Friday, September 11, 2015

Service level agreements (SLAs) monitoring and SLA audit report

Monitor web servers, databases and applications

EasyHA monitoring tools can monitor the availability and performance of you applications. It records the response time of your applications. You may want to determine the business requirements of the service provider; and reviewing key performance indicators, controls, and critical success factors used to ensure delivery of business requirements.

SLA states the guaranteed level of availability.

Monitor IT SLAs and Manage IT like a business

EasyHA can help SLA Monitoring by monitoring the availability and performance of your mission critical business applications and ensure you derive higher business value through better management of IT and IT processes.

The out-of-the-box support for monitoring a heterogeneous infrastructure can empower you to focus on functionality that is core to your business and in the mean time also provide you with invaluable insight into your system to ensure end users of your mission critical applications are satisfied.

EasyHA provides out-of-the-box support for monitoring various applications, databases, websites, web applications and other corporate IT Services.

Business Benefits of SLA Management

SLA Management gives you better visibility on whether you are meeting the needs of your customers
Holistic view of your business applications
Standards based approach to managing IT resources
Support for industry best practices
Improved employee productivity

What information you get in SLA audit report

The SLA audit report is implemented in v1.06. You will see the information list below:

Uptime, is probably the most important single metric you can use to measure the performance of your applications. It shows the percentage the service is up and operational. The counterpart of that is.

Downtime, It shows the time or percentage the service was unavailable.

Other time, If EasyHA is not running, or it cannot access the web server or database server, the status of the server will be record as no data or network issue.

Contact us

We provide general SLA audit report. In case you have special needs, please contact the vendor. http://www.lv2000.com/easyha/contactus.php

Wednesday, July 29, 2015

Getting started with EasyHA Client

EasyHA system/application monitoring tools has web front end. You can manipulate the application via web browser like MS-IE, Chrome and Firefox. I think you want to view status of EasyHA by rich client on Windows or mobile APP on your smart phone. In this post I would like to introduce the EasyHA Client for Windows desktop.

EasyHA Client application is available for Windows platform only till now. It is a Win32 GUI application. It runs in client/server mode. It connects to EasyHA server, and retrieve the status of the server. In case trigger is fired, you will receive the information of the event in time, and the EasyHA Client will deliver notifications using balloon tips or flashing tray icon. So you don’t need to check the web front end, and if you are using windows desktop, you will be aware of the event/note soon.

Installing and uninstalling

Download and run the installer which will walk you through the process. To uninstall the client on Windows run the uninstall.exe in installation directory.

URL for download: http://www.lv2000.com/products/setupEasyHAClient.zip

Settings

As EasyHA Client runs in client mode, we should please specify the EasyHA server host name, port number. To verify the user’s credential, you should also specify the user name and password. The information will be remembered for next time you run the client.

The communication between EasyHA Client and Server is one way (from the client to server) and http based, so normally there shouldn’t be problem with firewalls. Of course, the access through the given port should be allowed by your network administrator.

Please click File -> Setting/Login menu, and you will see the settings dialog.

Server Name/IP: The name or IP address of the server with EasyHA installed.

Port: Default 8004. If you have change the port of EasyHA, for example you access EasyHA via http://10.10.5.30:8080/, the port is 8080.

User Name: The user name that is used for EasyHA web front end.

Password: The corresponding password.

Start with Windows checkbox: check the option if you want to restart the client automatically when you logon Windows desktop.

Refresh Interval (Sec): refresh interval in second.

Tray Icon Blinking for: check Events and the tray icon start blinking when events are received, so do the notes.

Balloon Notification for: check Events and the balloon notification displays when events are received, so do the notes. Here is an example:

Dashboard of EasyHA Client

Toolbar

Start/stop scanning: Start or stop connecting to the server and retrieve the state information.

Settings: Configure server host, port and username, etc.

Clear current tab: clear listed data in Logs, Events and Notes tab.

EasyHA Web Front End: click the button to launch browser and open the web front end of corresponding EasyHA server.

Mute Notification for 5 Minutes: sometimes you may want to disable the annoying balloon and blinking icons when you are trying to solve problem of production environment, please click this button.

Statistics Panel

In this panel will see the count of recent events, notes.

Active Items Status

In this list view, you will see the status of all active items.

The items marked in red means the related trigger is fired 1 minute ago.

The items marked in green stays in normal status, in other words, no trigger related is fired recently.

Event List

There are 4 fields.

Trigger name: the name of trigger related to the event. In this example the trigger name is “High Memory Utilization”.

Item: Name of the item, on which the trigger is based.

Value: The corresponding value of the event. In this example, the value means the process use 48.7% of total memory.

Time: Event time.

Note list

The notes tab display information of the server. Many notes indicate that something wrong with the server. For example if the item no longer works due to network problem. Please check this tab and solve the problem ASAP.

Type of notes

1. Item is disabled by administrator.

2. EasyHA is not able to connect to SSH server of Linux/Unix server due to incorrect password or network problem.

3. EasyHA is not able to find the process that is to be monitored.

4. EasyHA failed when connect to cloud server of EasyHA

5. …

License

EasyHA Client is free software.

Wednesday, June 10, 2015

Configure JDBC (dbcp/c3p0) Data source for Very Low-Throughput System

A ton of posts discuss the high-throughput and high concurrency system, and perhaps you are building a low-throughput system, and you may think it is simple to configure the datasource. Actually if you use dbcp or c3p0 datasource, and settings of datasource is default value, your application will run into exception occasionally, especially after run idle for hours or days.

Problem

If the connection is inactive, the MySQL and Oracle may close the connection. And then if your application receive request from users, and then pick up connection from connection pool, the connection maybe broken connection, and then your application throws IOException.

You may see the trace listed below:

A. Oracle

Cause: java.sql.SQLRecoverableException: No more data to read from socket

; SQL []; No more data to read from socket; nested exception is java.sql.SQLRecoverableException: No more data to read from socket

B. Oracle

Cause: java.sql.SQLRecoverableException: IO Error: Broken pipe

; SQL []; IO Error: Broken pipe; nested exception is java.sql.SQLRecoverableException: IO Error: Broken pipe

C. MySQL

Cause: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: The last packet successfully received from the server was43203 seconds ago.The last packet sent successfully to the server was 43203 seconds ago, which is longer than the server configured value of 'wait_timeout'. You should consider either expiring and/or testing connection validity before use in your application, increasing the server configured values for client timeouts, or using the Connector/J connection property 'autoReconnect=true' to avoid this problem.

; SQL []; The last packet successfully received from the server was43203 seconds ago.The last packet sent successfully to the server was 43203 seconds ago, which is longer than the server configured value of 'wait_timeout'. You should consider either expiring and/or testing connection validity before use in your application, increasing the server configured values for client timeouts, or using the Connector/J connection property 'autoReconnect=true' to avoid this problem.; nested exception is com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: The last packet successfully received from the server was43203 seconds ago.The last packet sent successfully to the server was 43203 seconds ago, which is longer than the server configured value of 'wait_timeout'. You should consider either expiring and/or testing connection validity before use in your application, increasing the server configured values for client timeouts, or using the Connector/J connection property 'autoReconnect=true' to avoid this problem.

at org.springframework.jdbc.support.SQLExceptionSubclassTranslator.doTranslate(SQLExceptionSubclassTranslator.java:98)

…………

Caused by: java.net.SocketException: Broken pipe

at java.net.SocketOutputStream.socketWrite0(Native Method)

Solution

I suggest you to use c3p0 datasource. And set maxIdleTime=300.

<bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource"

destroy-method="close">

<value>${prop.jdbc.driverClassName}</value>

</property>

</property>

<value>${prop.jdbc.username}</value>

</property>

<value>${prop.jdbc.password}</value>

</property>

<property name="maxIdleTime">

<value>300</value>

</property>

</bean>

If you are using Apache DBCP, I suggest you to upgrade to latest version, and the recommended setting similar to

<bean id="dataSource_x" class="org.apache.commons.dbcp.BasicDataSource"

destroy-method="close">

<value>${prop.jdbc.driverClassName}</value>

</property>

</property>

<value>${prop.jdbc.username}</value>

</property>

<value>${prop.jdbc.password}</value>

</property>

<property name="testWhileIdle" value="true"/>

<property name="validationQuery" value="select 1 from dual"/>

<property name="removeAbandoned" value="true"/>

<property name="removeAbandonedTimeout" value="600"/>

<property name="timeBetweenEvictionRunsMillis" value="600000"/>

</bean>

About Author

Williams Voon, experienced programmer, devote to building distributed system monitoring tool EasyHA.

Thursday, June 4, 2015

The differences between checked exception and unchecked exception In Java

If your java program runs into exception, how should you do? You can catch and handle it, or catch and throw it up, or just do not catch it. The way handle exception is depended on the type of exception.

There are two types of java exception: checked exception and unchecked exception.

Unchecked exceptions:

represent defects in the program (bugs) - often invalid arguments passed to a non-private method.
are subclasses of RuntimeException, and are usually implemented using IllegalArgumentException, NullPointerException, or IllegalStateException
a method is not obliged to establish a policy for the unchecked exceptions thrown by its implementation (and they almost always do not do so)

Checked exceptions:

represent invalid conditions in areas outside the immediate control of the program (invalid user input, database problems, network outages, absent files)
a method is obliged to establish a policy for all checked exceptions thrown by its implementation (either pass the checked exception further up the stack, or handle it somehow)

Tips for Java Programmer

If your program runs into RuntimeException, that always indicates that you need to fix the bug. To quote from The Java Programming Language, by Gosling, Arnold, and Holmes: "Unchecked runtime exceptions represent conditions that, generally speaking, reflect errors in your program's logic and cannot be reasonably recovered from at run time."

So if you catch the RuntimeException, please fix the bug ASAP. Perhaps you want to know your programs throw RuntimeException by monitoring tools, you can try the EasyHA.

New Feature of EasyHA Monitoring Tool

The new version of EasyHA will analyze log file of your java program, and detect the unique RuntimeException. And the head of Ops team can check number of bugs by figures and diagrams.

Friday, May 29, 2015

Configuring Apache and Tomcat with SSL/TLS, Launch HTTPS Website

With a secure web server, clients can connect to your server secure in the knowledge both that it is who it claims to be and that the transaction is well-encrypted so their data is safe.

SSL (Secure Sockets Layer) is a protocol for cryptographically securing transactions between a web browser and a web server. In most cases, only the server end is authenticated, which means that the client has a guarantee that the server is who it claims to be, but not vice versa.

This article shows you how to launch a web server with SSL. We choose Apache and Tomcat.

Creating a Certificate

The first step is certificate creation. To get a certificate signed by a CA such as Verisign, you first need to create a keypair and a certificate request:

$ openssl req -new -newkey rsa:4096 -keyout key.pem -out csr.pem

The command will therefore generate a key (private key) and certificate request (public key inside, pem format), but not a certificate.

Note

You can create your certificate either with or without a passphrase. The major disadvantage of using a passphrase is that it must be typed every time the web server starts up. So it won't start unattended or automatically on boot, for example, after a power cut. Depending on your setup, this may or may not be significant for you. To clear the passphrase, you can use this command:

openssl rsa -in key.pem -out server.key

Note

PEM is a X.509 certificate (whose structure is defined using ASN.1), encoded using the ASN.1 DER (distinguished encoding rules), then run through Base64 encoding and stuck between plain-text anchor lines (BEGIN ENCRYPTED PRIVATE KEY and END ENCRYPTED PRIVATE KEY, BEGIN CERTIFICATE REQUEST and END CERTIFICATE REQUEST, BEGIN CERTIFICATE and END CERTIFICATE).

The next stage, then, is to send that csr.pem file to the CA. The CA will sign your CSR and serve back the certificate. The certificate is save as file server.crt.

Configuring Apache 2 with SSL

1. Make sure the mod_ssl is installed in Apache. Please check whether the file exists.

/etc/httpd/modules/mod_ssl.so

2. If the OS is Centos, please run the following command to install mod_ssl.

# yum install mod_ssl

3. Upload your private key server.key and certificate server.crt to your Linux server.

/etc/httpd/certs/server.crt

/etc/httpd/certs/server.key

4. Edit /etc/httpd/conf.d/ssl.conf, change the path of certificate and key.

Default settings:

SSLCertificateFile /etc/pki/tls/certs/localhost.crt

SSLCertificateKeyFile /etc/pki/tls/private/localhost.key

Change it to:

SSLCertificateFile /etc/httpd/certs/server.crt

SSLCertificateKeyFile /etc/httpd/certs/server.key

5. Restart the apache, and visit the site via https://www.yourdomain.com/

Note

If your apache server is not dedicated server for one domain/website, you need to configure the VirtualHost for each website. The certificate of each website should be specified in <VirtualHost>. The sample of www.gtdreport.com is listed below.

DocumentRoot /var/www/gtd

ServerName www.gtdreport.com:443

SSLEngine on

SSLCertificateFile /etc/httpd/certs/server.crt

SSLCertificateKeyFile /etc/httpd/certs/server.key

ErrorLog logs/gtdreport-error_log

CustomLog logs/gtdreport-access_log combined

</VirtualHost>

Configuring Tomcat with SSL

It is very easy. Please edit this file: TOMCAT_HOME/conf/server.xml. Add the content like this:

The problem is how to get the file server.pkcs12. Please run the following command:

$ openssl pkcs12 -export -in server.crt -inkey key.pem -out server.pkcs12

You need to input password for key.pem, and input password (keystorePass) that is used to protect server.pkcs12.

Self-Signed Certificate

Perhaps you cannot get a certificate signed by CA, you can also create self-signed certificate.
Please see this page:

http://developer.kaazing.com/documentation/html5/3.5/security/p_tls_clientapp.html

Java-Rep2excel with SSL

The Java-Rep2excel v1.64 supports SSL.

Please edit the rep2excel.properities, add the ssl configuration.

# Sample for SSL

# sslPort, optional.

# keystoreFile, required, path of keystore file. for example: C:\\certificate-gtdreport\\server.jks

# keystoreType, required, options: JKS/JCEKS/PKCS12/BKS/UBER

#sslPort=443

#keystoreFile=server.pkcs12

#keystorePass=changeit

#keystoreType=PKCS12

About the Author

Williams Voon, experienced java programmer. Chief system analyst of the 3 software: Rep2excel, EasyHA System Monitoring Tool. GTD Excel Report Server.

Facebook: http://tinyurl.com/mqbhpct

Google Plus: http://gplus.to/williamsvoon

Wednesday, May 27, 2015

EasyHA Release Notes Version 1.02

Version 1.02, May 28, 2015/5/28

What is new

1. Add disk free monitoring items in bulk.

Select one or more hosts.

Check the box on left if you want to monitor the file system. And then click submit, the items will be added in bulk.

Download

Free Version: http://www.lv2000.com/products/setupEasyHA.zip

Monday, May 25, 2015

Connecting to any server behind a firewall through putty and 3proxy

There are two ways to create an SSH tunnel, local and remote port forwarding. In this post I will discuss remote port forwarding.

Say that you’re developing a distributed system monitoring application on your local machine, and you’d like to show it to a volunteer tester (IP: 12.34.56.78). Unfortunately your ISP didn’t provide you with a public IP address, so it’s not possible to connect to your machine directly via the internet.

Sometimes this can be solved by configuring NAT (Network Address Translation) on your router, but this doesn’t always work, and it requires you to change the configuration on your router, which isn’t always desirable. This solution also doesn’t work when you don’t have admin access on your network.

To fix this problem you need to have another computer, which is publicly accessible and have SSH access to it. It can be any server on the internet, as long as you can connect to it. We’ll tell SSH to make a tunnel that opens up a new port on the server, and connects it to a local port on your machine.

Many tutorials show you connect to a Linux server from local Linux server, and create SSH tunnel by this means. The command looks like:

$ ssh -R 9000:localhost:3000 user@example.com

In this post I will use putty on Windows.

Step by Step Guide

Note: First you should please download putty and 3proxy. They are both free software.

1. Connect to 85.125.100.20 from local computer 192.168.1.99.

2. Click SSH -> Tunnels, and fill in information like this.

3. Click Add button. Dialog looks like:

4. Click Open, fill in user name and password, and connect to 85.125.100.20.

Now the tunnel is established. If you access 85.125.100.20:1080, the request will be forwarded to 192.168.1.99:1080.

To access all computers in LAN 192.168.1.0/24, we need to start a sock5 proxy on 192.168.1.99.

Download the 3proxy from http://3proxy.ru/

Please unzip the 3proxy installation package, and create a file named my.cfg by notepad. The content of my.cfg is listed below:

timeouts 1 5 30 60 180 1800 15 60
log "c:\temp\3proxy.log\3proxy.log" D
logformat "- +_L%t.%. %N.%p %E %U %C:%c %R:%r %O %I %h %T"
internal 127.0.0.1
auth none
allow *
nserver 192.168.1.1
nscache 65536
socks

And then start the proxy server in dos prompt.

Now the 12.34.56.78 is able to access all servers behind the NAT. For example you want to access SSH server 192.168.1.100:22. The proxy setting similar to:

About the Author

Williams Voon, experienced java programmer. Chief system analyst of the 3 software: Rep2excel, EasyHA System Monitoring Tool. GTD Excel Report Server.

Facebook: http://tinyurl.com/mqbhpct