Here is a Jython script to return performance matrix detail of a node for following details :
Free and used JVM heap size,
Free and used Thread pools,
Free and used JDBC connection pools
Free and used Live sessions

[was61@Server1 .scripts]$ wsadmin.sh -f check_was.py -i heapsize -s  Server_member1

WASX7209I: Connected to process “dmgr” on node Server1_Manager using SOAP connector;  The type of process is: DeploymentManager
WASX7303I: The following options are passed to the scripting environment and are available as arguments that are stored in the argv variable: “[-i, heapsize, -s, Server_member1]”
heapsize: node=Server1_Node01  server=Server_member1  used=1024.0 MB (52.44%)  free=928.6 MB

Download script from http://www.oracledbasupport.co.uk/wp-content/uploads/2010/08/Check-was Python Script.txt

The Jython script used is as below :

#———————————————————————-
# File Name: check_was.py
#   Purpose: Display user requested information about
#            WebSphere Application Server (WSAS) resources.
#
# Run “$WAS_HOME/Dmgr/bin/wsadmin.sh -conntype none -lang jython”
# wsadmin>print AdminConfig.list(‘Server’);
# dmgr(cells/Server1_Cell/nodes/Server1_Manager/servers/dmgr|server.xml#Server_1)
# ihs-prpc(cells/Server1_Cell/nodes/Server1_Node01/servers/ihs-prpc|server.xml#Server_1280149489851)
# server_member1(cells/Server1_Cell/nodes/Server1_Node01/servers/server_member1|server.xml#Server_1280159031517)
# server_member2(cells/Server1_Cell/nodes/Server1_Node01/servers/server_member2|server.xml#Server_1280159031764)
# nodeagent(cells/Server1_Cell/nodes/Server1_Node01/servers/nodeagent|server.xml#Server_1120677326772)
#
#———————————————————————-
”’Command: %(cmdName)s\n
Purpose: wsadmin script used to display user specified information about
WebSphere Application Server resources.\n
Usage: %(cmdName)s [options]\n
Required switches/options:
-i | –info       <value> = Type of information being requested
-s | –serverName <value> = Target serverName\n
Optional switches/options:
-n | –nodeName   <value> = Target nodeName\n
Information types/values:
connectionpool – Display Connection Pool details
heapsize       – Display Heap Size details
threadpool     – Display Thread Pool details
sessions       – Display Session Details\n
\nNotes:
– Long form option values may be separated/delimited from their associated
identifier using either a space, or an equal sign (‘=’).\n
– Short form option values may be sepearated from their associated letter
using an optional space.\n
– Text containing blanks must be enclosed in double quotes.\n
Examples:
wsadmin -f %(cmdName)s.py -i heapeize -s server1 -n node01\n”’

import os, re, sys, getopt;

__scriptName__ = ‘check_was’;
__version__    = ‘0.1’;
__updated__    = ’22 July 2010′;

#———————————————————————
# Name: localMode()
# Role: Return true (1) if AdminControl object is unavailable, false
#       (0) otherwise.
# Note: In localmode (i.e., -conntype none), this returns true (1)
#———————————————————————
def localMode() :
‘localMode() – Return true (1) if AdminControl object is unavailable, false (0) otherwise’
try :
host   = AdminControl.getCell();
result = 0;                        # No, we’re connected
except :
result = 1;                        # Yes, –contype none
return result;

#———————————————————————
# Name: beanNameAsDict()
# Role: Parse the specified MBean and return a dictionary of the name
#       value pairs
#———————————————————————
def beanNameAsDict( bean ) :
‘beanNameAsDict() – Parse the specified MBean and return a dictionary of the name value pairs’
result = {};
for pair in bean.split( ‘:’, 1 )[ 1 ].split( ‘,’ ) :
n, v = pair.split( ‘=’, 1 );
result[ n ] = v;
return result;

#———————————————————————
# Name: callerName
# Role: Utility routine used to determine, and return the name of the
#       calling function.
# Note: Dependends on sys._getframe()
#  See: http://code.activestate.com/recipes/66062/
#———————————————————————
def callerName() :
“callerName() – Returns the name of the calling routine (or ‘?’)”
return sys._getframe( 1 ).f_code.co_name;

#———————————————————————
# Name: configurable()
# Role: Return true (1) if AdminConfig object is available, false (0) otherwise
#———————————————————————
def configurable() :
‘configurable() – Return true (1) if AdminConfig object is available, false (0) otherwise’
try :
host   = AdminConfig.list( ‘Server’ );
result = 1;                        # True  = AdminConfig object is available
except :
result = 0;                        # False = AdminConfig object not available
return result;

#———————————————————————
# Name: configIdAsDict
# Role: Parse a config ID and return a dictionary of name/value pairs
# Note: Exception handler requires sys module
#       The keys in the returned dictionary come from the configID, so
#       are unlikely to match your defect expectations about exactly
#       what values are used (e.g., ‘nodes’ instead of “Node”)
#———————————————————————
def configIdAsDict( configId ) :
‘configIdAsDict( configId ) – Given a configID, return a dictionary of the name/value components.’
funName = callerName();              # Name of this function
result  = {};                        # Result is a dictionary
hier    = [];                        # Initialize to simplifiy checks
try :                                # Be prepared for an error
#—————————————————————–
# Does the specified configID match our RegExp pattern?
# Note: mo == Match Object, if mo != None, a match was found
#—————————————————————–
if ( configId[ 0 ] == ‘”‘ ) and ( configId[ -1 ] == ‘”‘ ) and ( configId.count( ‘”‘ ) == 2 ) :
configId = configId[ 1:-1 ];
mo = re.compile( r’^([\w ]+)\(([^|]+)\|[^)]+\)$’ ).match( configId );
if mo :
Name = mo.group( 1 );
hier = mo.group( 2 ).split( ‘/’ );
if mo and ( len( hier ) % 2 == 0 ) :
#—————————————————————
# hier == Extracted config hierarchy string
#—————————————————————
for i in range( 0, len( hier ), 2 ) :
( name, value ) = hier[ i ], hier[ i + 1 ];
result[ name ]  = value;
if result.has_key( ‘Name’ ) :
print ”’%s: Unexpected situation – “Name” attribute conflict,
Name = “%s”, Name prefix ignored: “%s””’ % ( funName, result[ ‘Name’ ], Name );
else :
result[ ‘Name’ ] = Name;
else :
print ”’%(funName)s:
Warning: The specified configId doesn\’t match the expected pattern,
and is ignored.
configId: “%(configId)s””’ % locals();
except :
( kind, value ) = sys.exc_info()[ :2 ];
print ”’%(funName)s: Unexpected exception.\n
Exception  type: %(kind)s
Exception value: %(value)s”’ % locals();
return result;

#———————————————————————
# Name: heapsize()
# Role: Display information about the heap for the specified server
#———————————————————————
def heapsize( configID ) :
‘heapsize() – Display used and free stats for the JVM of the specified server’
cDict = configIdAsDict( configID );
jvm   = AdminControl.queryNames( ‘type=JVM,process=%(servers)s,node=%(nodes)s,*’ % cDict );
if jvm :
used    = AdminControl.getAttribute( jvm, ‘heapSize’ );
free    = AdminControl.getAttribute( jvm, ‘freeMemory’ );
total   = int( used ) + int( free );
percent = float( used ) * 100.0 / float( total );
print ‘heapsize: node=%s  server=%s  used=%.1f MB (%.2f%%)  free=%.1f MB’ % ( cDict[ ‘nodes’ ], cDict[ ‘servers’ ], MB( used ), percent, MB( free ) );
else :
print ‘Specified server does not appear to be active: node=%(nodes)s  server=%(servers)s’ % cDict;

#———————————————————————
# Name: localMode()
# Role: Return true (1) if AdminControl object is unavailable, false
#       (0) otherwise.
# Note: In localmode (i.e., -conntype none), this returns true (1)
#———————————————————————
def localMode() :
‘localMode() – Return true (1) if AdminControl object is unavailable, false (0) otherwise’
try :
host   = AdminControl.getCell();
result = 0;                        # No, we’re connected
except :
result = 1;                        # Yes, –contype none
return result;

#———————————————————————
# Name: main()
# Role: Perform the actual work of the script
#———————————————————————
def main( cmdName = None ) :
missingParms = ‘%(cmdName)s: Insufficient parameters provided.\n’;
ambigServer  = ‘%(cmdName)s: Ambiguous server specified: %(serverName)s\n’;
badReqdParam = ‘%(cmdName)s: Invalid required parameter: %(key)s\n’;
badInfo      = ‘%(cmdName)s: As yet unimplemented “info” request: %(info)s\n’;
badNode      = ‘%(cmdName)s: Unknown node: %(nodeName)s\n’;
badServer    = ‘%(cmdName)s: Unknown server: %(serverName)s\n’;
serverReqd   = ‘%(cmdName)s: Missing required parameter: “serverName”.\n’;

if not cmdName :
cmdName = __scriptName__;

#——————————————————————-
# How many user command line parameters were specified?
#——————————————————————-
argc = len( sys.argv );                   # Number of arguments
if ( argc < 2 ) :                         # If too few are present,
print missingParms % locals();          #   tell the user, and
Usage( cmdName );                       #   provide the Usage info
else :                                    # otherwise
Opts = parseOpts( cmdName );            #   parse the command line

#——————————————————————-
# Assign values from the user Options dictionary, to make value
# access simplier, and easier.  For example, instead of using:
#   Opts[ ‘nodeName’ ]
# we will be able to simply use:
#   nodeName
# to access the value.
#——————————————————————-
for key in Opts.keys() :
val = Opts[ key ];
cmd = ‘%s=Opts[“%s”]’ % ( key, key );
#   print cmd;
exec( cmd );

#——————————————————————-
# Check required parameters
#——————————————————————-
if info not in [ ‘heapsize’, ‘sessions’, ‘connectionpool’, ‘threadpool’ ] :
print badInfo % locals();
Usage( cmdName );

if not serverName :
print serverReqd % locals();
Usage( cmdName );

#——————————————————————-
# Was the nodeName specified, and if so, does it exist?
#——————————————————————-
node = None;
if nodeName :
for nid in AdminConfig.list( ‘Node’ ).splitlines() :
if nid.startswith( nodeName + ‘(‘ ) :
node = nid;
if not node :
print badNode % locals();

#——————————————————————-
# Does the specified serverName exist (within the scope of the
# specified node)?
# Note: A scope of None is identical to not specifying a scope
#——————————————————————-
servers = [];
for sid in AdminConfig.list( ‘Server’, node ).splitlines() :
if sid.startswith( serverName + ‘(‘ ) :
servers.append( sid );
if len( servers ) < 1 :
print badServer % locals();
sys.exit();
elif len( servers ) > 1 :
print ambigServer % locals();
nodes = [];
for sid in servers :
nodes.append( configIdAsDict( sid )[ ‘nodes’ ] );
print ‘Specify one of the following nodes using the –nodeName option: ‘ + ( ‘, ‘.join( nodes ) );
sys.exit();
server = servers[ 0 ];

# print ‘Request for %s on %s’ % ( info, server );
if info == ‘heapsize’ :
heapsize( server );
else :
print ‘Not yet implemented: “%s”‘ % info

#———————————————————————
# Name: MB()
# Role: Convert the specified (integer) value [bytes] into MegaBytes
#———————————————————————
def MB( val ) :
‘MB() – Convert specified integer (byte) value into MegaBytes’
return int( val ) / ( 1024.0 * 1024.0 );

#———————————————————————
# Name: parseOpts()
# Role: Process the user specified (command line) options
#———————————————————————
def parseOpts( cmdName ) :
shortForm = ‘i:n:s:’;
longForm  = ‘info=,nodeName=,serverName=’.split( ‘,’ );
badOpt    = ‘%(cmdName)s: Unknown/unrecognized parameter%(plural)s: %(argStr)s\n’;
optErr    = ‘%(cmdName)s: Error encountered processing: %(argStr)s\n’;
problem   = ‘%(cmdName)s: Error option processing problem: %(opt)s\n’;

try :
opts, args = getopt.getopt( sys.argv, shortForm, longForm );
except getopt.GetoptError :
argStr = ‘ ‘.join( sys.argv );
print optErr % locals();
Usage( cmdName );

#——————————————————————-
# Initialize the Opts dictionary using the longForm key identifiers
#——————————————————————-
Opts = {};
for name in longForm :
if name[ -1 ] == ‘=’ :
name = name[ :-1 ]
Opts[ name ] = None;

#——————————————————————-
# Process the list of options returned by getopt()
#——————————————————————-
for opt, val in opts :
if opt in   ( ‘-i’, ‘–info’ )       : Opts[ ‘info’       ] = val
elif opt in ( ‘-n’, ‘–nodeName’ )   : Opts[ ‘nodeName’   ] = val
elif opt in ( ‘-s’, ‘–serverName’ ) : Opts[ ‘serverName’ ] = val
else :
print problem % locals();

#——————————————————————-
# Check for unhandled/unrecognized options
#——————————————————————-
if ( args != [] ) :        # If any unhandled parms exist => error
argStr = ‘ ‘.join( args );
plural = ”;
if ( len( args ) > 1 ) : plural = ‘s’;
print badOpt % locals();
Usage( cmdName );

#——————————————————————-
# Return a dictionary of the user specified command line options
#——————————————————————-
return Opts;

#———————————————————————
# Name: Usage()
# Role: Display usage information necessary to use this script.
#———————————————————————
def Usage( cmdName = None ) :
if not cmdName :
cmdName = __scriptName__;

print __doc__ % locals();       # Script docstring contains usage info
sys.exit();

#———————————————————————-
# Code execution begins
#———————————————————————-
if ( __name__ == ‘__main__’ ) or ( __name__ == ‘main’ ) :
if localMode() :
print ‘A connection to WebSphere Application Server is required.\n’;
Usage();
elif configurable() :
main();
else :
print ‘WebSphere Application Server scripting objects appear to be unavailable.\n’;
Usage();
else :
print ‘This script should be executed, not imported.\n’;
Usage( __name__ );

I have websphere 6.x ND servers which time travel in future i.e 2011/2012.  One of machine time traveled to 2011, I then had to revert it back to current date i.e 2010. I can now see that configuration under following directories is not updated properly.

DMGR : Aug 5 2010 is the latest.

[was@Server1 Profile01]$ ls -l profiles/Profile01/dmgr/config/cells/Server1_Cell/nodes/Server1_Node01
total 136
-rw-rw-r– 1 was was   818 Aug  5 16:23 trust.p12
-rw-rw-r– 1 was was  3474 Aug  5 16:23 key.p12
-rw-rw-r– 1 was was 12552 Aug  3 13:24 serverindex.xml

[was@Server1 ~]$ ls -lrt profiles/Profile01/Node/config/cells/Server1_Cell/nodes/Server1_Node01
total 136
-rw-rw-r– 1 was was  2042 Aug 13  2011 trust.p12
-rw-rw-r– 1 was was  2770 Aug 13  2011 key.p12
-rw-rw-r– 1 was was 12552 Aug 15  2011 serverindex.xml

How does Deployment manager syncs Nodes with it’s new configuration?

In order for synchronization to work, the system clocks of the Deployment Manager, and Node Agent machines must be within a specific time range. Otherwise, the attempt to synchronize will fail, and you will get a message indicating that the time difference is too great.

If you have more than 5 min difference between dmgr and node. And you have admin security enabled. Then you will see LTPA token expiration errors…. While communicating with the Deployment Manager, the Node agent for example sync or discover process.

Where will I get this error message?

Yes.  The Deployment Manager is the one that attempts the synchronization with the node agents, so the status messages (i.e., success/failure) would be in the DM logs.

I often get too many file entries left at wstemp and temp directories under NodeAgent/Dmgr. They are failed sync files and would like to know if I can delete them.

WebSphere Application Server and config temp files

• The node sends a sync request to cell (dmgr)
• The cell manager identifies the modified documents, copies them to the temp folder (config/temp) and then sends the response to node with the URLs of modified documents.
• The node then uses the File Transfer service to download the documents to local machine.
• The file transfer service internally sets a flag that enables the file transfer server to delete the temp file once the download is complete.

Whenever there is a request to transfer a file, the dmgr creates a temp copy in the config/temp directory. <Install_Root>\config\temp\cells\<cell_name>\applications\ .

• The dmgr deletes the temp copy only when the file is completely read and copied to the client.
• The temp files get deleted only when the download process is complete and successful.

Why does dmgr/nodeagent use temp directories? Is there any reason for it?

The wstemp directory is where workspaces (save areas) are created when someone begins the process of changing a configuration in a node.
The wstemp directory is the workspace directory.  Any program that ask the workspace for a session (e.g. adminconsole and wsadmin)  a directory will be created.  If the session is not cleaned up
the directories will remain.  For wsadmin, the completion of wsadmin will clean the directory, note if you kill or wsadmin fails to work and crash, the folder will remain (these have script in the folder
name).

For adminconsole, each user will have their own folder. These folders will always remain because we maintain user preference during their sessions.  Also if the user does not logout, we keeps all configuration changes in this folder.  Once they log out, the user folder will be reduced to contain the minimum preference information for the next session login. You can remove all these files/folders and the dmgr will create new files (we highly recommmend stopping the dmgr before deleting these so users logged in don’t have errors).

These folders contain temporary files and can be manually deleted.  Websphere will automatically manage these files and if they are growing later, something is wrong because users are killing/not logging out.

Hers is a reference document which helps to understand and to debug the problems with wstemp workspace directories which contains workspace  directories named with ‘anonymousxxxx’ and ‘ Scriptxxxx’ .

Problem with workspace directories when created in wstemp directory
http://www-1.ibm.com/support/docview.wss?uid=swg21221297

More reading

IBM – WebSphere Application Server synchronization process explained
http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg21233075

IBM – What is file synchronization and how does it work?
http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg21108407

We have to create WAS groups before creating & assigning users.

Click on Manage groups and add a new groups , here “WAS Monitor”

Click on “Save “

Click on “Create” at  right hand pane & you will see a FORM like one below

Click on “Group Membership” and select WAS Operator role we just created.

Now refer to following post for stopping  and starting  websphere services
http://www.oracledbasupport.co.uk/websphere-security-switch-off-usernamepassword-prompt/#comment-2905

What is SSL ?

• SSL (Secure Sockets Layer) is an encryption system used on servers to ensure privacy when transmitting data across internet.
• Server needs a public-private key pair and a certificate. The server uses its private key to sign messages to clients.
• To send its public key to clients, the server needs a certificate issued by a certification authority (CA). A certification authority (CA) is a trusted third party that issues certificates.

IBM’s way of SSL implementation :  IBM provides GSKit (Global Security Kit)
* GSKit provides SSL (Secure Socket Layer) functions for IBM Products
* GSKit provides IKeyman

IKeyman

• IKeyman (IBM Key Management Utility)
• Java-based application to manage keys and key databases
• Using IKeyman, you can  Create a new key database , Add root CA to your database,  Request and receive a certificate from a CA
• Set default keys
• Change password

How to Create Self Signed SSL Certificate?

Create a SSL directory under $HTTP_HOME/conf to store all SSL keys. Make sure this directory is secured.

[was61@Server1 conf]$ pwd
/opt/IBM/HTTPServer/conf
[was61@Server1 conf]$ mkdir ssl

Start $HTTPSever_home/bin/ikeyman tool

Apache Tomcat and many other Java applications expect to retrieve SSL/TLS certificates from a Java Key Store (JKS). Select JKS else PKCS2 on your preference.  I have gone for PKCS12  here,  http://en.wikipedia.org/wiki/PKCS

Navigate “Location” tab to SSL directory created earlier

It will prompt you for a password , enter value. You should have a screen as below.

Select “Personal Certificate Requests“ from drop-down options

Click on “new” to start a new self-signed certificate request

Fill up fields and click on OK

Ikeyman should list “Self-Signed” certificate as below

Double Click on “self-signed” Tab and you will be able to see certificate details

Now certificate is in place so let’s Amend SSL certificate configuration at httpd.conf

Edit $HTTPServer_HOME/httpd.conf and add following details

• Listen Server1:443
• Towards end of http.conf file add virtual host  details

LoadModule ibm_ssl_module modules/mod_ibm_ssl.so
<VirtualHost  Server1:443>
SSLEnable
SSLClientAuth None
SSLServerCert self-signed    — Make sure this is same field as “Key-Label” at create SSL request
KeyFile “/opt/IBM/HTTPServer/conf/ssl/key.p12”
# SSLStashfile “/opt/IBM/HTTPServer/conf/ssl/key.sth”  — This file is required for “CMS key Database format”  but not for JKS/PKCS12
DocumentRoot “/opt/IBM/HTTPServer/htdocs/en_US”
LogLevel warn
LogFormat   “%h %l %u %t \”%r\” %>s %b %{HTTPS}e %{SSL_CIPHER}e %{SSL_CLIENT_DN}e” SSL
CustomLog “|/opt/IBM/HTTPServer/bin/rotatelogs /opt/IBM/HTTPServer/logs/ssl_access%d%m%Y.log 86400” SSL
ErrorLog  “|/opt/IBM/HTTPServer/bin/rotatelogs /opt/IBM/HTTPServer/logs/ssl_error%d%m%Y.log 86400”
</VirtualHost>

• Finally re-start HTTP server & monitor log  at /opt/IBM/HTTPServer/logs/ ssl_error.log

Try machine SSL URL https://Server1, It should send you a valid response.

Method 1:

1) Install exact websphere version including fixpack on a new machine
Note you have to make sure to use same install path for example

2) create dmgr and nodeprofile on a NEW machine

3) Stop the dmgr, nodeagent and all application server on OLD machine

4) Tar/zip up complete dmgr profile directory and node profile from OLD machine and untar/unzip on a NEW machine

Now change hostname entries in the websphere configuration and Use following link for changing hostname
WebSphere Application Server V6.0 best practices for configuration changes
http://www-01.ibm.com/support/docview.wss?uid=swg27007419&aid=1

5) Once new DMGR is up , manually sync node with dmgr using syncnode command
$NODE_HOME/bin$syncnode newdmgrhostname dmgrsoapport -username user -password password

6)  once sync went fine start the nodeagent and make sure sync status shows correctly on dmgr console

7)  Now start all application server from dmgrconsole

Method 2

1) Install exact websphere version including fixpack on a new machine
Note you have to make sure to use same install path

2) Don’t create any profiles

3) Tar/zip up complete dmgr profile directory and node profile from OLD machine and untar/unzip on a NEW machine

4) Use rename node Command to rename Node

$DMGR_HME/bin$renameNode.sh localhost 8879 newnode

Note : You need to have deployment manager working to use renamenode command.

Stop Script:

Let’s check if there are any java (server) process running ?

[was61@ scripts]$ ps -ef | grep java |  awk ‘{print  $2 ” ”  $8}’
18343 /opt/IBM/WebSphere/AppServer/java/bin/java
18521 /opt/IBM/WebSphere/AppServer/java/bin/java
18639 /opt/IBM/WebSphere/AppServer/java/bin/java
18819 /opt/IBM/WebSphere/AppServer/java/bin/java

Copy this script at your node and use it as “wsadmin.sh -f stopCell.py” (No arguments)

#——————————————————————————-
#  Name: stopCell.py
#  Role: Gracefully terminate all active server processes in the cell
# Usage: wsadmin -f stopCell.py
#    or: ./wsadmin.sh -f stopCell.py
#——————————————————————————-
#  Name: showAsDict.py
#  From: WebSphere Application Server Administration using Jython
#    By: Robert A. (Bob) Gibson [rag], Arthur Kevin McGrath, Noel J. Bergman
#  ISBN: 0-137-00952-6
#——————————————————————————-
def showAsDict( configID ) :
‘Return a dictionary of the AdminConfig.show( configID ) result.’
result = {};
try :
import sys;           # Get access to WSAS objects
#—————————————————————–
# The result of the AdminConfig.show() should be a string
# containing many lines.  Each line of which starts and ends
# with brackets.  The “name” portion should be separated from the
# associated value by a space.
#—————————————————————–
for item in AdminConfig.show( configID ).splitlines() :
if ( item[ 0 ] == ‘[‘ ) and ( item[ -1 ] == ‘]’ ) :
( key, value ) = item[ 1:-1 ].split( ‘ ‘, 1 );
if ( value[ 0 ] == ‘”‘ ) and ( value[ -1 ] == ‘”‘ ) :
value = value[ 1:-1 ];
result[ key ] = value;
except NameError, e :
print ‘Name not found: ‘ + str( e );
except :
( kind, value ) = sys.exc_info()[ :2 ];
print ‘Exception  type: ‘ + str( kind );
print ‘Exception value: ‘ + str( value );
return result;

#———————————————————————
# For each type of server
#———————————————————————
for Type in [ ‘APPLICATION_SERVER’, ‘NODE_AGENT’, ‘DEPLOYMENT_MANAGER’ ] :
#——————————————————————-
# For each configured server
#——————————————————————-
for server in AdminConfig.list( ‘Server’ ).splitlines() :
#—————————————————————–
# If this server is of the current type
#—————————————————————–
sDict = showAsDict( server );
if sDict[ ‘serverType’ ] == Type :
bean = AdminConfig.getObjectName( server );
#—————————————————————
# Is this server active
#—————————————————————
if bean :
#————————————————————-
# stop it (asynchronously)
#————————————————————-
print ‘Stoppping: ‘ + sDict[ ‘name’ ];
AdminControl.invoke( bean, ‘stop’ );

Usage :

[was61@ scripts]$  /opt/IBM/WebSphere/AppServer/bin/wsadmin.sh -f stopcell.py
WASX7209I: Connected to process “dmgr” on node server1_Manager using SOAP connector;  The type of process is: DeploymentManager
Stoppping: server_member1
Stoppping: server_member2
Stoppping: nodeagent
Stoppping: dmgr

Start Script:

Let’s check if there are any java (server) process running ?

[was61@scripts]$ ps -ef | grep java |  awk ‘{print  $2 ” ”  $8}’
19420 grep

#———————————————————————
# Name: startCell()
# Role: Attempt to start all of the Application Servers in the
#       specified WebSphere Application Server cell.
#———————————————————————
”’
Program: %(cmdName)s.py\n
Role: Attempt to start all of the Application Servers in the
specified WebSphere Application Server cell.\n
Usage: python %(cmdName)s.py <WSAS_HOME>\n
Example: python %(cmdName)s.py C:\\IBM\\WebSphere\\AppServer
”’
import os, sys, re;
__Debug__  = True;
__dashes__ = ‘-‘ * 79;

#———————————————————————
# Name: dirCheck()
# Role: Verify that the specified directory exists, and is a directory
#———————————————————————
def dirCheck( path ) :
return os.path.exists( path ) and os.path.isdir( path );

#———————————————————————
# Name: log()
# Role: If debugging is enabled, log the specified message
#———————————————————————
def log( msg ) :
if __Debug__ :
print msg;

#———————————————————————
# Name: getProfiles()
# Role: Determine the names of the existing profiles
#———————————————————————
def getProfiles( binPath, tempFile ) :
log( ‘getProfiles(): Enter’ );
try :
if os.name == ‘nt’ :
cmd =  ‘manageprofiles’;
else :
cmd =  ‘./manageprofiles.sh’;
exe = os.path.join( binPath, cmd );
log( ‘Calling: %s -listProfiles’ % exe );
rc  = os.system( exe + ‘ -listProfiles >’ + tempFile );
fh  = open( tempFile );
result = fh.read();
log( ‘Result:\n%s\n%s%s’ % ( __dashes__, result, __dashes__ ) );
result = result[ 1:-2 ].split( ‘, ‘ );
fh.close();
except :
Type, value = sys.exc_info()[ :2 ];
log( ‘Exception  Type: ‘ + `Type` );
log( ‘          value: ‘ + `value` );
result = [];
log( ‘getProfiles(): Exit  result = ‘ + `result` );
return result;

#———————————————————————
# Name: getStoppedServers()
# Role: Determine the Server name and type for the specified profiles
# Note: We’re only interested in “stopped” servers, we ignore started
#       ones.
#     – The 3 Types of Servers are:
#       Deployment Manager
#       Node Agent
#       Application Server
#———————————————————————
def getStoppedServers( binPath, tempFile, profileNames ) :
log( ‘getStoppedServers(): Enter’ );
result = {};
pat = re.compile( ‘^ADMU0509I: The (\w+ \w+) “(\w+)”‘ )
for pName in profileNames :
try :
if os.name == ‘nt’ :
cmd =  ‘serverStatus’;
else :
cmd =  ‘./serverStatus.sh’;
exe = os.path.join( binPath, cmd );
log( ‘Calling: %s -all -profileName %s’ % ( exe, pName ) );
rc  = os.system( ‘%s -all -profileName %s >%s’ % ( exe, pName, tempFile ) );
fh  = open( tempFile );
log( ‘Result:\n%s’ % __dashes__ );
for line in fh.read().splitlines() :
mo = pat.match( line );
if mo :
Type, sName = mo.group( 1 ), mo.group( 2 );
log( ‘Stopped: %s -profileName %s’ % ( sName, pName ) );
if result.has_key( Type ) :
result[ Type ].append( ( pName, sName ) );
else :
result[ Type ] = [ ( pName, sName ) ];
log( __dashes__ );
fh.close();
except :
value = str( sys.exc_info()[ 1 ] );
print ‘Error processing profileName %s: %s’ % ( pName, value );
log( ‘getStoppedServers(): Exit  result =’ + `result` );
return result;

#———————————————————————
# Name: startCell()
# Role: Start the application servers in the specified cell.
#———————————————————————
def startCell() :
log( ‘startCell(): Enter’ );

#——————————————————————-
# How many user specified command line options exist?
#——————————————————————-
argc = len( sys.argv );
if argc != 2 :
Usage();
else :
try :
#—————————————————————
# pgm = fully qualified path to script being executed
#—————————————————————
pgm  = sys.argv[ 0 ];
if not pgm.endswith( ‘.py’ ) :
raise ValueError( ‘Unrecognized script type: “%s”‘ % pgm );
tempfile = pgm[ :-2 ] + ‘temp’;
#     print ‘tempfile: “%s”‘ % tempfile;

#—————————————————————
# Verify that washome exists, and is a directory
#—————————————————————
WASerror = ‘”%s” does not appear to be a WAS Home directory.’;
washome = sys.argv[ 1 ];
if not dirCheck( washome ) :
print WASerror % washome;
sys.exit();

wasbin  = os.path.join( washome, ‘bin’ );
if not dirCheck( wasbin ) :
print WASerror % wasbin;
sys.exit();

#—————————————————————
# Get a list of the available profileNames
#—————————————————————
profileNames = getProfiles( wasbin, tempfile );

#—————————————————————
# For each Server Type, list the profilName and serverName of
# each stopped server
#—————————————————————
stopped = getStoppedServers( wasbin, tempfile, profileNames );

#—————————————————————
# width = length of longest server name
#—————————————————————
sNames = [];
for Type in stopped :
for n, s in stopped[ Type ] :
sNames.append( s );
width = max( [ len( x ) for x in sNames ] );

#—————————————————————
# Process each Type, in the right order to start the cell
#—————————————————————
for Type in [ ‘Deployment Manager’, ‘Node Agent’, ‘Application Server’ ] :
if stopped.has_key( Type ) :
for pName, sName in stopped[ Type ] :
startServer( wasbin, pName, sName, tempfile, -width );

#—————————————————————
# Remove the temporary file
#—————————————————————
try :
os.unlink( tempfile );
except :
pass;
except :
Type, value = sys.exc_info()[ :2 ];
Type, value = str( Type ), str( value );
print ‘Exception type: %s\n         value: %s’ % ( Type, value );
log( ‘startCell(): Exit’ );

#———————————————————————
# Name: startServer()
# Role: Execute the WebSphere Application Server “startServer” command
#———————————————————————
def startServer( binPath, profile, server, tempFile, width = None ) :
log( ‘startServer(): Enter’ );
try :
if os.name == ‘nt’ :
cmd =  ‘startServer’;
else :
cmd =  ‘./startServer.sh’;
log( ‘Calling: %s %s -profileName %s’ % ( cmd, server, profile ) );
exe = os.path.join( binPath, cmd );
if width :
print ‘%s %*s -profileName %s’ % ( cmd, width, server, profile ),
else :
print ‘%s %s -profileName %s’ % ( cmd, server, profile ),
cmd = ‘%s %s -profileName %s >%s’ % ( exe, server, profile, tempFile );
rc  = os.system( cmd );
fh  = open( tempFile )
tail = fh.read().splitlines()[ -1 ];
fh.close();
if tail.startswith( ‘ADMU3000I:’ ) :
log( ‘  Started successfully.’ );
result = 0;
if not __Debug__ :
print;
else :
log( ‘  Start failed:’, tail );
print ‘  Error – tail = “%s”‘ % tail;
result = 1;
except :
value = str( sys.exc_info()[ 2 ] );
print ‘  Error – ‘, value;
result = -1;
log( ‘startServer(): Exit’ );
return result;

#———————————————————————
# Name: Usage()
# Role: Descript script function
#———————————————————————
def Usage( cmdName = ‘startCell’ ) :
print __doc__ % locals();
sys.exit( -1 );

#———————————————————————
# main entry point – verify that script was executed, not imported
#———————————————————————
if __name__ == ‘__main__’ :
if os.name in [ ‘nt’, ‘posix’ ] :
startCell();
else :
print ‘Unsupported Operating System type: %s\n’ % os.name;
Usage();
else :
Usage( __name__ );

Usage (Ignore)

[was61@scripts]$ /opt/IBM/WebSphere/AppServer/bin/wsadmin.sh -f startcell.py
WASX7023E: Error creating “SOAP” connection to host “localhost”; exception information: com.ibm.websphere.management.exception.ConnectorNotAvailableException: com.ibm.websphere.management.exception.ConnectorNotAvailableException: ADMC0016E: The system cannot create a SOAP connector to connect to host localhost at port 8879.
WASX7213I: This scripting client is not connected to a server process; please refer to the log file /opt/IBM/WebSphere/AppServer/profiles/Profile01/dmgr/logs/wsadmin.traceout for additional information.
WASX8011W: AdminTask object is not available.
Program: main.py
Role: Attempt to start all of the Application Servers in the
specified WebSphere Application Server cell.
Usage: python main.py <WSAS_HOME>
Example: python main.py C:\IBM\WebSphere\AppServer

(Please note you will need python installed on your box to run this script)

[was61@scripts]$ python startcell.py /opt/IBM/WebSphere/AppServer

startServer dmgr -profileName dmgr

I have tested it and it is only bringing up DMGR,Will need some tweaking

[was61@scripts]$ ps -ef | grep java |  awk ‘{print  $2 ” ”  $8}’
19716 /opt/IBM/WebSphere/AppServer/java/bin/java

This jython script will produce output  as below :

$/opt/IBM/WebSphere/AppServer/bin/wsadmin.sh -lang jython -profile serverStatus.py -c “serverStatus()”

WASX7209I: Connected to process “dmgr” on node server1_Manager using SOAP connector;  The type of process is: DeploymentManager

Server               |        Cell       |         Node         | Status
——————–+——————-+———————-+——–
dmgr                | Server1_Cell | Server1_Manager | running
server_member1         | Server1_Cell | Server1_Node01  | running
server_member2 | Server1_Cell | Server1_Node01  | running
nodeagent           | Server1_Cell | Server1_Node01  | running

import re;

#———————————————————————
# Name: serverStatus()
# Role: Display the status of the known servers
#———————————————————————
def serverStatus() :
#——————————————————————-
# RegExp to extract the server, cell, and node name for each server
#——————————————————————-
pat = re.compile( r’^(\w+)\(cells/(\w+)/nodes/(\w+)/servers\/\1.*\)$’ );

#——————————————————————-
# Retrieve the list of known servers
# While building the list, compute the max length of each name
#——————————————————————-
info   = [];
maxLen = [ 0 ] * 3;

#——————————————————————-
# For each server of the known servers
#——————————————————————-
servers = AdminConfig.list( ‘Server’ ).splitlines();
for server in servers :
#—————————————————————–
# An Object Name will exist if the specified server is running
#—————————————————————–
oName = AdminConfig.getObjectName( server );
if oName != ” :
status = ‘running’;
else :
status = ‘stopped’;
#—————————————————————–
# Extract the server, cell, and node name
# (match Object)
#—————————————————————–
mObj = pat.match( server );
if mObj :
#—————————————————————
# Save the data, and see if the length of each field name is the
# longest we have yet seen (i.e., maxLen[ i ])
#—————————————————————
( sName, cName, nName ) = mObj.groups();
info.append( ( sName, cName, nName, status ) );
for i in range( 3 ) :
L = len( mObj.group( i + 1 ) );
if L > maxLen[ i ] : maxLen[ i ] = L;

#——————————————————————-
# Display the information
#——————————————————————-
( L0, L1, L2 ) = maxLen;
( sName, cName, nName, status ) = ‘Server,Cell,Node,Status’.split( ‘,’ );
sName = sName.center( L0 );
cName = cName.center( L1 );
nName = nName.center( L2 );
print ‘%(sName)s | %(cName)s | %(nName)s | %(status)s’ % locals();
print ( ‘-‘ * L0 ) + ‘-+-‘ + ( ‘-‘ * L1 ) + ‘-+-‘ + ( ‘-‘ * L2 ) + ‘-+——–‘;
for scn in info :
( sName, cName, nName, status ) = scn;
print ‘%-*s | %-*s | %-*s | %s’ % ( L0, sName, L1, cName, L2, nName, status );

This script is designed to get complete server status details and OS details just before deployemnt. Its designed to help in debugging and simulating the same environment.
Note:No arguments required for this script to run

I have added JACL script output first, scroll down to see the actual script.

Script for download

[was61@Machine1 ~]$ /opt/IBM/WebSphere/AppServer/bin/wsadmin.sh -user sagar -password 1234 -f getdetails.jacl

WASX7209I: Connected to process “dmgr” on node Machine1_Manager using SOAP connector;  The type of process is : DeploymentManager
****************************************************************
—              GET ALL DEBUG DETAILS                        —
****************************************************************
server details on Jul. 14, 2010 03:24:10 PM
Starting getDetails script …
———————————————————————-
Number of running servers on node Machine1_Manager: 1
Server dmgr processtype: DeploymentManager
Server dmgr state STARTED
Server dmgr JVM details WebSphere:name=JVM,process=dmgr,platform=proxy,node=Machine1_Manager,j2eeType=JVM,J2E                                            EServer=dmgr,version=6.1.0.21,type=JVM,mbeanIdentifier=JVM,cell=Machine1_Cell,spec=1.0
———————————————————————————
Websphere Application Server dmgr Java Env. Details:
———————————————————————————
Java Specification Name: Java Platform API Specification
Java Specification vendor Name: Sun Microsystems Inc.
Java Specification Version: 1.5
java.util.logging.manager : com.ibm.ws.bootstrap.WsLogManager
java.util.logging.configureByServer : true
java.util.prefs.PreferencesFactory : com.ibm.ws.util.prefs.HashPreferencesFactory
java.vendor : IBM Corporation
java.vendor.url : http://www.ibm.com/
java.version : 1.5.0
Java virtual machine info: J2RE 1.5.0 IBM J9 2.3 Linux amd64-64 j9vmxa6423ifx-20080811 (JIT enabled)
J9VM – 20080809_21892_LHdSMr
JIT  – 20080620_1845_r8
GC   – 200806_19
—————————————————————————
dmgr (DeploymentManager) has pid 2231; state: STARTED; on Linux
Number of applications running on dmgr: 3
ManagementEJB
—————————————————————-

filetransfer
—————————————————————-

isclite
—————————————————————-

Number of running servers on node Machine1_Node01: 3
Server server_member1 processtype: ManagedProcess
Server server_member1 state STARTED
Server server_member1 JVM details WebSphere:name=JVM,process=server_member1,platform=proxy,node=Server1                             ,j2eeType=JVM,J2EEServer=server_member1,version=6.1.0.21,type=JVM,mbeanIdentifier=JVM,cell=Server1_Cell,spec=1.0
———————————————————————————
Websphere Application Server server_member1 Java Env. Details:
———————————————————————————
Java Specification Name: Java Platform API Specification
Java Specification vendor Name: Sun Microsystems Inc.
Java Specification Version: 1.5
java.util.logging.manager : com.ibm.ws.bootstrap.WsLogManager
java.util.logging.configureByServer : true
java.util.prefs.PreferencesFactory : java.util.prefs.FileSystemPreferencesFactory
java.vendor : IBM Corporation
java.vendor.url : http://www.ibm.com/
java.version : 1.5.0
Java virtual machine info: J2RE 1.5.0 IBM J9 2.3 Linux amd64-64 j9vmxa6423ifx-20080811 (JIT enabled)
J9VM – 20080809_21892_LHdSMr
JIT  – 20080620_1845_r8
GC   – 200806_19
—————————————————————————
server_member1 (ManagedProcess) has pid 2507; state: STARTED; on Linux
Number of applications running on server_member1: 1
perfServletApp
—————————————————————-

Server server_member2 processtype: ManagedProcess
Server server_member2 state STARTED
Server server_member2 JVM details WebSphere:name=JVM,process=server_member2,platform=proxy,node=server1                                        _Node01,j2eeType=JVM,J2EEServer=server_member2,version=6.1.0.21,type=JVM,mbeanIdentifier=JVM,cell=server1_Cell,spec=1.0
———————————————————————————
Websphere Application Server server_member2 Java Env. Details:
———————————————————————————
Java Specification Name: Java Platform API Specification
Java Specification vendor Name: Sun Microsystems Inc.
Java Specification Version: 1.5
java.util.logging.manager : com.ibm.ws.bootstrap.WsLogManager
java.util.logging.configureByServer : true
java.util.prefs.PreferencesFactory : java.util.prefs.FileSystemPreferencesFactory
java.vendor : IBM Corporation
java.vendor.url : http://www.ibm.com/
java.version : 1.5.0
Java virtual machine info: J2RE 1.5.0 IBM J9 2.3 Linux amd64-64 j9vmxa6423ifx-20080811 (JIT enabled)
J9VM – 20080809_21892_LHdSMr
JIT  – 20080620_1845_r8
GC   – 200806_19
—————————————————————————
server_member2 (ManagedProcess) has pid 2705; state: STARTED; on Linux
Number of applications running on server_member2: 1
perfServletApp
—————————————————————-

Server nodeagent processtype: NodeAgent
Server nodeagent state STARTED
Server nodeagent JVM details WebSphere:name=JVM,process=nodeagent,platform=proxy,node=Machine1_Node01,j2eeTyp                                            e=JVM,J2EEServer=nodeagent,version=6.1.0.21,type=JVM,mbeanIdentifier=JVM,cell=Machine1_Cell,spec=1.0
———————————————————————————
Websphere Application Server nodeagent Java Env. Details:
———————————————————————————
Java Specification Name: Java Platform API Specification
Java Specification vendor Name: Sun Microsystems Inc.
Java Specification Version: 1.5
java.util.logging.manager : com.ibm.ws.bootstrap.WsLogManager
java.util.logging.configureByServer : true
java.util.prefs.PreferencesFactory : java.util.prefs.FileSystemPreferencesFactory
java.vendor : IBM Corporation
java.vendor.url : http://www.ibm.com/
java.version : 1.5.0
Java virtual machine info: J2RE 1.5.0 IBM J9 2.3 Linux amd64-64 j9vmxa6423ifx-20080811 (JIT enabled)
J9VM – 20080809_21892_LHdSMr
JIT  – 20080620_1845_r8
GC   – 200806_19
—————————————————————————
nodeagent (NodeAgent) has pid 2368; state: STARTED; on Linux
Number of applications running on nodeagent: 0
getdetails: — Done.
—————————————————————————————————

Actual JACL Script is as below

###############################################################################
#                                                                             #
#                                 getdetails.jacl                                #
#                  ———————————                          #
# Purpose:                                                                    #
#        This script is designed to get complete server status/             #
#             details and OS details                       #
#         just before deployemnt. Its designed to help in debugging          #
#            and simulating the same environment.                     #
#     Note:No arguments required for this script to run                       #
#                                                                             #
###############################################################################
#
#—————————————————
# Setting the User Script Location
#————————————————–
set ScriptLocation [java::call java.lang.System getProperty “script.dir”]
if { $ScriptLocation==”” } then {
set ScriptLocation [java::call java.lang.System getProperty “user.dir”]
}
set ScriptLocation “$ScriptLocation/”

puts “****************************************************************”
puts “–        GET ALL DEBUG DETAILS                 –”
puts “****************************************************************”
set datetime [clock format [clock seconds] -format {%b. %d, %Y %I:%M:%S %p}]
puts “server details on $datetime”
puts “Starting getDetails script …”
puts “———————————————————————-”
#—————————————————————-
# lines 4 and 5 find all the cell and process them one at a time
#—————————————————————-
set cells [$AdminConfig list Cell]
#puts “Echo : $cells”

foreach cell $cells {
#———————————————————————–
# lines 10 and 11 find all the nodes belonging to the cell and
# process them at a time
#———————————————————————–
#puts ” $cell”
set nodes [$AdminConfig list Node $cell]
#puts “echo $nodes”
foreach node $nodes {

#————————————————————–
# lines 16-20 find all the running servers belonging to the cell
# and node, and process them one at a time
#————————————————————–
set cname [$AdminConfig showAttribute $cell name]
#puts “cname : $cname”
set nname [$AdminConfig showAttribute $node name]
#puts “nname : $nname”
set servs [$AdminControl queryNames type=Server,cell=$cname,node=$nname,*]
#puts “servs = $servs”
puts “Number of running servers on node $nname: [llength $servs]”
foreach server $servs {
#———————————————————
# lines 25-31 get some attributes from the server to display;
# invoke an operation on the server JVM to display a property.
#———————————————————
set sname [$AdminControl getAttribute $server name]
set ptype [$AdminControl getAttribute $server processType]
puts “Server $sname processtype: $ptype ”
set pid [$AdminControl getAttribute $server pid]
set state [$AdminControl getAttribute $server state]
puts “Server $sname state $state”
set jvm [$AdminControl queryNames type=JVM,cell=$cname,node=$nname,process=$sname,*]
puts “Server $sname JVM details $jvm”
puts “———————————————————————————”
puts “Websphere Application Server $sname Java Env. Details: ”
puts “———————————————————————————”
set javaspecname [$AdminControl invoke $jvm getProperty java.specification.name]
puts ” Java Specification Name: $javaspecname ”
set javaspecvendorname [$AdminControl invoke $jvm getProperty java.specification.vendor]
puts “Java Specification vendor Name: $javaspecvendorname ”
set javaver [$AdminControl invoke $jvm getProperty java.specification.version]
puts “Java Specification Version: $javaver”
set javalogmanager [$AdminControl invoke $jvm getProperty java.util.logging.manager]
puts “java.util.logging.manager : $javalogmanager”
set javalogconfig [$AdminControl invoke $jvm getProperty java.util.logging.configureByServer]
puts ” java.util.logging.configureByServer : $javalogconfig”
set javautilpre [$AdminControl invoke $jvm getProperty java.util.prefs.PreferencesFactory]
puts “java.util.prefs.PreferencesFactory : $javautilpre”
set javavendor [$AdminControl invoke $jvm getProperty java.vendor]
puts “java.vendor : $javavendor”
set javavendorurl [$AdminControl invoke $jvm getProperty java.vendor.url]
puts “java.vendor.url : $javavendorurl ”
set javaversion [$AdminControl invoke $jvm getProperty java.version]
puts “java.version : $javaversion ”
set javavminfo [$AdminControl invoke $jvm getProperty java.vm.info]
puts “Java virtual machine info: $javavminfo”
set osname [$AdminControl invoke $jvm getProperty os.name]
#puts “Operating System found for $sname: $osname”
puts “—————————————————————————”
puts ” $sname ($ptype) has pid $pid; state: $state; on $osname”
#———————————————————
# line 37-42 find the applications running on this server and
# display the application name.
#———————————————————
set apps [$AdminControl queryNames type=Application,cell=$cname,node=$nname,process=$sname,*]
#puts “apps= $apps ”
puts ” Number of applications running on $sname: [llength $apps]”
foreach app $apps {
set aname [$AdminControl getAttribute $app name]
puts ” $aname”
puts “—————————————————————-”
puts “”
}
}
}
}
puts “getdetails: — Done.”
puts “—————————————————————————————————“

Let’s start network deployment install, Click on the launchpad.exe

Next

Select none. Installation carries on…..

Uncheck the check box as shown in the following figure. And you will be able to create the deployment manager profile using Profile creation tool.

To open the profile creation tool from the command prompt

D:\Program Files\IBM\WebSphere\AppServer\bin\ProfileManagement/pmt

2. Go to program files and profile management tool as follows:

And create a deployment manager profile first.

Select advanced profile creation.

Select deploy administration console and click on next.

Specify profile name and directory and click on next.

Specify the node name, host name and the cell name and click on next.

The above figure depicts the following:

• Node name you can change if you want.
• Host name is the local host as you are using only one machine
• Cell name you can change if you want

Node name and cell name can be changed, but host name is the name of the system.

Username: admin

Password: admin



Select start up type as manual.





Click on create, the profile Dmgr01 is being created.

Now only we are not launching the first step console.



Click on finish.

Now the deployment manager profile is created.

To check the installation verification test manually.

D:\Program Files\IBM\WebSphere\AppServer\profiles\Dmgr01\bin>ivt dmgr Dmgr01



Now the profile Dmgr01 is created.

See the options of the Dmgr01 profile.



---

3. Now we are going to create the Application Server Profile. Click on the profile Management tool.Select Application Server.



Select advance profile creation and click on next.



Select the three checkboxes and click on next.



Specify the profile name and directory and click on next.



Specify the node name and the host name and click on next.



We are not using security as of now.



Specify the ports and click on next.



Select “Run the application server process as a Windows service” and click on the next button.



Do not create a web definition. Click on next.





Click on create.

We are not launching the first step console now.



Now in the profiles you can check application server profile is also created.

For the installation verification test at the command prompt
D:\Program Files\IBM\WebSphere\AppServer\profiles\AppSrv01\bin>ivt server1 AppSrv01

ivt server1 AppSrv01 -> server1 is the name of the server , and AppSrv01 is the name of the profile.

The name of the server is present in this location:
D:\Program Files\IBM\WebSphere\AppServer\profiles\AppSrv01\config\cells\localhostNode01Cell\nodes\localhostNode01\servers





---

NowFirst start the deployment manager and then the admin console of Deployment Manager Profile.

Go to program files -> Ibm websphere



Now first start the deployment manager, then start the Administrative console.





Click on System administration, node, add node.



Select managed node.



Remember now you are in the Deployment manager profile Administrative console.

Now to add the node, you go to the profiles.

Serverindex.xml file. Is present in the following location



In the serverindex.xml file check for the SOAP_CONNECTOR ADDRESS ,

Note: The port no in this case is 8880 and the ORB_LISTENER_ADDRESS, in this case is 9101

Submit the following details as follows in the add node screen.

Note: If the jmx connector type in the following figure is not SOAP AND you have selected RMI/IIOP then you have to use the ORB_LISTENER_ADDRESS port no.





Note: now start the server and click on ok.



After the server is started, then click on ok.



Check on run node as windows service.



Now the node is successfully added. You should log out and just login in again to see the new node



The new node added is shown.

---

To addNode from using the command prompt:Go to the command prompt,Application server/profiles/appsrv02/bin >addNode localhost 8879

8879 is the SOAP PORT ADDRESS OF THE DEPLOYMENT MANAGER.

To include applications use –includeapps

Note: also note that in the bin directory of the Deployment Manager, there is no utility addNode.

Go to application server profile and start the server. Start the deployment manager. Go to the administrative console and login.

Now go to the node agents, if the node agents are not started up. It is necessary to start up the node agents.

Manually go to the location of the node agents and use the startNode command.

This is the location:

Execute at the command prompt as follows:

The node agent has been started up.

The same procedure is also to be followed to start the node agent of the Appserver.

C:\Program Files\IBM\WebSphere\AppServer\profiles\AppSrv01\bin\startnode

Here AppSrv01 is the server that we are using.

Now verify that the two nodes are started.

To install the webserver

Go to 6.0 base/HIS/INSTALL.

Click on next.

Select the directory where you want to install IBM HTTP Server 6.0 and click on the next button.

Select “Custom” and click on the next button.

Specify the HTTP port and the HTTP Administration Port and click on next.

Select the two checkboxes and click on next.

Uncheck the checkbox and click on finish.

Now the web server is installed.

Check in the program files.

Start the web server.

Go to services and start the IBM HTTP SERVICE.

Also in the browser check.

http://localhost

The web server console will open.

To install the plug-in software

Go to 6.0 base folder/ plugin/install

Accept the agreement and click on next.

Select IBM HTTP Server V6 and click on next.

Select “Websphere Application Server machine (local)” and click on next.

Specify the plug-ins installation directory and click next.

Select the location where you want the Websphere Application Server V6 to be installed and click on next after wards.

Select the httpconf file.

web-server plugin-cfg.xml file

C:\Program Files\IBM\WebSphere\AppServer\profiles\Custom01\config\cells\localhostCell01\nodes\localhostNode02\servers\webserver1\plugin-cfg.xml

Click on Finish

Now go to the web servers and create a new web server.

Fill the following details very carefully.

Check whether the application server and web server both are started.

After both web and application server are started, go to the enterprise applications and check the applications are started And then type

http://localhost/snoop in the browser and see the snoop servlet.

Click on file -> open & select local file

I can see JVM memory getting exhausted here

Scroll down to locate the memory distribution

Drill down to individual thread details is possible by  selecting “Analysis -> Thread Detail”

Start IBM Support Assistant &  choose ThreadAnalyzer

Here , we have number of of JavaCore and HeapDump files

Let’s pick up one of javacore file for further analysis

Once you hit Next it will invoke ThreadAnalyzer GUI

Select Analysis option menu to drill down relevant details

Read this as well

Navigate to DMGR -> Troubleshooting -> Logs and Trace ->

To enter a trace string to set the trace specification to the desired state:

1. Click Troubleshooting > Logging and Tracing in the console navigation tree.
2. Select a server name.
3. Click Change Log Level Details.
4. If All Components has been enabled, you might want to turn it off, and then enable specific components.
5. Select Apply, then OK.

To know the exact location click on Runtime Tab and see the directory hosting trace.log file

I can see a trace.log at my directory now

WebSphere Portal has concept of Development mode for some time, basic idea is to improve the startup time of portal by delaying the startup of application. The application should be started when it is accessed for first time instead of starting it at the server startup time.

Following process will show you how to locate if websphere is configured to run under development mode

– Open a command prompt
– cd to the WAS_INSTALL_HOME\bin
– Start “wsadmin” using the following:

wsadmin -conntype none -lang jython
– Use the following wsadmin command to get the configuration ID for your server

server = AdminConfig.list( ‘Server’ ).splitlines()[ 0 ]
– Use the following command to display the server attributes:

print AdminConfig.show( server )
– Look for the following line:

[developmentMode false]
If your value is “true” then, this may be the reason WTE starts faster.

wsadmin>wsadmin>  server = AdminConfig.list( ‘Server’ ).splitlines()[ 0 ]
wsadmin>print AdminConfig.show( server );
[components “[(cells/server1_Cell/nodes/server1_Manager/servers/dmgr|server.xml#NameServer_1) “Deployment Manager(cells/server1_Cell/nodes/server1_Manager/servers/dmgr|server.xml#CellManager_1)” “WorkloadManagement Server(cells/server1_Cell/nodes/server1_Manager/servers/dmgr|server.xml#WorkloadManagementServer_1)” “Network Deployment Server(cells/server1_Cell/nodes/server1_Manager/servers/dmgr|server.xml#ApplicationServer_1)”]”]
[customServices []]
[developmentMode false]
[errorStreamRedirect (cells/server1_Cell/nodes/server1_Manager/servers/dmgr|server.xml#StreamRedirect_1)]
[name dmgr]

The PerfServlet provides the performance data output as an XML document, The servlet provides a way to use an HTTP request to query the performance metrics for an entire WebSphere Application Server administrative domain.

First we need to deploy this servlet on (clustered) nodes  to be monitored before using it. The deployment is no way different than installing any EAR application file.

You can download and install PerfApp servlet from following links else visit IBM support portal
http://www.oracledbasupport.co.uk/wp-content/uploads/2010/09/perfServletApp.ear
http://www.oracledbasupport.co.uk/wp-content/uploads/2010/09/perfServletApp.war

http://%Server_name%:9080/wasPerfTool/servlet/perfservlet?module=beanModule+jvmRuntimeModule

Above URL will produce XML output file as  :http://www.oracledbasupport.co.uk/wp-content/uploads/2010/07/-1.xml

Locate perfServletApp.ear which is generally at installedApps directory under Profiles, goto deployment manager and install this ear file.

Access the performance matrix using URLs  below

Usage:

http://perfServlet_Host:port/wasPerfTool/servlet/perfservlet[?node=<node>&server=<server>&module=<module>]

The module name for which stats are displayed. Modules include the following:

alarmManagerModule

beanModule

cacheModule

connectionPoolModule

jvmRuntimeModule

j2cModule

objectPoolModule

orbPerfModule

schedulerModule

servletSessionsModule

systemModule

threadPoolModule

transactionModule

webAppModule

webServicesModule

wlmModule

wsgwModule

Node

The servlet can limit the information it provides to a specific host by using the node parameter.
http://Server1:9080/wasPerfTool/servlet/perfservlet?node=Server1_Node01

Server

The servlet can limit the information it provides to a specific server by using the server parameter.

For example, in order to limit the data collection to the server on all nodes, invoke the following URL:
http://Server1:9080/wasPerfTool/servlet/perfservlet?server=server_member1

To limit the data collection to the server invoke the following URL:
http://Server1:9080/wasPerfTool/servlet/perfservlet?node=Server1_Node01&server=server_member1

Module

The servlet can limit the information it provides to a specific PMI module by using the module parameter.
You can request multiple modules by using the following URL:
http://Server1:9080/wasPerfTool/servlet/perfservlet?module=beanModule+jvmRuntimeModule

For example, to limit the data collection to the beanModule on all servers and nodes, invoke the following URL:
http://Server1:9080/wasPerfTool/servlet/perfservlet?module=beanModule

To limit the data collection to the beanModule on the server ‘testserver’ on the node rjones, invoke the following URL:
http://Server1:9080/wasPerfTool/servlet/perfservlet?node=rjones&server=testserver&module=beanModule

To find the list of the modules, invoke the PerfServlet help with the following URL:
http://Server1:9080/wasPerfTool/servlet/perfservlet?action=help

http://Server1:9080/wasPerfTool/servlet/perfservlet?node=Server01_Node01&server=server_member1&module=jvmRuntimeModule

Problem : I have websphere systems which are roll forwarded in future and then rolled back to current date. Certain times I get SSL errors in my log despite setting option to replace expired certificates at deployment manager.

The certificate expiration monitor task runs under the deployment manager process.

The certificate expiration monitor administrative task cycles through all the keystores that are configured in the security.xml file and reports on any certificates that expire within a specified threshold, which is typically within 30 days.

The default self-signed certificate on each node expires 365 days after creation. You can modify the certificate validity period by changing the default value for the com.ibm.ssl.defaultCertReqDays=365 property in the ssl.client.props global property area for clients. You can also specify this property as a security custom property on the administrative console. Click Security > Secure administration, applications, and infrastructure > Custom properties.

The expiration monitor automatically replaces only self-signed certificates that meet the expiration threshold criteria.

<wsSchedules xmi:id=”WSSchedule_2″ name=”ExpirationMonitorSchedule” frequency=”28″ dayOfWeek=”1″ hour=”21″ minute=”30″ nextStartDate=”1312144223207″/>
<wsNotifications xmi:id=”WSNotification_1″ name=”MessageLog” logToSystemOut=”true” emailList=””/>
<wsCertificateExpirationMonitor xmi:id=”WSCertificateExpirationMonitor_1″ name=”Certificate Expiration Monitor” autoReplace=”true” daysBeforeNotification=”60″ isEnabled=”true” wsNotification=”WSNotification_1″ wsSchedule=”WSSchedule_2″/>

To replace all of the signers from the old certificate with the signer that belongs to the new certificate in all the keystores in the configuration for that cell, set the autoReplace attribute to true.

When the deleteOld attribute is true, the old personal certificate and old signers also are deleted from the keystores.

The isEnabled attribute determines whether the expiration monitor task runs based upon the nextStartDate attribute that is derived from the schedule. The nextStartDate attribute is derived from the schedule in milliseconds since 1970, and is identical to the System.currentTimeMillis(). If the nextStartDate has already passed when an expiration monitor process begins, and the expiration monitor is enabled, the task is started, but a new nextStartDate value is established based on the schedule.

<wsNotifications xmi:id=”WSNotification_1″ name=”MessageLog” logToSystemOut=”true” emailList=””/>

For expiration monitor notifications, you can select message log, e-mail using SMTP server, or both methods of notification. When you configure the e-mail option, use the format user@domain@smtpserver.

To specify multiple e-mail addresses using scripting, you must add a pipe (|) character between entries. When you specify the logToSystemOut attribute, the expiration monitor results are sent to the message log for the environment, which is typically the SystemOut.log file.

Websphere connection manager generally will timeout orphaned connections and send it back to connection pool for reuse. If threads do timeout waiting for connection, connection manager will raise Connectionwaittimeoutexception at websphere logs.

Common reason for connection leak is , application not using connection.close() call at finally{} code block. When trace is enabled, Websphere connection pool manager will print stack traces detailing how long connection been in use.

It only prints trace information if connection was in use for more than 10 seconds. This interval is unchangeable without IBM support assistance.

Let’s gather connection leak trace …
Navigate to Logging and Tracing > %Application_Server_Name%> Diagnostic Trace Service > Change Log Detail Level

Alter the logging level as “*=info: ConnLeakLogic=finest”

If you want to see all options availble click on “ConnLeakLogic” which will give you options like screenshot below, select finest.

You may have to restart Application server to see log being created $WAS_HOME/Profiles/node/logs/%Server_Name%/trace.log
Search Trace.log for keyword “Connection Leak Logic Information”. If present you know there are connections being used for more than 10 sec.

In an example above doGet method is using connection for 20 sec i.e 10 sec ping time +11 sec in use time.

Environment :   Websphere 6.1 Vertical Cluster, 2 JVMS

I have websphere servers which time travel in the future. Normally we don’t go forward over an year which is what SSL is valid for but when we cross that date we have problems. The application state changes to “unknown” as nodeagent fails to communicate with dmgr.

Please also read GSK_ERROR_BAD_CERT error configuring SSL between Plug-in and Application Server V6.1

When I tried synchronizing Node Agent with JVMs it returned following error message

When I tried synchronizing Node Agent with JVMs it returned following error message The nodeagent log flashed following messages : tail -f  /opt/IBM/WebSphere/AppServer/profiles/Profile01/Node/logs/nodeagent/SystemOut.log

[12/04/11 06:58:23:313 BST] 00000017 WSX509TrustMa E CWPKI0311E: The certificate with subject DN CN=172.30.9.24, O=IBM, C=US has a start date Fri Aug 12 01:35:46 BST 2011 which is valid after the current date/time.  This will can happen if the client’s clock is set earlier than the server’s clock.   Please verify the clocks are in sync between this client and server and retry the request. Forwarded IOR failed with: CAUGHT_EXCEPTION_WHILE_CONFIGURING_SSL_CLIENT_SOCKET: JSSL0080E: javax.net.ssl.SSLHandshakeException – The client and server could not negotiate the desired level of security.  Reason: com.ibm.jsse2.util.h: Certificate not valid yet

Easy Solution :

Create new set of SSL certificate else change sysdate to SSL valid date and restart websphere services

If you can’t pickup easiest solution then long  process to correct this issue is below:

I have this issue today again when system was moved to date in the future. Since I have some time in hand , lets find out where things are going wrong.

DMGR LOG ERROR : /opt/IBM/WebSphere/AppServer/profiles/Profile01/dmgr/logs/dmgr/SystemOut.log
[10/23/11 6:42:06:982 BST] 0000001f ORBRas        E com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl createSSLSocket ProcessDiscovery : 0 JSSL0080E: javax.net.ssl.SSLHandshakeException – The client and server could not negotiate the desired level of security.  Reason: com.ibm.jsse2.util.h: No trusted certificate found javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.h: No trusted certificate found

NODE LOG Error : /opt/IBM/WebSphere/AppServer/profiles/Profile01/Node/logs/nodeagent/SystemOut.log
[10/23/11 6:42:07:228 BST] 0000001c SystemOut     O CWPKI0022E: SSL HANDSHAKE FAILURE:  A signer with SubjectDN “CN=Server1.domain.com, O=IBM, C=US” was sent from target host:port “172.30.9.63:8879”.  The signer may need to be added to local trust store “/opt/IBM/WebSphere/AppServer/profiles/Profile01/Node/config/cells/Server1_Cell/trust.p12” located in SSL configuration alias “NodeDefaultSSLSettings” loaded from SSL configuration file “security.xml”.  The extended error message from the SSL handshake exception is: “No trusted certificate found”.
[10/23/11 6:42:07:228 BST] 0000001c SystemOut     O
[10/23/11 6:42:07:238 BST] 0000001c ServiceLogger I com.ibm.ws.ffdc.IncidentStreamImpl initialize FFDC0009I: FFDC opened incident stream file /opt/IBM/WebSphere/AppServer/profiles/Profile01/Node/logs/ffdc/nodeagent_0000001c_11.10.23_06.42.07_0.txt

We need to locate how many keystore (key.p12 or similar)  are there under WAS profile.

$ find /opt/IBM/WebSphere/AppServer/profiles/Profile01  -name “key.p12” -type f -ls
738613    4 -rw-rw-r–   1 was61    was61        1554 Jul 13  2010 ./dmgr/etc/key.p12
738621    4 -rw-rw-r–   1 was61    was61        2810 Oct 23 02:02 ./dmgr/config/cells/Server1Cell/key.p12
738624    4 -rw-rw-r–   1 was61    was61        2802 Jul 13  2010 ./dmgr/config/cells/Server1Cell/nodes/Server1Node01/key.p12
1098641    4 -rw-rw-r–   1 was61    was61        1554 Jul 13  2010 ./Node/etc/key.p12
1098643    4 -rw-rw-r–   1 was61    was61        2802 Oct  7  2010 ./Node/config/cells/Server1Cell/key.p12
1098646    4 -rw-rw-r–   1 was61    was61        2802 Jul 13  2010 ./Node/config/cells/Server1Cell/nodes/Server1Node01/key.p12

From the list above it’s clear there is a diff between files at DMGR & Cell level. You can open those keystores using ikeyman to look at SSL certificates in them.

The master key file here is   ./dmgr/config/cells/Server1Cell/key.p12 so I need to manually copy it at other dmgr locations  but not NODEAGENT directories.

[was61@ Profile01]$ cp ./dmgr/config/cells/Server1Cell/key.p12 ./dmgr/config/cells/Server1Cell/nodes/Server1Node01/key.p12
[was61@ Profile01]$ cp ./dmgr/config/cells/Server1Cell/key.p12 ./dmgr/etc/key.p12

[was61@ Profile01]$ find .  -name “key.p12” -type f -ls
212994    4 -rw-rw-r–   1 was61    was61        2810 Oct 24 00:07 ./dmgr/etc/key.p12
738621    4 -rw-rw-r–   1 was61    was61        2810 Oct 23 02:02 ./dmgr/config/cells/Server1Cell/key.p12
738624    4 -rw-rw-r–   1 was61    was61        2810 Oct 24 00:06 ./dmgr/config/cells/Server1Cell/nodes/Server1Node01/key.p12

1098641    4 -rw-rw-r–   1 was61    was61        1554 Jul 13  2010 ./Node/etc/key.p12
1098643    4 -rw-rw-r–   1 was61    was61        2802 Oct  7  2010 ./Node/config/cells/Server1Cell/key.p12
1098646    4 -rw-rw-r–   1 was61    was61        2802 Jul 13  2010 ./Node/config/cells/Server1Cell/nodes/Server1Node01/key.p12

[was61@Server1 Profile01]$ alias dmgrlog
alias dmgrlog=’tail -f /opt/IBM/WebSphere/AppServer/profiles/Profile01/dmgr/logs/dmgr/SystemOut.log’
[was61@Server1 Profile01]$ alias nodelog
alias nodelog=’tail -f /opt/IBM/WebSphere/AppServer/profiles/Profile01/Node/logs/nodeagent/SystemOut.log’
[was61@Server1 Profile01]$ rm /opt/IBM/WebSphere/AppServer/profiles/Profile01/Node/logs/nodeagent/SystemOut.log

[was61@Server1 Profile01]$ /opt/IBM/WebSphere/AppServer/profiles/Profile01/dmgr/bin/startManager.sh
ADMU0116I: Tool information is being logged in file
/opt/IBM/WebSphere/AppServer/profiles/Profile01/dmgr/logs/dmgr/startServer.log
ADMU0128I: Starting tool with the dmgr profile
ADMU3100I: Reading configuration for server: dmgr
ADMU3200I: Server launched. Waiting for initialization status.
ADMU3000I: Server dmgr open for e-business; process id is 17088

[was61@Server1 Profile01]$ cd /opt/IBM/WebSphere/AppServer/profiles/Profile01/Node/bin/
[was61@Server1 bin]$ ./syncNode.sh Server1 8879
ADMU0116I: Tool information is being logged in file
/opt/IBM/WebSphere/AppServer/profiles/Profile01/Node/logs/syncNode.log
ADMU0128I: Starting tool with the Node profile

*** SSL SIGNER EXCHANGE PROMPT ***
SSL signer from target host 172.30.9.63 is not found in trust store /opt/IBM/WebSphere/AppServer/profiles/Profile01/Node/etc/trust.p12.

Here is the signer information (verify the digest value matches what is displayed at the server):
Subject DN:    CN=Server1.domain.com, O=IBM, C=US
Issuer DN:     CN=Server1.domain.com, O=IBM, C=US
Serial number: 1319331734885809000
Expires:       Sun Oct 21 02:02:14 BST 2012
SHA-1 Digest:  F2:BD:CB:E8:28:0B:66:2E:EA:1C:71:BE:0F:D7:24:BB:16:98:54:FF
MD5 Digest:    72:94:EC:FC:9B:10:1A:1E:B6:DF:AA:21:F5:FF:3A:23

Add signer to the trust store now? (y/n) y
A retry of the request may need to occur if the socket times out while waiting for a prompt response.  If the retry is required, note that the prompt will not be redisplayed if (y) is entered, which indicates the signer has already been added to the trust store.
ADMU0401I: Begin syncNode operation for node Server1_Node01 with
Deployment Manager Server1: 8879
ADMU0016I: Synchronizing configuration between node and cell.
ADMU0402I: The configuration for node Server1_Node01 has been synchronized
with Deployment Manager Server1: 8879

Start NodeAgent now and look at nodeagent log for any SSL errors

[was61@Server1 bin]$ /opt/IBM/WebSphere/AppServer/profiles/Profile01/Node/bin/startNode.sh
ADMU0116I: Tool information is being logged in file
/opt/IBM/WebSphere/AppServer/profiles/Profile01/Node/logs/nodeagent/startServer.log
ADMU0128I: Starting tool with the Node profile
ADMU3100I: Reading configuration for server: nodeagent
ADMU3200I: Server launched. Waiting for initialization status.
ADMU3000I: Server nodeagent open for e-business; process id is 17660

Let’s compare again   key SSL files at different directoriesunder dmgr & nodeagent

[was61@Server1 Profile01]$ find .  -name “key.p12” -type f -ls
212994    4 -rw-rw-r–   1 was61    was61        2810 Oct 24 00:07 ./dmgr/etc/key.p12
738621    4 -rw-rw-r–   1 was61    was61        2810 Oct 23 02:02 ./dmgr/config/cells/Server1_Cell/key.p12
738624    4 -rw-rw-r–   1 was61    was61        2810 Oct 24 00:06 ./dmgr/config/cells/Server1_Cell/nodes/Server1_Node01/key.p12
1098641    4 -rw-rw-r–   1 was61    was61        1554 Jul 13  2010 ./Node/etc/key.p12
1098643    4 -rw-rw-r–   1 was61    was61        2810 Oct 23 02:02 ./Node/config/cells/Server1_Cell/key.p12
1098646    4 -rw-rw-r–   1 was61    was61        2810 Oct 24 00:06 ./Node/config/cells/Server1_Cell/nodes/Server1_Node01/key.p12

Serverstatus returned following SUCCESSFUL status:

ADMU0116I: Tool information is being logged in file
/opt/IBM/WebSphere/AppServer/profiles/Profile01/Node/logs/serverStatus.log
ADMU0128I: Starting tool with the Node profile
ADMU0503I: Retrieving server status for all servers
ADMU0505I: Servers found in configuration:
ADMU0506I: Server name: server_member2
ADMU0506I: Server name: server_member1
ADMU0506I: Server name: ihs-prpc
ADMU0506I: Server name: nodeagent
ADMU0508I: The Application Server “server_member2” is STARTED
ADMU0508I: The Application Server “server_member1” is STARTED
ADMU0508I: The Web server “ihs-prpc” is RUNNING
ADMU0508I: The Node Agent “nodeagent” is STARTED

Individual JVMs are working OK. Status is Green than “unknown” listed previously.

1. Download WAS plugin for Nagios from here.

2. Place check_was, check_was-<version>.jar and check_was.profiles in the same directory (e.g. /opt/plugins/custom). Make sure check_was is executable by your Nagios user

For my example here, I have following parameters:

Check_was.sh

#!/bin/sh
PLUGIN_HOME=/home/was61/check_was-0.3
JAVA_HOME=/opt/IBM/WebSphere/AppServer/java
WAS_HOME=/opt/IBM/WebSphere/AppServer

$JAVA_HOME/bin/java -Dplugin.home=”$PLUGIN_HOME” -cp $PLUGIN_HOME/check_was-0.3.jar:$WAS_HOME/runtimes/com.ibm.ws.admin.client_6.1.0.jar:$WAS_HOME/runtimes/com.ibm.ws.webservices.thinclient_6.1.0.jar:$WAS_HOME/plugins/com.ibm.ws.security.crypto_6.1.0.jar com.googlecode.nagioswas.Run $*  2> /dev/null

See relevant Jar files above are at respective directories.

“Server_member1″ is name of Application Server (JVM) so add parameters for each JVM suffixed with name of JVM

# I am running websphere with no ADMIN security enabled
server_member1.hostname=Server1
server_member1.port=8882 (Locate SOAP port number from  (DMGR->Servers -> Relevant Application Server -> Communications -> Ports)
server_member1.username=user1
server_member1.password=abcd
server_member1.securityenabled=false

3. Update check_was by setting the environment variables at the start of the script to the appropriate values for your server.

JAVA_HOME : must point to an IBM JRE/JDK.
WAS_HOME  : needs to point to a directory that contains a directory named “runtimes” containing the following WAS libraries: com.ibm.ws.admin.client_<version>.jar and com.ibm.ws.webservices.thinclient_<version>.jar. If you run the plugin on the same server as WAS, WAS_HOME should point to the WAS install directory.

Edit check_was.servers. This file should contain the configuration to connect to your WAS server.

For each server, the following properties should be provided:
<server alias>.hostname=<the hostname or IP of the WAS server>
<server alias>.port=<the port of the SOAP connector on the server, e.g. 8880>
<server alias>.username=<the admin user name>
<server alias>.password=<the admin password>
<server alias>.securityenabled=<true if security is enabled, false otherwise>
<server alias>.truststore=<the path to the keystore containing the certificated to be used for SSL. If you are running the plugin on your WAS server and use the default WAS keystores, this should point to etc/trust.p12 in your profile>
<server alias>.truststorepassword=<the password for the trust store>
<server alias>.keystore=<the path to the keystore containing the private key to be used for SSL. If you are running the plugin on your WAS server and use the default WAS keystores, this should point to etc/key.p12 in your profile>
<server alias>.keystorepassword=<the password for the key store>

-w sets the threshold percent used for issuing warnings
-c sets the threshold percent used for issuing critical issues
-p sets the server name in check_was.servers to be used
<server name>  : JVM used with scripts stopServer.sh/startServer.sh here server_member1

Monitor JVM heapSize :
JVM heapsize is provided for the entire server. It is measured as: percent used/maximum configured
To Monitor, check_was -s heapsize -w 80 -c 90 -p <server name>

[was61@Server1 check_was-0.3]$ ./check_was -s heapsize -w 80 -c 90 -p server_member1
OK – heapsize: 1048576/2097152 (50.0%)|heapsize=50.0%;80;90;

MonitorLiveSessions :
Live session usage can be monitored for the entire server (all hosts) or with a named host. It is measured as: Number of live sessions

To monitor,
[was61@Server1 check_was-0.3]$ ./check_was -s sessions -w 200 -c 400 -p server_member1
OK – live sessions: total 0, default_hostCTI 0, default_hostprsysmgmt 0, default_hostprweb 0, default_hostprdbutil 0|total=0.0;200;400; default_hostcti=0.0;200;400; default_hostprsysmgmt=0.0;200;400; default_hostprweb=0.0;200;400; default_hostprdbutil=0.0;200;400;

MonitorJdbcConnectionPools:
JDBC connection pool usage can be monitored for the entire server (all connection pools) or with a named connection pool. It is measured as: percent used/maximum configured

To monitor :
[was61@Server1 check_was-0.3]$ ./check_was -s connectionpool -w 80 -c 90 -p server_member
OK – connection pool size: Oracle JDBC Driver 5/100 (5.0%)|oraclejdbcdriver=5.0%;80;90;

MonitorThreadPools :
Thread pool usage can be monitored for the entire server (all thread pools) or with a named thread pool. It is measured as: percent used/maximum configured

To monitor :
[was61@Server1 check_was-0.3]$ ./check_was -s threadpool -w 80 -c 90 -p server_member1
CRITICAL – thread pool size: WebContainer 4/100 (4.0%), SoapConnectorThreadPool 3/5 (60.0%), SIBFAPInboundThreadPool 0/50 (0.0%), HAManager.thread.pool 2/2 (100.0%), MessageListenerThreadPool 0/50 (0.0%), ORB.thread.pool 0/50 (0.0%), SIBFAPThreadPool 2/50 (4.0%), ProcessDiscovery 1/2 (50.0%), TCPChannel.DCS 3/20 (15.0%)|webcontainer=4.0%;80;90; soapconnectorthreadpool=60.0%;80;90; sibfapinboundthreadpool=0.0%;80;90; hamanager_thread_pool=100.0%;80;90; messagelistenerthreadpool=0.0%;80;90; orb_thread_pool=0.0%;80;90; sibfapthreadpool=4.0%;80;90; processdiscovery=50.0%;80;90; tcpchannel_dcs=15.0%;80;90;

# Manually sync the node with syncNode.sh, point to the SOAP connector (default is 8879) on the DMGR server.
See example
./syncNode.sh dmgrhost 8879 -username websphere -password webfear

./dmgr/config/cells/server1_Cell/security.xml :
useLocalSecurityServer=”true” useDomainQualifiedUserNames=”false” enabled=”true” cacheTimeout=”600″ issuePermissionWarning=”false” activeProtocol=”BOTH” enforceJava2Security=”false” enforceFineGrainedJCASecurity=”false” appEnabled=”false” dynamicallyUpdateSSLConfig=”true” activeAuthMechanism=”LTPA_1″ activeUserRegistry=”WIMUserRegistry_1″ defaultSSLSettings=”SSLConfig_1″>

./Node/config/cells/server1_Cell/security.xml
useLocalSecurityServer=”true” useDomainQualifiedUserNames=”false” enabled=”false” cacheTimeout=”600″ issuePermissionWarning=”true” activeProtocol=”BOTH” enforceJava2Security=”false” enforceFineGrainedJCASecurity=”false” appEnabled=”false” dynamicallyUpdateSSLConfig=”true” activeAuthMechanism=”LTPA_1″ activeUserRegistry=”WIMUserRegistry_1″ defaultSSLSettings=”SSLConfig_1″>