you use to analyse verbosegc logs

GCAnalyzer

19. What is process definition.

A process definition specifies the run-time characteristics of an application server process. A process definition can include characteristics such as JVM settings, standard in, error and output paths, and the user ID and password under which a server runs.

What is the effect of changing max heap and min heap size of a jvm

Max Heap Size:
When you have established the maximum heap size that you need, you might want to set the minimum heap size to the same value; Using the same values is not usually a good idea, because it delays the start of garbage collection until the heap is full. The first time that the Garbage Collector runs, therefore, becomes a very expensive operation. Also, the heap is more likely to be fragmented and require a heap compaction. Again this is a very expensive operation.

Min Heap Size: The recommendation is to start your application with the minimum heap size that it needs. When it starts up, the Garbage Collector will run often and, because the heap is small, it runs efficiently.

Whats the max heap allowed by AIX

Minimum heap size allowed

AIX:        4 MB

LINUX:        4 MB

WINDOWS:     4 MB

Maximum heap size allowed

AIX: Half the available memory with a minimum of 16 MB and a maximum of 512 MB

LINUX:     Half the available memory with a minimum of 16 MB and a maximum of 512 MB

WINDOWS: Half the real (physical or RAM) memory with a minimum of 16 MB and a maximum of 2 GB

What are the effects of large initial heap/max heap

The time between garbage collections will increase, but the garbage collection will take longer, which indirectly effects the turn-around-time of the applicaiton performance.

(or)

Because it delays the start of garbage collection until the heap is full. The first time that the Garbage Collector runs, therefore, becomes a very expensive operation. Also, the heap is more likely to be fragmented and require a heap compaction. Again this is a very expensive operation.

20. Heap Dumps/ Core dumps

What is a heap dump

Heapdump is a JVM facility that generates a dump of all live objects that are on the Java heap at a certain point in time; that is, those that are             used by the Java application. When the java heap is exhausted the JVM will generate a heap dump by default.

By default, you get heapdumps only on OutOfMemoryErrors. You do not get heapdumps in crashes or through a signal to the JVM.

It shows the objects that are using large amounts of memory on the Java heap, and what is preventing them from being collected by the Garbage Collector.

What is a core dump/thread dump

Java thread dumps provide detailed information about all active Java threads. It is useful in several situations, most notably for hung servers.

How to generate Heap dump both WAS 5/6

 

By default, you get heapdumps only on OutOfMemoryErrors. You do not get heapdumps in crashes or through a signal to the JVM. In order to manually generate a heapdump, you must first enable signal-based heapdumps by setting the IBM_HEAPDUMP=TRUE and IBM_NOSIGHANDLER=TRUE environmental variables and through wsadmin follow the below process:

 

>set myheap_dm [$AdminControl queryNames type=JVM,process=server1,*]

>$AdminControl invoke $myheap_dm generateHeapDump

How to generate core dump/thread dump both WAS 5/6

Through wsadmin

>set mythread_dm [$AdminControl completeObjectName type=JVM,process=server1,*]

>$AdminControl invoke $mythread_dm dumpThreads

Whats the difference between kill -3 command executed on WAS5 JVMs and WAS 6 JVMS

kill -3 command generate core dumps.

What tools did you use to analyse core dump/thread dump

IBM ThreadAnalyzer

What tools did you use to analyse heap dumps

IBM HeapAnalyzer

In what scenarios is a core dump/thread dump useful

It is useful in several situations, most notably for hung servers or hung thread situations or thread deadlock situations.

In what scenarios is a heap dump useful

It is useful in situations, most notable for memory leak problems or memory allocation problems for exaple OutOfMemoryExceptions.

What are the respective extensions (jdk 1.3 and 1.4)

jdk 1.4 heap dump format generates a .phd format

 

21. How do you make a jvm run as a service in windows and why.

WASService.exe. The reason we can utilize this service on Windows platform is because the Windows OS automatically starts this service whenever the system is up and we can flexibily start and stop the server from windows services.

22. What is activity log and how do you view it.

These are IBM Service logs which are in binary format, which logs activity of various WebSphere Application Server components. Log Analyzer is used to view the activity.log files.

23. How do you set up traces.

In Admin console Troublshooting > logs and trace > servername > choose Diagnostic trace

24. What is a PMR and explain how you worked with IBM on a PMR

PMR: Problem Management Record —- PMR is created wehn a customer submits a request to fix a software problem via ESR. A PMR number is assigned to track the request. You can attach files to your PMR to provide the IBM engineer more information to better assist you.

ESR: Electronic Service Request ——–

25. What all parameters did you tune in WAS (other than JDBC connection pool and heap sizes)

We can tune some of these other aspects such as

1. Application server (parameter : )

2. JVM tunings (parameter : )

3. Applications (parameter : )

4. Database (parameter : )

5. JMS (parameter : )

6. Security

7. Hardware capacity and settings (parameter : )

8. Operating System (parameter : )

9. Web Servers (parameter : )

26. What other connection pools do you know in WAS other than JDBC connection pool

J2C connection pool

MQ connection pool

Thread pool

27. How do you enable global security in WAS

1. Configure User registries (it can be custom, LDAP, or local OS)

2. Configure Authentication mechanisms (LTPA)

3. Configure Authorization (if there is any)

and then check Enable global security.

How do u configure an LDAP

1. In the Deployment Manager Admin Console, select Security -> Global Security > User Registries -> LDAP.

2. Provide the details for the fields in the Configuration panel as listed below:

Serverid, Serverpassword, Type, Host, Port, Base DN, Bind DN, Bind password (please get this info from LDAP admin)

3. Click Apply

    4. Save the configuration for WebSphere.

    5. We need to define the configuration for Global Security in the Administrative Console. Navigate to Security -> Global Security.

6. “Check” ‘Enable global security’ option

7. “Uncheck” ‘Enforce Java 2 Security’ option

8. From the Active User Registry drop-down list select LDAP as the active user registry.

9. Click Apply; this will validate the settings.

10. Save the configuration for WebSphere, and then restart the server.

How do u configure LTPA

Global Security > Authentication mechanism > LTPA > provide the password and Apply

How do u configure SSO

Global Security > Authentication mechanism > LTPA > SSO > check ‘Enabled’ option

What is the limitation of SSO

It is applicable only to a single domain. It cannot span multiple domains. Example: mail.google.com (every resource under google.com can be accessed) but outside of that domain SSO cannot be applied.

 

How do you make SSO work across multiple cells

The LTPA token keys must be exported to the target cell and the LTPA token key from the target cell must be imported into the current cell.

Does WAS support multiple LDAPs?

Yes, from 6.0 version onwards

28. What is SSL

Secure Socket Layer is the technology to establish secure communication along with data integrity and encryption over the network or between the nodes (machines)

 

29. Did you ever work with certificates

Yes,

30. What is the utility that comes with WAS / IHS to manage certificates

ikeyman.sh

31. What is the defualt key store location for WAS

<profile_home>/etc

32. How do you change the port number for admin console

Logging into the admin console

http://<hostname>:<admin_port>/admin

ex: http://localhost:9060/admin

Without logging into the admin console

C:\WebSphere\profiles\dmgr\config\cells\dmgr_cell\nodes\dmgr_node\serviceindex.xml (dmgr starts but cannot open the admin console because the port hasn’t been changed in virtual host xml file)

C:\WebSphere\profiles\dmgr\config\cells\dmgr_cell\virtualhosts.xml

33. How do you disable security for Deployment manager without logging into the console

security.xml , enable=false

34. If you have to change the ports of a jvm manually without logging into the admin console which file would you edit.

serverindex.xml

35. Explain virtual hosts concept

A virtual host is a configuration that enable a single host machine to resemble multiple host machine.

What are the two virtual hosts that come with WAS installation

admin_host, default_host

36. What is the plugin configuration file and where is it located

The plug-in configuration file (plugin-cfg.xml) contains routing information for all applications mapped from the web server to the application server.

How do u regenerate the plugin config file

The GenPluginCfg command is used to regenerate the plug-in configuration file. Depending on the operating platform, the command is:

Linux and Unix: GenPluginCfg.sh

Windows: GenPluginCfg.bat

When do u regenerate the plugin config file

The plug-in configuration file needs to be regenerated and propagated to the Web servers when there are changes to your WebSphere configuration that affect how requests are routed from the Web server to the application server.

These changes include:

_ Installing an application

_ Creating or changing a virtual host

_ Creating a new server

_ Modifying HTTP transport settings (i.e HTTP ports)

_ Creating or altering a cluster

When do you manually edit the plugin config file

When enabling SSL (specifying the key file name), LoadBalanceWeight, and minimum number of connections.

What is the information in a plugin config file

Plugin config file contains routing information along with information on virtual hosts , clusters (cluster members), and URIs.

 

When the request comes to a webserver how does the webserver know the JVM that is capable of handling that request.

The webserver first takes the request and if it can’t serve, it forwards the request to the plugin config file . The plugin config file routes the request     to the appropriate application server (or cluster member or jvm) according to the mapping information it has.

What is the refresh interval of plugin.

60 seconds

If a change is made to the plugin config should the webserver be restarted?

Not Required because the plugin’s automatic refresh interval is 60 seconds.

37. What webserver did you work on

I have on on IBM HTTP and Apache web servers.

What is the configuration file for IHS

httpd.conf

If changes are made to the config file should the webserver be restarted

Yes. The webserver must to restarted so the changes made to the config file become effective.

What changes are made to this config file (automatically) during plugin installation on the webserver

The plugin’s binary module file (.dll) path and the plugin’s configuration file (plugin-cfg.xml) path will be copied to the httpd.conf file automatically.

38. What is collector tool

The collector tool gathers information about your WebSphere Application Server installation and packages it in a Java archive (JAR) file that you can send to IBM Customer Support to assist in determining and analyzing your problem. Information in the JAR file includes logs, property files, configuration files, operating system and Java data, and the presence and level of each software prerequisite. Collector tool can be run by only root or administrator.

Syntax

It must be invoked from a temporary work directory > C:\IBM\WebSphere\AppServer\bin\collector.sh | bat

 

Use

It can be used to send it to the IBM Customer Support to assist in determining and analyzing your problem.

Output file

The output will a .jar file. For example: node31-dmgr_cell-dmgr_node-dmgr-WASenv.jar

39. When on a system there is an existing installation of websphere federated to the DM. You make one more installation and federate this to another/same DM.

Will it work??

We can federate it to the same DM. This works.

If it doesnt, how will you make it work

 

40. What is the difference between horizontal/vertical clustering.

Clustering is a mechanism which provides workload management (WLM) and failover for applications that reside on the application server cluster.

Horizontal clustering: For high availability and horizontal scalability.

Vertical clustering: For high availability and vertical scalability. Disadvantage: Single point of failure.

When would you use them

For workload management (WLM) and failover requirements.

41. When an application is deployed, where can the application binaries be found

In the Applications folder when the application is deployed. Ex: C:\IBM\WebSphere\profiles\dmgr\config\cells\dmgr_cell\applications

42. Unix commands

43. How do you create a JDBC resource

 

To view this administrative console page, click Resources >JDBC Providers > New.

Step 1: Select the database type. Choose a supported database type.

Step 2: Select the JDBC provider type. Choose a supported JDBC Provider type.

Step 3: Select the implementation type. Choose a supported implementation type.

Step 4: Apply

Step5: Now create the required Data Sources

 

To view this administrative console page, click Resources > JDBC Providers > JDBC_provider > Data sources > New

44. What is the difference between webserver handling in WAS 5 and 6

45. New features in WAS 6

46. What is the pre requisite for syncnode command

The nodeagent on the node must be in a stopped state when this command is executed.

47. What are the logs in IHS

access.log, error.log

48. How do you change the log format in IHS

In httpd.conf file change the following line to your required parameters —– LogFormat”%t %h %u %m”

49. What are the configuration files in IPlanet web server

magnus.conf, obj.conf

50. What is TAI, and how do you enable it.

TAI = Trust Association Interceptor. Trust association is used to connect reversed proxy servers to WebSphere Application Server.

(or)

Trust association enables the integration of IBM WebSphere Application Server security and third-party security servers.

 

Global Security > LTPA > TrustAssociation > Check Enable trust association and Apply

1) What is the recommended free disk space in /tmp to install WAS.

1 GB

2) What is the default installation location of WAS in Linux.

Opt/IBM/WebSphere/AppServer

3) What is the default installation location of WAS in Sun Solaris.

Opt/IBM/WebSphere/AppServer

4) What is the default installation location of WAS in AIX

Usr/IBM/WebSphere/AppServer

5) List any 10 parameters in response file

-W silentInstallLicenseAcceptance.value=”true”

-P wasProductBean.installLocation=”C:\IBM\WebSphere\AppServer”

-OPT disableOSPrereqChecking=”true”

-OPT installType=”installNew”

-OPT createProfile=”true”

-OPT profileType=”deploymentManager”

-OPT PROF_enableAdminSecurity=”true”

-W nodehostandcellnamepanelInstallWizardBean.nodeName=”krishna_node”

-W nodehostandcellnamepanelInstallWizardBean.hostName=”localhost”

-W winservicepanelInstallWizardBean.winServiceQuery=”true”

-W winservicepanelInstallWizardBean.accountType=”localsystem”

-W winservicepanelInstallWizardBean.startupType=”manual”

6) Write the complete command to execute a response file.

<was-setup>./install –options “<absolute path of response file>” – silent

7) Which registry file will get updated after installation of WAS.

vpd.properties

8) What is the use of SOAP Connector port and what is the default soap port number for DMGR profile.

Client Applications like wsadmin uses Simple Object Access Protocol and that is listening to the port 8879. If we want federate a profile by using SOAP protocol and SOAP connector port number, we can federate a profile.

9) What is the default Http transport port number for Application Server profile and what is the use.

9080, (if ssl was enabled 9443) If we want to invoke applications running on AppServer we are using HTTP transport port

10) What is the default Bootstrap port number in App.Serv profile and what is the use.

2809. To access the EJB’s, JNDI use bootstrap port to obtain initial context root.

11) Installation was successful and when I am trying to start server it is giving “Invocation Target Exception” why you will get this issue and how you are trouble shooting this issue.

May be the problem with hostnames, hostnames are mismatched. Add the host name in etc/hosts file which you had given at the time of installation.

12) What are different profile templates in WAS 6.0?

Dmgr, default and managed

13) Write the complete command to create an App.Serv profile through command line.

C:\IBM\WebSphere\AppServer\bin>wasprofile.bat -create -profileName AppSrv04 -profilePath “C:\IBM\WebSphere\AppServer\profiles\AppSrv04? -template Path“C:\IBM\WebSphere\AppServer\profileTemplates\default” -nodeName app_node04 -cellName cell04 -hostName krishamurthy

14) Write a complete command to delete a profile.

C:\IBM\WebSphere\AppServer\profiles\AppSrv01\bin>wasprofile.bat -delete -profileName AppSrv01

15) If you get a problem before creating a log’s directory at the time of installation, at that time where you can check the status of installation

tmp/log.txt

16) What is the difference between managed node and unmanaged node

Manged Node contains node agent, we can administer federated profiles servers and applications from dmgr admin console. For unmanaged the will be no nodeagent.

17) What is the impact for the federated profile servers, if DMGR is down.

No impact on servers and applications

18) In which xml file, we can change the port numbers.

Serverindex.xml

19) What is a server.

Server provides a runtime environment for your web app’s Or Enterprise applications.

Server receives user request, process that request and execute that request and response will be generated to the end users.

20) If we stop the nodeagent, what will be the impact for end users.

There is no impact for end users

21) How to take backup with out stopping servers.

./backupConfig.sh –nostop

22) What are the different user registries under global security in 6.0 and 6.1.

Local OS, Custom, LDAP. Federated repository was added in 6.1

23) What is the necessity of global security?

To provide security for the admin console.

24) What is the port number for LDAP server with SSL and without SSL?

389 and 636

25) How to disable Global Security

./wsadmin.sh -conntype NONE

Securityoff exit

26) How to know how many profiles are available.

/AppServer/bin>./wasprofile.sh –listProfiles

27) What are the advantages and disadvantages of Local OS,Custom and LDAP user registries?

Global Security: In 6.0 we have 3 ways to provide security for admin console.

1) Local os user registry.

2) Custom user registry.

3) LDAP (Light Weight Directory Access Protocol) user registry.

a) Custom user registry: Here we have to create two files named:

Users. Registry

Groups. Registry

We can create this file any where but we have to configure this absolute path to the application servers.

b) LDAP: It is a mechanism & not a server. Here we are integrating seperate directory servers.

if SSL is enabled the port number is 636, if it is not enabled 389.

-> In local os user registry we have to create user accounts and that user accounts have to configure to websphere application servers.

where as in the custom user registry specifying user names and passwords in a normal file and we are specifying the absolute path of that file into the websphere application server. whenever we are going for LDAP user registry we have to specify user id & password & type of directory server, port number (default is 389), if SSL is enabled we have to specify port number as 636 and we have to specify Base distinguished name which indicates authentication for users and we have to specify Bind distinguished name and Bind password which specify authorization for user and we have to select “Advanced Light Weight Directory Access Protocol user registry settings” there we have to specify user filter classes and group filter classes (automatically it will be there) and finally we have to restart the server.

28)What is the full form of JDBC.

JDBC (java Database Connectivity) is an API (Applicationprogram Interfaces), that is useful to write a java program to connect any database, and retrieve the data form the database and utilize the data in the java program.

Making a connection to a database

Creating SQL or MySQL statements

Executing that SQL or MySQL queries in the database

Viewing & Modifying the resulting records

We have 2 types of JDBC drivers in was. Those are Type2(Thick) and Type4(Thin/Native Protocol) jdbc drivers.Type2 JDBC drivers require the database client software on the client node to connect to the database server.Type4 JDBC drivers connect directly to the database server.

29) What is the full form of JAR and what a jar file contains?

An EJB module which contains enterprise java beans class files and EJB deployment descriptors are packed as JAR files with .jar extension.

30)Write the name of the jar file necessary to configure Oracle 9i & Oracle 10g Database.

In oracle 10g & 9i We have only one jar file i.e OJDBC14.JAR (for log) & Class12.jar (for 9i) and In DB2 we have 3 or more jar files. i.e DB2JCC.JAR,DB2JCC_LICENSE_C4.JAR, DB2JCC_LICENCE_CIS42.JAR.

-> The .jar file is nothing but a collection of .class files. It is necessary to communicate with the database. So we should configure this jar files with database.

31) What is a connection pool?

Connection pooling is a place where a set of connections are kept and are used by the different programmers with out creating connections to the database(it means there is a ready made connection available for the programmers where he can use). After using the connection he can send back that connection to the connection pool. Number of connections in connection pool may vary.

32) What is meant by Federation

33) What are the different types of console roles available and explain about each role?

34) what is your goal and role in was?

Goal –

a. Goal is to provide infrastructure for the demands

b. goal is to provide stable environment

c. goal is to provide high availability

d. goal is to provide scalability

e. goal is to provide 0 downtime

Role-

a. involve in infrastructure architecting a.k.a design

b. involve in implementing architectures

c. involve in solving infrastructure issues

d. involve in solving application environment issues

e. involve in solving issues which become hurdles in providing high availability

f. involve in solving issues which become hurdles in scaling

35) what is incident management?

Incident = Issue. Hurdle. Risk. Downtime. Security Breach.

Incident Management = Risk Plan. Potential incidents management.

36) Do you know how to configure ticketing tool with WAS?

This is a meaningless question. You need more information to address this question.

Ticketing System – is it part of IBM? Does it fall in Web Sphere Umbrella? Is it an application running on WAS? Is it a Web based app? or Java Client?

Unless you know these, it’s a blind question.

37) when you configure LDAP with application server, if the users are unable to connect to WAS. How do you trouble shoot this scenario?

You don’t trouble shoot, you *troubleshoot*

The issue is – U have LDAP, running on Server x. Server y, WAS bind to server x.

if a problem occurs, u need to dig like this –

A) Ldap up or not

B) If yes, can server y reach server x [simple ping or telnet on ldap port]

C) If yes – Ur infrastructure is clear

D) Any firewall between server y and server x. talk to firewall team, ask them to enable trace between server y and x. any droppage of packets?

E. if everything is clean, talk to ldap admin, enable trace on that specific group who are getting auth errors.

F) Look into systemout.log, find out what exactly the error message you get.

G) U have to login to admin console and verify the authentication. u can *test* ldap auth from console. Feb 7 (2 days ago) Raju

38) What is the difference between Signed Certificate and Self-signed certificate? Which one you prefer?

http://webdesign.about.com/od/ssl/a/signed_v_selfsi.htm

39) In Windows 2003 box, an application server process is not responding. How do you trouble shoot this issue. Even when you are unable to kill the process.

*trouble shoot* – On any server, app server freeze – may because of resource crunch, or process failing to release a resource, jvm could not complete a specific thread, blablabla.

a. do u have enuf rights to kill the process?

b. check the processor utilization thru task manager

c. kill -3, if not responding, try again, again and again

d. verfiy the disk space.

e. verify error log and out log.

Blabla

40) how many types of scripting you have done or you know?

such questions cannot be asked in a forum, or its difficult to answer. if i were you, i wud say, perl scripting, php, python, jython, tcl, jacl, ant, shell, blabla. Feb 7 (2 days ago)

41) when you are on call support when you got a severity 1 ticket, how do you take action. Explain in detail.

Open the ticket, read the message what the problem is about.

login to targeted server(s), check logs, depending on error, propagate first hand info to stakeholders. sit on the issue, fix it, close it.

42) What is a fix pack, refresh pack and when you will go for fix pack installation and when you will go for refresh pack installation?

fix pack fixes certain issues.

refresh pack is a mile stone for a release.

a refresh pack takes you to a release, say

6.0.0.1 is a release. if you apply rp2, it becomes a release 6.0.2. if you apply fp35, it becomes 6.0.2.35, which is not a release. Feb 7 (2 days ago) Raju

43) when you find in a particular server ‘cpu starvation’ error message what you will do?

whenever there is not enough physical memory available to allow the high availability manager threads to have consistent runtimes. When the CPU is spending the majority of its time trying to load swapped-out processes while processing incoming work, thread starvation might occur.

Goto InfoCenter, search for starvation.

To achieve good performance and avoid receiving these error messages, it is recommended that you allocate at least 512 MB of RAM for each Java process running on a single machine.

High CPU usage in a large cell configuration when security is enabled

With certain configurations and states, the amount of time spent in discovery becomes substantial.

If a large the number of processes are defined within a core group, a proportionally large number of connections must be established to support these processes.

If a large number of inactive processes are defined within a core group, a proportionally large number of connections are attempted during each discovery interval.

If global security is enabled, the DCS connections are secured, and the impact of opening a connection greatly increases .

To decrease the CPU time spent in discovery:

In the administrative console, click Servers > Core groups > Core groups settings , and then select the -> DefaultCoreGroup.

Under Additional Properties, click Custom properties > New.

Enter IBM_CS_UNICAST_DISCOVERY_INTERVAL_SECS in the Name field and 120 in the Value field.

Click OK.

Then click New again and enter IBM_CS_SS_SECURE_TOKEN in the Name field andfalse in the Value field.

Click OK and then Save to apply these changes to the master configuration.

Restart the server for these changes to take effect.

Transient high availability heartbeat failures und

11.If we said to analyze thread dumps can you do?

Ya!! Why not

44) How comfortable with scripting?

100% pakka comfortable

45) Did you worked with JACL or Jython scripts?

I prefer one scripting style. Why wud I use two scripting styles? At a given point of time, scripting interface accepts only one language.

46) When you found hung thread error messages what you will do? Will you kill the process. If yes, in which case you have to kill the process?

Lucky you and lucky me, we have IBM’s InfoCenter. Is it not easy to perform a simple search on InfoCenter like this *hung thread*?

http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=/com.ibm.websphere.nd.multiplatform.doc/info/ae/ae/ttrb_confighangdet.html

Configuring the hang detection policy

The hang detection option for WebSphere Application Server is turned on by default. You can configure a hang detection policy to accommodate your applications and environment so that potential hangs can be reported, providing earlier detection of failing servers. When a hung thread is detected, WebSphere Application Server notifies you so that you can troubleshoot the problem.

Add the following properties:

Name: com.ibm.websphere.threadmonitor.interval

Value: The frequency (in seconds)

Default: 180 seconds (three minutes).

Name: com.ibm.websphere.threadmonitor.threshold

Value: The length of time (in seconds).

Default: The default value is 600 seconds (ten minutes).

Name: com.ibm.websphere.threadmonitor.false.alarm.threshold

Value: The number of times (T) that false alarms can occur before automatically increasing the threshold. Feb 7 (2 days ago) Raju

47) Explain about your enivronment, servers, webservers, etc.,

Think about ur company and thier business. Cook a story. Serve it on the table with some masala, salt and pepper.

48) What is a document server and what is the use of it.

this is the funniest question one can ask.

what is a document server? in general a document server is a repository of documents in an enterprise.

what is the use of it? its the central repository and depending access polices agency wide authorized and authenticated *users* can access documents.

ex.,

u have prepared a document on ur environment. u need a place to put that document so that ur team can access it, ur manager can access it. above that, another team who wants to read that document can access that, above that, some infrastructure team can access it, above that datacom people can access it and so on.

what is the best place to put it?

on ur desk top? or attach to mail? or dump it in a shared location.

if its a shared location, what that could be? will you dump it in a zunkyard shared location or in a proper shared location? first | < previous | next > | last

report spam reply

49) TYPES OF SEVERIATIES?

Severities will be of different types like Severity 1, 2, 3, 4, 5.

Depending upon the type of issue it will be classified.

50) WHAT TYPE OF ISSUE’S CONTAIN SEVERIATY1 TICKET’S?

Severity 1 tickets are the most rare tickets which will get and

which we have to get in our administration.

If our process is not running smooth, that means your application not responding,

application server is not responding or entire environment falls then we will get

severity 1 ticket.

51.WHAT IS THE DIFF B/W COREDUMP & THREAD DUMP?

there is not much difference between these two.

In thread dump we can find, what are the active threads that are there at that

particular time. Where as core dump contains information about dead locks,

hang threads also

52.WHEN THE SERVER HUNG HOW WILL IDENTIFY IN SYSOUT.LOG?

Its very simple in systemout.log we will find a particular thread is hung from this

many milli seconds will be found. The thread name will be WSVR****

53. HOW TO TAKE BACKUP THE APPLICATION?

Taking backup of the application can be done by using export option

in the admin console or directly from the directory location.

54. WHAT’S THE RELATION B/W WIILY INTROSCOPE & WAS(LIKE AGENT/AGENTLESS)?

Wily introscope is a third party tool which is used to monitor the server environments,

not only WAS anything.

55) Difference between Websphere 5.1, 6.1 and 7.0

Profiles

WebSphere 5.1:No Concepts of profile ,there are 4 types of Installation -Express,Base ,Network Deployment and Enterprise.

Websphere 6.1:Cell Profile,Deployment Manager profile,Application Server profile,Custom Profile

Websphere 7.0 Cell(DeploymentManager and managed node),Management,Application Server,Custom profile,Secure Proxy.

Note:Under Management there are three types of profiles available :Administrative agent

Deployment Manager

Job Manager

Note:The Main use of Job Manager is to queue jobs to application server in a flexible management environment

Managing Profiles

WebSphere 5.1 :Websphere multiple installation instance can be created using wsinstance script

WebSphere 6.1:There are two ways of managing a profile

1.Profile Management Tool(GUI)

2.Manage profiles(Command interface for managing profiles )

WebSphere 7.0: same as 6.1

Security Roles

WAS 5.1:Administrator,operator,configurator

WAS 6.1:Administrator,operator,configurator,Deployer,Admin Security Manager,ISC Admin

WAS 7.0:Administrator,operator,configurator,Deployer,Admin Security Manager,ISC Admin,Auditor

WebServers supported

WAS 5.1:Apache HttpServer,Domino Server,IHS,Microsoft IIS,Sun Java System Web Server,HTTP Server for iseries

WAS 6.1:Apache HttpServer,Domino Server,IHS,Microsoft IIS,Sun Java System Web Server

WAS 7.0:HTTPServer for Z/Os and all web servers supported in 6.1

User Registries/Repositries

WAS 5.1:Local Operating System,Standalone LDAP registry,Standalone Custom registry

WAS 6.1:Federated repositories,Local Operating System,Standalone LDAP registry,Standalone Custom registry or file based registry

WAS 7.0:Same as 6.1

lOGGING AND TRACING

WAS 5.1Diagnostic trace

JVM logs

Process logs

IBM Service logs

WAS 6.1

Apart from the logs available in 5.1 there is a Change log detail levels which will enable the Message level and trace level of the JVM

WAS 7.0Same as V 6.1

Managing WebServers

WAS 5.1:Web Servers cannot be managed through Websphere Admin Console

WAS 6.1:WebServers can be Administered using the Websphere Admin Console (Stopping, Starting, Generation and propagation of Plug-in can be done). Web Servers can be created in Managed node or in Unmanaged node

WAS 7.0 same AS V 6.1

JMS

WAS 5.1:JMS Fail Over Support and scalability is not available

WAS 6.1:JMS Fail over support and scalability is available.SIB(Service Integration Bus Concept is being introduced)

WAS 7.0:Same as V 6.1

Monitoring

WAS 5.1:N/A

WAS 6.1:TPF(Tivoli Performance Viewer) is embedded in the Websphere Admin Console for monitoring WebSphere Objects

WAS 7.0same as V 6.1

Intelligent Run Time provisioning

WAS 5.1N/A

WAS 6.1N/A

WAS 7.0Intelligent run time provisioning is a new concept introduced in V7.0 At run time the server uses the activation plan to start only those components that are required inside the application server

Components like Web Container , EJB Container , Web Service and SIP Container are dynamically activated

SIP and Portlet Container

WAS 5.1:N/A

WAS 6.1SIP(Session Initiation Protocol) extends the application server to allow to run SIP applications written to JSR 116 Specification

The Portlet applications can deployed which is compliant with JSR 168

WAS 7.0same as V 6.1

wsadmin scripts

WAS 5.1:JACL is the scripting language which is used

WAS 6.1:JACL will be deprecated from 6.1 and Jython scripting will be used.

WAS 7.0:Same as V 6.1

Posted by TechnoTips at 4:18 AM 0 comments

Reactions:

Thursday, September 25, 2008

create Heapdump using wsadmin

//Refrence of JVM

objectName=AdminControl.queryNames(‘type=JVM,process=WebSphere_Portal,*’)

wsadmin>print objectName

WebSphere:name=JVM,process=WebSphere_Portal,platform=dynamicproxy,node=ahdp2csmwas78,j2eeType=JVM,J2EEServer=WebSphere_Portal,version=6.0.2.21,type=JVM,mbeanIdentifier=JVM,cell=wpcell

//genrate heapdump

wsadmin>AdminControl.invoke(objectName, “generateHeapDump”)

Posted by TechnoTips at 4:24 AM 0 comments

Reactions:

1)What is 5 Tier Architecture?

in J2E we can write 5 tier archi like

1. Client Tier- Browser, Applet, Client Applications

2. Presentation Tier- Servlets, JSP

3. Business Tier- EJB or Some Business Objects

4. Integration Tier- JDBC

5. Backend Tier- Databases, JMS

2)we know that 3 tier have

1.UI(User interface) or (presentation) logic

2.BL (Business)

3.DL (Database)

2)Tell me about the Architecture of Web Application (how it will happen Workload Management & clustring)

when ther request coming from the browser the webserver will handled that reuest , It will handled over to the plug-in, then the plug-in will looks in to the plug-in cfg.xml file for

the reuested url and It will redirect the request to the avaliability of the servers in the cluster.

The plug-in mainly perform the work load management.If any server is processing any request then the plug-in will route the request to the avaliability of the servers based on their weight and based on the algorithams.

3)what are the main point while installing an IHS?

The main use of installing any external web server is to proces the dynamic content request

4)what the file path of httpd.conf?

/opt/IBM HTTPSERVER/conf/httpd.conf

window

c:\programfiles\IBM HTTP SERVER\conf\httpd.conf

5)What are Java Programming languages?

Servlets,jsp,ENB,Struts,JSF,HIbernate

6)What is Object pool?

How to take back up ? while taking back is it necessary to stop the server?

execute backupConfig.sh command to take the backup ,yes it is required to stop the servers,

by default when you execute this command it will stop all the servers on the node so yhe partially

synchronized information will not be saved .

what are the Deployment ways ? steps ?

1.Hot fix

2.wsadmin

3.AdminConsole

4.Using third party tolls like ,Teamsite ,Cruise Control, MKS etc.

1)what is thin driver and thick driver.why it is cal…

thick driver – type 1 and type 2 JDBC drivers are called thick drivers. The reason for it is – it provides JDBC access via ODBC

drivers. ODBC binary code and in many cases database client code must be loaded on each client machine that uses such a driver.

and as the program is connected to database by an extra layer in the clint hence thay are called thick drivers.

Thin drivers: This style of driver converts JDBC calls into the network protocol used directly by DBMSs allowing a direct call

from the client machine to the DBMS server and providing a practical solution for intranet access. hence their conenction to DB

is more direct and without any intermediate stage making them thin drivers. type 4 driver.

Basic difference between thin and thick client

Oracle has a thin client driver which mean you can connect to a oracle database without the Oracle client installed on your machine.

Thick client would need the Oracle Client database drivers etc.. Drivers include JDBC-ODBC bridge drivers JDBC drivers depending on tns resolution.

Dominic

thin driver is 4 type driver in java which r provide the connectivity between oracle and java.the main advantage is this driver is we connect the databse to java without create DSN.and it provide the all the host computer connectivity in the network.so its r most important driver which we use in the java.

2)What is Connection Pooling

Connection pooling is a place where a set of connections are kept and are used by the different programers with out creating conncections to the database(it means there is a ready made connection available for the programmers where he can use). After using the connection he can send back that connection to the connection pool. Number of connections in connection pool may vary.

1)How many JDBC drivers are there ?

A) 2

B) 4

C) 3

D) 1

2)Which of the following is false for the Type 1 JDBC bridge driver?

A) A Type 1 driver is a JDBC-ODBC bridge driver

B) This type of driver enables a client to connect to an ODBC database via Java calls and JDBC

C) Both the database and middle tier need to be Java compliant.

D) ODBC binary code must be installed on each client machine that uses this driver.

Explanation: Neither the database nor the middle tier needs to be java compliant.

3)Which of the following statement is true for the Type 2 JDBC driver?

A) A Type 2 driver converts JDBC calls into calls for a specific database.

B) This driver is referred to as a “native-API, partly Java driver.”

C) As with the Type 1 driver, some binary code may be required on the client machine, which means this type of driver is not suitable for downloading over a network to a client.

D) All of the above

4)What is the difference between EAR, JAR and WAR file

Answered by Jey on 2005-05-08 11:23:41: In J2EE application modules are packaged as EAR, JAR and WAR based on their functionality

JAR:

EJB modules which contains enterprise java beans class files and EJB deployment descriptor are packed as JAR files with .jar extenstion

WAR

Web modules which contains Servlet class files,JSP FIles,supporting files, GIF and HTML files are packaged as JAR file with .war( web achive) extension

EAR

All above files(.jar and .war) are packaged as JAR file with .ear ( enterprise archive) extension and deployed into Application Server.

5)Full form of java jar file?

In: JAVA Programming [Edit categories]

JAR = Java ARchive

6)Re: URL of Oracle thin driver.

Topic: JDBC

Luigi Viggiano PREMIUM, Jun 4, 2001 [replies:1]

briefly: jdbc:oracle:thin:@hostname:port:oracle-sid

1. in green the Oracle sub-protocol (can be oracle:oci7:@, oracle:oci8:@, racle:thin:@, etc…) is related on the driver you are unsign and the protocol to communicate with server.

2. in red the network machine name, or its ip address, to locate the server where oracle is running.

3. in blue the port (it is complementary to the address to select the specific oracle service)

4. in magenta the sid, select on wich database you want to connect.

1) Find Java Archive files using an Eclipse plug-in

jmalasko writes “

Discover JAR Class Finder, a plug-in utility with improved compatibility for Rational Application Developer,

WebSphere Integration Developer, and Eclipse.

This plug-in finds JAR files containing a given class for the Java build path and helps fix NoClassDefFound exceptions.

1) Explain about web sphere?

The word web sphere popularly refers to IBM middleware technology products. Web sphere is known for its turn key operation in e business applications. It has run time components and tools which can help in creating applications which run on WAS. WAS refers to web sphere application server.

2) Explain about web sphere commerce?

IBM web sphere commerce has a single platform which offers complete ecommerce solutions to developers. It can be very productive if you are planning to do business with consumers, business and indirectly through channel partners. This can be used to perform business with consumers, business and channel partners altogether.

3) Detail about the architecture of web sphere?

Web Sphere is built on three main components they are

• Database

• J2EE application server

• A web server

The databases which it supports are

• DB2

• Oracle

• Cloudscape

Application server is IBMWAS and the supported web servers are

• IBM server

• Microsoft IIS

• Sun web server

4) State some of the features present in web sphere?

Some of the features which are present in web sphere are: –

• Order management

• Web sphere commerce accelerator

• Analytical and business intelligence

• Open standards such as Java, EJB, etc

• Web sphere commerce payments and customer care, etc

5) Explain about IBM Web Sphere edge server?

Web sphere edge server is used to improve the performance of web based systems. It can be used as forward or proxy server. Basically four components are present in the web sphere they are Network dispatcher, Caching proxy, Content distribution and application service at the edge.

6) Explain about extended deployment?

Web sphere application server extended deployment increases the functionality of the server in two main areas they are manageability and performance. Dynamic virtualization between servers is possible with the help of XD. A stand alone distributed cache was added to it under the performance header, it is known as Object Grid.

7) Explain about the security features present in WAS?

Security model for web sphere is primarily based on JAVA EE security model. It also depends upon the operating system. User authentication and authorization mechanisms are also provided in WAS. Light weight third party authentication mechanism is the main security feature present in WAS.

8) Explain about asymmetric clustering?

Asymmetric clustering applications are primarily used in electronic trading systems employed in banks. Some of the features are, partitions can be declared during run time and are usually run on a single cluster at a time. Work specific to a particular can be routed to that cluster.

9) Explain the various Administrator benefits using Web sphere?

Web sphere almost reduces the work of server administrator as he can manage load on servers efficiently without any hassles. It also gives him flexibility to divide the load and applications among different server farms. He can also predict about the incoming load on servers. Email alerts, restart options, memory leak detection, etc.

10) Explain about caching proxy of IBM Web sphere Edge sphere?

A caching proxy can be configured in forward direction or as a proxy. Content requested by the user is cached by edge before sending or adhering to the query. Page fragments arising from JSP or servlets are cached by Edge and the caching process is slow. Performance and scalability of J2EE applications can be increased by edge.

11) Explain about the network deployment feature present in WAS?

Managing singletons will be a thing of the past and it also provides hot recovery of singletons which makes you forget about your GC collected singletons. Transaction logs can stored on a shared file system. For clustering run time operations deployment manager`s role was eliminated. J2EE failover support and cell configuration support is also present.

12) Explain about IBM web sphere integration developer?

Web sphere integration developer provides an IDE to build applications based on service oriented architecture. Web sphere process server and web sphere ESB were built with WID. WID was built with RAD Eclipse based technology.

13) Explain about compute Grid?

Compute grid is also known as Web sphere batch. Web sphere extended deployment offers a Java batch processing system called as Compute Grid. This forms an additional feature to Web sphere network environment. Various features are provided which help a developer to create, manage and execute batch jobs. Job scheduler, xJCL, batch container and batch programming controller.

14) Explain about web sphere MQ Real time transport?

This feature is very useful in instant messaging across different clients through intranet and internet. This supports high volume and high performance across different clients. It uses the concept of light weight transport which is again based on IP rather than the queue process.

15) Explain about Web sphere MQ JMS Provider?

Web sphere MQ and Web Sphere Business integration manager Broker are very useful in providing Java messaging services to wide range of clients (publisher –subscribe, point to point). Java classes are chiefly responsible for translating the API calls to API`s defined by web sphere. It is very useful to have knowledge of Web sphere MQ for proper configuration.

16) Explain the attribute CHANNEL in web sphere MQ?

CHANNEL specifies the name of the server connection channel. Generally this is Web Sphere MQ network abstraction. The default standard used by CHANNEL is SVRCONN which is the server connection channel. This server is generally used to communicate to the queue manager by the client.

17) Is the naming of connection factory independent of the name specified by JMS client?

Yes, the naming of connection factory is independent of the name specified by JMS client. This is made possible by WAS (Web sphere application server) with its resource references. It isolates the application from object names. This feature is important because it gives us the flexibility to change the administered object without changing the JMS client code.

Tell me your self

1) Explain us in what way your education background will help you and the organization?

When answering this question explain to him about your education background and some extra courses you learnt during the process.

You need to correlate your education background with the job opening. It would be added advantage if you can explain to him about the necessary features of the job.

2) Tell us something about yourself (One of the most common question asked)?

Make sure that you tell about yourself in detail. Keep it small and simple explain to him about all your interests, previous job, passion, hobbies, projects, etc. Just brief him about all your interests and passion without going into detail, if asked state him about it in detail.

3) Why did you choose this specific course or stream of study when there are these many options available to you?

When answering this question explain to him about why you choose this course or stream of study. What made you to choose this course, it would be an added advantage if you speak about the different projects you did. Also state or explain about your goal and higher education pursuits.

4) What will be the future of this industry?

You need to explain the current trend of the industry and then explain to him about future developments. This is very important because it shows you that you are going hand in hand on the developments of the industry.

5) Explain specifically why we need to hire you?

Explain to the interviewer about the necessary skills you have which were mentioned in the job requirement and also tell him about your team playing skills, soft skills, etc which can fetch you the job. If you have interest in pursuing higher studies then do explain about that.

6) Explain us about your previous project and its benefits

As the question states you need to explain to him about your project and its benefits. Do remember a project is done by a team and it has features such as Environment, team members, technical descriptions, usage, etc. This is very important as he will mention to the technical HR about your project.

7) What was the reason you left your previous job?

While explaining this question you need to make sure that you don’t speak about the negative features of your previous job which made you to leave the company instead explain about those negative features in a convincing manner and you can state that those reasons are hindering your growth.

8) What is your goal and what do you like to achieve in the near future?

Explain to him about the goal which you would like to pursue in the near future and how the company can help you achieve that goal. Have a goal which is reasonable and achievable because it gives you a feeling of accomplishment.

9) What was your biggest job or project accomplishment?

For this question you would be explaining to him about the most challenging project you undertook and the benefits you obtained by completing it within the deadline. This will explain to the interviewer about your necessary skills, management skills and team play.

10) Can you go to tours often?

When answering this question have it in mind that your answer will be kept in the record. If you cannot take tours due to various reasons state them in a pleasant tone. The answer which you give will be kept in the record. Also make it a habit to take small tours or travelling because every job demands that.

11) What do you know about this organization?

Before answering this question make sure that you do enough research about the organization before applying to it. Also do remember that the interviewer knows much more about this organization than you do. Try to have as much information about the job position also.

12) Did you miss deadlines or target?

Be honest when answering this question because your previous employer will have everything on record and your current employer may request for it. Explain to him/her about the deadlines you have met during the process.

1)How to identify unused indexes in DB2 for Linux, UNIX, and Windows

database has gone into production, the existence of too many indexes turns out to be a cause for decreased database performance. Many indexes mean.

During database application development, developers tend to define a large number of indexes on tables to guarantee that each and every query performs well.

After application development has been finished and a database has gone into production, the existence of too many indexes turns out to be a cause for decreased database performance.

Many indexes mean more work for the database system when executing UPDATE, INSERT, and DELETE (UID) operations. In addition, regular maintenance activities like RUNSTATS and REORG also run considerably longer in cases where many indexes are present. Therefore, to achieve the best database performance, it is critical to be able to determine which indexes are necessary for query execution and which indexes you can safely drop without impacting query runtimes. This article explains several methods that a DB2® for Linux®, UNIX®, and Windows® (DB2 LUW) database administrator (DBA) can use to identify unused and seldom used indexes.

What is a JAR file?

The JAR file format is based on the popular ZIP file format, and is used for aggregating many files into one. Unlike ZIP files, JAR files are used not only for archiving and distribution, but also for deployment and encapsulation of libraries, components, and plug-ins, and are consumed directly by tools such as compilers and JVMs. Special files contained in the JAR, such as manifests and deployment descriptors, instruct tools how a particular JAR is to be treated.

A JAR file might be used:

For distributing and using class libraries

As building blocks for applications and extensions

As deployment units for components, applets, or plug-ins

For packaging auxiliary resources associated with components

The JAR file format provides many benefits and features, many of which are not provided with a traditional archive format such as ZIP or TAR. These include:

Security. You can digitally sign the contents of a JAR file. Tools that recognize your signature can then optionally grant your software security privileges it wouldn’t otherwise have, and detect if the code has been tampered with.

Decreased download time. If an applet is bundled in a JAR file, the applet’s class files and associated resources can be downloaded by a browser in a single HTTP transaction, instead of opening a new connection for each file.

Compression. The JAR format allows you to compress your files for efficient storage.

Transparent platform extension. The Java Extensions Framework provides a means by which you can add functionality to the Java core platform, which uses the JAR file for packaging of extensions. (Java 3D and JavaMail are examples of extensions developed by Sun.)

Package sealing. Packages stored in JAR files can be optionally sealed to enforce version consistency and security. Sealing a package means that all classes defined in that package must be found in the same JAR file.

Package versioning. A JAR file can hold data about the files it contains, such as vendor and version information.

Portability. The mechanism for handling JAR files is a standard part of the Java platform’s core API.

Compressed and uncompressed JARs

The jar tool (see The jar tool for details) compresses files by default. Uncompressed JAR files can generally be loaded more quickly than compressed JAR files, because the need to decompress the files during loading is eliminated, but download time over a network may be longer for uncompressed files.

The META-INF directory

Most JAR files contain a META-INF directory, which is used to store package and extension configuration data, such as security and versioning information. The following files or directories in the META-INF directory are recognized and interpreted by the Java 2 platform for configuring applications, extensions, and class loaders:

MANIFEST.MF. The manifest file defines the extension- and package-related data.

INDEX.LIST. This file is generated by the new -i option of the jar tool and contains location information for packages defined in an application or extension. It is part of the JarIndex implementation and used by class loaders to speed up the class loading process.

xxx.SF. This is the signature file for the JAR file. The placeholder xxx identifies the signer.

xxx.DSA. The signature block file associated with the signature file stores the public signature used to sign the JAR file.

The jar tool

To perform basic tasks with JAR files, you use the Java Archive Tool (jar tool) provided as part of the Java Development Kit. You invoke the jar tool with the jar command. Table 1 shows some common applications:

Table 1. Common usages of the jar tool

Function                      Command

Creating a JAR file from individual files     jar cf jar-file input-file…

Creating a JAR file from a directory     jar cf jar-file dir-name

Creating an uncompressed JAR file             jar cf0 jar-file dir-name

Updating a JAR file             jar uf jar-file input-file…

Viewing the contents of a JAR file             jar tf jar-file

Extracting the contents of a JAR file             jar xf jar-file

Extracting specific files from a JAR file             jar xf jar-file archived-file…

Running an application packaged as an executable JAR file     java -jar app.jar

——————————————————————————–

what is a connection pool?

Connection pooling is a technique used for sharing server resources among requesting clients. This article focuses on support for connection pooling of both database resources and non-database resources in a J2EE environment. Siva examines the JDBC 2.0, JMS 1.02, JNDI 1.2 Standard Extension APIs with regard to connection pooling and looks at some existing vendor implementations of those APIs. He then looks at the upcoming J2EE Connector Architecture 1.0 that would support a vendor-independent/pluggable approach to managing resource connections.

1) How many JDBC drivers ?name them? Answer
There are 4 JDBC drivers are available:

*JDBC-ODBC Bridge Driver:-Popular name is Type-1 Driver.In

this connection some native code or native database client

code must be loaded on each client machine due to this

process it is slower than other drivers.It uses

JDBC-Bridge-ODBC means between JDBC and ODBC one bridge is

work that establise the connection between application and

DataBase… It is suitable for automatic installation and

downloading java technology application is not important.

*Native API partly Java Driver:-Known as Type-2 Driver.It

enables driver converts JDBC calls into calls on the client

API for Oracle or any other databases.This driver need to

load some binary code on client machine like JDBC-ODBC

Bridge Driver.

*Network Protocol Driver:-Known as Type-3 Driver.

*Jdbc net pure Java Driver:-Known as Type-4 Driver.

The JDBC Driver provides vendor-specific implementations of

the abstract classes provided by the JDBC API. This driver

is used to connect to the database.

there are:

Type 1 : JDBC-ODBC Bridge Driver

Type 2: Native API Partly Java Driver

Type 3: Network protocol Driver-

Type 4: JDBC Net pure Java Driver

2) what is JDBC? Answer
JDBC(java Database Connectivity) is an API(Application

program Interfaces), that is useful to write a java program

to connect any database,and retrieve the data form the

database and utilize the data in the java program.

1.Making a connection to a database

2.Creating SQL or MySQL statements

3.Executing that SQL or MySQL queries in the database

4.Viewing & Modifying the resulting records

3) How warnings are retrieved in JDBC? Answer
while using jdbc, warnings can occur at any time

while getting connection

while creating statement

while getting resultset, at each , we can get using

getWarnings() method.

->Web Sphere relates to IBM Family.

->We have different servers in market such as:

JBOSS –}

Web Logic — }Application Servers

Web Sphere –}

Tomcat      — Partial Application Servers i.e not pure Web Server &Not pure Application Server.

->JBoss is a open source software

->The concepts of Web Logic & Web Sphere are same but only the terminology is different.

->In 6.0 Version we have 3 types of packages.

1) Express Package    –}

2) Base Package    –} Used for Stand alone Environment

3) Network Deployment    – Distributed Environment

-> In java we have 3 parts.

1)J2SE (core java)

2)J2EE (servlets, jsp’s(web applications) ,Ejb’s(enterprise java beans.

3)J2ME

-> We will make the web application as .WAR (web Archieve)file.

-> And we will make enterprise applications as .EAR file.

-> For installation we have 2 modes:

1)GUI.

2)Silent Mode.

Silent Mode there is a file called Response File this is what we have to customize.

->ServerIndex.Xml file is used to find out the port number.

Servers are listening to this port number, not application.

-> Whenever we change port number and restart the server it will be updated in portdef, no need to change here again.

Profile: A profile is nothing but an environment where we can create Servers. There are 3 types:

1) Application Profile.

2) Deployment Profile.

3) Custom Profile.

-> The default profile is Application Server profile.

-> The custom profile will give us an empty node.

-> The soap connecter port number of deployment manager is 8879.

-> Independantly a custom profile will have no use. We have to get connected with dmgr.

-> Before federation we have to check whether, .Dmgr is opening or not.

.Dmgr is under running or not.

In dmgr host we maintain dmgr just to monitoring and configuring the administration.

->In ND package we have 3 types of Templates:

1) Dmgr Template

2) Default Template

3) Managed Template.

-> By default the dmgr profile won’t give any servers. It is not at all a server, used just to configure.

-> The AppServer gives server1 as default server. In application server we have no option to create server. It is

just a stand alone profile.

Node: is a collection of servers. it reduces administration burden. It is a single point of servers. If we start Node, n-number of servers will get started, if we stop all will be stopped.

Federation: In Dmgr01 we should have an eligible node to create servers but Dmgr node is not eligible, at that time we can connect App-node which is eligibe to create servers from the appsrv01 Then we can create servers using App-Node in dmgr01.

If we want to do federation we have to ping the Dmgr Server.

Dmgr was introduced for single point of admin.

In dmgr admin console, number of servers will be there under same environment.

We can create number of servers under dmgr console using Add-node.

When ever we do federation a node agent will be created to communicate between Appserv & Dmgr.

Node Agent: It will acts as a communication between which node we are federating.

Cell Profile: is the combination of deployment profile and application profile.

in both 6.0 & 6.1 the cell is available in deployment manager.

Whenever we create cell profile automatically there will be deployment profile & application profile and federation also will be done automatically.

The complete administration will be under the cell profile only.

Global Security: In 6.0 we have 3 ways to provide security for admin console.

1) Local os user registry.

2) Custom user registry.

3) LDAP (Light Weight Directory Access Protocol) user registry.

2) custom user registry: Here we have to create two files named:

users.registry

groups.registry

We can create this files any where but we have to configure this absolute path to the application servers.

3)LDAP: It is a mechanism & not a server. Here we are integrating seperate directory servers.

if SSL is enabled the port number is 636, if it is not enabled 389.

-> In local os user registry we have to create user accounts and that user accounts have to configure to websphere application servers.

where as in the custom user registry specifying user names and passwords in a normal file and we are specifying the absolute path of that file into the websphere application server. whenever we are going for LDAP user registry we have to specify user id & password & type of directory server, port number (default is 389), if SSL is enabled we have to specify port number as 636 and we have to specify Base distinguished name which indicates authentication for users and we have to specify Bind distinguished name and Bind password which specify authorization for user and we have to select “Advanced Light Weight Directory Access Protocol user registry settings” there we have to specify user filter classes and group filter classes (automatically it will be there) and finally we have to restart the server.

->Web Sphere application server is a middleware component.

-> In 3-Tier Architecture we have 3 levels.

In level 1 (Tier-1) we have HTTP server (or web server)

In Tier-2 we have Application server

In Tier-3 we have Data base.

Whenever we integrate database with application server every applications are able to communicate with the database.

->A database is a collection of data.

-> A schema is a collection of Tables.

-> In oracle 10g & 9i We have only one jar file i.e OJDBC14.JAR (for log) & Class12.jar (for 9i) and In DB2 we have 3 or more jar files. i.e DB2JCC.JAR,DB2JCC_LICENSE_C4.JAR, DB2JCC_LICENCE_CIS42.JAR.

-> The .jar file is nothing but a collection of .class files. It is necessary to communicate with the database. So we should configure this jar files with database.

JDBC: providers create connection between web application server & database server for communication.But data source provide communication for applications inside WAS with particular database inside the DB server.

->We can say HTTP Servers as web servers also.

The responsibility of http servers is to serve static content only. It will give quick response to static content than app servers.

To communicate between http servers & app servers we have a concept called “PLUG-INS”.(it is a intermediatory component)

By using round robin algorithm (default), here we have a concept routing table, which is taken care by the http server.

-> Plug-ins contain Plugin-cfg.xml contains complete information about application server environment i.e how many clusters are there, how may cluster environments are there, weight of cluster etc.

Virtual Host: Here we will have wc-default host port number also. We can create or change this ports by using Virtual hosts concepts. All applications and application servers has to listen to this ports.

->If we want to access an application under multiple domains, or by using multiple ports, (simply multiple domains,multiple ports). After following all the steps we have to restart the server.

->multiple domain names can access the same application.

->All the applications will go through the http server only at the time of trouble shooting we can by pass this http server for some purposes.

Clusters: A logical group of related components is a “Cluster”.

->Here, if server1 fails to deploy one application servers will take care of that, which is called as clustering but this will not supported by Base & Express.

Q)What is high availability, why we have to go for clusters?

At any cost the application should be available at all times, it should not go down. To overcome this problems we go for clusters.

->We have 2 types of clusters:

1) Vertical Clusters.

2) Horizontal clusters.

1) Vertical Clusters: Here we are deploying app1 through cluster, so if server1 fails we can access through server2. But if the host i.e, the total physical machine get crashed then we can not access. This is the disadvantage with the vertical clusters.

2) Horizontal clusters: Here we are deploying apps in multple hosts or physical boxes. Here if one host gets crashes, the end user can access.

Hence, to achieve high availability we are going for clusters.

-> coming to performance, vertical cluster gives more performance than the horizontal because transmission of response takes time.

-> vertical is preferred in development, test environment.Horizantal is used in production environment.

-> Here if the application is not running under server2 we have to add the server2 ports into the virtual hosts.

Plugin-cfg.xml: The plugin-cfg.xml contains information about application server environment like how many clusters, how may cluster members, application uri, port numbers, routing algorithms, weight of cluster members.

-> An application contains:

Servlets, Jsp’s, Html, css, javascript } web resources.

Ejbs} Ejb components.

->if we deploy any application, at that time all web resources will go under web container and Ejb components will go under Ejb container.

->if any request is looking for web resource, at that time web container itself will, generate the response.

Tell me about your Day-to-Day activities?
Tell me about the Architecture of Web Application (how it will happen Workload Management & clustring)
when ther request coming from the browser the webserver will handled that reuest , It will handled over to the plug-in, then the plug-in will looks in to the plug-in cfg.xml file for the reuested url and It will redirect the request to the avaliability of the servers in the cluster. The plug-in mainly perform the work load management.If any server is processing any request then the plug-in will route the request to the avaliability of the servers based on their weight and based on the algorithams.

what are the main point while installing an IHS?
The main use of installing any external web server is to proces the dynamic content request

what the file path of httpd.conf?
/opt/IBM HTTPSERVER/conf/httpd.conf
window
c:\programfiles\IBM HTTP SERVER\conf\httpd.conf

What are Java Programming languages?
Servlets,jsp,ENB,Struts,JSF,Hibernate

 

How to take back up ? while taking back is it necessary to stop the server?
execute backupConfig.sh command to take the backup ,yes it is required to stop the servers,by default when you execute this command it will stop all the servers on the node so yhe partially synchronized information will not be saved .


what are the Deployment ways ? steps ?

1.Hot fix
2.wsadmin
3.AdminConsole
4.Using third party tolls like ,Teamsite ,Cruise Control, MKS etc.

what is soap and soap port?
SOAP is an XML-based messaging protocol. It defines a set of rules for structuring messages that can be used for simple one-way messaging but is particularly useful for performing RPC-style (Remote Procedure Call) request-response dialogues. It is not tied to any particular transport protocol though HTTP is popular. Nor is it tied to any particular operating system or programming language so theoretically the clients and servers in these dialogues can be running on any platform and written in any language as long as they can formulate and understand SOAP messages. As such it is an important building block for developing distributed applications that exploit functionality published as services over an intranet or the internet.

what is a webcontainer?

A container that implements the Web component contract of the J2EE architecture. This contract specifies a runtime environment for Web components that includes security, concurrency, life-cycle management, transaction, deployment, and other services. A Web container provides the same services as a JSP container as well as a federated view of the J2EE platform APIs. A Web container is provided by a Web or J2EE server

What is the error HTTP 403 indicates and how to solve these issues?

This is due to SSL certificate or some security settings in the server might have issues.

Introduction

Your Web server thinks that the HTTP data stream sent by the client (e.g. your Web browser or our CheckUpDown robot) was correct, but access to the resource identified by the URL is forbidden for some reason.

This indicates a fundamental access problem, which may be difficult to resolve because the HTTP protocol allows the Web server to give this response without providing any reason at all. So the 403 error is equivalent to a blanket ‘NO’ by your Web server – with no further discussion allowed.

By far the most common reason for this error is that directory browsing is forbidden for the Web site. Most Web sites want you to navigate using the URLs in the Web pages for that site. They do not often allow you to browse the file directory structure of the site. For example try the following URL (then hit the ‘Back’ button in your browser to return to this page):
This URL should fail with a 403 error saying “Forbidden: You don’t have permission to access /accounts/grpb/B1394343/ on this server”. This is because our CheckUpDown Web site deliberately does not want you to browse directories – you have to navigate from one specific Web page to another using the hyperlinks in those Web pages. This is true for most Web sites on the Internet – their Web server has “Allow directory browsing” set OFF.

403 errors in the HTTP cycle

Any client (e.g. your Web browser or our CheckUpDown robot) goes through the following cycle:

Obtain an IP address from the IP name of your site (your site URL without the leading ‘http://&#8217;). This lookup (conversion of IP name to IP address) is provided by domain name servers (DNSs).

Open an IP socket connection to that IP address.

Write an HTTP data stream through that socket.

Receive an HTTP data stream back from your Web server in response. This data stream contains status codes whose values are determined by the HTTP protocol. Parse this data stream for status codes and other useful information.

This error occurs in the final step above when the client receives an HTTP status code that it recognises as ’403?.

Fixing 403 errors – general

You first need to confirm if you have encountered a “No directory browsing” problem. You can see this if the URL ends in a slash ‘/’ rather than the name of a specific Web page (e.g. .htm or .html). If this is your problem, then you have no option but to access individual Web pages for that Web site directly.

It is possible that there should be some content in the directory, but there is none there yet. For example if your ISP offers a ‘Home Page’ then you need to provide some content – usually HTML files – for the Home Page directory that your ISP assigns to you. Until the content is there, anyone trying to access your Home Page could encounter a 403 error. The solution is to upload the missing content – directly yourself or by providing it to your ISP. Once the content is in the directory, it also needs to be authorised for public access via the Internet. Your ISP should do this as a matter of course – if they do not, then they have missed a no-brainer step.

If your entire Web site is actually secured in some way (is not open at all to casual Internet users), then an 401 – Not authorized message could be expected. It is possible, but unlikely, that your Web server issues an 403 message instead.

Some Web servers may also issue an 403 error if they at one time hosted your site, but now no longer do so and can not or will not provide a redirection to a new URL. In this case it is not unusual for the 403 error to be returned instead of a more helpful error. So if you have recently changed any aspect of your Web site setup (e.g. switched ISPs), then a 403 message is a possibility. Obviously this message should disappear in time – typically within a week or two – as the Internet catches up with whatever change you have made.

If you think that the Web URL *should* be accessible to all and sundry on the Internet and you have not recently changed anything fundamental in your Web site setup, then an 403 message indicates a deeper problem. The first thing you can do is check your URL via a Web browser. This browser should be running on a computer to which you have never previously identified yourself in any way, and you should avoid authentication (passwords etc.) that you have used previously. Ideally all this should be done over a completely different Internet connection to any you have used before (e.g. a different ISP dial-up connection). In short, you are trying to get the same behaviour a total stranger would get if they surfed the Internet to your Web page URL.

If this type of browser check indicates no authority problems, then it is possible that your Web server (or surrounding systems) have been configured to disallow certain patterns of HTTP traffic. In other words, HTTP communication from a well-known Web browser is allowed, but automated communication from other systems is rejected with an 403 error code. This is unusual, but may indicate a very defensive security policy around your Web server.

Fixing 403 errors – CheckUpDown

The first question is whether the Web page for your URL is freely available to everyone on the Internet. If this is not the case, then you may need to provide two items 2. Web Site User IDand 3. Web Site Password for your CheckUpDown account – but only if your site uses HTTP Basic Authentication. The Web Master or other IT support people at your site will know what security and authentication is used.

If however your Web page is open to all customers and there have been no fundamental changes recently to how your Web site is hosted and accessed, then an 403 message should only appear if your Web server objects to some aspect of the access we are trying to get to your Web site. Because it indicates a fundamental authority problem, we can only resolve this by negotiation with the personnel responsible for security on and around your Web site. These discussions unfortunately may take some time, but can often be amicably resolved. You can assist by endorsing our service to your security personnel. Please contact us (email preferred) if you see persistent 403 errors, so that we can agree the best way to resolve them.

If the “page can’t display “error comes then what you will do in the production system?

  1. There must be some network issue or server not receiving the request.

    Need to check the server availability.

    What is the error HTTP 404 indicates and how to solve these issues?

    The 404 or Not Found error message is an HTTP standard response code indicating that the client was able to communicate with the server but the server could not find what was requested..

    What is the difference between page not found and HTTP 404? How to solve these issues?

    a)     The “Page not found” error is, the request is not reaching the server. HTTP 404 errors is request is reaching to server but whatever it is expecting it’s not found at expected location

    What is meant by ear expander utility?

     

    EAR Expander utility is used to expand the application binaries into any path, normally we will use this to expand it in other than the default path.

    Once expanded we will update the same app binaries from WAS admin console to update WAS.

    The EARExpander expands Ear files into the format desired by the application server runtime, as described in the application installation instructions. EARExpander can also collapse the expanded format back to a normal Ear (.jar or .zip) format.

    Invoking the tool

    The tool is located in the following directory:

    product_installation_root

     

    /bin/EARExpander.bat 

    To view syntax, open a command line and invoke the tool without arguments. Here is a typical result. The line breaks have been changed for better formatting in this documentation.

    C:\seaa0122.02\bin>EARExpander.bat IBM WebSphere Application Server, 
    Release 4.0 J2EE 
    J2EE Application Expansion Tool, Version 1.0 
    Copyright IBM Corp., 1997-2001 
    Required Argument Missing:ear 
    Usage: java com.ibm.websphere.install.commands.EARExpander 
    -ear -expandDir -operation [expansionFlags] 

    ExpansionFlags indicate whether you want every JAR file expanded, or just the contained WAR files within the EAR file. The default is all.

    Expanding files

    The following example command expands the file my.ear into theproduct_installation_root/bin/myEAR directory:

    EARExpander -ear my.ear -expandDir product_installation_root/bin/myEAR 
    -operation expand 
    Collapsing files

    Using the collapse -operation reverses the format to normal.

    EARExpander -ear my.ear -expandDir product_installation_root/bin/myEAR 
    -operation collapse 

    Type each of the above commands on a single line, despite their appearance in this documentation.

    What is meant by JAVA Script?

    Java script is a scripting tool to developed web applications.

    What is meant by Heap in Java process and what information will be available in heap file?

  2. Heap is used to collect the garbage for java applications; the Heap file contains the garbage collected from java process.

    What are the available log file in the WAS 6.1

  3. In was there are list of logs available to monitor and troubleshoot. They are

    Diagnostic Trace Service

    View and modify the properties of the diagnostic trace service. Diagnostic trace provides detailed information about the execution of WebSphere Application Server components within this managed process. Changes on the Configuration panel will apply when the server is restarted. Changes on the Runtime panel will apply immediately.

    1. JVM Logs

    View and modify the settings for the Java Virtual Machine (JVM) System.out and System.err logs for this managed process. The JVM logs are created by redirecting the System.out and System.err streams of the JVM to independent log files. The System.out log is used to monitor the health of the running application server. The System.err log contains exception stack trace information that is useful when performing problem analysis. There is one set of JVM logs for each application server and all of its applications. JVM logs are also created for the deployment manager and each node manager. Changes on the Configuration panel will apply when the server is restarted. Changes on the Runtime panel will apply immediately.

    1. Process Logs

    View or modify settings for specifying the files to which standard out and standard error streams write. The process logs are created by redirecting the standard out and standard error streams of a process to independent log files. Native code writes to the process logs. These logs can also contain information relating to problems in native code or diagnostic information written by the JVM. There is one set of process logs for each application server and all of its applications. Process logs are also created for the deployment manager and each node manager. Changes on the Configuration panel will apply when the server is restarted. Changes on the Runtime panel will apply immediately.

    1. IBM Service Logs

    Configure the IBM service log, also known as the activity log. The IBM service log contains both the WebSphere Application Server messages that are written to the System.out stream and some special messages that contain extended service information that can be important when analyzing problems. There is one service log for all WebSphere Application Server Java virtual machines (JVMs) on a node, including all application servers. and their node agent (if present). A separate activity log is created for a deployment manager in its own logs directory. The IBM Service log is maintained in a binary format. Use the Log Analyzer or Showlog tool to view the IBM service log.

     

    1. Change Log Detail Levels

    Log levels allow you to control which events are processed by Java logging. Click Components to specify a log detail level for individual components, or Groups to specify a log detail level for a predefined group of components. Click a component or group name to select a log detail level. Log detail levels are cumulative; a level near the top of the list includes all levels below it.

     

    If a developer requests to tune an application then what you will do?

    Performance Tuning

    All the steps for Performance Tuning would approximately take 45 minutes.

    JVM Heap Size

    By default, the Java virtual machines for WebSphere Application Server and WebSphere Portal Server are assigned only 256 MB per process. This value should be increased.

    To change this value, open the WebSphere Admin Console and go to

    Servers -> Application Servers -> (all server names) -> Process Definition -> Java Virtual Machine

    and set both initial heap size and max heap size to an adequate value:

    on a machine with 4 GByte of real memory, set it to 1024 MByte, on a 8 GByte machine to 2048 MByte.

    If a value greater than 1024 MByte is selected, it may be necessary to change the AIX parameter LDR_CONTRL. For details, please refer to the AIX documentation.

    Session Timeout

    Reducing the session timeout can help reduce memory consumption requirements.

    To change this value, open the WebSphere Admin Console and go to

    Servers -> Application Servers -> (all server names) -> Web Container -> Session Management -> Session Timeout

    and set Timeout to 10 Minutes.

    Class Garbage Collection

    To change this value, open the WebSphere Admin Console and go to

    Servers -> Application Servers -> (all server names) -> Process Definition -> Java Virtual Machine -> Generic JVM arguments

    and add the parameter -Xnoclassgc.

    Servlet Engine Thread Pool Size

    To change this value, open the WebSphere Admin Console and go to

    Servers -> Application Servers -> (all server names) -> Web Container -> Thread Pool

    and add the parameters for Minimum size threads and Maximum size threads to 70.

    Data Source Connection Pool Size

    To change this value, open the WebSphere Admin Console and go to

    Resources -> JDBC Providers -> (all providers) -> Data Sources -> (all data sources) -> Connection Pools

    and set the parameters for Minumum connections and Maximum connections to 50.

    Statement Cache Size

    To change this value, open the WebSphere Admin Console and go to

    Resources -> JDBC Providers -> (all providers) -> Data Sources -> (all data sources)

    And set the parameter for Statement Cache Size to 500.

    Tell about Resource analyser?

  4. Resource analyser is used to analyse the performance of the WAS resources. It is a monitoring tool comes with WAS.

    If you need to configure a process in UNIX what are the steps?

  5. No Idea about this question.

    How to find a text in VI editor in UNIX?

  6. Escape / followed by text

    Tell about “nany process” in UNIX?

    a)    Nanny process on Windows NT and Windows 2000 is the Windows service “IBM WS AdminServer”.

    What is the basic command in UNIX to find network performance?

  7. Netstat

    Tell about data source?



    Installed applications use JDBC providers to interact with relational databases.The JDBC provider object supplies the specific JDBC driver implementation class for access to a specific vendor database. To create a pool of connections to that database, you associate a data source with the JDBC provider. Together, the JDBC provider and the data source objects are functionally equivalent to the J2EE Connector Architecture (JCA) connection factory, which provides connectivity with a non-relational database.

    Data sources allow you to manage a pool of connections to a database

    Data sources work as follows:

    When a client wants to use a connection, it looks up a data source by name from a JNDI server.

    The data source then returns a connection to the client.

    If the data source has no more connections, it may ask the database manager for more connections (as long as it has not exceeded the maximum number of connections).

    When the client has finished with the connection, it closes the connection.

    The data source then returns the connection to the available pool.

    You can configure data sources for WebSphere® Application Server v6.x by using the Deployment page in the application deployment descriptor editor or using the administrative console. For WebSphere Application Server v5.11 test environments and servers you can configure data sources by using the Data Source page in the server editor.

    What are the profiles available in WAS 6.x? And difference between them?

    In WAS 6.1 we have 4 different types of profiles available. They are

    Deployment Manager Profile(DMGR):

    The deployment manager profile defines a deployment manager in a distributed server environment

    Application Server Profile:

    It is a single stand –alone application server. This profile gives you an application server that can run stand alone or un-managed.

     

    Custom Profile

    A Custom profile is an empty Node intended for federation to a deployment manager.

    Cell Profile

    The application server is federated to the DMGR profile. It is a combination of DMGR and Application server profiles.

    What is the programming model/Module?

    JAVA related wage to me..

    What is meant by Asymmetric Cluster and how it works?

  8. Clusters are groups of servers that are managed together and participate in workload management. A cluster can contain nodes or individual application servers.

    In an asymmetric cluster, business logic is split into partitions, where each partition can be the sole accessor of a set of underlying data. As a result, each node in the cluster can implement it’s own local cache (and be the sole accessor of that data), resulting in high performance reading and writing without the need to maintain a distributed cache between cluster nodes.

    Asymmetric clustering proposes an architecture that is almost opposite to the typical stateless server farm where the entire app is replicated across machines, some times using distributed caching products for performance increasing.

    What information contains by SERVER INDEX file ?

  9. Server index will have SOAP/Boot strap and all ports and details

    What information contains by Plugin-cnf.xml file ?

  10. Plug-in configuration file contains routing information for all applications mapped to the web server. This file is read by binary plug-in module loaded in the web server.

    Plugin-cnf.xml file will have all the configuration setting to determine whether a request is for the webserver or the application server. When a request reaches the web server, the URL is compared to those managed by the plug-in. If a match is found, the plug-in configuration file contains the information needed to forward that request to the web container using the web container inbound transport chain.

    What is meant by SSL and how does it works?

     

  11. SSL mean secured socket layer. This is to secure the WebSphere environment.

    SSL provides connection security through

    -Communication privacy –the data on the connection is encrypted

    -Communication integrity—the protocol includes a built-in integrity check

    -Authentication—the client knows who the server is

    -SSL creates a VPN, securing the data using a combination os symmetric and asymmetric encryption.

    Symmetric key encryption:

    Symmetric or secret key technology is a model in which two parties have a shared secret

    The same key is used for both encryption and decryption

    Note: The trouble with this approach is that at some point the secret needs to be shared. In an e-business application, this would be rather difficult.

    Asymmetric key encryption:

    Public key cryptography:

    -two keys that are cryptographically related

    -Public key (can be shared with every one)

    Private key ( Must never be shared; possession is proof)

    -Keys are asymmetric

    Given message is encrypted with one key and decrypted with the other

    Note : – If a server has public- private set, it can send out its public key( through a signing certificate – also known simply as a certificate ) to client machine. Those client machines can then use that public key to encrypt messages designed for the server which then only the server can decrypt. Unlike symmetric key encryption, this process does not require the client and server to have a shared secret.

    Since the client can validate the server’s certificate, there is one way to authentication. But the server has no way (at this point) to authenticate the client. Nor can the server send the client secured messages.

    How does SSL works ?

    SSL uses a combination of asymmetric and symmetric encryption to create a session between the client and server.

    -Asymmetric encryption is used to negotiate a session key (shared secret)

    –asymmetric encryption is slow but does not require a shared secret.

    -Symmetric encryption os used to transfer data between the client and server

    — symmetric encryption is fast but require a shared secret

     

    SSL Working Mechanisam:

    1. Client request SSL connection
    2. Server presents certificate
    3. Client verifies server certificate
    4. Client generate a session key, encrypts it with the server’s public key
    5. Using the session key, client and server swith to asymmetric key encryption
    6. HTTPS communications

      Note : Because the client chooses its own session key, nobody else knows it. It can securely send that session key to the server using the server’s public key. Now nobody but client and server knew the session key. The session key is then used as “shared secret” to switch to much more efficient symmetric key encryption.

      Certificate (signing certificate) contains information about the server, including the server’s public key, and is digitally signed by the certificate authority.

    Configuration of SSL in WebSphere :

    SSL configuration can be achived in three different ways

    1) From Admin console:

    Once we get the certificate from CA (Certificate Authority) then we will import into trust store. To enable security between IHS and Application server we need to export defaut personal certificates of all nodes and import the same to the trust store of the IHS.

    2) Command line :

    By using “gsk7cmd” command we can achive the SSL configuration. Gsk7cmd provides the otions like import ,export,list,create options for certificates

    Gsk7cmd –cert –create –db plugin-key.kdb –pw password –label ‘websphere pluginkey’ -dn

     

    3) ikeyman:

    By using ikeyman we can open the KDB(key data base) and add the certificates to the key database.

    What is the difference between round robin and random load balancing?

    a)     Round robin load balance is nothing but symmetric clustering and random load balancing nothing but asymmetric clustering

    What is the activity log and what it is useful?

    The application server creates the activity.log file from the activity of the various WebSphere Application Server components. you cannot read this log with a text reader. You ca use this script called, showlog under appserver root.
    Ex.,
    ./WAS_INST_ROOT/bin/showlog PATH_TOACTIVITY_LOG/activity.log
    like this
    websphe: /software/opt/IBM/WebSphere/AppServer/bin
    $ ./showlog ../profiles/AppSrv*/logs/activity.log
    This displays ur activity log something like this, just as a sample:
    ExtendedMessage:

    What are the different roles available in the WAS?

  12. In WAS we have the following roles

     

    Monitor: Least privileged; allows a user to view the WebSphere configuration and current application server state.

    Configuration: Monitor privileges plus the ability to change the WebSphere configuration.

    Operator: Monitor privileges plus ability to change runtime state, such as starting or stopping servers.

    Administrator: Operator, Configuration, and iscadmins privileges, plus additional privileges granted solely to the administrator role, such as

    Modifying the primary administrative users and passwords.

    Mapping users and groups to the administrator role

    Enabling or disabling administrative and java 2 security

    Additional console security roles :

    Iscadmins (Integrated solutions console) : 

    Only available for administration console users

    Allows a user to manage users and groups in the federated repository.

    Deployer :

    Only available for wsadmin users(not for administration console)

    Allows a user to change configuration and runtime state on application using wsadmin

    Admin Security Manager:

    1. Only available for wsadmin users
    2. Allows a user to map users to administrative roles using wsadmin
    3. When restricted access to resource authentication data is in effect, users can also manage authorisation groups.

    How many levels we can enable the trace file?

  13. LEVEL = all | entryExit | debug | event

    If memory leakage is there in then where (in which file) we get this information?

  14. Memory leakage information can get in the process logs ( Native_stdout and Native_stderrer logs)

    How many ways we can federate the Node?

    Ans     Before federating any Node we must make sure

    Application server should be started on the Node to be added

    We need to find the SOAP connector for DMGR( we can find this in communication section in the detailed page for the application server(DMGR) default is 8879 )

     

    From the Admin Console:

    Select System Administration –> Nodes –> AddNode

    Select Managed Node and click next then specify the HostName of the Node to be added to the cell. Then select the connector type (SOAP or RMI) and connector port. If security is enabled provide user id and password and include application (if required)…..

    ii) Using the AddNode Command:

    To use AddNode command do the following

    1. Open a command line window on the system that has the running stand –alone application server
    2. Change the directory to <Profile_Home>/bin directory of the stand alone application server installation
    3. Execute “AddNode” Command

      Syntax with Ex:

      <Profile_Home>/bin>AddNode <DMGR_HOST> <DMGR_SOAP_PORT> [Options]

      Options include like

      -conntype [SOAP/RMI]

      -includeapps (It includes installed application on the stand alone Node)

    Note: We can add Node from DMGR installed system as well, in this option we need to give the Host name and port number of the stand alone application server’s credentials instead of DMGR’s.

    How many ways we can synchronise a node?

  15. We can Sync Node in two ways
    1. From Command prompt : stop the Node then issue the “SynNode” command in the command prompt.

      <Node_Host>/bin> SyncNode <DMGR_HOST> <DMGR_PORT> [Options]

      -username

      -password

      -restart

      -conntype

      -quit

      -stopserver

    2) From Admin Console: 

    Select System Administration –> Nodes–> Synchronise (Select the Particular node to sync)

    How many user registries are available in the WAS 6.X?

    There are four user registries

    Local O/S

    LDAP

    Federated repository

    Custom Repository

    Tell about federated repository?

    Federated Repository is one of the existing users registry type. In this method we can use multiple repositories with WebSphere application server.

     

  • Default repository is a file based federated repository
  • Can be file based, LDAP, Multiple LDAPs or subtree of an LDAP
  • Defined and theoretically combined under a single realm
  • All of the user repositories that are configured under federated repository functionality are invisible to WebSphere application server.
  • Federation capabilities are provided by the VMM(Virtual Member Manager)

If we give heap size value same for both min and max then what are the advantages and what are the disadvantages?

  1. The Java heap parameters influence the behavior of garbage collection. Increasing the heap size supports more object creation. Because a large heap takes longer to fill, the application runs longer before a garbage collection occurs. However, a larger heap also takes longer to compact and causes garbage collection to take longer.

    The JVM has thresholds it uses to manage the JVM’s storage. When the thresholds are reached, the garbage collector gets invoked to free up unused storage. Therefore, garbage collection can cause significant degradation of Java performance. Before changing the initial and maximum heap sizes, you should consider the following information:

    In the majority of cases you should set the maximum JVM heap size to value higher than the initial JVM heap size. This allows for the JVM to operate efficiently during normal, steady state periods within the confines of the initial heap but also to operate effectively during periods of high transaction volume by expanding the heap up to the maximum JVM heap size.

    In some rare cases where absolute optimal performance is required you might want to specify the same value for both the initial and maximum heap size. This will eliminate some overhead that occurs when the JVM needs to expand or contract the size of the JVM heap. Make sure the region is large enough to hold the specified JVM heap.

    Beware of making the Initial Heap Size too large. While a large heap size initially improves performance by delaying garbage collection, a large heap size ultimately affects response time when garbage collection eventually kicks in because the collection process takes more time.

    What is FFDC?

  2. The first failure data capture (FFDC) log file saves information that is generated from a processing failure. These files are deleted after a maximum number of days has passed .

     

    There are two artifacts which are produced by FFDC, the information can be located in the <Install Root>/logs/FFDC directory:

    • Exception Logs:<ServerName>_Exception.log
    • Incident Stream:<ServerName>_<threadid>_<timeStamp>_<SequenceNumber>.txt

    Exception Log
    row elements
    The exception logs contains all of the exception paths which have been encountered since the server has started. Due to optimizations in the data collection, the table was created to give an over view of the exceptions which have been encountered in the server. A entry in the table look like this :

    Index Occur Time of last Occurence Exception SourceId ProbeId
    ences
    ———————————————————————–
    1 1 02.04.11 13:12:33:711 CDT java.io.IOException com.ibm.ws.webcontainer.http.HttpTransport.startTransport 103

    The first element in the row is a simply index, this is simply used to determine the number of rows in the table. In some entries, a ‘+’ may appear in the first column, this indicates that the row has been added to the table since the last time the entire table was dunmped.

    The second element is the number of occurences. This is useful to see if there is an unusual number of exceptions which are occurring.

    The third element in the row, is a time stamp for the last occurence of the exeception. This is useful in looking at exceptions which have occurred at about the same time.

    The last element in the row is a combination of values. This consists of the exception name, a source Id and the probe Id. This information is useful to locate information in the incident steam about the specific failure.

    file content
    The make up of the file can be a little confusing when first viewed. The file is a accumulation of all of the dumps which have occurred over the life of the server. This means that much of the informaion in the file is out of data, and does not apply to the current server. The most relevent information is the last (tail) of the file.

    It is quite easy to locate the last dump of the exception table. The dump will be deliminated by ‘——————-…’. Entries which begin with a ‘+’ appear outside the delimination of the table, and indicate that they are additions to the table since the last time the table was dumped. (Again due to performance concerns, the table is dump only periodically, and when the server is stopping).

    Here is a screen image of the end of the Server1_Exception.log

    The information in the above file is displayed in the unordered form as the hash table. A more viewable form of the file would be to actually sort the output based upon the time stamp. (This is done by using mks commands, hopefully there are available on your system).

    Sorted output of only the last dump of the exception table for Server1_Exception.log. This is done by the following command :
    tail -n<n> <servername>_exception.log | sort -k4n
    where n is the number exceptions in the exception table plus 1 (use the index value to determine this value).
    <servername> is the name of the server.
    Note: The sort key needs a little work for servers which have rolled the data.

    For demonstration purposes, the start, run and stop time have been included in the exception log..

    Incident Stream
    The incident stream contains more details about exceptions which have been encountered during the running of the server. Depending on the configuration of the property files, the content of the incident streams will vary.

    The default settings of the property files, the incident stream will not contain exception information for exceptions which were encountered during the start of the server (due to the Level=1 in the ffdcStart.properties). But where the server does to ready, and new exeception which is encountered will be processed.

    The incident stream files should be used in conjunction of the exception log. The values which are contained in the exception log, in most instances will have a corresponding entry in the incident stream. The relationship between the exception log and the incident stream is the hash code which is made up of the exception type, the source Id, and the probe Id. The simpliest way to look at this information is to use the grep command. The information is not all contained on the same line, if you need to know the exact file containing the value, you can use a compound grep command.

    file content
    The file contains information on exception which have been encountered. Each exception will contain information which corresponds to the information (exception name, source Id and the probe Id) contained in the exception table (documented above). If the catch of the exception is a non-static method, the content of the this pointer. In some instances, if there is a diagnostic module which corresponds to the current execution, the DM will write the information about the state of the object to the incident stream.

    The call stack will also be written to the incident stream.

    In some instances, there may be an exception which was encountered while the server is running which will not produce a call stack. This is because the exception was encountered during the start of the server, and since the server started, the exception is considered to be a normal path exception. All of the exception can be seen by either looking at all of the runtime exceptions, or looking at all of the exceptions.

    How many SSL Certificate authorities available in today’s market ?

    There might be many SSL CAs. Some of the SSL CAs are

    Etrust

    Verisign

    Geotrust

    RSA etc.

     

    Tell about class loader and where we use?

  3. Class loader enable the Java Virtual Machine( JVM) to load java classes. Given the name of a class, the class loader locates the definition of this class. Each java class must be loaded by a class loader.

    There are three class loaders:

    Bootstrap class loader

    The Extensions class loader

    The application class loader

    Default class loader option is Parent first class loader.

    How many certifications are available in the WAS?

    a)Application Servers: Distributed Application and Web Servers
    Test 377, IBM WebSphere Application Server, Network Deployment, V7.0, Core Administration I May 2009 253
    Business Integration: Application Integration and Connectivity
    Test 378, IBM WebSphere DataPower SOA Appliances Firmware V3.7.x I June 2009 289
    Test 374, IBM WebSphere MQ V7.0, System Administration I July 2009 994
    Test 376, IBM WebSphere MQ V7.0, Solution Design I August 2009 996
    Business Integration: Dynamic Business Process Management
    Test 372, IBM WebSphere Business Modeler Advanced V6.2, Business Analysis and Design I July 2009 992
    Test 375, IBM WebSphere Process Server V6.2, System Administration I October 2009 995
    Commerce: Web Commerce
    None in plan.
    Software Development: Web Services
    Test 371, Web Services Development for IBM WebSphere Application Server V7.0 I August 2009 807

     

    * E = entry; I = intermediate; A = advanced

     

    36)    What are the differences between 5.x and 6.x ?

    WAS 6.x has all the features of WAS 5.x along with some additional features included in the WAS 6.x which are

  • Multiple profiles creation with a single installation.
  • Introduction of service integration Bus (SIB) for messanging.
  • Has default JMS providers
  • Webservers can be managed from VD admin console and also can create generic servers.
  • Has some extra addons in the admin console navigation tree.
  • Rollout Application update option:

    Automatic roll out of application update in a clustered environment

    Ensures no service interruption of the application. Stops,updates and starts the application one cluster member at a time, while the other cluster members continue to run the application

  • Enhanced EAR file:

    Using the enhanced EAR editor from the Application Developer or application Server Toolkit, you can define resources and properties for the application

    For example datasource, JAAS authentication aliases, Environment Variables etc.

    Are embed within the application resulting in an Enhanced EAR, and then export that to be installed by your system administrator. the system administrator no longer need to define this deployment information, as it is already included.

    • Mixed version Node in cell:

      supports V5x and V6 nodes in a Cell, Dmgr must be V6 level. V5x node can be on different platforms.

    • Rapid Deployment:

      Websphere rapid deployment(WRD) simplifies the development and deployment of application. It’s capabilities include annotation-based programing,deployment automation, and change-triggered process. to use WD functionality, no changes are required on the application server. It uses existing application server administration function to deploy and control applications.

      Annotation-based programming allows the developer to add metadata tags into application source code. WRD uses the metadata to generate additional J2EE artifacts needed to run the application on the application srver environment.

      Change trigger processing provided automatic monitoring of changes to the WRD user workspace. Changes trigger the automatc generation of code and deployment of the application to the application server.

    • J2EE support:

      WebSphere application server v6 supoorts three levels of the J2EE specification. J2EE 1.4 is the new level supported with V6 with exsting J2EE 1.2 and J2EE 1.3 applications will continue to run on v6

    • WebSphere application server V6 files are divided into two categories:

      Product files: shared application binaries for WebSphere

      User files; set of user customizations include WebSphere configuration, installed applications, resource adapters, properties, log files, transaction log files etc.

     

    • Improved Administrative Console Appearance and functionality

      console views change based on the context

      version

      platporm

      installed capabilities

  • Integrated Tivoli Performance viewer
  • Integrated IBM HTTP server V6 management
  • Fine Grinned Application update:

    Ability to add, update or remove parts of the installed application and restart the changed part.

  1. Why you prefer 6.x ?

    Absolutely WAS 6X because in 6x there are advanced features than earlier versions so we prefer 6X

  2. What is the command to create profile ?
  3. Manageprofile create -ProfileName <profile_name>

    -Profilepath <Profile_path>

    -NodeName <Node_Name>

    -templatePath <Templete_path>

    -cellName <Cell_Name>

    -hostName <Host_Name>

    List Profile:

    Manageprofile –listprofiles

    Delete Profile:

    Manageprofile –delete –profilename <profile_name>

  4. How many ways we can deploy the application ? and What is the command to deploy application ?
  5. It depends on the version of the WAS we are using, but 5X and above provide the following options.
    1. Using Admin Console:

      In admin console

      Enterprise applications — > Install

      Provide the required parameters like full path, context root, etc.

    2. Hot Deployment :

      “We could copy directly the JAR files to the deployedapps folder in the websphere ” we call this method as Hot Deployment

      Dropping JSP files, with enabled class reloading ( Not recommended for Production)

    3. Using Wsadmin command:
    4. Using Jacl or Jython Scripts:

     

    1. Rapid Deployment (Feature available at 6x):
      1. WebSphere rapid deployment (WRD) simplifies the development and deployment of application. It’s capabilities include annotation-based programing, deployment automation, and change-triggered process. to use WD functionality, no changes are required on the application server. It uses existing application server administration function to deploy and control applications.

      Annotation-based programming allows the developer to add metadata tags into application source code. WRD uses the metadata to generate additional J2EE artifacts needed to run the application on the application srver environment.

      Change trigger processing provided automatic monitoring of changes to the WRD user workspace. Changes trigger the automatic generation of code and deployment of the application to the application server.

  6. What is authentication mechanism in JDBC driver?
  7. In JDBC driver configuration we can configure the authentication details in J2C authentication pan. This is the credentials to login into the Relational database.
  8. How u will secure your administrative console, if u r using local O/S users registry u r getting messages like not able to authenticate what u will do? What is the solution?
  9. There might be the privileges issue to the user in O/S level. So we need to give proper privileges to the user by logging in as System administrator.
  10. What is the difference between WAR, EAR, JAR and what is the difference between deployments of these?
  11. In J2EE application modules are packaged as EAR, JAR and WAR based on their functionality
    JAR: EJB modules which contains enterprise java beans class files and EJB deployment descriptor are packed as JAR files with .jar extenstion
    WAR :Web modules which contains Servlet class files,JSP FIles,supporting files, GIF and HTML files are packaged as JAR file with .war( web achive) extension
    EAR :All above files(.jar and .war) are packaged as JAR file with .ear ( enterprise archive) extension and deployed into Application Server.

    There is no much difference in deploying these applications. We need to give context root for WAR and for others no need to give.

    EAR deployment:

    If we have two or more modules then we can target individual modules to individual servers.

  12. How you will solve if u get page can’t displayed?
  13. It is a HTTP 404 error. If you get this error we need to check the logs for application server status. The page expecting by the request is not finding that means request is reaching the server but it is not available at expected location.
  14. WAS architecture?

    The WebSphere architecture contains

    Cell, DMGR, Node.

    Where Cell on top of the hierarchy. Within the cell Dmgr will be there where admin console is lying. For the Cell we can federate the Nodes and on the Nodes we can configure the application servers.

    If you want then I can explain the Web container and EJB container and Web server and JDBC etc.

     

    Web container

    when we receive request from client browser so web container will act as interface between client request and Servlets and jsp in other words Servlets and jsp will reside under web container in order to server client request. hence we required web container in order to invoke Servlets or JSP (Java Server Pages)

    EJB Container:

    An Enterprise JavaBeans (EJB) container provides a run-time environment for enterprise beans within the application server. The container handles all aspects of an enterprise bean’s operation within the application server and acts as an intermediary between the user-written business logic within the bean and the rest of the application server environment.

    One or more EJB modules, each containing one or more enterprise beans, can be installed in a single container.

    The EJB container provides many services to the enterprise bean, including the following:

  • Beginning, committing, and rolling back transactions as necessary.
  • Maintaining pools of enterprise bean instances ready for incoming requests and moving these instances between the inactive pools and an active state, ensuring that threading conditions within the bean are satisfied.
  • Most importantly, automatically synchronizing data in an entity bean’s instance variables with corresponding data items stored in persistent storage. 
  1. What is cluster, how request routes between cluster members?
  • The algorithm which we select for load balance will route the requests. There are two algorithms
  1. Round robin
  2. Random
  1. Can you give me two major issues you faced and solved?

    a)     The application was having error with SSL , shows bad certificate on the application right cornor..So customer requested for root cause for GSK_ERROR_BAD_CERT .

     

    I investigated…… like certificsate mismacth between Plugin and the WebSphere..

     

    1. I found in the WAS console that, the default personal certs in the node level of WAS in not reflected in the web servers. Which was added in the DMGR?

    Steps i followed to resolve this are :

     

    1. I noted down the personal certificates serial no from the nodes by navigating to

    Security –> SSL certificate and key management–> Manage endpoint security configurations –>Inbound–> expand cell–>Node–> Key stores and certificates –>NodeDefaultKeyStore–>Personal Certificates

    Noted down the serial number of the default certificate then

    — >Extracted the certificate to Server temp path.

    Come to inbound/outbound—> expand cell–>node–>web server–> Key stores and certificates–>CMSkeystore –>signer certificates–> verify the serial no of the previous nodes certs….

    I found one of the cert is not appear here in Web server.

     

    i Added the same from here.. as i already enabled Dynamically update the runtime when changes occur” option.. it should update without restart…

    Then i came to Plugin-key.kdb to verify whether the added cert is updated in the KDB or not.. using ikeyman.

    Reference:

    http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg21264477

    http://www-01.ibm.com/support/docview.wss?uid=swg21198862

     

    a copy of WebSphere Application Server V6.1 or V7.0 (or another related product) is present in the specified directory, even when the ODM VPD is clean.

     

    While uninstalling the older version of WAS(5.x) to upgrade it to 6. we uninstalled and but it was not uninstalled clearly….

    We tried to remove the registry with Smitty tool… after that also we are not able to install as it says the path contains the WAS already installed.

    So we contacted the WAS product support from IBM raised PMR.. where we got some resolutions to clear the ODM……

    Then they suggested to try with

    manual_WebSphere_ODM_wipe.sh

    manual_IHS_ODM_wipe.sh

     

    After that we followed the same with suggested steps and we succeeded finally we upgraded to 6x.

    It was one of challenging task in my career

  2. What is the Ticketing process and escalation /approval process?
  3. For all issues operations team gets alerts and they used to raise the tickets against the appropriate team through USD (unicentre service desk). Depending on the priority we used to allot the tickets. The priority was like (high priority P1, P2, and low priority P3, P4, P5). Low priority tickets were attending by offshore team and high priority were serving by onsite team. For high priority tickets we need to get approvals from the service delivery manager. Intern service delivery manager will take all approvals from the client side to deliver the solution. Once we get the approvals then service delivery manager will start a bridge call
  4. What is the difference between web server and App Server?
  5. A Web server exclusively handles HTTP requests, whereas an application server serves business logic to application programs through any number of protocols
  6. What is rollout update in was6.1?
  7. Automatic roll out of application update in a clustered environment

    Ensures no service interruption of the application. Stops, updates and starts the application one cluster member at a time, while the other cluster members continue to run the application

  8. What is JDK version supporting in WAS 6.1?
    1. J2RE 1.5.0
  9. How to set plug-in logs ?

  10. In Administrative console

    Servers –> Webservers –>Webserver –>log files (configuration tab)( here we can change the path of the log files (access.log,error.log)

  11. What is the difference between heap dump and thread dump?
  12. Heap dumps anytime you wish to see what is being held in memory Out-of-memory errors
    Heap dumps – picture of in memory objects – used for memory analysis
    Java cores – also known as thread dumps or java dumps, used for viewing the thread activity inside the JVM at a given time. IBM java cores should a lot of additional information besides just the threads and stacks — used to determine hangs, deadlocks, and reasons for performance degradation

    System cores

    Heap dumps are taken by issuing a “kill -3? against the JVM pid. There is a cost associated with producing heap dumps. The writing of the heap dump can be cpu and i/o intensive depending on the size of the configured heap, you can take heap dumps anytime you wish to see what is being held in memory. Out-of-memory errors or a good time to view heap dumps. In fact,in most cases heap dumps should be created when an OOM is triggered. Unless you’re an administrator or root you’ll need to own the process you want to kill in order for the command to work.
    Depends on the OS.

    Java cores also known as thread dumps or java dumps, used for viewing the thread activity inside the JVM at a given time. Thread dump should also contain a lot of additional information besides just the threads and stacks used to determine hangs, deadlocks, and reasons for performance degredation.

    The kill -3 command captures JVM signals and dumps the requested diagnostic material.There are options available to dump the heap in .txt format this files can be huge and unless you’re a genius with lots of time on your hands – don’t try to read the text dump with vi or something…..…….
    Use MDD4J or HeapAnalyzer.

    For taking heap dumps you need set these environment entries for that JVM using admin consle(this is one way of doing taking heap dumps, u can also go with jacl or jython scripts)
    IBM_HEAPDUMP TRUE
    IBM_HEAPDUMP_OUTOFMEMORY true(if a OOM occurs, a dump is saved to /tmp
    IBM_HEAPDUMPDIR appropriate directory.
    Now, if you run kill -3 pid, then a heap dump is taken in the specified directory and also a core dump will be taken. If you didn’t specify any environment entries then only a core dump is taken

    1. How you will check the details of a process if you know only port number of that process?

      First we need to find the socketno of that port by using

      Netstat –Aan|grep <port_no>

      Then we need to find the sid by using the socketno

      Rmsock <socketno> protocol

      Ex:

      #netstat –Aan|grep 944

      #f100020000fc4398 ……………you get some more information….

      #rmsock f100020000fc4398 tcpcb

      The socket oxfc4008 is being by process 626888 (Java)

      Ps –ef|grep 626888

      You get the detailed information about the said process.

  13. What are the regular issues you get in production support and how you resolve them?
  14. Usually we get tickets from the operational team. Some of the call which we faced are
  • Out of Memory:

    If we get this error we need to check for the standards configured in the application server. I mean heap settings in the server and if not we need to resent according to the standards. If you are getting this error frequently then we need to ask application team to check for the memory leakage. We can get this statics from the Natice_stdout and Native_stderr files.

  • No of connections reached

    Check for the recommended connection pool size in the JDBC driver.

Check the unused connections.

Temporarily increase the connection pool size.

After analysing the logs and situation if required then recycle the application server to resolve the issue.

  • File System issue:

    Check the file system by using DU

    Forward to the System admin team and coordinate for the resolution.

  • Thread Dump:

    Create the thread dump by issuing kill-3 command and forward to the application team for analysis.

  • 100% CPU utilisation:

    Check for the CPU utilisation bye using TOPAS command.

    If required then kill some of the non important process which are taking more cpu %

  • HTTP errors like (HTTP 400,401,403,404,500,502 etc.)

HTTP 400 (Bad Request):

This error comes with because of syntax errors in the URL which was typed by client. Need to provide the correct (updated) URL to the users.

HTP 401(UN authorised):

This error comes after providing the credentials .that means the provided credentials are not having the privileged access to the requested content or page.

We need to access for the requirement of the access to the credentials if require we need to add this user to the group to which the privileged access is there for the particular page or content.

HTTP 403 Forbidden:

Edge component is not configured properly

SSO configuration might be not configured yet. WCP (WebSphere Catching component)

There was separate team for proxy configuration so no idea on this issue.

HTTP 404 (Page not found or file not found):

Need to check the system out file for the logs and verify the ear file

HTTP 500 internal errors:

It is server-side error (Web server or application server). Might be application server or web server or down. Need to recycle by verifying the system out logs for analysis.

HTTP 502 Bad Gateways:

This might be because of Network issue. To resolve this issue we need to engage the Network team and coordinate for the solution.

  1. What are the disadvantages of Memory to memory replication?

    Ans)    it consumes large amount of memory in networks with many users, because each server has a copy of all sessions. And another disadvantage is each change to a session must be replicated to all application servers.

  2. Difference between horizontal clustering and vertical clustering?

    Ans)    the main difference between horizontal cluster and vertical cluster are:

  3. We can configure the cluster members on the same node in the vertical clustering, whereas in horizontal clustering cluster members will be there on different nodes. In other words A WebSphere cluster consists of having multiple application servers (cluster member or clones) across a machine (Vertical Cluster) or across several machines (Horizontal Cluster)
  4. Without admin console how to administrate the web server?

    Ans)     Using the “httpd.conf” file.

  5. What is meant by symptom data base?

    Ans)    A symptom database is an XML file of symptoms, string match patterns, associated solutions, and directives.  The database is used in the analysis of event and error messages that may occur in a log.

    A symptom is an error or event message. It may have a solution associated with it in the symptom database. A solution is information about why an error or an event may have occurred and how to recover from it.

    Log records can be analyzed using a symptom database to interpret known events and error conditions, and to get detailed information on error resolution.

    Symptom databases can be imported from an external XML symptom database, saved, and exported into an external file in XML format. You can either import symptom databases from a local or a remote host.

  6. What is collector tool?

    Ans)    1) Collector tool is the tool which collects the information about the websphere application server installation and configuration.

  7. This is available in two versions
  8. Default standalone collector( implemented as a shell script in profle root) collects almost all the logs and configuration files found on the system, without distinction
  9. A new flexible collector tool is integrated into ISA
  10. In either case, the result is JAR file that contains a lot of information needed by IBM support to diagnose the problem
  11. JAR file is to IBM support
  12. Only need to be run upon IBM support’s request.
  13. What is loganalizer & how to use?

    Ans)      Log Analyzer provides interactive interface to WebSphere activity log and contains on-line diagnoses and resolutions to known problems

    Log analyser, the tool that was previously provided for viewing and analyzing the activity or service log file, is removed from 6.1 release of the IBM WebSphere application server.

    Instead, use IBM log and trace analyser for Eclipse in the application server toolkit, installable from the launchpad console.

    For more information, see ‘application server toolkit> detecting and analyzing runtime problems > log and trace analyzer’ in the information center.

    Overview

    The Log Analyzer, is a separately downloaded feature of WebSphere 3.5.2 and later (it is now bundled with WebSphere 4.0x. 4.0+ and 5.0 users do not need to download the the tool). It is designed to assist customers in diagnosing and resolving common runtime problems.

    Starting the Log Analyzer in Windows

    Windows users may launch it manually with the command <WebSphere Root>\bin\waslogbr

    Starting the Log Analyzer in Unix

    1. Change directory to <serverRoot>/bin; and

    2. Invoke shell script waslogbr

    ./waslogbr

    The Log Analyzer is a GUI application, so Unix users will need to launch it from a machine with a CDE-type environment, or export the display to a GUI client platform.

    Using the Log Analyzer

    Once the tool has opened, use the File->open menu item, and select the file <websphere install root>/logs/activity.log. (You can also browse to activity.logs which customers have sent you.) Expand the tree of WebSphere admin and app server logging sessions. Uncolored records are “normal”, yellow are warnings, and pink are errors. If you select a record, you’ll see its contents, including the basic error or warning message, date, time, which WebSphere component logged the record, and which process (i.e., admin server or an app server) it came from, in the upper-right hand pane.

    The Log Analyzer does not analyze any other log files, such as default_stderr.log or tracefile.

    To analyze the records, right click on a record in the tree on the left (click on the “UnitOfWorkView” at the top to get ‘em all), and select “analyze”. Now any records with a green check mark next to them match a record in the symptom database. When you select a check-marked record, you’ll see and explanation of the problem in the lower-right-hand pane.

    Updating the symptom database

    The database of known problems and resolutions — used by WebSphere when you click the “analyze” menu item — is periodically enhanced as new problems come to light and new versions of WebSphere are introduced. To ensure that you have the latest version of the database, use the “file -> update database -> advanced symptom database” menu item from within the log analyzer tool. A good rule of thumb would be to do this at least once a month. Users who have just installed the product and have never run the update should do so immediately, since extensive updates have been made since the tool was released.

  14. What is MBeans?

    Ans)     MBeans are managed beans, Java objects that represent resources to be managed.  An MBean has a management interface consisting of:

  • Named and typed attributes that can be read and written
  • Named and typed operations that can be invoked
  • Typed notifications that can be emitted by the MBean

    Websphere application server provides a number of MBeans, each of which can have different function and operations available. For ex

  1. An application server MBean migh expose operations such as start and stop
  2. An application MBean might expose operations such as install and uninstall.

    For example, an MBean representing an application’s configuration could have attributes representing the different configuration parameters, such as a cache size. Reading the CacheSize attribute would return the current size of the cache. Writing CacheSize would update the size of the cache, potentially changing the behavior of the running application. An operation such as save could store the current configuration persistently. The MBean could send a notification such as ConfigurationChangedNotification when the configuration changes.

    MBeans can be standard or dynamic. Standard MBeans are Java objects that conform to design patterns derived from the JavaBeans component model. Dynamic MBeans define their management interface at runtime.

    A standard MBean exposes the resource to be managed directly through its attributes and operations. Attributes are exposed through “getter” and “setter” methods. Operations are the other methods of the class that are available to managers. All these methods are defined statically in the MBean interface and are visible to a JMX agent through introspection. This is the most straightforward way of making a new resource manageable.

    A dynamic MBean is an MBean that defines its management interface at runtime. For example, a configuration MBean could determine the names and types of the attributes it exposes by parsing an XML file.

  3. What is SSO ?

    Ans) Single sign-on (SSO) is a property of access control of multiple, related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them. Single sign-off is the reverse property whereby a single action of signing out terminates access to multiple software systems.

    As different applications and resources support different authentication mechanisms, single sign-on has to internally translate to and store different credentials compared to what is used for initial authentication.

  4. Difference between cell and nodegroup?

    Ans)    the node group can exist in the cell

    The main difference between node group and cell is cell can have nodes which are there in different platforms but nodegroup will have all the nodes which exist on same type of platform

    Ex: in cell you can have nodes which are there in IBM AIX,HP AIX, Windows, Sun Solaris..

    But we will group all windows platform based nodes into one group, and all IBM AIX nodes into one group etc.

  5. Shall we have different nodes in different platforms with in a node group?

    Ans)    No, because node group is nothing but group of nodes which are there on same platforms.

  6. What is TPV?

    Ans)     Tivoli Performance Viewer. The Tivoli Performance Viewer (TPV) enables administrators and programmers to monitor the overall health of WebSphere Application Server without leaving the administrative console.

    From TPV, you can view current activity or log Performance Monitoring Infrastructure (PMI) performance data for the following:

  • System resources such as CPU utilization
  • WebSphere pools and queues such as a database connection pool
  • Customer application data such as servlet response time

    In addition to providing a built in viewer for PMI, TPV also allows you to view data for other products or customer applications that implement custom PMI

  1. What is the purpose of JNDI?

    Ans)    Sun’s JNDI API is a standard extension to the java platform and it allows the java application to access naming and directory services. With the help of JNDI java applications can seamlessly access the heterogeneous enterprise naming and directory services like DNS, LDAP, and Local file system, or objects in an application server.

  2. What is trace file & where you get more details in trace or log files?

    Ans) Trace file contains the step by step activity details of the WAS process. Trace file only contains more details than the logfile

  3. What is virtual host and give two different virtual hosts?

    Ans)     The term Virtual Host refers to the practice of maintaining more than one server on one machine, as differentiated by their apparent hostname. For example, it is often desirable for companies sharing a web server to have their own domains, with web servers accessible as http://www.company1.com and http://www.company2.com, without requiring the user to know any extra path information.

  4. What are difference scripting options in wasadmin engine?

    Ans)    There are four types of scripting options

  5. Admincontrol
  6. Adminconfig
  7. AdminApp
  8. AdminTask
  9. What are the WAS resources?

    Ans) WAS resources are

    JDBC, JMS,Mail service,    Resource Adpaters, Cache instances, URL,Etc..

  10. What is the functionality of web server plug-in file?

    Ans)    Web server plug-ins

    A Web server can serve requests that do not require any dynamic content (for example, HTML pages). However, when a request requires dynamic content, such as JavaServer Pages (JSP™) or servlet processing, it must be forwarded to WebSphere Application Server for handling. To forward a request, you use a Web server plug-in that is included with the WebSphere Application Server packages for installation on a Web server. You copy an Extensible Markup Language (XML) configuration file, configured on the WebSphere Application Server, to the Web server plug-in directory. The plug-in uses the configuration file to determine whether a request should be handled by the Web server or an application server. When WebSphere Application Server receives a request for an application server, it forwards the request to the appropriate Web container in the application server. The plug-in can use HTTP or HTTPs to transmit the request.

  11. How to detect the hangs of JVMs?

    Ans)    If your logs are not rotating that means your JVM hanged.

  12. What is FFDC? Where you will use?

    Ans)    FFDC is nothing but first failure data capture. This is generated at the first time failure of your system. It will be deleted after some time automatically. It is usefull for diagnosis purpose.

  13. How you get better performance by giving the –xnoclassgc in generic JVM arguments in the JVM ?

    Ans) By default the JVM unloads a class from memory when there are no live instances of that class left, but this can degrade performance. Tuning off class garbage collection eliminates the overhead of loading and un-loading the same class multiple times.

    If a class is no longer needed, the space that it occupies on the heap is normally used for the creation of new objects. However if you have an application that handles requests by creating new instance of a class and if requests for that application come in at random times, it is possible that when previous requester is finished, the normal class garbage collection will clear up this class by freeing the heap space it occupied, only to have re-instantiate the class when the next request comes along. In this situation you might want to use this option to disable the garbage collection of classes

    Avoid Trouble:

    This option should be used with caution, if your application creates dynamically or uses reflection, because for this type of application, the use of this option can lead to native memory exhaustion, and cause the JVM to throw an out of memory exception. When this option is used, if have to redeploy an application you should always restart the application server to clear the classes and static data from the previous version the application.

    1. What is Webcontainer failover?

      Ans)    The Web server plug-in in the Web server is aware of the configuration of all

      Web containers and can route around a failed Web container in a cluster.

      Sessions can be persisted to a database or in-memory using data replication

      services.

    2. Explain about dynamic cache in WAS ?

Ans)    Dynamic cache service

The dynamic cache service improves performance by caching the output of servlets, commands, Web services, and JSP files. The dynamic cache works within an application server, intercepting calls to objects that can be cached (for example, through a servlet’s service() method or a command’s execute() method). The dynamic cache either stores the object’s output to or serves the object’s content from the dynamic cache. Because J2EE applications have high read-write ratios and can tolerate small degrees of latency in the currency of their data, the dynamic cache can create significant gains in server response time, throughput, and scalability. The following caching features are available in WebSphere Application Server:

 

Cache replication

Cache replication among cluster members takes place using the WebSphere data replication service. Data is generated one time and then copied or replicated to other servers in the cluster, saving execution time and resources.

 

Cache disk offload

By default, when the number of cache entries reaches the configured limit for a given WebSphere server, eviction of cache entries occurs, enabling new entries to enter the cache service. The dynamic cache includes an alternative feature named disk offload, which copies the evicted cache entries to disk for

potential future access

Edge Side Include caching

The Web server plug-in contains a built-in Edge Side Include (ESI) processor. The ESI processor caches whole pages, as well as fragments, providing a higher cache hit ratio. The cache that is implemented by the ESI processor is an in-memory cache, not a disk cache. Therefore, the cache entries are not

saved when the Web server is restarted.

 

External caching

The dynamic cache controls caches outside of the application server, such as that provided by the Edge components, an IBM HTTP Server’s FRCA cache that is not z/OS, and a WebSphere HTTP Server plug-in ESI Fragment Processor that is not z/OS. When external cache groups are defined, the dynamic cache matches external cache entries with those groups and pushes out cache entries and invalidations to those groups. This external caching enables WebSphere to manage dynamic content beyond the application

server. The content can then be served from the external cache instead of the application server, improving performance.

 

Dynamic caching

 

The dynamic cache service improves performance by caching the output of servlets, commands and JSP files. The dynamic cache works within an application server, intercepting calls to cacheable objects, for example through a servlet’s service() method or a command’s execute() method, and either stores

the object’s output to or serves the object’s content from the dynamic cache. Because J2EE applications have high read-write ratios and can tolerate small degrees of latency in the currency of their data, the dynamic cache can create an opportunity for significant gains in server response time, throughput, and

scalability. The following caching features are available in WebSphere Application Server.

Cache replication:

Cache replication among cluster members takes place using the WebSphere internal replication service. Data is generated one time and copied or replicated to other servers in the cluster, thus saving execution time and resources.

 

Cache disk offload:

By default, when the number of cache entries reaches the configured limit for a given WebSphere server, eviction of cache entries takes place, allowing new entries to enter the cache service. The dynamic cache includes an alternative feature named disk offload, which copies the evicted cache entries to disk for potential future access.
Edge Side Include caching:

The Web server plug-in contains a built-in ESI processor. The ESI processor has the ability to cache whole pages, as well as fragments, providing a higher cache hit ratio. The cache implemented by the ESI processor is an in-memory cache, not a disk cache; therefore, the cache entries are not saved when the

Web server is restarted.

 

External caching:

The dynamic cache has the ability to control caches outside of the application server, such as IBM Edge Server, a non-z/OS IBM HTTP Server’s FRCA cache, and a non-z/OS WebSphere HTTP Server plug-in ESI Fragment Processor. When external cache groups are defined, the dynamic cache matches externally cacheable cache entries with those groups, and pushes cache entries and invalidations out to them. This allows WebSphere to manage dynamic content beyond the application server. The content can then be served from the external cache, instead of the application server, improving savings in performance.

 

  1. Administrator point of view how many containers are there in was 6.1 ?

Ans)    In WAS 6.1 we have 5 containers which are :

Portlet Container :

Portlet applications are intended to be combined with other portlets to collectively create a single page of output. The Portlet container takes the output of one or more Portlets and generates a complete page that can be displayed.

 

Portlets are packaged in WAR files. Note that the portlet runtime does not provide the advanced capabilities of WebSphere Portal, such as portlet aggregation and page layout, personalization and member services, or collaboration features.

 

 

Session Initiation Protocol (SIP) applications

SIP applications are Java programs that use at least one Session Initiation Protocol servlet written to the JSR 116 specification. SIP is used to establish,

modify, and terminate multimedia IP sessions. SIP negotiates the medium, the

transport, and the encoding for the call. After the SIP call has been established,

the communication takes place over the specified transport mechanism,independent of SIP. Examples of application types that use SIP include voice over IP, click-to-call, and instant messaging. The Application Server Toolkit provides special tools for developing SIP applications. SIP applications are packaged as SIP archive (SAR) files and are deployed to the application server using the standard WebSphere Application Server administrative tools. SAR files can also be bundled within a J2EE application archive (EAR file), similar to other J2EE components.

 

Web container:

 

The Web container processes servlets, JSP files and other types of server-side includes. Each application server runtime has one logical Web container, which can be modified, but not created or removed.

 

Servlet processing:when handling servlets, the Web container creates a request object and a response object, then invokes the servlet service method. The Web container invokes the servlet’s destroy method when appropriate and unloads the servlet, after which the JVM performs garbage collection.

 

Embedded HTTP server: the Web container runs an embedded HTTP server for handling HTTP(S) requests from external Web server plug-ins or Web browsers. The embedded Web server is based on the IBM HTTP Server product. Directing client requests to the embedded Web server is useful for testing or

development purposes and, in the Express configuration, can be considered for production use. In the more advanced configurations, the use of an external Web server and Web server plug-in as a front end to the Web container is more appropriate for a production environment.

 

Session management: support is provided for the javax.servlet.http.HttpSession interface described in the Servlet API specification.
Web services engine: Web services are provided as a set of APIs in cooperation with the J2EE applications. Web services engines are provided to support SOAP.

 

Web server plug-ins

Although the Web container has an embedded HTTP server, a more likely scenario is that an external Web server will be used to receive client requests. The Web server can serve requests that do not require any dynamic content, for example, HTML pages. However, when a request requires dynamic content

(JSP/servlet processing), it must be forwarded to WebSphere Application Server for handling. The mechanism to accomplish this is provided in the form of a Web server plug-in. The plug-in is included with the WebSphere Application Server package for installation on a Web server. An XML configuration file, configured on the WebSphere Application Server, is copied to the Web server plug-in directory. The

plug-in uses the configuration file to determine whether a request should be handled by the Web server or an application server. When a request for an application server is received, it is forwarded to the appropriate Web container in the application server. The plug-in can use HTTP or HTTPs to transmit the

request.

 


EJB container

The EJB container provides all the runtime services needed to deploy and manage enterprise beans. It is a server process that handles requests for both session and entity beans. The enterprise beans (packaged in EJB modules) installed in an application server do not communicate directly with the server; instead, the EJB container provides an interface between the EJBs and the server. Together, the container and the server provide the bean runtime environment. The container provides many low-level services, including threading and transaction support. From an administrative viewpoint, the container manages data storage and retrieval for the contained beans. A single container can host more than one EJB JAR file.

 

Client application container

The client application container is a separately installed component on the client’s machine. It allows the client to run applications in an EJB-compatible J2EE environment. There is a command-line executable (launchClient) which is used to launch the client application along with its client container runtime

 

 

  1. What is deployment descriptor and how many dedployment descriptors are available ?

Ans) deployment descriptor (DD) refers to a configuration file for an artifact that is deployed to some container/engine.

In the Java Platform, Enterprise Edition, a deployment descriptor describes how a web application or enterprise application should be deployed. It directs a deployment tool to deploy a module or application with specific container options, security settings and describes specific configuration requirements. XML is used for the syntax of these deployment descriptor files. For web applications, the deployment descriptor must be called web.xml and must reside in a WEB-INF subdirectory at the web application root. For Java EE applications, the deployment descriptor must be named application.xml and must be placed directly in the META-INF directory at the top level of the application .ear file.

Deployment descriptors describe the contents of deployment units and configure components and applications to their environment. They also externalize the relationships between components, so those relationships can be managed without writing or changing program code. Deployment tools usually automatically generate deployment descriptors, so you do not have to edit and manage them directly.

There are five types of deployment descriptors, each of which corresponds to a type of deployment unit:

  • EJB deployment descriptors are defined in the Enterprise JavaBeans specification.
  • Web deployment descriptors are defined in the Java Servlet specification.
  • Application and application client deployment descriptors are both defined in the J2EE platform specification.
  • Resource adapter deployment descriptors for Java Connectors are defined by the J2EE Connector architecture specification.

Each deployment descriptor type is defined in its corresponding specification as an XML Document Type Definition (DTD).

Deployment descriptors contain information used by a component’s container and also contain information that the component can access directly by way of the JNDI. The JNDI is a standard interface to an enterprise object name service.

  1. Difference between JACL & JYTHON and which one is better?

    Ans)    1)

    1. Jython depends on the Python commands whereas Jacl(Java command language) depends on the Tcl commands.
    2. Jython syntax seems more natural to programmers used to Java or C, but Jacl syntax can be more familiar to administrators who are familiar with Tcl
    3. Each language has its own style and syntax, but they end up being able to do the same things

    WSADMIN scripting tool can be used in an interactive mode, the main ability for wsadmin is to provide the ability to run scripts.

     

    1. What is WebSphere and explain the functionality of the WAS?

      IBM WebSphere Application Server (WAS), a software application server, is the flagship product within IBM’s WebSphere brand. WAS is built using open standards such as J2EE, XML, and Web Services. Multiple world-wide IBM labs participate in creating WebSphere run-time products and development tools. It works with a number of Web servers including Apache HTTP Server, Netscape Enterprise Server, Microsoft Internet Information Services (IIS), IBM HTTP Server for i5/OS, IBM HTTP Server for z/OS, and IBM HTTP Server for AIX/Linux/Microsoft Windows/Solaris.

       

      Ans)     WebSphere Application server is middleware software provided by IBM. It is a platform on which Java-based business applications run. It provides services like database connectivity, threading, workload management, and so on that can be used by the business applications.

       

    2. What is the difference in installation of war and ear?

      Ans)    Only difference in this application installation is optional context root for JAR and EAR and for WAR it is mandatory. If EAR file is having multiple modules like JAR,WAR then we can target these files to different application servers.

    3. What is context root?

      Ans)    The context root identifies the web application. By context root only your configuration file (Plugin-cnf.xml) route the request to the particular application.

    4. Why you are not giving context root for EAR?

      Ans)     Context root is optional for EAR file. If we will give context root for EAR, we can access EAR file using that context root, If it uses SSO, we can access thru SSO login page, If EAR contains .JARs which is ment to access through EJB applications, then developers might use any of the protocols like IIOP/RMI in their code/login.

    5. What is the memory requirement for 6.x?

      Ans)    512MB,1 GB is recommended

    6. What is the ticket tracking tool you used?

    Ans)    unicentre service desk (USD)

    1. How you will check CPU utilisation?

      TOPAS

    2. What is the data source and how you configure it?

      Ans)     A Data Source object is the representation of a data source in the Java programming language. In basic terms, a data source is a facility for storing data. It can be as sophisticated as a complex database for a large; corporation or as simple as a file with rows and columns. A data source can reside on a remote server, or it can be on a local desktop machine. Applications access a data source using a connection, and a DataSource object can be thought of as a factory for connections to the particular data source that the DataSource instance represents. The DataSource interface provides two methods for establishing a connection with a data source. 

       

    3. How many jdbc drivers’ types you have in was?

      Ans)     we have 2 types of JDBC drivers in was . Those are Type2(Thick) and Type4(Thin/Native Protocol) jdbc drivers.Type2 JDBC drivers require the database client software on the client node to connect to the database server.Type4 JDBC drivers connect directly to the database server.

       

    4. What is the s/w and h/w requirements to install the WAS 6.x?

      Hard ware requirements for the WAS 6.1 installation.

      Memory : Minimum 512 MB, Recommended 1GB ( project recommended it will go up to 4GB to 5GB )

      Had disk (File system) : Temp : 10GB,Was install root 10GB,Logs : 10GB

      Soft ware requirements for the WAS 6.1 installation.

       


       



    .062611_1613_3 062611_1613_4 062611_1613_5 062611_1613_6 062611_1613_7

    1. Java supporting version for WAS 6.1 is J2EE 1.4

       

    2. While installing if you get error like “java not found”then what could be the reason and how you solve it?

      Ans)     The problem: Attempting to use the LaunchPad program from CD-ROM installation fails with a /java: not found error.

    The solution: Change directories to the cdrom/ directory and try the installation again.

    1. How you will schedule jobs using cron jobs how you will set?

      Ans ) Crontab -l======> list the crons

      crontab -e =====> edit and modify
      The crontab File Entry Format

      A crontab file contains entries for each cron job. Entries are separated by newline characters. Each crontab file entry contains six fields separated by spaces or tabs
      in the following form:

      minute  hour  day_of_month  month  weekday  command_with_complete_path

       

      ex : To run the calendar command at 6:30 a.m. every Monday, Wednesday, and Friday, enter:

      30 6 * * 1,3,5 /usr/bin/calendar

    2. Explain about ssl configuration steps using admin console?

       

      Configuration of SSL in WebSphere :

      SSL configuration can be achived in three different ways

      1) From Admin console:

      Once we get the certificate from CA (Certificate Authority) then we will import into trust store. To enable security between IHS and Application server we need to export defaut personal certificates of all nodes and import the same to the trust store of the IHS.

      2) Command line :

      By using “gsk7cmd” command we can achive the SSL configuration. Gsk7cmd provides the otions like import ,export,list,create options for certificates

       

      3) ikeyman:

      By using ikeyman we can open the KDB(key data base) and add the certificates to the key database.

    Procedure

  • Click Security > SSL certificate and key management > Manage endpoint security configurations.
  • Select an SSL configuration link on either the Inbound or Outbound tree, depending on the process you are configuring.
    • If the scope is already associated with a configuration and alias, the SSL configuration alias and certificate alias are noted in parentheses.
    • If the parenthetical information is not included, then the scope is not associated. Instead, the scope inherits the configuration properties of the first scope above it that is associated with an SSL configuration and certificate alias.

    The cell scope must be associated with an SSL configuration because it is at the top of the topology and represents the default SSL configuration for the inbound or outbound connection.

  • Click SSL configurations under Related Items. You can view and select any of the SSL configurations that are configured at this scope. You can also view and select these configuration at every scope that is lower on the topology.
  • Click New to display the SSL configuration panel. You cannot select links under Additional Properties until you type a configuration name and click Apply.
  • Type an SSL configuration name. This field is required. The configuration name is the SSL configuration alias. Make the alias name unique within the list of SSL configuration aliases that are already created at the selected scope. The new SSL configuration uses this alias for other configuration tasks.
  • Select a truststore name from the drop-down list. A truststore name refers to a specific truststore that holds signer certificates that validate the trust of certificates sent by remote connections during an SSL handshake. If there is no truststore in the list, see Creating a keystore configuration to create a new truststore, which is a keystore whose role is to establish trust during the connection.
  • Select a keystore name from the drop-down list. A keystore contains the personal certificates that represent a signer identity and the private key that WebSphere Application Server uses to encrypt and sign data.
    • If you change the keystore name, click Get certificate aliases to refresh the list of certificates from which you can choose a default alias. WebSphere Application Server uses a server alias for inbound connections and a client alias for outbound connections.
    • If there is no keystore in the list, see Creating a keystore configuration to create a new keystore.
  • Choose a default server certificate alias for inbound connections. Select the default only when you have not specified an SSL configuration alias elsewhere and have not selected a certificate alias. A centrally managed SSL configuration tree can override the default alias. For more information, see Central management of Secure Sockets Layer configurations.
  • Choose a default client certificate alias for outbound connections. Select the default only when the server SSL configuration specifies an SSL client authentication.
  • Review the identified management scope for the SSL configuration. Make the management scope in this field identical to the link you selected in Step 2. If you want to change the scope, you must click a different link in the topology tree and continue at Step 3.
  • Click Apply if you intend to configure Additional Properties. If not, go to Step 24.
  • Click Quality of protection (QoP) settings under Additional Properties. QoP settings define the strength of the SSL encryption, the integrity of the signer, and the authenticity of the certificate.
  • Select a client authentication setting to establish an SSL configuration for inbound connections and for clients to send their certificates, if appropriate.
    • If you select None, the server does not request that a client send a certificate during the handshake.
    • If you select Supported, the server requests that a client send a certificate. However, if the client does not have a certificate, the handshake might still succeed.
    • If you select Required, the server requests that a client send a certificate. However, if the client does not have a certificate, the handshake fails.

    Important: The signer certificate that represents the client must be in the truststore that you select for the SSL configuration. By default, servers within the same cell trust each other because they use the common truststore, trust.p12, that is located in the cell directory of the configuration repository. However, if you use keystores and truststores that you create, perform a signer exchange before you select either Supported or Required.

  • Select a protocol for the SSL handshake.
    • The default protocol, SSL_TLS, supports client protocols TLSv1, SSLv3, and SSLv2.
    • The TLSv1 protocol supports TLS and TLSv1. The SSL server connection must support this protocol for the handshake to proceed.
    • The SSLv3 protocol supports SSL and SSLv3. The SSL server connection must support this protocol for the handshake to proceed.

    Important: Do not use the SSLv2 protocol for the SSL server connection. Use it only when necessary on the client side.

  • Select one of the following options:
    • A predefined Java Secure Socket Extension (JSSE) provider. The IBMJSSE2 provider is recommended for use on all platforms which support it. It is required for use by the channel framework SSL channel. When Federal Information Processing Standard (FIPS) is enabled, IBMJSSE2 is used in combination with the IBMJCEFIPS crypto provider.
    • A custom JSSE provider. Type a provider name in the Custom provider field.
  • Select from among the following cipher suite groups:
    • Strong: WebSphere Application Server can perform 128-bit confidentiality algorithms for encryption and support integrity signing algorithms. However, a strong cipher suite can affect the performance of the connection.
    • Medium: WebSphere Application Server can perform 40-bit encryption algorithms for encryption and support integrity signing algorithms.
    • Weak: WebSphere Application Server can support integrity signing algorithms but not to perform encryption. Select this option with care because passwords and other sensitive information that cross the network are visible to an Internet Protocol (IP) sniffer.
    • Custom: you can select specific ciphers. Any time you change the ciphers that are listed from a specific cipher suite group, the group name changes to Custom.
  • Click Update selected ciphers to view a list of the available ciphers for each cipher strength.
  • Click OK to return to the new SSL configuration panel.
  • Click Trust and key managers under Additional Properties.
  • Select a default trust manager for the primary SSL handshake trust decision.
    • Choose IbmPKIX when you require certificate revocation list (CRL) checking using CRL distribution points in the certificates.
    • Choose IbmX509 when you do not require CRL checking but do need increased performance. You can configure a custom trust manager to perform CRL checking, if necessary.
  • Define a custom trust manager, if appropriate. You can define a custom trust manager that runs with the default trust manager you select. The custom trust manager must implement the JSSE javax.net.ssl.X509TrustManager interface and, optionally, the com.ibm.wsspi.ssl.TrustManagerExtendedInfo interface to obtain product-specific information.
  1. Click Security > SSL certificate and key management > Manage endpoint security configurations > SSL_configuration > Trust and key managers > Trust managers > New.
  2. Type a unique trust manager name.
  3. Select the Custom option.
  4. Type a class name.
  5. Click OK. When you return to the Trust and key managers panel, the new custom trust manager displays in the Additional ordered trust managers field. Use the left and right list boxes to add and remove custom trust managers.
  1. Select a key manager for the SSL configuration. By default, IbmX509 is the only key manager unless you create a custom key manager.

Important: If you choose to implement your own key manager, you can affect the alias selection behavior because the key manager is responsible for selecting the certificate alias from the keystore. The custom key manager might not interpret the SSL configuration as the WebSphere Application Server key manager IbmX509 does. To define a custom key manager, click Security > Secure communications > SSL configurations > SSL_configuration > Trust and key managers > Key managers > New.

  1. Click OK to save the trust and key manager settings and return to the new SSL configuration panel.
  2. Click Save to save the new SSL configuration.

Results

Important: You can override the default trust manager when you configure at least one custom trust manager and set the com.ibm.ssl.skipDefaultTrustManagerWhenCustomDefined property totrue. Click Custom Property on the SSL configuration panel. However, if you change the default, you leave all the trust decisions to the custom trust manager, which is not recommended for production environments. In test environments, use a dummy trust manager to avoid certificate validation. Remember that these environment are not secure.

What to do next

In this release of WebSphere Application Server, you can associate SSL configurations with protocols using one of the following methods:

  • Set the SSL configuration on the thread programmatically
  • Associate the SSL configuration with an outbound protocol, and target host and port. For more information, see Associating a Secure Sockets Layer configuration dynamically with an outbound protocol and remote secure endpoint
  • Associate the SSL configuration directly using the alias. For more information, see Selecting an SSL configuration alias directly from an endpoint configuration
  • Manage the SSL configurations centrally by associating them with SSL configuration groups or zones that are scoped for endpoints. For more information, see Associating Secure Sockets Layer configurations centrally with inbound and outbound scopes.
  1. What is main feature in 6.x?

    Ans)     a) Profile concept

    b) Single installation WAS product supports for multible profile creation

    c) Cell profile

    d) SIB (System Integration Bus)

  2. What is Webcontainer failover?

    Ans)    the Web server plug-in in the Web server is aware of the configuration of all

    Web containers and can route around a failed Web container in a cluster.

    Sessions can be persisted to a database or in-memory using data replication

    services.

  3. Explain about web sphere?

    The word web sphere popularly refers to IBM middleware technology products. Web sphere is known for its turnkey operation in e business applications. It has run time components and tools which can help in creating applications which run on WAS. WAS refers to web sphere application server.


  4. Explain about web sphere commerce?

    IBM web sphere commerce has a single platform which offers complete ecommerce solutions to developers. It can be very productive if you are planning to do business with consumers, business and indirectly through channel partners. This can be used to perform business with consumers, business and channel partners altogether.


  5. Detail about the architecture of web sphere?

    Web Sphere is built on three main components they are
    Database

    • J2EE application server
    • A web server
    The databases which it supports are
    • DB2
    • Oracle
    • Cloudscape
    Application server is IBMWAS and the supported web servers are
    • IBM server
    • Microsoft IIS
    • Sun web server

  6. State some of the features present in web sphere?

    Some of the features which are present in web sphere are: –
    • Order management
    • Web sphere commerce accelerator
    • Analytical and business intelligence
    • Open standards such as Java, EJB, etc
    • Web sphere commerce payments and customer care, etc

     

  7. Explain about IBM Web Sphere edge server?

    Web sphere edge server is used to improve the performance of web based systems. It can be used as forward or proxy server. Basically four components are present in the web sphere they are Network dispatcher, Caching proxy, Content distribution and application service at the edge.


  8. Explain about extended deployment?

    Web sphere application server extended deployment increases the functionality of the server in two main areas they are manageability and performance. Dynamic virtualization between servers is possible with the help of XD. A stand alone distributed cache was added to it under the performance header, it is known as Object Grid.

  9. Explain about the security features present in WAS?

    Security model for web sphere is primarily based on JAVA EE security model. It also depends upon the operating system. User authentication and authorization mechanisms are also provided in WAS. Light weight third party authentication mechanism is the main security feature present in WAS.

  10. Explain about asymmetric clustering?

    Asymmetric clustering applications are primarily used in electronic trading systems employed in banks. Some of the features are, partitions can be declared during run time and are usually run on a single cluster at a time. Work specific to a particular can be routed to that cluster.

  11. Explain the various Administrator benefits using Web sphere?

    Web sphere almost reduces the work of server administrator as he can manage load on servers efficiently without any hassles. It also gives him flexibility to divide the load and applications among different server farms. He can also predict about the incoming load on servers. Email alerts, restart options, memory leak detection, etc.

  12. Explain about caching proxy of IBM Web sphere Edge sphere?

    A caching proxy can be configured in forward direction or as a proxy. Content requested by the user is cached by edge before sending or adhering to the query. Page fragments arising from JSP or servlets are cached by Edge and the caching process is slow. Performance and scalability of J2EE applications can be increased by edge.

  13. Explain about the network deployment feature present in WAS?

    Managing singletons will be a thing of the past and it also provides hot recovery of singletons which makes you forget about your GC collected singletons. Transaction logs can stored on a shared file system. For clustering run time operations deployment manager`s role was eliminated. J2EE failover support and cell configuration support is also present.

  14. Explain about IBM web sphere integration developer?

    Web sphere integration developer provides an IDE to build applications based on service oriented architecture. Web sphere process server and web sphere ESB were built with WID. WID was built with RAD Eclipse based technology.

  15. Explain about compute Grid?

    Compute grid is also known as Web sphere batch. Web sphere extended deployment offers a Java batch processing system called as Compute Grid. This forms an additional feature to Web sphere network environment. Various features are provided which help a developer to create, manage and execute batch jobs. Job scheduler, xJCL, batch container and batch programming controller.

  16. Explain about web sphere MQ Real time transport?

    This feature is very useful in instant messaging across different clients through intranet and internet. This supports high volume and high performance across different clients. It uses the concept of light weight transport which is again based on IP rather than the queue process.

  17. Explain about Web sphere MQ JMS Provider?

    Web sphere MQ and Web Sphere Business integration manager Broker are very useful in providing Java messaging services to wide range of clients (publisher –subscribe, point to point). Java classes are chiefly responsible for translating the API calls to API`s defined by web sphere. It is very useful to have knowledge of Web sphere MQ for proper configuration.

  18. Explain the attribute CHANNEL in web sphere MQ?

    CHANNEL specifies the name of the server connection channel. Generally this is Web Sphere MQ network abstraction. The default standard used by CHANNEL is SVRCONN which is the server connection channel. This server is generally used to communicate to the queue manager by the client.

  19. Is the naming of connection factory independent of the name specified by JMS client?

    Yes, the naming of connection factory is independent of the name specified by JMS client. This is made possible by WAS (Web sphere application server) with its resource references. It isolates the application from object names. This feature is important because it gives us the flexibility to change the administered object without changing the JMS client code.

     

  20. How many ways deployments in ibm websphere.please give me one examples ?

     

    Ways of deplyment depends on version of WebSphere Application server you are using.

    But 5.X and Above provide following ways

    1. Using Admin Console

    2. Hot Deployment  droping jsp files, with enabled class reloading (not recommanded for production)

    3. Using Jacl Scripts

    4. using WSAdmin command

    5. Rapid Deployment (feature available at WAS 6).

  21. What is JACL?

     

    JACL and JYTHON are the two scripting language Which WebSphere supports. Jacl is an implementation of a Tcl interpreter written entirely in Java.

    20)

    how to connect to the db2 database from websphere studio?

     

     

  22. I need the difference btw the two versions of 5.x and 6.x. And in which field they differ and why we go for 6.x rather than 5.x. and what are the similarities for both 5.x and 6.x ?

     

    Supports J2EE 1.2, 1.3 and 1.4 specifications

    – Can upgrade runtime environment without upgrading applications

    – Supports mixed version nodes in a v6 ND Cell

    – Allow for migration in stages within a cell

    – Mixed v5 and v6 nodes must have v6 DMgr (can’t add new v5 node)

    – v6 ND introduces profiles

    – Each profile has its own user data including WebSphere configuration

    – All profiles share same WebSphere binaries

    – Less disk space required than separate installations

    – stand-alone server, deployment manager or custom profile

  23. How you will replace the multible occurance of single word in a text file with another word ?

Ans) We can replace the word in vi editor by using the following command

:%s/text1 /text2 /g (return)

Text1 will be replaced by text2

  1. In a clustered environment I have node1 in cell1 now I need to configure same node in cell2 . How can I achieve this task ?

Ans) we can configure one node in one cell only. So we can can’t configure the same node in another cell

  1. How you will install the WAS?

Ans) WAS we can install in three different methods.

  1. Silent mode using responce file
  2. Interactive mode
  3. Graphical mode
  1. How to install fix packs?

Ans) we can apply the fix packs using the update installer. Before we go to apply fix packs we need to take backup of the existing configuration of our WAS and all profiles.

To take backup we can use the command

Syntax

The command syntax is as follows:

backupConfig <backup_file> [options]

where backup_file specifies the file to which the backup is written. If you do not specify one, a unique name is generated.

The QEJBSVR user profile must have *WX authority to the directory path specified inbackup_file. If no path is specified, the QEJBSVR user profile must have *WX authority to the current working directory.

Parameters

The following options are available for the backupConfig command:

-nostop

Tells the backupConfig command not to stop the servers before backing up the configuration.

-quiet 

Suppresses the progress information that the backupConfig command prints in normal mode.

-logfile <fileName>

Specifies the location of the log file to which information gets written.

-profileName <profileName>

Defines the profile of the Application Server process in a multi-profile installation. The -profileName option is not required for running in a single profile environment. The default for this option is the default profile.

-replacelog

Replaces the log file instead of appending to the current log.

-trace

Generates trace information into the log file for debugging purposes.

-username <name>

Specifies the user name for authentication if security is enabled in the server. Acts the same as the -user option.

-user <name>

Specifies the user name for authentication if security is enabled in the server. Acts the same as the -username option.

-password <password>

Specifies the password for authentication if security is enabled in the server.

-help

Prints a usage statement.

-?

Prints a usage statement.

Usage scenario

The following example demonstrates correct syntax:

backupConfig

The following example creates a new file that includes the current date:

WebSphereConfig_2003-04-22.zip

The following example creates a file called myBackup.zip, and does not stop any servers before beginning the backup process.

backupConfig myBackup.zip -nostop

to restore the backed configuration we can use the command

Syntax

The command syntax is as follows:

restoreConfig <backup_file> [options]

where backup_file specifies the file to be restored. If you do not specify one, the command will not run.

Parameters

The following options are available for the restoreConfig command:

-help

Prints a usage statement.

-location <directory_name>

Specifies the directory where the backup file is restored.

The location defaults to the app_server_root/config directory.

The location defaults to the profile_root/config directory.

-logfile <fileName>

Specifies the location of the log file to which trace information is written. By default, the log file is named restoreConfig.log and is created in your logs directory.

-nostop

Tells the restoreConfig command not to stop the servers before restoring the configuration.

-password <password>

Specifies the password for authentication if security is enabled in the server.

-profileName

Defines the profile of the Application Server process in a multiple profile installation. The -profileName option is not required for running in a single profile environment. The default for this option is the default profile.

-quiet

Suppresses the progress information that the restoreConfig command prints in normal mode.

-replacelog

Replaces the log file instead of appending to the current log.

-trace

Generates trace information into the log file for debugging purposes.

-username <name>

Specifies the user name for authentication if security is enabled in the server. Acts the same as the -user option.

-user <name>

Specifies the user name for authentication if security is enabled in the server. Acts the same as the -username option. -? 

Prints a usage statement.

You can use the restoreConfig command to recover an application server if it fails. Perform the following steps:

Locate the automatic migration backup in the app_server_root/temp directory. For example: MigrationBackup.Thu-Aug-28-10.15045-2006.zip

Restore the configuration with the restoreConfig command. For example:

restoreConfig app_server_root/temp/MigrationBackup.Thu-Aug-28-10.15045-2006.zip

Usage scenario

The following example demonstrates correct syntax:

restoreConfig WebSphereConfig_2006-04-22.zip

restoreConfig.sh WebSphereConfig_2006_04_22.zip

restoreConfig WebSphereConfig_2006-04-22.zip

The following example restores the given file to the /tmp directory and does not stop any servers before beginning the restoration.

restoreConfig WebSphereConfig_2006_04_22.zip -location /tmp -nostop

restoreConfig.sh WebSphereConfig_2006_04_22.zip -location /tmp -nostop

restoreConfig WebSphereConfig_2006_04_22.zip -location /tmp -nostop

The following example restores the configuration stored in /home/mydir/myprofileBackup.zip to the configuration for profile myprofile:

restoreConfig WebSphereConfig_2006-04-22.zip -profileName myprofile

Be aware that if you restore the configuration to a directory that is different from the directory that was backed up when you performed the backupConfig command, you may need to manually update some of the paths in the configuration directory.

  1. What is the virtual memory required for JVM process?

Ans)    The recomended virtual memory for JVM is ¼ of the physical memory.

  1. What are the regular commands is UNIX in use?

Ans) In our day to day activity we use the following commands in unix:

  • To find out the running processes the command is         :Ps – ef| grep java
  • To find out the disk space the command is             :du
  • To find out the file system the command is             :df
  • To find out the network performance/port info command is    :netstat
  • To find out the CPU utilisation the command is        : topas/osstat
  • To kill the running process the command is             : kill -9 <PID>
  • To generate heap/thresd dump the command is         :kill -3 <PID>
  • To change the privileges of the file/folder the command is    : chmod
  • To change the owner of the file/folder the command is    :chown
  • To list the file the command is                : ls
  • To create DIR(folder) the command is             :mkdir
  • To TAR the files ,folders we use the following command

    Tar –xvf <file name with path>    –

    Tar – uvf                 –adding one or two files two folder

    Tar – cvf                 – total folder

  • To schedule the job in cron command is as follwos

    Crontab –l ( to list all the scheduled jobs)

    Crontab –e ( to edit the scheduled job)

Whithin the crontab the syntax for the schedule the script as follows

Ex: 30     6 * * 1,3,5 /usr/bin/calender

30(minutes) 6 (hours) *(day of the month) * (month of the year) 1,3,5 (day no of the week)/usr/bin/calender

In the above example we scheduled the script called calender which is located in the location “/usr/bin” to run every Monday,Wednesday and friday

  • To find fully qualified domain name (FQDN) if you know IP

    $ Nslookup <IP_ADDRESS>             –(vice versa)

  1. Whats the default server in WAS for application server profile?

Ans) server1

  1. In Clusters what is the riffle stop ?

Ans) Ripple stop/start will stop one server at a time while other servers will continue to serve the client requests. Like this it will stop and start all the server in the cluster

  1. How you will start the server & how you will stop from command line?

Ans) stopserver and startserver are the commands to stop and start from the command line

  1. How to check the physical memory (RAM) in the system?

Ans) “bootinf –r ” will give you the physical memory details of the unix box

  1. What is the first signal you find when memory leakage is there in the application?

Ans) If you have memory leakage in your application code then you get frequently ” OUT OF MEMORY EXCEPTION” error.

  1. How to apply fix packs to WAS?
    1. Using update installer we can apply the fix packs. We need to make sure that update installer which is installed should be compatible with WAS. And also we need to take backup of all profiles and configuration.
    2. What are the performance monitor tools in WAS?

    Ans) Websphere provides integrated tools to monitor and tune system and application performance:

    Source Systems of the performance data :

    1. Performance Monitoring Infrastructure (PMI):

    Core performance data collection technology for websphere application server. Supports the Jave 2 Platform, Enterprise Edition (J2EE) Management Reference Implimentation (JSR-077)

    1. Request Metrics :

    Technology to trace each individual transaction and record its responce time at different stages as it flows through the application server. Supports externalisation of data to standard log files and /or an Application Responce Management (ARM) agent.

    Integrated Tools :

  • Tivoli Performance viewer (TPV)

    Enables administrators to monitor the overall health of websphere application server. It is accessed from within the administrative console

  • Request Metrics ( Tool)

    Enables you to track individual transactions,recording the processing time in each of the major websphere application server components. Output viewed in standard logs or using an application responce measurement( ARM) based tool

  • Performance advisor

    Analze collected performance data and provide configuration recommendations to improve the application server performance. Output viewed in TPV or in administrative console runtime messages

  • Performace servlet

    Provideds simple retrival of performance data in XML format. Acced through a browser.

  1. What information you get with the command “ps–ef|grep httpd” ?

Ans) we get the all webserver instance informations with process id.

  1. How you will check the web server status


    Ans) by using the following command we can check the all instances of the webserver

$ ps – ef| grep httpd

  1. If you enable global security every time we need to provide userid and password while stopping the servers. It is bit security issues it will disclose to any one while typing the password. So I need to avoid the typing os my user id and password to stop the servers in security enables environment. How can we achive this task ?

Ans) We can achive this task by storing the credentials in the following mentioned files

For SOAP connector –soap.client.profs

For RMI connector –sas.client.profs

  1. I have a standalone application server, in that server1 crashed because of some reasons. Now I need to configure server2 on the same node how can I achieve this task?

Ans) To configure server2 there is no dependency on the server1 status. Because we are depending on the node to configure the server2 on standalone server on theserver1.

  1. How can you control the web browser requests only to particular ip address?

Ans) using “Virtual hosts” (need to cross verify the answer)

  1. If you want to know detailed information for a particular port when you know only port number then how you will check?

Ans) we need to follow the steps mentioned below to know the detailed information about the process running on the particular port

$ netstat –Aan|grep <Port_no>

Socket will be listed, using that socket we can get SID

$rmsock <socket_no> <protocol>

Ex:     $netstat –Aan|grep 944

f10002000fc4398

$rmsock f10020000fc4398 tcpcb

the socket oxfc4008 is being by process 626888(java)

$ps –ef| grep 626888

  1. How you will find how much heap is used by each JVM?

    Ans) Using PMI we can see the percentage of the memory used by JVM

    1. Explain how request served by WAS explain complete step by step?

    Ans) First request comes to the webserver

    1. Explain the architecture in the cell, node & profile point of view?

    Ans) In WAS Cell will be on top. Within cell we have

    Dmgr,    Nodes,    Nodegroups,    Nodeagents,    Application servers,    Clusters

    Websphere resources like JMS,Mail service,    Resource Adpaters, Cache instances, URL,Etc.

    1. If I try to connect to use one port and I got message saying this port is already used by some other process then how to change the port number in WAS and where we can change the same?

    Ans) only way to change the port is by changing the virtual host port for which the application is trying to use.

  2. What is the default user registry and how you will configure the LTPA configuration?
    1. explain about session replication ?

      Ans)    Replication is a service that transfers data, objects, or events among application servers. Data replication service (DRS) is the internal WebSphere Application Server component that replicates data.

      Use data replication to make data for session manager, dynamic cache, and stateful session beans available across many application servers in a cluster. The benefits of using replication vary depending on the component that you configure to use replication.

  • Session manager uses the data replication service when configured to do memory-to-memory replication. When memory-to-memory replication is configured, session manager maintains data about sessions across multiple application servers, preventing the loss of session data if a single application server fails. For more information about memory-to-memory replication, see Memory-to-memory replication.
  • Dynamic cache uses the data replication service to further improve performance by copying cache information across application servers in the cluster, preventing the need to repeatedly perform the same tasks and queries in different application servers. For more information about replication in the dynamic cache, see Configuring cache replication.
  • Stateful session beans use the replication service so that applications using stateful session beans are not limited by unexpected server failures. For more information about stateful session bean failover, see Stateful session bean failover for the EJB container.

    WAS provides session recovery support in the form of

    • Database session
    • Memory –to –memory replication

Session recovery support is required in the following conditions

  1. When the user’s session data must be maintained across a server restart
  2. When the user’s session datais too valuable to lose through an unexpected server failure.

These replication settings can be configured in the following location in the admin console

Amin console — > servers — > application servers — > [all servers] — >webcontainer settings — > session management — > distributed environment settings

Options are :

None,Database and memeory –to – memory replication

  1. Memory-to-memory replication

WebSphere Application Server supports session replication to another WebSphere Application Server instance. This support is referred to as memory-to-memory session replication. In this mode, sessions can replicate to one or more WebSphere Application Server instances to address HTTP Session single point of failure (SPOF).

The WebSphere Application Server instance in which the session is currently processed is referred to as the owner of the session. In a clustered environment, session affinity in the WebSphere Application Server plug-in routes the requests for a given session to the same server. If the current owner server instance of the session fails, then the WebSphere Application Server plug-in routes the requests to another appropriate server in the cluster. In a peer-to-peer cluster, the hot failover feature causes the plug-in to failover to a server that already contains the backup copy of the session, avoiding the overhead of session retrieval from another server containing the backup. In a client/server cluster, the server retrieves the session from a server that has the backup copy of the session. The server now becomes the owner of the session and affinity is now maintained to this server.

There are three possible modes. You can set up a WebSphere Application Server instance to run in:

  • Server mode: Only store backup copies of other WebSphere Application Server sessions and not to send out copies of any session created in that particular server
  • Client mode: Only broadcast or send out copies of the sessions it owns and not to receive backup copies of sessions from other servers
  • Both mode: Simultaneously broadcast or send out copies of the sessions it owns and act as a backup table for sessions owned by other WebSphere Application Server instances

You can select the replication mode of server, client, or both when configuring the session management facility for memory-to-memory replication. The default is both. This storage option is controlled by the mode parameter.

The memory-to-memory replication function is accomplished by the creation of a data replication service instance in an application server that talks to other data replication service instances in remote application servers. You must configure this data replication service instance as a part of a replication domain. Data replication service instances on disparate application servers that replicate to one another must be configured as a part of the same domain. You must configure all session managers connected to a replication domain to have the same topology. If one session manager instance in a domain is configured to use the client/server topology, then the rest of the session manager instances in that domain must be a combination of servers configured as Client only and Server only. If one session manager instance is configured to use the peer-to-peer topology, then all session manager instances must be configured as Both client and server. For example, a server only data replication service instance and a both client and server data replication service instance cannot exist in the same replication domain. Multiple data replication service instances that exist on the same application server due to session manager memory-to-memory configuration at various levels that are configured to be part of the same domain must have the same mode.

With respect to mode, the following are the primary examples of memory-to-memory replication configuration:

  1. Memory-to-memory topology: Peer-to-peer function

The basic peer-to-peer (both client and server function, or both mode) topology is the default configuration and has a single replica. However, you can also add additional replicas by configuring the replication domain.

062611_1613_8

In this basic peer-to-peer topology, each server Java Virtual Machine (JVM) can:

  • Host the Web application leveraging the HTTP session
  • Send out changes to the HTTP session that it owns
  • Receive backup copies of the HTTP session from all of the other servers in the cluster

This configuration represents the most consolidated topology, where the various system parts are collocated and requires the fewest server processes. When using this configuration, the most stable implementation is achieved when each node has equal capabilities (CPU, memory, and so on), and each handles the same amount of work.

Session hot failover

A new feature called session hot failover has been added to this release. This feature is only applicable to the peer-to-peer mode. In a clustered environment, session affinity in the WebSphere Application Server plug-in routes the requests for a given session to the same server. If the current owner server instance of the session fails, then the WebSphere Application Server plug-in routes the requests to another appropriate server in the cluster. For a cluster configured to run in the peer-to-peer mode this feature causes the plug-in to failover to a server that already contains the backup copy of the session, therefore avoiding the overhead of session retrieval from another server containing the backup.

You must upgrade all WebSphere Application Server plug-in instances that front the Application Server cluster to version 6.0 to ensure session affinity when using the peer-to-peer mode.

  1. Memory-to-memory topology: Client/server function

The following figure depicts the client/server mode. There is a tier of applications servers that host Web applications using HTTP sessions, and these sessions are replicated out as they are created and updated. There is a second tier of servers without a Web application installed, where the session manager receives updates from the replication clients.

062611_1613_9

Benefits of the client/server configuration include:

Isolation (for failure recovery)

In this case we are isolating the handling of backup data from local data; aside from isolating the moving parts in case of a catastrophic failure in one of them, you again free up memory and processing in the servers processing the Web application

Isolation for stopping and starting

You can recycle a backup server without affecting the servers running the application (when there are two or more backups, failure recovery is possible), and conversely recycle an application JVM without potentially losing that backup data for someone.

Consolidation

There is most likely no need to have a one-to-one correspondence between servers handling backups and those processing the applications; hence, you are again reducing the number of places to which you transfer the data.

Disparate hardware:

While you run your Web applications on cheaper hardware, you may have one or two more powerful computers in the back end of your enterprise that have the capacity to run a couple of session managers in replication server mode; allowing you to free up your cheaper Web application hardware to process the Web application.

Timing consideration: Start the backup application servers first to avoid unexpected timing windows. The clients attempt to replicate information and HTTP sessions to the backup servers as soon as they come up. As a result, HTTP sessions that are created prior to the time at which the servers come up might not replicate successfully.

  1. If admin console is not accessible then what we will do in base installation?

    Ans) in base also we have the WSADMIN scripting tool. We can connect to wsadmin by mentioning NONE connection type .After connecting to wsadmin we fire a command securityoff. It will disable the security after that we can login to the admin console and reset the passwords.

    1. How you get user id for datasource?

Ans) from the database team we get the user id to configure the datasource.

  1. How you configure LDAP with WAS?

Ans) To configure the console server, do the following steps:

  1. Start the WebSphere(R) Application Server service on the console server.
  2. Refer to Configuring the J2EE Application in the IBM Tivoli(R) Business Systems Manager Administrator’s Guide for information on how to configure the console server.
  3. To enable WebSphere Application Server to work with Tivoli Business Systems Manager, you must map WebSphere Application Server roles to Tivoli Business Systems Manager groups. Refer to the IBM Tivoli Business Systems Manager Administrator’s Guide for information.
  4. If you are using the LocalOS user registry, you do not need to do anything else. If you are using LDAP, see Configuring WebSphere Application Server to use LDAP. If you are upgrading and plan to use LDAP, do not following the instructions in Configuring WebSphere Application Server to use LDAP yet. You can switch to LDAP later in the process.

Configuring WebSphere Application Server to use LDAP

To configure WebSphere Application Server to use LDAP, you need some information from your security administrator. Following is an example of the type of information and sample answers that you need to do the steps in this section:

  • Server User ID: User_ID
  • Server User Password: password
  • Type of LDAP: Active_Directory
  • Host: The fully qualified name of the server running LDAP
  • Port: 389 (Default)
  • Base Distinguished Name (DN): dc=DOMAIN_NAME_HERE
  • Bind Distinguished Name (DN): cn=user_id,cn=users,dc=DOMAIN_NAME_HERE
  • Bind Password: Password for the user above
  • Reuse Connection: Checked
  • Ignore Case: Checked

This is just an example. Your security administrator knows what information you need.

The following steps assume that you configured your LDAP server on the ldapserver.abc.com host and that your users and groups for Tivoli Business Systems Manager and the WebSphere Application Server that is hosting Tivoli Business Systems Manager are defined under the name ou=tbsm,o=abc in the directory. The Secure Sockets Layer (SSL) between the LDAP server and WebSphere Application Server is not configured.

This is a sample configuration based on this example and uses the default values where appropriate.

  • In the WebSphere Administrative Console, expand Security -> User Registries in the left-hand navigation pane and click LDAP. The LDAP User Registry page opens.
  • In the Server User ID and Server User Password fields, type the user ID and password from your LDAP directory that the WebSphere Application Server runs under. Type the ID either as userid or as a distinguished name similar to uid=userid,ou=tbsm,o=abc.
  • In the Type field, select the type of LDAP server you want to use.
  • In the Host field, type the hostname of your directory server. For this example useldapserver.abc.com.
  • In the Port field, select the default value of 389.
  • In the Base Distinguished Name field, type the name of the container object in the LDAP that contains your Tivoli Business Systems Manager users. For this example, typeou=tbsm,o=abc.
  • In the Bind Distinguished Name and Bind Password fields, type the distinguished name and password for a user ID that is authorized to run queries on your LDAP server. If your server allows anonymous queries, you can leave these fields clear.

    For example, the IBM(R) Directory Server default setting allows anonymous queries. You can leave this field blank. The Active Directory default setting requires authentication to run queries, so you need to supply the appropriate values.

  • In the Search Timeout field, accept the default value of 120.
  • In the Reuse Connection field, accept the default setting. The check box should be selected.
  • In the Ignore Case field, follow the recommendations for your LDAP server.

    If IBM Directory Server is selected as the LDAP directory server, select this check box. Otherwise, this field is optional and can left unchecked when a case sensitive authorization check is required. Note however that this value does not affect how Tivoli Business Systems Manager treats distinguished names stored in the Tivoli Business Systems Manager database. Internally, Tivoli Business Systems Manager treats distinguished names as case insensitive. For example, if the user registry is configured to be case sensitive, you can create users with distinguished names cn=John Doe, ou=Raleigh, o=IBM, c=US and cn=john doe, ou=raleigh, o=ibm, c=us. However, when searching for resources assigned to John Doe (for example ownership notes), all notes assigned to John Doe and john doe will be returned. To eliminate any problems, configure the user registry to be case insensitive or ensure that all users are created with unique distinguished names that are different in more than just case.

  • Accept the default SSL settings to run without the SSL.
  • Click Apply to accept the changes.
  • The WebSphere Administrative Console might switch to the Global Security page. If so, navigate back to the LDAP User Registry window (see Step 1 for directions). Click Advanced LDAP Settings near the bottom of the window.
  • Click Configuration and click the General Properties tab.
  • The User ID Map field specifies a filter that is used to determine the User’s Full Name in Tivoli Business Systems Manager. In the User ID Map field, specify the attribute from the LDAP that you want to display for the full name of the user. For example, to use the cn attribute, specify *:cn. If you are using Active Directory, specify *:displayName.
  • Verify the following settings:
    • Active Directory:
      • User Filter: (&(sAMAccountName=%v)(objectclass=user)) – The User Filter field determines what part of the LDAP entry must match the logon ID of the user.
      • Group Filter: (&(cn=%v)(objectclass=group))
      • User ID Map: *:displayName (or whatever you entered in Step 15)
      • Group ID Map: *:cn
      • Group Member ID Map: memberof:member
      • Certificate Map Mode: EXACT_DN
      • Certificate Filter: leave clear
    • IBM Directory Server:
      • User Filter: (&(uid=%v)(objectclass=ePerson)
      • Group Filter: (&(cn=%v)(|(objectclass=groupOfNames) (objectClass=groupOfUniqueNames)))
      • User ID Map: *:cn (or whatever you entered in Step 15)
      • Group ID Map: *:cn
      • Group Member ID Map: ibm-allGroups:member;ibm-allGroups:uniqueMember
      • Certificate Map Mode: EXACT_DN
      • Certificate Filter: leave clear
  • Click OK. You might have to restart the console and WebSphere Application Server to see any changes you make.

    If the page does not display automatically, navigate to the Security -> Global Securitypage.

  • From the Global Security page, use all the default values except the following values:
    • Enabled: checked
    • Active User Registry: LDAP
  • Click OK.

    WebSphere Application Server validates your setup. The messages at the top of the screen indicate your results. Yellow warning messages are typical. If an round, red error message is displayed, it means that WebSphere Application Server could not validate the Server ID you gave with the LDAP. Verify that this and the other LDAP parameters are correct for your LDAP server and repeat the Global Security configuration steps until the validation is successful.

  • Click Save at the top of the window.
  • Click Save again.
  • Start WebSphere Application Server again.

For more information about specific LDAP servers, see the LDAP server documentation in the WebSphere InfoCenter. Navigate to All topics by feature -> Security -> Securing applications and their environments -> Managing security -> Configuring user registries.

  1. How you will fix memory leakage?

Ans) Memory leak is the issue with native code. We need to get the heap dumps and analyse the dumps for any memory issues with the code and if you find any issue then we need to ask developers to fix the same. Temporarly we can increase the heap size . In this way after analysing the exact root cause we need to fix the memory leakage issue.

  1. What is the recommended physical memory for WAS?

Ans) Mandatory is 512 MB and IBM recomends 1024 MB. Bur in real time projects it will be more the recomended. In our project it was 4 GB.

  1. How you will check the port status?

Ans) netstat

  1. What is the command to find the process in the sun Solaris environment ?

Ans) psrinfo –v (need to cross verify)

  1. How you will check the application status?

Ans) ps –ef |grep appservername( from admin console à enterprise applications)

  1. If you are trying to start the WAS and you are getting the “Class not found” exception then how to solve the issue?

Ans)1. Check the WebSphere Class path and set it properly if not set correctly

Check the System out and systemErr logs for any specific errors/warning to identify which class is not found when starting the server

  1. If you get internal error then what is the solution for it?

Ans) Check the IHS is running or not, if its running… check the App server is running or not.

This is basicaly due to the request is reaching to IHS and not able to reach the app.

  1. How and where to find the specific class?

Ans) Appcliacation classes will be available at installed app path.

If WAS classes , find out in WAS classpath.

  1. If application is giving very slow response then how will improve?

Ans) Have to check Connection pooling settings, change acordingly if required

JVM memory settings, change acordingly if required

And check the data base if its giving slow response

Check any conneciton are waiting and not closing

Check the CPU utilization and JVM utilization

  1. What is SIB & what is the purpose?

Ans) Service Inegration BUS is introduced in V6 and the perpupose is to connect the SOA apps like MQ.

  1. What is the significance of the embedded http server explain ?

Ans)to get requests from external IHS and forward to WEB container.

  1. What are the steps to do performance tuning for webserver?

Ans)

To reduce the disk i/o by using the _file() API directive on unix .

 

  1. What is JMS destination?

    Ans)

    1. In ssl configuration how you will provide the path of the certificate?

    Ans) While Adding certificate, we have to give the location of the certificate, and if you want to give Certicate store path, we have to give .p12 path

    1. How you will achieve performance in production environment?

    Ans)

    1. How you will change / migrate the project from one version to other?

    Ans) We will get new verion of EAR/WAR(project) deploy it.

    If we want to migrate WAS, We normally take the new box and install new version , then deploy new app and make new server into production, then decommission the old server.

    Or install new version in the production BOX and then migrate the old one with new version.

    1. Explain about how you will put the brand new system into production. Explain from development to production?

Ans) Developement team will develope the code and test in the Developement env. Then we will create Test Env. And then put the server into Production.

  1. Silent mode how it will work and if you get any errors then how you will rectify it?

Ans) Silent mode of installation will also have the log file, where we can check the errors

  1. Explaing about configuration of IBM Tivoli directory server?

Ans) Don’t have Experience.

  1. What is your last project architecture?

Ans)

  1. How many servers are there & in which environment?

Ans)

  1. How many types of Garbage collections?

    http://www.petefreitag.com/articles/gctuning/

 

 

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>