Proste balansowanie WebMethods

<VirtualHost _default_:5555>
ServerName wmproxy:5555
ErrorLog /var/log/apache2/error_log_wm
TransferLog /var/log/apache2/access_log_wm

##################
ProxyPass /invoke balancer://WmInvokeCluster5555 stickysession=ssnid
<Proxy balancer://WmInvokeCluster5555>
   BalancerMember http://192.168.1.208:5555/invoke route=instance0 loadfactor=50
   BalancerMember http://192.168.1.219:5555/invoke route=instance1 loadfactor=50
</Proxy>

<Location /invoke >
       Order Deny,Allow
       Deny from all
       Allow from all
</Location>
##################

##################
ProxyPass /ws balancer://WmWsCluster5555 stickysession=ssnid
<Proxy balancer://WmWsCluster5555>
   BalancerMember http://192.168.1.208:5555/ws route=instance0 loadfactor=50
   BalancerMember http://192.168.1.219:5555/ws route=instance1 loadfactor=50
</Proxy>

<Location /ws >
       Order Deny,Allow
       Deny from all
       Allow from all
</Location>
##################

<Location /balancer-manager5555>
   Order Deny,Allow
   Deny from all
   Allow from 192.168.2.0/255.255.255.0
   SetHandler balancer-manager
</Location>

</VirtualHost>

Cały koncept w oparciu o zmodyfikowany Apache 2.2.10 mod_proxy.

Jakimi fajnymi furami jeżdżą studenci EiTI

Alfa MiTo. Doktorów na takie coś nie stać, a profesorowie wolą bardziej klasyczne Toyoty Avensis.

Windows 7 preferuje dyski SSD

Na obrazku ocena laptopa Acer Aspire 4530 - tylko 3,0 za HDD.

Linux podpięty do AD

$ cat /etc/openldap/ldap.conf
TLS_REQCERT allow
host 192.168.1.1
base dc=example,dc=com

$ cat /etc/ldap.conf
host 192.168.1.1
uri ldap://ntpdc.example.com
port 389
ssl no
base dc=example,dc=com
scope sub

binddn LDAP@example.com
bindpw haslohaslo

nss_base_passwd dc=example,dc=com?sub
nss_base_shadow dc=example,dc=com?sub
nss_base_group dc=example,dc=com?sub&(objectCategory=group)
nss_map_objectclass posixAccount user
nss_map_objectclass shadowAccount user
nss_map_objectclass posixGroup user
nss_map_attribute gecos name
nss_map_attribute homeDirectory unixHomeDirectory
nss_map_attribute uniqueMember member

pam_password ad
nss_map_attribute userPassword authPassword

$ cat /etc/krb5.conf
[libdefaults]
default_realm = EXAMPLE.COM
clockskew = 300

[realms]
EXAMPLE.COM = {
kdc = ntpdc.example.com
admin_server = ntpdc.example.com
default_domain = example.com
}

[logging]
kdc = FILE:/var/log/krb5/krb5kdc.log
admin_server = FILE:/var/log/krb5/kadmind.log
default = FILE:/var/log/krb5/krb5libs.log

[domain_realm]
.example.com = EXAMPLE.COM

[appdefaults]
pam = {
debug = false
ticket_lifetime = 1d
renew_lifetime = 1d
forwardable = true
proxiable = false
minimum_uid = 1
clockskew = 300
external = sshd
use_shmem = sshd
}

$ cat /etc/samba/smb.conf
[global]
workgroup = EXAMPLE
realm = EXAMPLE.COM
preferred master = no
security = ads
encrypt passwords = true
log file = /var/log/samba/%m.log
log level = 3
dos charset = CP1250
unix charset = UTF8
display charset = UTF8
idmap gid = 10000-20000
idmap uid = 10000-20000
template homedir = /home/%D/%U
template shell = /bin/bash
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
winbind nested groups = Yes
winbind refresh tickets = yes
winbind separator = +
passdb backend = tdbsam
idmap backend = ad
winbind nss info = rfc2307

oplocks = yes
max xmit = 65535
dead time = 15
getwd cache = yes
large readwrite = no
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
load printers = no

$ cat /etc/nsswitch.conf
passwd: files winbind ldap
shadow: files windind ldap
group: files winbind ldap

$ nano /etc/pam.d/ [tab]
{auth,account,password} sufficient pam_winbind.so use_first_pass

$ net groupmap add rid=1000 ntgroup="Development" unixgroup=dev type=d
# lepiej zamiast tego nadac grupie nt atrybut gidNumber taki sam jak gid uniksowy

$ nano /etc/samba/smb.conf
[project]
comment = 'Remote project'
path = /home/dev/project
browseable = yes
read only = no
map inherit acl = no
inherit acls = no
inherit permissions = no
create mask = 664
directory mask = 775
valid users = @"EXAMPLE+Development"
admin users = @"EXAMPLE+Domain Admins"
force user = dev
force group = dev

$ cat /etc/apache2/vhosts.d/svn.conf

DAV svn
SVNPath /var/lib/svn/svnrepo
AuthBasicProvider ldap
AuthType Basic
AuthName "Subversion svnrepo repository"

AuthzSVNAccessFile /var/lib/svn/svn-acl

AuthLDAPURL ldap://192.168.1.1:389/OU=IT,dc=example,dc=com?samAccountName?sub?(objectCategory=person)
AuthLDAPBindDN "example\LDAP"
AuthLDAPBindPassword "haslohaslo"

Require valid-user

Użytkownicy i grupy, SVG w mediawiki

Będąc leniwym można użyć Eclipse'a JEE z driverem z jdbc.postgresql.org.
Wygląda na to, że wybranie na tabelce opcji edit nie działa jeśli istnieje
autonumerowana kolumna.

Jeśli nie działa generacja PNG z SVG (w którym robimy use-case'y) to należy zajrzeć do /srv/www/htdocs/mediawiki/bin/ulimit*/sh i zrobić coś z -v $2.
Dodatkowo dla rzeczy wyeksportowanych z Visio są problemy z mime-type,
workaround to '$wgMimeDetectorCommand = 'file --brief --mime'.

WebObjects - easy WebMethods development in Java

WebObjects framework provides easy way for WebMethods development using Java.
For every flow, java or adapter service existing in a IS package the framework generates Java beans covering pipeline's input and output, and packs generated classes into one jar file. So for every document used as a pipeline's input or output you get a Java class. You don't have to do complex multi-step flow mappings, you can do your job easily in Java. You operate on real Java objects, not on pipeline's keys and values. From Java you can call other services using Java objects.
All development can be done in Eclipse after importing jar file generated by WebObjects from IS package.



On the picture above you can see a Java service called abcd. It uses JDBC adapter service called invokeFb. WebObjects framework generated invokeFb_In and invokeFb_Out classes for that service. Service invokeFb exists in test.sql namespace, its input and output classes (invokeFb_In, invokeFb_Out) were generated in pkg.test.sql Java package. DataProxy.invokeService() method called with invokeFb_In object, knows exactly which service to invoke and what object should be returned.
You can generate jars for WmPublic and WmRoot and call native WM services from Java.

Under heavy load with huge documents processed by flow services it is possible to hang Integration Server - pipeline's objects have circular references and they are hard to process by Garbage Collector. One work around is to mark services as stateless, change session lifetime from 10 to 2 minutes, tune GC (concurrent mark sweep), the other is to change JVM to JRockit (but then your installation is not supported by Software AG).
With WebObjects you just call DataProxy.clear(pipeline) between getting Java input object from pipeline and putting output.
How to get and put objects? If invokeFb were a Java Service written with WebObjects you would do:

invokeFb_In in = DataProxy.unbox(pipeline, invokeFb_In.class);
invokeFb_Out out = new invokeFb_Out();
// do something with out
DataProxy.box(out);

Windows Server 2008 R2 - szary i niebieski wracają

Widać wpływy Mac OS-a X w pasku zadań. Wersja systemu 6.1 powoduje, że Oracle 11g nie chce się instalować (ale wystarczy uruchomić Program compatibility na pliku Oracle Universal Installer i idzie).