Configuring script packages by using the extendedattributes.json object

Use a special JSON object, extendedattributes.json, to include additional information needed to configure a script package that you add to the catalog.

Overview

In addition to the cbscript.json file, which contains essential configuration information for your script package, you can include several more attributes to extend your script package configuration for several special situations. This extended attribute information is stored in another special JSON object that is named extendedattributes.json, and must be in the root directory of the uploaded compressed file (in the same directory as the cbscript.json object). You can use the Plug-in Development Kit to create this file. See the topic "Creating an IBM Workload Script Package Project" in the Related tasks section for more information.

The extendedattributes.json object contains configuration information for the following attributes:
consoleLinks
Use this attribute to define an array that contains the console links for the script package. Console links display on the virtual system instance page in the Virtual machines > Console section. You can use these links to provide an easy way for a user to access a console that is used to administer the virtual machine, such as VNC or the Integrated Solutions Console for WebSphere® Application Server.
Console links are defined as an array of JSON objects. Each object contains the name and url for a console link that displays for the virtual machine that is associated with the script package. You can define the url in several ways:
Static link
If the link is known before deployment, you can specify the link as a static URL:
     {
         "name" : "IBM homepage",
          "url" : "http://www.ibm.com/ibm"
     }
Simple link
If the link depends on the host name or IP address of the virtual machine, you can use the public-hostname or public-ip attributes that are defined in deployment.json, for the url attribute:
     {
        "name" : "VNC",
        "url" : "https://{public-hostname}/vnc"
     },

The value is resolved after the pattern is deployed. In the preceding example, the link is set to https://myvmhostname/vnc, where myvmhostname is the fully qualified host name for the deployed virtual machine that is associated with the script package where the console link is defined.

You can also reference a pattern level attribute. If the pattern contains the following attributes:
"attributes": {
    "MY_PORT_VNC": "9082",
    "MY_VALUE_1": "&parm1=ABC"
},
Then you can reference these attributes in the url attribute for the console link. Surround the attribute name with square brackets ([ ]). Use a vertical bar (|) to specify the default value:
     {
         "name" : "This link references a port",
         "url" : "https://{public-hostname}:[MY_PORT_VNC|9080][MY_VALUE_1|]"
     }
If no value is set for the attribute when the link is resolved, an empty string is used. In the preceding example, if the pattern level attributes are defined, the URL resolves to: https://servername.com:9082&parm1=ABC. If the pattern level attributes are not defined, the URL resolves to https://servername.com:9080.
You can also reference component-level attributes, either by using the component ID or by referencing an attribute in the current component. Use either of these formats: component id/component attribute name or this/component attribute name. Examples:
"http://{public-ip}:[org_apache_tomcat_1_0_0_1/tomcat.port|8080]"
where org_apache_tomcat_1_0_0_1 is the component ID and tomcat.port is the name of the attribute in the component. If that value is defined, it is used by the console link. Otherwise, 8080 is used.
"http://{public-ip}:[this/tomcat.port|8080]"
If the current component contains an attribute that is named tomcat.port, that value is used by the console link. Otherwise, 8080 is used.
Complex link
You can reference parameters that are defined on another virtual machine in the virtual system instance by specifying search criteria followed by : so that the system can retrieve the parameter. The available search criteria are COMPONENTS, SCRIPTS, and IMAGES. Separate multiple criteria values with a comma (,) and end the list with a semicolon (;). Define the condition for the search criteria as it displays in the user interface. For example, if you want to reference another virtual machine in the virtual system instance, that contains a script that displays as "Test Script" in the user interface, and a component that is named SC1, set the url to "url" : "https://{[SCRIPTS:Test Script;COMPONENTS:SC1]:public-ip}/console"

You can use one or more of these criteria for the search. If they are specified, all of the criteria must be met to retrieve the parameter.

Example:
"consoleLinks" : [
{
"name" : "EA: Complex Link",
"url" : "https://{[components:SC2]:public-hostname}/console&[NO_PARM|Cat]"
},
{
"name" : "EA: Another Complex Link",
"url" : "https://{[components:SC2;image:OS Node_1;scripts:My Test Script]:public-hostname}[APP1_PORT|]/console[NO_PARM|&parm1=Cat][PARM_TEST|][NO_PARM2|]" 
}
]
envonly
Specifies whether script package parameter values are set only in the environment, or if they are also written to the script_parms.json file before the script package is run.

If this attribute is present and set to true, script package parameter values are set only in the environment and are not written to the script_parms.json file.

If this parameter is not defined in the extendedattributes.json file or is present and set to false, script package parameter values are set in the environment and are also written to the script_parms.json file.
Attention: Before version 2.2.2.0, these values were stored in the virtualimage.properties file. Starting in version 2.2.2.0, these values are written to the script_parms.json file. This file is not stored on the local VM; it is stored in Storehouse. 

For more information, see the subsequent section, Writing script package parameters to script_parms.json.

iwd_stop_services_before_efix
Specifies whether services are stopped when an emergency fix is applied. Set this attribute to false and include the extendedattributes.json file in your emergency fix archive to prevent a service from being stopped when the fix is applied.
manual_keys
Use this attribute to define an array that controls the credentials prompt when a script package is run manually:
  • If the manual_keys array is not present, the user is prompted with the default Product administrator user name and password dialog box.
  • If the manual_keys array is present, but is empty, the user is not prompted with the default Product administrator user name and password dialog box. Example:
    [
    {
    	"savevars":"1",
    	"envonly":"TRUE",
    	"manual_keys":[]
    }
    ]
  • You can customize the credentials that are displayed in the dialog box by specifying these attributes:
    scriptdefaultvalue
    An initial default value for the environment variable that you can modify later if needed. This attribute is required, but the value can be blank.

    When the script package is downloaded, this attribute is written to the cbscript.json file.

    scriptkey
    Label for the parameter that displays in the prompt to the user.
    scriptvalue
    This attribute is currently not used by the system, but is required to be included for each scriptkey. Set it to an empty string value.
    Example:
    "scriptvalue": "",

    When the script package is downloaded, this attribute is written to the cbscript.json file.

    type
    Add this parameter and set it to password for the field where the user enters the password.
    For example, if extendedattributes.json contains the following entry for the manual_keys array:
    [
       {
          "envonly": "TRUE",
          "manual_keys": [
             {
                "scriptdefaultvalue": "password",
                "scriptkey": "My Custom Username",
                "scriptvalue": ""
                
             },
             {
                "scriptdefaultvalue": "password",
                "scriptkey": "My Custom Password",
                "scriptvalue": "",
                "type": "password"
             }
          ],
          "readonly": "false",
          "savevars": "1"}
    ]
    when the script package is run, the user is prompted for a user name with the label My Custom Username and a password box with the label My Custom Password.
keys
Use this attribute to define an array that contains metadata for environment variables defined in cbscript.json. Each item in the array can have the following attributes:
scriptkey
The name of the environment variable. This attribute is required and should also exist in cbscript.json.
placement
If this attribute is present and set to true, it indicates that the attribute can be displayed only during the placement phase for pattern deployment.

Example:

In cbscript.json, the scriptkey attribute has an environment variable named "VOLUME_ID".

[
 { 
  "keys": [
    {
     "scriptkey":"VOLUME_ID",
     "scriptvalue":"",
     "scriptdefaultvalue":"",
    "required":false
    }
 ]
}
]
In extendeattribute.json, the placement attribute "VOLUME_ID" is set to true. It means that this script key will not appear at pattern design time, but will appear only in the placement phase of pattern deployment.
[
{
	"keys":[
	 {
	"scriptkey":"VOLUME_ID",
	  "placement":"true"
	}
]
}
]
product_license
Specifies license information for the script package. The following attributes are available:
productid
The product ID associated with the license, as represented in the license catalog. Example:
"productid": "5725L53"
licensetype
Defines the type of license. The following values are valid:
PerCore
This type of license charges users according to the number of processor cores that are used.
PVU
This type of license charges users according to the processor value units used.
SERVER
This type of license charges users according to the number of virtual servers used.
COMPUTE_NODE
This type of license charges users according to the number of compute nodes that are used.
Example:
"licensetype": "PVU"
licensecpu
When the type of license is SERVER, this required attribute specifies the processor count limit for this server license. Example:
"licensecpu": "4"
licensememory
When the type of license is SERVER, this required attribute specifies the memory limit in GB for this server license. Example:
"licensememory": "4"
readonly
If this attribute is present and set to true, the script package is set as read-only when it is imported to the system. The script package is locked to prevent further editing.
rebootAfterExecution
If this attribute is present and set to true, the virtual machine restarts after the script package runs.
Note: This attribute is supported only for virtual system instances that were deployed from virtual system patterns. This attribute is not supported for use with classic virtual system instances that were deployed from classic virtual system patterns.
rolling
For virtual system instances with more than one virtual machine, specifies whether the script package is run in parallel rather than in sequence. If this attribute is present and set to false, the script package is run in parallel, and starts on all virtual machines in the virtual system instance at the same time. If this attribute is not present, or is set to true, the behavior defaults to rolling, which means that the script package starts on one virtual machine in the virtual system instance. The script package is not started on the next virtual machine in the virtual system instance until it is finished running on the first virtual machine. The script package starts on the next virtual machine in the virtual system instance regardless of whether the previous script completed successfully or failed.
Note: This attribute is supported only for virtual system instances that were deployed from virtual system patterns. This attribute is not supported for use with classic virtual system instances that were deployed from classic virtual system patterns.
savevars
Specifies whether changes made to script package parameter values are persisted after deployment, and reapplied to subsequent runs of the script package. For more information, see the subsequent section, Saving configuration changes to run script packages after deployment.
Note: After you upload a script package, refresh the Script Package page to display the uploaded information from the JSON object in the console.

Writing script package parameters to script_parms.json

By default, before a script package is run in your virtual machine environment, the script package parameters are written to the script_parms.json file.
Attention: Before version 2.2.2.0, these values were stored in the virtualimage.properties file on the local VM. Starting in version 2.2.2.0, these values are written to the script_parms.json file. This file is not stored on the local VM; it is stored in Storehouse: /storehouse/user/deployments/<deployment_id>/script_parms.json

Since these parameters are no longer written to the virtualimage.properties file, importing (sourcing) this file does not make the values available to your script. Instead, you must get these parameter values from the environment variable, or you can use the Maestro API to download the script_parms.json from Storehouse. For more information about using the Maestro API, see Maestro methods in script packages.

For scripts that are run during deployment, or for scripts that run on demand from the console (by clicking Execute Now), all script package variables, including variables that are defined in script_parms.json, are set and available in the environment before the script is run.

In general, environment properties that are written to the script_parms.json file should be only those properties that are defined or provided by the virtual image. Design your script packages such that they do not depend on these parameters being available in this file.

Script package parameter values are stored as environment variables and passed to other script packages during execution; however, if your script package uses su - <other_user> or sudo - <other_user>, these environment variables are lost since this command initializes new environment variables for that user. To avoid this issue, use su <other_user> or sudo <other_user> (without the '-') so that the environment variables are not reinitialized.

There might be situations when you do not want the script package parameters to be written to the script_parms.json file. For example, if your script package parameters include password parameters, such as parameters that contain the text string password in their name, or parameters whose type is password, the values for these password parameters are written to script_parms.json in clear text, which might be a security concern in your environment.

In most situations, prevent script package parameters from being written to script_parms.json by including the envonly (environment only) attribute in the extendedattributes.json file in your script package.

The following values are valid for this attribute:
true
Script package parameter values are set only in the environment and are not written to the script_parms.json file. This setting is the preferred setting.
false
Script package parameter values are set in the environment and are written to the script_parms.json file. This value is the default value. If this file is not included in your script package, the default value of false is assumed.
In the extendedattributes.json file, define the envonly parameter as follows here:
{
     "envonly": "true"
}

In general, your script packages should not need to access parameters from the script_parms.json file. If you must run scripts manually in your environment, save these parameters in your own file instead.

Important: When a script package executes, its environment variables, if any, are added to the environment, along with any environment variables from previously executed script packages. These environment variables are then written out to the script_parms.json file or not, based on the value of the envonly setting for that script package.

This means that if one script package runs with envonly set to true, followed by a second script package that runs with envonly set to false (the default), the environment variables for the second script package are written to script_parms.json, including the environment variables from the first script package.

If your pattern deployment is running multiple script packages, and all have envonly set to true, environment variables are still written to the script_parms.json file, however script package variables are not. However, if one or more scripts have envonly set to false (or if envonly is not specified), then the script_parms.json file contains the variables from all of the script packages that have run up to this point.

Saving configuration changes to run script packages after deployment

Script packages are created and customized with environment variables and added to the catalog, where they can be selected and included in a virtual system pattern. When that virtual system pattern is deployed, one or more virtual machines are created in the environment.

For each virtual machine, an initial copy of the script package parameters is defined, by using the configuration that is passed in by the environment variables. Then, for each instance of the virtual machine, another copy of the script package parameters, unique for that virtual machine instance, is defined.

For any virtual machine instance, each subsequent time that you run the script package, the same values for the environment variables that were in effect at the time of deployment are presented again. Any changes that you want to apply to these variables must be made manually each time the script package is run.

If, after deployment, you return to the Script Packages catalog page and modify the configuration of the environment variables in the script package, those changes are not applied to deployed instances of that script package on subsequent executions. The configuration that was in effect at the time of deployment are presented instead.

You might have a situation in which you anticipate needing to change the configuration of a script package after it is deployed, and then apply those changes each subsequent time when the script package is run again. For example, you might configure and deploy a virtual system pattern with a script package that provides encryption support. Later, you update the encryption configuration to add a path to encrypt on a virtual machine, and you want that change to be applied each time that you run the script again on all the instances of that virtual machine.

In this situation, in your script package configuration in the Catalog > Script Packages page, select Yes in the Save environment variables after post-deployment executions field to indicate that when you update script parameters on the deployed script package, those changes are to be saved after execution and applied to subsequent executions of the script.

This value is stored in the extendedattributes.json file in the savevars attribute. The following values are valid for this attribute:
1
An integer value equivalent to Yes (as configured in the Catalog > Script Packages page), indicating that changes made to script package parameter values after deployment are persisted. On subsequent runs of the script package, the most recent updates to script package parameter values are used instead of the configuration that was in effect at the time of deployment. This setting affects all instances of the script. Each usage of the script in a deployment pattern has its own copy of the script parameter values.
0
An integer value equivalent to No (as configured in the Catalog > Script Packages page), indicating that changes made to script package parameter values after deployment are not persisted. On subsequent runs of the script package, the parameter values that were applied at the time of deployment are presented, and you must manually change these values as needed each time that you run the script package.
In the extendedattributes.json file, the savevars attribute is formatted as follows:
{
     "savevars": "1"
}

Example of attributes in the extendedattributes.json object

The basic syntax for parameters that are specified in the extendedattributes.json object is of the form:
"<parameter_name>": "<parameter_value>"
Example:
[
  {
    "envonly": "true",
    "savevars": "1",
    "rolling":true,
    "rolling_timeout":500,  
    "readonly": "true",
    "product_license": {
       "productid": "5725A26",
       "licensetype": "SERVER",
       "licensecpu": "16",
       "licensememory": "4"
    }
  }
]

Example of using the savevars attribute

Consider an example of a deployed pattern that creates a single virtual machine, VMa, with an initial script package configuration, PCa. Suppose that the virtual machine has two instances, VMa1 and VMa2, and both are defined to run the script package.
  • Each virtual machine instance that is created runs the script by using a unique copy of PCa.
    • Instance VMa1 has configuration PCa1.
    • Instance VMa2 has configuration PCa2.
  • When the script package is run on either of these virtual machine instances, the equivalent configuration at the time of deployment is applied, since PCa is identical to PCa1 and PCa2.
  • Now, suppose you run the script package on instance VMa1 and change the configuration settings, effectively creating a new set of parameters, PCa3.
  • With the savevars attribute set to 1 (Yes), the configuration PCa3 is saved, replacing both PCa1 for VMa1 and PCa for the virtual machine:
    • Virtual machine VMa now has the latest configuration settings, PCa3.
    • Instance VMa1 also has the latest configuration settings, PCa3.
    • Instance VMa2 still has its copy of the original configuration, PCa2.
  • When the script is run subsequent times on VMa1, PCa3 is applied.
  • The next time that the script is run on VMa2, however, PCa2 is applied, but after execution completes, PCa2 is replaced by the latest configuration, PCa3. On subsequent runs of the script on VMa2, PCa3 is applied:
    • Virtual machine VMa has the latest configuration settings, PCa3.
    • Instance VMa1 has the latest configuration settings, PCa3.
    • Instance VMa2 now has the latest configuration settings, PCa3.