Contents


Retrieve performance metrics from the WebSphere Liberty profile, Part 1

Setup and configuration

Comments

Content series:

This content is part # of # in the series: Retrieve performance metrics from the WebSphere Liberty profile, Part 1

Stay tuned for additional content in this series.

This content is part of the series:Retrieve performance metrics from the WebSphere Liberty profile, Part 1

Stay tuned for additional content in this series.

The IBM WebSphere Liberty profile provides performance metrics by using the monitor feature, which conforms to the Java® Management Extension (JMX) standard. This tutorial series explains how to use Jython scripts to retrieve these metrics by using the REST Connector API to connect to a Liberty server or to a Liberty collective controller. In this part, you set up the environment by installing and configuring the Liberty profile, collective controller, and collective member. You also see how to use the Liberty Feature Repository in local mode.

Set up the environment

For this tutorial, you download, install, and configure the following components on a Red Hat Enterprise Linux® 6 server:

Download the files

By using the previous links, download the following files to your /tmp directory:

  • wlp-webProfile7-8.5.5.8.zip
  • wlp-featureRepo-8.5.5.8.zip
  • ibm-java-sdk-8.0-1.10-i386-archive.bin (or ibm-java-jre-8.0-1.10-i386-archive.bin)
  • jython-standalone-2.7.0.jar

Install the software

Set up the environment, and then install Java, the Liberty profile, the Liberty Repository, and Jython:

  1. Set up the environment:
    1. Create a script to set up the environment:
      $ mkdir <path_where_wlp_will_be>
      $ cd <path_where_wlp_will_be>
      $ vi wlp_setup_env.sh

      Listing 1 shows the contents of the script file.

      Listing 1. The wlp_setup_env.sh script
      #!/bin/sh
      export WLP_DIR=<path_where_wlp_will_be>
      export JAVA_DIR=<path_where_java_will_be>
      export PATH=$JAVA_DIR/bin:$PATH
      export JAVA_HOME=$JAVA_DIR
    2. Locate the source file to set up the environment variables:
      $ . ./wlp_setup_env.sh
  2. Install Java:
    $ cd /tmp
    $ chmod +x ibm-java-sdk-8.0-1.10-i386-archive.bin
    $ ./ibm-java-sdk-8.0-1.10-i386-archive.bin -i console
    <...follow the instructions to install Java 8 in $JAVA_DIR directory...>
  3. Install the WebSphere Liberty profile:
    $ cd $WLP_DIR
    $ unzip /tmp/wlp-webProfile7-8.5.5.8.zip
  4. Install the WebSphere Liberty Feature Repository:
    $ mkdir $WLP_DIR/wlp/feature_repository
    $ cd $WLP_DIR/wlp/feature_repository
    $ unzip /tmp/wlp-featureRepo-8.5.5.8.zip

    By adding the WebSphere Liberty Feature Repository, you do not need an Internet connection to configure the Liberty servers.

  5. Install Jython so that you can write the scripts:
    $ mkdir $WLP_DIR/wlp/jython
    $ cd $WLP_DIR/wlp/jython
    $ cp /tmp/jython-standalone-2.7.0.jar .

Create and configure the Liberty servers

Of the two Liberty servers that you create, one is the controller server (referred to as the controller). The controller server will have the collective controller feature. The other server is called server1, which will become the collective member later in this part.

To create and configure the Liberty servers:

  1. Go to the Liberty profile directory:
    $ cd $WLP_DIR/wlp/bin
  2. Create the server:
    $ ./server create server1

    The confirmation message is displayed:

    Server server1 created.
  3. Create the controller.
    $ ./server create controller

    The confirmation message is displayed:

    Server controller created.
  4. Define the controller server as a collective controller, replacing <controller_hostname> with the host name for your controller:
    $ ./collective create controller --keystorePassword=wlpadmin --hostName=<controller_hostname>

    In this command:

    • The --hostName option generates the Secure Sockets Layer (SSL) certificate with a descriptive host name. If you do not use this option, the command might use a host name that could cause an error.
    • The --createConfigFile option generates a file that is configured to append to the server.xml file.

    Listing 2 shows the output of this command, which contains a template that you will include in the server.xml file (shown in Listing 4).

    Listing 2. Output for creating the collective controller
    Creating required certificates to establish a collective...
    This may take a while.
    Successfully generated the controller root certificate.
    Successfully generated the member root certificate.
    Successfully generated the server identity certificate.
    Successfully generated the HTTPS certificate.
    
    Successfully set up collective controller configuration for controller
    
    Add the following lines to the server.xml to enable:
    
      <featureManager>
        <feature>collectiveController-1.0</feature>
      </featureManager>
    
      <!-- Define the host name for use by the collective.
        If the host name needs to be changed, the server should be
        removed from the collective and re-joined or re-replicated. -->
      <variable name="defaultHostName" value="<controller_hostname>" />
    
      <!-- TODO: Set the security configuration for Administrative access -->
      <quickStartSecurity userName="" userPassword="" />
    
      <!-- clientAuthenticationSupported set to enable bidirectional trust -->
      <ssl id="defaultSSLConfig"
        keyStoreRef="defaultKeyStore"
        trustStoreRef="defaultTrustStore"
        clientAuthenticationSupported="true" />
    
      <!-- inbound (HTTPS) keystore -->
        <keyStore id="defaultKeyStore" password="{xor}KDMvPjsyNjE="
          location="${server.config.dir}/resources/security/key.jks" />
    
      <!-- inbound (HTTPS) truststore -->
        <keyStore id="defaultTrustStore" password="{xor}KDMvPjsyNjE="
          location="${server.config.dir}/resources/security/trust.jks" />
    
        <!-- server identity keystore -->
        <keyStore id="serverIdentity" password="{xor}KDMvPjsyNjE="
          location="${server.config.dir}/resources/collective/serverIdentity.jks" />
    
      <!-- collective trust keystore -->
      <keyStore id="collectiveTrust" password="{xor}KDMvPjsyNjE="
        location="${server.config.dir}/resources/collective/collectiveTrust.jks" />
    
      <!-- collective root signers keystore -->
      <keyStore id="collectiveRootKeys" password="{xor}KDMvPjsyNjE="
        location="${server.config.dir}/resources/collective/rootKeys.jks" />
    
    
      Please ensure administrative security is configured for the server.
      An administrative user is required to join members to the collective.
  5. Optional: Check that the truststore and key files are created:
    $ ls -l  $WLP_DIR/wlp/usr/servers/controller/resources/security/

    As shown in Listing 3, the truststore file (trust.jks) and key file (key.jks) are created.

    Listing 3. The truststore and key files
    total 8
    -rw-r----- 1 usr grp 3139 Oct  9 10:17 key.jks
    -rw-r----- 1 usr grp 1932 Oct  9 10:17 trust.jks
  6. Update the server.xml file for the controller (see Listing 4):
    $ vi $WLP_DIR/wlp/usr/servers/controller/server.xml

    In the server.xml file, for the <controller_hostname> variable, use the host name of your controller. Also, in this file, note the following details:

    • The <accessLogging/> variable creates the $WLP_DIR/wlp/usr/servers/controller/logs/http_access.log file.
    • The server URL is http://<defaultHostName>:<httpPort>/.
    • The collectiveController-1.0 feature creates the $WLP_DIR/wlp/usr/servers/controller/resources/collective/ directory.
    Listing 4. The controller server.xml file
    <?xml version="1.0" encoding="UTF-8"?>
      <server description="controller">
    
        <featureManager>
          <feature>webProfile-7.0</feature>
          <feature>collectiveController-1.0</feature>
        </featureManager>
    
        <httpEndpoint id="defaultHttpEndpoint" httpPort="9080" httpsPort="9443">
          <accessLogging/>
        </httpEndpoint>
    
        <variable name="defaultHostName" value="<controller_hostname>" />
    
        <quickStartSecurity userName="wlpadmin" userPassword="wlpadmin" />
    
        <ssl id="defaultSSLConfig" keyStoreRef="defaultKeyStore"
           trustStoreRef="defaultTrustStore" clientAuthenticationSupported="true" />
    
        <!-- inbound (HTTPS) keystore -->
        <keyStore id="defaultKeyStore" password="{xor}KDMvPjsyNjE="
         location="${server.config.dir}/resources/security/key.jks" />
    
        <!-- inbound (HTTPS) truststore -->
        <keyStore id="defaultTrustStore" password="{xor}KDMvPjsyNjE="
         location="${server.config.dir}/resources/security/trust.jks" />
    
        <!-- server identity keystore -->
        <keyStore id="serverIdentity" password="{xor}KDMvPjsyNjE="
         location="${server.config.dir}/resources/collective/serverIdentity.jks" />
    
        <!-- collective trust keystore -->
        <keyStore id="collectiveTrust" password="{xor}KDMvPjsyNjE="
         location="${server.config.dir}/resources/collective/collectiveTrust.jks" />
    
        <!-- collective root signers keystore -->
        <keyStore id="collectiveRootKeys" password="{xor}KDMvPjsyNjE="
         location="${server.config.dir}/resources/collective/rootKeys.jks" />
    
      </server>
  7. Check the collective directory:
    $ ls -l $WLP_DIR/wlp/usr/servers/controller/resources/collective/

    Listing 5 shows the contents of the collective directory.

    Listing 5. Contents of the collective directory
    total 20
    -rw-r----- 1 usr grp 1932 Oct  9 10:17 collectiveTrust.jks
    -rw-r----- 1 usr grp 36 Oct  9 10:17 collective.uuid
    -rw-r----- 1 usr grp 4510 Oct  9 10:17 rootKeys.jks
    -rw-r----- 1 usr grp 3259 Oct  9 10:17 serverIdentity.jks

Error message CWWKF0001E: Do not attempt to start the controller now. If you do, you see the following error message:
[ERROR] CWWKF0001E: A feature definition could not be found for collectivecontroller-1.0

Next, you need to add the collective controller feature to your installation.

Configure the installUtility command for the local repository

By default, the installUtility command tries to connect to the feature repository on the Internet. Configure the command to use a local repository:

  1. Get the default installUtility settings:
    $ cd $WLP_DIR/wlp/bin
    $ ./installUtility viewSettings

    Listing 6 shows the default settings.

    Listing 6. Default settings for the installUtility command
    No user configuration detected. The IBM WebSphere Liberty Repository is
    the default assets repository.
    
    To customize installUtility settings, create a repositories.properties
    file at the following location:
    $WLP_DIR/wlp/etc/repositories.properties
    
    Use the following sample as a template to create your own
    repositories.properties file. Uncomment the lines marked by a single #
    character, and replace the values with your own customized values.
    ----------------------------------------------------------------------
    ######################################################################
    ## ## Using the online IBM WebSphere Liberty Repository ##
    ## Set the useDefaultRepository property to false to prevent
    ## installUtility from accessing the internet to connect to the
    ## IBM WebSphere Liberty Repository repository. By default, access
    ## is enabled.
    ## -------------------------------------------------------------------
    #useDefaultRepository=false
    
    ######################################################################
    ## ## Using custom repositories ##
    ## installUtility can install assets from directory-based repositories
    ## and hosted instances of the Liberty Asset Repository Service.
    ## Provide a repository name and either the directory path or URL to
    ## each custom repository containing Liberty assets.
    ## The repositories are accessed in the order that they are specified.
    
    ## Specify the name and file path or URL
    ## to directory-based repositories.
    ## -------------------------------------------------------------------
    #localRepositoryName1.url=/usr/LibertyRepository1
    #localRepositoryName2.url=file:/usr/LibertyRepository2
    
    ## Specify the name and URL to hosted repositories.
    ## -------------------------------------------------------------------
    #hostedRepositoryName1.url=http://w3.mycompany.com/repository
    #hostedRepositoryName2.url=https://w3.mycompany.com/secure/repository
    
    ## Specify the credentials of each repository, if required.
    ## For enhanced security, encode the value of the .password
    ## property by using the securityUtility encode action.
    ## If you do not set the user and password, you receive a prompt
    ## to provide them.
    ## -------------------------------------------------------------------
    #hostedRepositoryName2.user=username
    #hostedRepositoryName2.password=myPassword
    
    ######################################################################
    ## ## Using a proxy server (optional) ##
    ## If you use a proxy server to access the internet,
    ## specify values for the proxy settings properties.
    ## For enhanced security, encode the value of the proxyPassword
    ## property by using the securityUtility encode action.
    ## If you do not set the proxyUser and proxyPassword, you receive
    ## a prompt to provide them.
    ## -------------------------------------------------------------------
    #proxyHost=hostName
    #proxyPort=3128
    #proxyUser=proxyUsername
    #proxyPassword=myProxyPassword
  2. To specify the local repository, create the $WLP_DIR/wlp/etc/repositories.properties file:
    $ mkdir $WLP_DIR/wlp/etc
    $ vi $WLP_DIR/wlp/etc/repositories.properties

    Listing 7 shows the contents of this file, where the <value of $WLP_DIR> variable is the value of your $WLP_DIR directory.

    Listing 7. Contents of the repositories.properties file
    useDefaultRepository=false
    local_features_repository.url=<value of $WLP_DIR>/wlp/feature_repository
  3. Install the collectiveController-1.0 feature by using the installUtility command:
    $ ./installUtility find collectiveController

    Listing 8 shows the output of the installUtility command.

    Listing 8. The find collectiveController feature
    Establishing a connection to the configured repositories...
    This process might take several minutes to complete.
    
    Successfully connected to all configured repositories.
    
    Searching assets. This process might take several minutes to complete.
    
    feature : collectiveController-1.0 : Collective Controller
  4. Verify that the collectiveController-1.0 feature is not present in the installation:
    1. Verify that the collectiveController-1.0 feature is not in the collectiveController directory:
      $ ls -l $WLP_DIR/wlp/lib/features/*collective*

      As shown in Listing 9, the collectiveController-1.0 feature is not in the collectiveController directory.

      Listing 9. No collectiveController feature in the collectiveController directory
      -rw-r--r-- 1 usr grp 2094 Aug 27 06:23 com.ibm.websphere.appserver.collectiveMember-1.0.mf
    2. Verify that the collectiveController-1.0 feature is not in the collectiveController files:
      $ ls -l $WLP_DIR/wlp/lib/*collective*

      As shown in Listing 10, the feature is not in the collectiveController files.

      Listing 10. No collectiveController feature in the collectiveController files
      -rw-r--r-- 1 usr grp 60621 Aug 27 06:23 com.ibm.websphere.collective_1.3.11.jar
      -rw-r--r-- 1 usr grp 8424 Aug 27 06:23 com.ibm.websphere.collective.plugins_1.0.11.jar
      -rw-r--r-- 1 usr grp 22283 Aug 27 06:23 com.ibm.websphere.collective.singleton_1.0.11.jar
      -rw-r--r-- 1 usr grp 255072 Aug 27 06:23 com.ibm.ws.collective.member_1.1.11.jar
      -rw-r--r-- 1 usr grp 76661 Aug 27 06:23 com.ibm.ws.collective.repository.client_1.1.11.jar
      -rw-r--r-- 1 usr grp 73563 Aug 27 06:23 com.ibm.ws.collective.routing.member_1.0.11.jar
      -rw-r--r-- 1 usr grp 109041 Aug 27 06:23 com.ibm.ws.collective.singleton_1.0.11.jar
      -rw-r--r-- 1 usr grp 328398 Aug 27 06:23 com.ibm.ws.collective.utility_1.0.11.jar
  5. Install the collectiveController-1.0 feature by using the installUtility command:
    $ ./installUtility install collectiveController-1.0

    Listing 11 shows the output of this command.

    Listing 11. Output of the collectiveController feature installation
    Establishing a connection to the configured repositories...
    This process might take several minutes to complete.
    
    Successfully connected to all configured repositories.
    
    Preparing assets for installation. This process might take several minutes to complete.
    
    Additional Features Terms & Conditions:
    By clicking on the "I agree" button , you agree that the program code,
    samples, updates, fixes and related licensed materials such as keys and
    documentation ("Code") that you are about to download are subject to
    the terms of the license agreement that you accepted when you acquired
    the Program for which you are obtaining the Code. You further agree
    that you will install or use the Code solely as part of a Program for
    which you have a valid agreement or Proof of Entitlement. The terms
    "Program" and "Proof of Entitlement" have the same meaning as in the
    IBM International Program License Agreement ("IPLA"). The IPLA is
    available for reference at http://www.ibm.com/software/sla/
    
    Select [1] I Agree, or [2] I do not Agree:  1
    
    Step 1 of 7: Downloading servlet-3.0...
    Step 2 of 7: Downloading jaxrs-1.1...
    Step 3 of 7: Downloading collectiveController-1.0...
    Step 4 of 7: Installing servlet-3.0...
    Step 5 of 7: Installing jaxrs-1.1...
    Step 6 of 7: Installing collectiveController-1.0...
    Step 7 of 7: Cleaning up temporary files...
    
    All assets were successfully installed.
    
    Start product validation...
    Product validation completed successfully.
  6. Verify that the collectiveController-1.0 feature is present in the installation:
    $ cd $WLP_DIR/wlp/lib
    $ ls -C1 features/*collective*

    The collectiveController directory is now present as shown in Listing 12.

    Listing 12. The collectiveController feature in the directory
    features/collectiveController-1.0.mf
    features/collective.rest.notify-1.0.mf
    features/com.ibm.websphere.appserver.collectiveMember-1.0.mf
  7. Verify that the collectiveController-1.0 files are present in the installation:
    $ ls -C1 *collective*

    The collectiveController directory is now present as shown in Listing 13.

    Listing 13. The collectiveController feature in the files
    com.ibm.websphere.collective_1.3.11.jar
    com.ibm.websphere.collective.plugins_1.0.11.jar
    com.ibm.websphere.collective.singleton_1.0.11.jar
    com.ibm.ws.collective.controller_1.0.11.jar
    com.ibm.ws.collective.defaultPostTransferAction_1.0.11.jar
    com.ibm.ws.collective.defaultPreTransferAction_1.0.11.jar
    com.ibm.ws.collective.member_1.1.11.jar
    com.ibm.ws.collective.plugins_1.0.11.jar
    com.ibm.ws.collective.repository_1.0.11.jar
    com.ibm.ws.collective.repository.client_1.1.11.jar
    com.ibm.ws.collective.rest_1.0.11.jar
    com.ibm.ws.collective.rest.notify_1.0.11.jar
    com.ibm.ws.collective.routing.controller_1.0.11.jar
    com.ibm.ws.collective.routing.member_1.0.11.jar
    com.ibm.ws.collective.security_1.0.11.jar
    com.ibm.ws.collective.singleton_1.0.11.jar
    com.ibm.ws.collective.utility_1.0.11.jar
  8. Install the adminCenter feature:
    $ cd $WLP_DIR/wlp/bin
    	
    $ ./installUtility find adminCenter
    …
    $ ./installUtility install adminCenter-1.0
    …

You have now set up the Liberty profile local repository and added the collectiveController and adminCenter features to the installation.

Configure the collective controller

To finish configuring the servers, you need to enable the following features:

  • webProfile (default)
  • collectiveController
  • adminCenter
  • monitor (feature that is already installed)

Update the server.xml file for the controller:

$ vi $WLP_DIR/wlp/usr/servers/controller/server.xml

Listing 14 shows the contents of the server.xml file for the controller. In this file, replace the <controller_hostname> variable with the host name of your controller.

Listing 14. Contents of the server.xml file for the controller
<?xml version="1.0" encoding="UTF-8"?>
  <server description="new server">

    <featureManager>
      <feature>webProfile-7.0</feature>
      <feature>collectiveController-1.0</feature>
      <feature>adminCenter-1.0</feature>
      <feature>monitor-1.0</feature>
    </featureManager>

    <httpEndpoint id="defaultHttpEndpoint" httpPort="9080" httpsPort="9443">
      <accessLogging/>
    </httpEndpoint>

    <variable name="defaultHostName" value="<controller_hostname>" />

    <quickStartSecurity userName="wlpadmin" userPassword="wlpadmin" />

    <ssl id="defaultSSLConfig" keyStoreRef="defaultKeyStore"
       trustStoreRef="defaultTrustStore" clientAuthenticationSupported="true" />

    <!-- inbound (HTTPS) keystore -->
    <keyStore id="defaultKeyStore" password="{xor}KDMvPjsyNjE="
      location="${server.config.dir}/resources/security/key.jks" />

    <!-- inbound (HTTPS) truststore -->
    <keyStore id="defaultTrustStore" password="{xor}KDMvPjsyNjE="
      location="${server.config.dir}/resources/security/trust.jks" />

    <!-- server identity keystore -->
    <keyStore id="serverIdentity" password="{xor}KDMvPjsyNjE="
      location="${server.config.dir}/resources/collective/serverIdentity.jks" />

    <!-- collective trust keystore -->
    <keyStore id="collectiveTrust" password="{xor}KDMvPjsyNjE="
      location="${server.config.dir}/resources/collective/collectiveTrust.jks" />

    <!-- collective root signers keystore -->
    <keyStore id="collectiveRootKeys" password="{xor}KDMvPjsyNjE="
      location="${server.config.dir}/resources/collective/rootKeys.jks" />

  </server>

Start the collective controller

To start a Liberty profile, you can run it or start it. In this tutorial, you use the run option.

To start the commands, open at least three terminals for the following objectives:

  • Run the controller.
  • Run server1.
  • Start the UNIX® commands, such as the ps or jython commands.

Then, run the collective controller:

$ cd $WLP_DIR/wlp/bin
$ ./server run controller

As shown in Listing 15, the RESTconnector feature is loaded by default.

Listing 15. Output from running the collective controller
Launching controller (WebSphere Application Server 8.5.5.7/wlp-1.0.10.cl50720150827-0437)
 on IBM J9 VM, version pxi3280sr1fp10-20150711_01 (SR1 FP10) (en_US)
[AUDIT   ] CWWKE0001I: The server controller has been launched.
[AUDIT   ] CWWKE0100I: This product is licensed for development, and limited production
 use. The full license terms can be viewed here:
https://public.dhe.ibm.com/ibmdl/.../8.5.5.7/lafiles/en.html
[AUDIT   ] CWWKZ0058I: Monitoring dropins for applications.
[AUDIT   ] CWWKT0016I: Web application available (default_host): http://<controller_hostname>:9080/IBMJMXConnectorREST/
[AUDIT   ] CWWKT0016I: Web application available (default_host): http://<controller_hosntname>:9080/ibm/api/collective/notify/
[AUDIT   ] CWWKF0012I: The server installed the following features: [jsp-2.3, ejbLite-
3.2, managedBeans-1.0, servlet-3.1, jsf-2.2, beanValidation-1.1, ssl-1.0, jndi-1.0,
 appSecurity-2.0, jsonp-1.0, jdbc-4.1, jaxrs-2.0, restConnector-1.0, el-3.0,
jaxrsClient-2.0, collectiveMember-1.0, collectiveController-1.0, json-1.0, cdi-1.2,
 distributedMap-1.0, webProfile-7.0, websocket-1.1, jpa-2.1].
[AUDIT   ] CWWKF0011I: The server controller is ready to run a smarter planet.
[AUDIT   ] CWWKT0016I: Web application available (default_host): http://<controller_hostname>:9080/ibm/api/

$ ps -ef|grep controller
usr   19785     1 69 09:35 pts/1    00:00:11 $JAVA_DIR/jre/bin/java -javaagent:$WLP_DIR/wlp/bin/tools/ws-javaagent.jar -Djava.awt.headless=true
-jar $WLP_DIR/wlp/bin/tools/ws-server.jar controller

Configure the collective member

To configure the collective member, declare server1 as a collective member, and update the server.xml file for server1:

  1. Add server1 as a collective member. For the <server1_hostname> variable, use your host name for server1. For the <controller_hostname> variable, use the host name for your controller.
    	$ ./collective join server1 --hostname=<server1_hostname> --host=<controller_hostname> --port=9443 --user=wlpadmin --password=wlpadmin --keystorePassword=wlpadmin

    The --hostName option helps the collective command to use the valid host name when it registers to the controller. This command generates the SSL keys as a remote JMX connection to a collective controller to use SSL (Listing 16).

    Listing 16. server1 added as a collective member output
    Joining the collective with target controller <controller_hostname>:9443...
    This may take a while.
    
    SSL trust has not been established with the target server.
    
    Certificate chain information:
    Certificate [0]
    Subject DN: CN=<collective_hostname>, OU=controller, O=ibm, C=us
    Issuer DN: OU=controllerRoot, O=64c5ffc2-06dd-43e6-8d2e-f00507f15541, DC=com.ibm.ws.collective
    Serial Number: 2,162,184,658,260,201
    Expires: 10/11/20 4:16 PM
    SHA-1 digest: AF:15:4D:42:19:53:33:01:5C:7F:F2:90:FB:00:70:BC:24:94:72:E5
    MD5 digest: B2:69:1C:7E:E0:DB:46:98:12:A9:0A:A9:C1:61:D2:9B
    
    Certificate [1]
    Subject DN: OU=controllerRoot, O=64c5ffc2-06dd-43e6-8d2e-f00507f15541, DC=com.ibm.ws.collective
    Issuer DN: OU=controllerRoot, O=64c5ffc2-06dd-43e6-8d2e-f00507f15541, DC=com.ibm.ws.collective
    Serial Number: 2,162,178,883,849,178
    Expires: 10/6/40 4:15 PM
    SHA-1 digest: 18:57:80:1A:2F:E3:FA:7B:0D:8B:24:3F:DF:CC:4D:68:35:EA:7B:94
    MD5 digest: 1F:06:E3:61:FC:AA:00:B4:6E:2E:D5:06:EA:07:73:FE
    
    Do you want to accept the above certificate chain? (y/n) y
    Successfully completed MBean request to the controller.
    
    Successfully joined the collective for server server1
    
    Add the following lines to the server.xml to enable:
    
      <featureManager>
        <feature>collectiveMember-1.0</feature>
      </featureManager>
    
      <!-- Define the host name for use by the collective.
        If the host name needs to be changed, the server should be
        removed from the collective and re-joined or re-replicated. -->
      <variable name="defaultHostName" value="<server1_hostname>" />
    
      <!-- Connection to the collective controller -->
      <collectiveMember controllerHost="<controller_hostname>"
        controllerPort="9443" />
    
      <!-- clientAuthenticationSupported set to enable bidirectional trust -->
      <ssl id="defaultSSLConfig"
        keyStoreRef="defaultKeyStore"
        trustStoreRef="defaultTrustStore"
        clientAuthenticationSupported="true" />
    
      <!-- inbound (HTTPS) keystore -->
      <keyStore id="defaultKeyStore" password="{xor}KDMvPjsyNjE="
        location="${server.config.dir}/resources/security/key.jks" />
    
      <!-- inbound (HTTPS) truststore -->
      <keyStore id="defaultTrustStore" password="{xor}KDMvPjsyNjE="
        location="${server.config.dir}/resources/security/trust.jks" />
    
      <!-- server identity keystore -->
      <keyStore id="serverIdentity" password="{xor}KDMvPjsyNjE="
        location="${server.config.dir}/resources/collective/serverIdentity.jks" />
    
      <!-- collective truststore -->
      <keyStore id="collectiveTrust" password="{xor}KDMvPjsyNjE="
        location="${server.config.dir}/resources/collective/collectiveTrust.jks" />
  2. Check for the presence of the directories:
    $ ls -l $WLP_DIR/wlp/usr/servers/server1/resources/

    Listing 17 shows that the directories are created after you add a member.

    Listing 17. Directories created
    drwxr-x--- 2 usr grp 4096 Oct 14 10:01 collective
    drwxr-x--- 3 usr grp 4096 Oct 14 10:01 security
  3. Check for the presence of the files:
    $ ls -l $WLP_DIR/wlp/usr/servers/server1/resources/collective/

    Listing 18 shows the files that are created after you add a member.

    Listing 18. Files created
    -rw-r----- 1 usr grp 1932 Oct 14 10:01 collectiveTrust.jks
    -rw-r----- 1 usr grp 3258 Oct 14 10:01 serverIdentity.jks
  4. Enable the following features:
    • webProfile (default)
    • collectiveMember (feature that is already installed)
    • monitor (feature that is already installed)

    To enable these features, update the server.xml file for server1:

    $ vi $WLP_DIR/wlp/usr/servers/server1/server.xml

    Listing 19 shows the server.xml file for server1. In this file, the consoleLogLevel is set to INFO to show the collective member that is connecting to the collective controller. Update the <server1_hostname> and <controller_hostname> variables with the host names for your environment.

    Listing 19. The server.xml file for server1
    <?xml version="1.0" encoding="UTF-8"?>
    <server description="new server">
    
        <featureManager>
            <feature>webProfile-7.0</feature>
            <feature>collectiveMember-1.0</feature>
            <feature>monitor-1.0</feature>
        </featureManager>
    
        <httpEndpoint id="defaultHttpEndpoint" httpPort="9081" httpsPort="9444" />
    
        <logging consoleLogLevel="info"/>
    
        <quickStartSecurity userName="wlpadmin" userPassword="wlpadmin" />
    
        <variable name="defaultHostName" value="<server1_hostname>" />
    
        <!-- Connection to the collective controller -->
        <collectiveMember controllerHost="<controller_hostname>" controllerPort="9443" />
    
        <!-- clientAuthenticationSupported set to enable bidirectional trust -->
        <ssl id="defaultSSLConfig" keyStoreRef="defaultKeyStore"
          trustStoreRef="defaultTrustStore" clientAuthenticationSupported="true" />
    
        <!-- inbound (HTTPS) keystore -->
        <keyStore id="defaultKeyStore" password="{xor}KDMvPjsyNjE="
          location="${server.config.dir}/resources/security/key.jks" />
    
        <!-- inbound (HTTPS) truststore -->
        <keyStore id="defaultTrustStore" password="{xor}KDMvPjsyNjE="
          location="${server.config.dir}/resources/security/trust.jks" />
    
        <!-- server identity keystore -->
        <keyStore id="serverIdentity" password="{xor}KDMvPjsyNjE="
          location="${server.config.dir}/resources/collective/serverIdentity.jks" />
    
        <!-- collective truststore -->
        <keyStore id="collectiveTrust" password="{xor}KDMvPjsyNjE="
          location="${server.config.dir}/resources/collective/collectiveTrust.jks" />
    
    </server>

Start the collective member

Run the server1 member:

$ ./server run server1

Listing 20 shows the output of this command. The RESTconnector feature is loaded by default.

Listing 20. Running the server1 member
Launching server1 (WebSphere Application Server 8.5.5.7/wlp-1.0.10.cl50720150827-0437)
on IBM J9 VM, version pxi3280sr1fp10-20150711_01 (SR1 FP10) (en_US)
[AUDIT   ] CWWKE0001I: The server server1 has been launched.
[AUDIT   ] CWWKE0100I: This product is licensed for development, and limited production
 use. The full license terms can be viewed here: https://public.dhe.ibm.com/ibmdl/.../8.5.5.7/lafiles/en.html
[INFO    ] CWWKE0002I: The kernel started after 1.281 seconds
[INFO    ] CWWKF0007I: Feature update started.
[INFO    ] CWWKS0007I: The security service is starting...
[AUDIT   ] CWWKZ0058I: Monitoring dropins for applications.
[INFO    ] CWWKO0219I: TCP Channel defaultHttpEndpoint has been started and is now
 listening for requests on host <server1_hostname>  (IPv4: <hosntname>) port 9081.
[INFO    ] CWWKO0219I: TCP Channel defaultHttpEndpoint-ssl has been started and is now
 listening for requests on host <server1_hostname>  (IPv4: <hostname>) port 9444.
[INFO    ] CWWKS0008I: The security service is ready.
[INFO    ] CWWKS4105I: LTPA configuration is ready after 0.428 seconds.
[INFO    ] DYNA1001I: WebSphere Dynamic Cache instance named baseCache initialized
 successfully.
[INFO    ] DYNA1071I: The cache provider default is being used.
[INFO    ] DYNA1056I: Dynamic Cache (object cache) initialized successfully.
[INFO    ] Value of retry post was already set: false
[AUDIT   ] CWWKF0012I: The server installed the following features: [jsp-2.3,
ejbLite-3.2, managedBeans-1.0, jsf-2.2, beanValidation-1.1, servlet-3.1, ssl-1.0,
jndi-1.0, jsonp-1.0, appSecurity-2.0, jdbc-4.1, jaxrs-2.0, restConnector-1.0,
 jaxrsClient-2.0, el-3.0, collectiveMember-1.0, json-1.0, cdi-1.2, distributedMap-1.0,
 webProfile-7.0, websocket-1.1, jpa-2.1].
[INFO    ] CWWKF0008I: Feature update completed in 2.189 seconds.
[AUDIT   ] CWWKF0011I: The server server1 is ready to run a smarter planet.
[INFO    ] CWWKX8055I: The collective member has established a connection to the collective controller.
[INFO    ] SRVE0169I: Loading Web Module: IBMJMXConnectorREST.
[INFO    ] SRVE0250I: Web Module IBMJMXConnectorREST has been bound to default_host.
[AUDIT   ] CWWKT0016I: Web application available (default_host):
 http://<server1_hostname>:9081/IBMJMXConnectorREST/
[INFO    ] CWWKX0103I: The JMX REST connector is running and is available at the
 following service URL: service:jmx:rest://<server1_hostname>:9444/IBMJMXConnectorREST
[INFO    ] CWWKX0103I: The JMX REST connector is running and is available at the
following service URL: service:jmx:rest://<server1_hostname>:9444/IBMJMXConnectorREST
[INFO    ] CWWKX8122I: The default SSH key-based configuration is being used for the host
authentication configuration.
[INFO    ] CWWKX8123I: The remote host authentication for this server has been configured
as <hostname>:22, user name <usr> with ssh-key authentication.
[INFO    ] SESN8501I: The session manager did not find a persistent storage location;
HttpSession objects will be stored in the local application server's memory.
[INFO    ] CWWKX1000I: The SingletonMessenger MBean is available.
[INFO    ] CWWKX8116I: The server STARTED state was successfully published to the
collective repository.
[INFO    ] CWWKX8114I: The server's paths were successfully published to the collective
repository.
[INFO    ] CWWKX8112I: The server's host information was successfully published to the
collective repository.
[INFO    ] CWWKX7912I: The FileServiceMXBean attribute ReadList was successfully updated.
[INFO    ] CWWKX7912I: The FileServiceMXBean attribute WriteList was successfully updated.

Error CWWKX8133E for the --hostName option

If you do not use the --hostName option with the collective join command, you will see the following error message:

[ERROR   ] CWWKX8133E: The host name of the security identity of the server is different from the current host name. Identity host name: <real_hostname>, current host name: <used_hostname>. This discrepancy will cause certain collective operations to fail.

This error prevents data collection when you use the collective controller. You might then see the error message shown in Listing 21.

Listing 21. CWWKX8133E error message
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
        at com.ibm.ws.jmx.connector.client.rest.internal.RESTMBeanServerConnection.queryMBeans(RESTMBeanServerConnection.java:583)
        at com.ibm.ws.jmx.connector.client.rest.internal.RESTMBeanServerConnection.queryNames(RESTMBeanServerConnection.java:611)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:95)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)
        at java.lang.reflect.Method.invoke(Method.java:507)

java.io.IOException: java.io.IOException: jmx.rest.client.unexpected.server.throwable

To resolve this error:

  1. Delete some of the resource files from server1:
    $ rm -rf $WLP_DIR/wlp/usr/servers/server1/resources/collective/
  2. Remove server1 from the collective:
    $ ./bin/collective remove server1 --host=<controller_hostname> --port=9444 --user=wlpadmin –password=wlpadmin
  3. If needed, use the delete method of the CollectiveRepository MBean:
    >>> mconnection.invoke( repo_mbean, 'delete', ['/sys.was.collectives/local/hosts/<server1_hostname>'], ['java.lang.String'])

For more information about using the CollectiveRepository MBean, see Part 2 of this series.

Explore the performance data in the adminCenter

You use the graphical interface of the adminCenter to view the performance data of the two Liberty profile servers.

To connect to and use the adminCenter (Figure 1):

  1. Enter the following URL (use port 9080) with the user wlpadmin:
    http://<controller_hostname>:<port>/adminCenter
  2. In the Toolbox window, select Explore to have access to all your servers.
  3. Select your server, and click Monitor to see the performance data.
Figure 1. Explore window in adminCenter
adminCenter Explore                     window
adminCenter Explore window

Conclusion

In this tutorial, you learned how to install and configure a WebSphere Liberty profile environment with a controller and by using the local repository. In Part 2, you learn how to use Jython scripts to collect performance data from a server or from a collective controller and all its members.

Acknowledgments

Special thanks goes to Michael C. Thompson for reviewing this tutorial series and providing his input.

Resources

The following resources are helpful when reading this tutorial:


Downloadable resources


Comments

Sign in or register to add and subscribe to comments.

static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=Middleware, Cloud computing
ArticleID=1027159
ArticleTitle=Retrieve performance metrics from the WebSphere Liberty profile, Part 1: Setup and configuration
publish-date=02192016