Administration

This section describes known administration issues and associated solutions.

Enterprise Server does not detect conflicts with the heartbeat port of a cluster (Issue number 1967)

Description

When a cluster is created, Enterprise Server randomly assigns a heartbeat port between 1026 to 45556. For default-cluster, which is the default cluster created by a Enterprise Server installation, a random number selected between 0 to 45556. The cluster creation process does not accurately detect if the heartbeat port is already being used by another service.

Solution

If automated cluster creation configuration selects a heartbeat port that is in conflict with another service that is already using that port, update the cluster heartbeat port to a port that is not being used by the system.

To change the heartbeat port of a cluster, use the following asadmin command:

asadmin set cluster-name.heartbeat-port=newportnumber

Domain creation stops on NFS server running 64–bit Linux (Issue Number 1961)

Description

The asadmin create-domain command may fail while attempting to create a domain on a Network File System (NFS) mounted file system with the NFS server running on 64-bit Linux.

Solution

No known solution.

Performance degradation seen when a huge log file is rotated (6718611)

Description

When a huge log file is rotated, a slight increase in the response time is observed.

Solution

Performance degradation can be minimized by modifying the values for File Rotation Limit and File Rotation Time Limit in the Logger settings. The values for these properties would depend on your application and environment.

Failed to Deploy Generic RA Resource Adapter against IBM MQ (Issue 6605)

Description

Deployment of a generic RA adapter against IBM Message Queue product fails. The permissions granted in the server.policy file is as follows.

grant {
      permission java.util.logging.LoggingPermission "control";
      permission java.util.PropertyPermission "*", "read,write";
      }

Solution

Change the permissions in the server.policy file as follows:

grant codeBase
"file:${com.sun.aas.installRoot}/lib/install/applications/adminapp/-" {
  permission java.util.logging.LoggingPermission "control";
 };

Standalone instances sometimes obtain files from other instances (6698604)

Description

In some circumstances, files installed on the DAS intending to be synchronized with a specific instance actually get sent to additional instances.

Solution

No known solution.

Startup Message from the start-cluster command are too verbose (6728317)

Description

The asadmin start-cluster command shows too many messages even when non-critical components fail during startup. See the following example command output when non-critical elements (related to the instances in the cluster) fail:

./asadmin start-cluster --port 9898 cluster1
Please enter the admin user name>admin
Please enter the admin password>
The clustered instance, instance2, was successfully started.
error 0 [#|2008-07-17T14:58:16.496+0200|WARNING|sun-appserver9.1|javax.jms|
_ThreadID=10;_ThreadName=main;
_RequestID=90bbbe3a-d654-4480-b295-7e317d945a4a;|[C4003]: 
Error occurred on connection creation [localhost:37676]. - cause: 
java.net.ConnectException: Connection refused|#]


error 1 [#|2008-07-17T14:58:17.517+0200|WARNING|sun-appserver9.1|javax.jms|
_ThreadID=10;_ThreadName=main;
_RequestID=90bbbe3a-d654-4480-b295-7e317d945a4a;|[C4003]: 
Error occurred on connection creation [localhost:37676]. - cause: 
java.net.ConnectException: Connection refused|#]


error 2 [#|2008-07-17T14:58:30.596+0200|WARNING|sun-appserver9.1|
javax.enterprise.system.container.ejb|
_ThreadID=13;_ThreadName=pool-1-thread-4;TimerBean;
_RequestID=5954a044-df06-4a3e-902a-0c40b4b6cddb;
|EJB5108:Unable to initialize EJB Timer Service. 
The likely cause is the database has not been 
started or the timer database table has not been created.|#]


error 3 [#|2008-07-17T14:58:32.512+0200|WARNING|sun-appserver9.1|
javax.enterprise.resource.resourceadapter|_ThreadID=10;_ThreadName=main;
__CallFlowPool;_RequestID=90bbbe3a-d654-4480-b295-7e317d945a4a;|
RAR5005:Error in accessing XA resource with JNDI name [__CallFlowPool] for recovery|#]


The clustered instance, instance1, was successfully started.
error 0 [#|2008-07-17T14:58:21.117+0200|WARNING|sun-appserver9.1|
javax.enterprise.system.container.ejb|
_ThreadID=13;_ThreadName=pool-1-thread-4;TimerBean;
_RequestID=30827d9a-72ac-4854-b216-06494b6a9fb5;
|EJB5108:Unable to initialize EJB Timer Service. The likely cause is the database has 
not been started or the timer database table has not been created.|#]


error 1 [#|2008-07-17T14:58:23.106+0200|WARNING|sun-appserver9.1|
javax.enterprise.resource.resourceadapter|
_ThreadID=10;_ThreadName=main;__CallFlowPool;
_RequestID=b41d76fa-0203-49f7-a2ae-83bf242d3e7a;
|RAR5005:Error in accessing XA resource with JNDI name [__CallFlowPool] for recovery|#]


Command start-cluster executed successfully.

Solution

No known solution. These (exceptions) messages can be ignored.

Failed to Deploy Generic RA Resource Adapter against IBM MQ (Issue 6605)

Description

Deployment of a generic RA adapter against IBM Message Queue product fails. The permissions granted in the server.policy file is as follows.

grant {
      permission java.util.logging.LoggingPermission "control";
      permission java.util.PropertyPermission "*", "read,write";
      }

Solution

Change the permissions in the server.policy file as follows:

grant codeBase
"file:${com.sun.aas.installRoot}/lib/install/applications/adminapp/-" {
  permission java.util.logging.LoggingPermission "control";
 };

The package-appclient script does not work if domain1 is not present (6171458)

Description

By default, there is a hard-coded value in as-install/lib/package-appclient.xml for the AS_ACC_CONFIG variable for domain1 that is pointed to by asenv.conf. If domain1 is deleted and a new domain created, the AS_ACC_CONFIG variable is not updated with the new domain name, which causes the package-appclient script to fail.

Solution

Do one of the following:

1. Leave domain1 intact, and create your other domains around it.

2. Remove domain1 and replace the hard-coded value for domain1 in as-install/lib/package-appclient.xml with the new domain name.

This will have to be done every time a new domain is created if domain1 is not present.

Starting the Server with additional JMX Agent is not supported (6200011)

Description

J2SE 1.4.x, 5.0, or later can be configured on the server. An integral feature of J2SE 5.0 platform is the ability to start a JMX agent. This is activated when you explicitly set system properties at the server startup.

Example values include:

name="com.sun.management.jmxremote" value="true"
name="com.sun.management.jmxremote.port" value="9999"
name="com.sun.management.jmxremote.authenticate" value="false"
name="com.sun.management.jmxremote.ssl" value="false"

After configuring JMX properties and starting the server, a new jmx-connector server is started within the Virtual Machine. An undesirable side-effect of this is that the administration functions are affected adversely, and the Administration Console and command—line interface may produce unexpected results. The problem is that there are some conflicts between the built in jmx-connector server and the new jmx-connector server.

Solution

If using jconsole (or any other JMX-compliant client), consider reusing the standard JMX Connector Server that is started with server startup.

When the server starts up, a line similar to the one shown below appears in the server.log. You can connect to the JMXService URL specified there and perform the same management/configuration operations after successfully providing the credentials; for example:

[#|2004-11-24T17:49:08.203-0800|INFO|sun-appserver-ee8.1|
javax.enterprise.system.tools.admin|_ThreadID=10;|ADM1501: 
Here is the JMXServiceURL for the JMXConnectorServer: 
[service:jmx:rmi:///jndi/rmi://hostname:8686/management/
rmi-jmx-connector]. This is where the remote administrative 
clients should connect using the JSR 160 JMX Connectors.|#]

For more information, refer to the Sun GlassFish Enterprise Server v2.1.1 Administration Guide.

Load balancer configuration file does not get created with the endpoint URL of any web service (6236544, 6275436)

Description

When setting up the load balancer configuration with an application that has an EJB module that exports a web service URL, the context root for the web service isn't in the resulting loadbalancer.xml file.

Solution

1. Edit the loadbalancer.xml file to add the missing web module as follows:

   <web-module context-root="context-root-name"
   disable-timeout-in-minutes="30" enabled="true"/>

2. Replace context-root-name value with the context root name of the web service that was exposed as an EJB.

.asadmintruststore file not described in the Enterprise Server documentation (6315957)

Description

The .asadmintruststore file is not described in the Enterprise Server documentation. If this file does not exist in the server administrator's home directory, you may experience serious bugs when upgrading certain applications hosted on the server.

Solution

• If possible, the asadmin start-domain domain1 command should be run by the user who installed the server.

• If it is not run by that user, the .asadmintruststore should be moved or copied from the home directory of the user who performed the installation to the home directory of the user who is running the server.

• Note that if the file is moved (not copied) from the installing user's home directory to the running user's home directory, you might experience application upgrade problems, as described in bugs 6309079, 6310428 and 6312869, because the upgrade/install user (normally root in Java ES) will no longer have the .asadminstruststore file in his or her home directory.

Clustered instances fail to start due to a timeout in reaching the JMS broker (6523663)

Description

The default MQ integration mode for a Enterprise Server cluster instance is LOCAL. When Enterprise Server is installed in a location (PATH) that is long (read “not short”), imqbrokerscv.exe crashes when the cluster instance starts. The problem is a memory allocation problem in imqbrokersvc.

Solution

The JMS service type for the cluster instance must be changed from the default LOCAL to REMOTE. In this configuration, all the instances point back to the DAS broker. Follow the instructions below to configure a cluster in REMOTE mode.

Using the command-line

Before You Begin

Modify the port and password file according to your environment. Note that in the instructions below, the cluster name is racluster, the DAS admin port is 5858, and the DAS JMS port is 7676.

1. Modify the cluster configuration, changing the JMS type to REMOTE.

   as-install/bin/asadmin.bat set --port 5858 --user admin --passwordfile \
   as-install/bin/password_file racluster.jms-service.type=REMOTE

2. Create a JMS host corresponding to the DAS JMS host.

   as-install/bin/asadmin.bat create-jms-host --port 5858 --user admin --passwordfile \
   as-install/bin/password_file --target racluster --mqhost localhost --mqport 7676 \
   --mquser admin --mqpassword admin dashost

3. Set the default JMS host to be the DAS JMS host created in the previous step.

   as-install/bin/asadmin.bat set --port 5858 --user admin --passwordfile \
   as-install/bin/password_file racluster.jms-service.default-jms-host=dashost

Using the Admin GUI

1. Go to Configurations->cluster-name-config->Java Message Service->JMS Hosts.
2. Click New to create a new JMS host; name it dashost.
3. Enter configuration settings corresponding to the JMS service for the DAS; defaults are as follows:

   • Hostname: localhost

   • Port: 7676

   • Admin user: admin

   • Password: admin

   Modify these settings as appropriate for your DAS JMS service.

4. Navigate back to the Java Message Service tab, and change the JMS service type to REMOTE (default is LOCAL).
5. Choose dashost from the default-jms-host drop-down list.
6. Save the changes, and then start your node-agent or cluster.

Cannot display jmaki chart in Netscape 8.1.3, Mozilla 1.7 and Safari 2.0.4 browsers (6543014)

Description

When trying to display a chart from the Log Statistics Monitoring page using some unsupported browsers, the following error may be thrown:

Error loading jmaki.widgets.jmaki.charting.line.Widget : id=form1:jmaki_chart11
Script: http://easqelx5.red.iplanet.com:4848/resources/jmaki/charting/ \
line/component.js (line:5437).
Message: area.initialize is not a function

Solution

Use a supported browser. Refer to Browsers for a list of browsers supported by Enterprise Server v2.1.1.

Default ports changing in each AS major release (6566481)

Description

The default admin port has changed in each of the past three major Enterprise Server releases. Specifically, the default admin ports in 7.x, 8.x, and 9.x are as follows:

• AS 7.x: 4848

• AS 8.x: 4849

• AS 9.x: 4848

Solution

This is not a bug, but something to be aware of. The default admin port is just a recommendation. It is anticipated that future Enterprise Server releases going forward will retain the default 4848 port.

The create-domain command fails with custom master password in AIX (6628170)

Description

On the AIX operating system, an attempt to create a domain with a custom master password fails with the following error:

keytool error (likely untranslated): java.lang.NullPointerException
 Enter keystore password:  New keystore password:

Solution: (AIX) To Create a Domain With a Custom Master Password

1. Create a shell script that contains the following lines of code:

   #!/bin/sh
   changeKeystorePass() {
     keytool -storepasswd -keystore ${KEYSTORE} -storepass ${OLD} -new ${NEW}
   }
   changeTruststorePass() {
     keytool -storepasswd -keystore ${TRUSTSTORE} -storepass ${OLD} -new ${NEW}
   }
   changeKeyPass() {
     keytool -keypasswd -alias s1as -keystore ${KEYSTORE} -storepass ${NEW} -keypass ${OLD} -new ${NEW}
   }
   changeDomainPasswordEntry() {
     keytool -storepasswd -storetype JCEKS -keystore ${DOMAINPASSWORDS} -storepass ${OLD} -new ${NEW}
   }
   deleteMasterPasswordFile() {
     if [ -f ${DOMAIN_PATH}/master-password ] ; then
       echo Deleting ${DOMAIN_PATH}/master-password
       rm -f ${DOMAIN_PATH}/master-password
     fi
   }
   DOMAIN_PATH=$1
   OLD=$2
   NEW=$3
   if [ $# != 3 ] ; then
     echo Usage: $0 domain-path old-master-pass new-master-pass
     exit 1
   fi
   echo Processing ...
   if [ ! -f ${DOMAIN_PATH}/config/domain.xml ] ; then
     echo "Domain with folder ${DOMAIN_PATH} does not exist, create it first"
     exit 2
   else
     KEYSTORE=${DOMAIN_PATH}/config/keystore.jks
     TRUSTSTORE=${DOMAIN_PATH}/config/cacerts.jks
     DOMAINPASSWORDS=${DOMAIN_PATH}/config/domain-passwords
     changeKeystorePass
     changeTruststorePass
     changeKeyPass
     changeDomainPasswordEntry
     deleteMasterPasswordFile
   fi

2. Create a domain, specifying the default master password.

   aadmin create-domain {--adminport aminportno|--portbase portbase} domain-name
   Please enter the admin user name>admin-user
   Please enter the admin password>admin-user-password
   Please enter the admin password again>admin-user-password
   Please enter the master password [Enter to accept the default]:>
   Please enter the master password again [Enter to accept the default]:>

   The default master password is changeit.

3. Change the master password of the domain that you have just created.

   To change the master password, run the script that you created in Step 1.

   script-name domain-path old-password new-password

4. Start the domain that you created in Step 2.

   asadmin start-domain domain-name

   Because the domain has a custom master password, you are prompted for the master password.

5. In response to the prompt, type the new master password.
6. For domains that are configured to support clusters, create and start a node agent.
   1. Create a node agent for the domain that you created in Step 2.

      asadmin create-node-agent --port portno --user admin-user

   2. Start the node agent that you created in Step a.

      asadmin start-node-agent

      Because the domain has a custom master password, you are prompted for the master password.

   3. In response to the prompt, type the new master password.

See Also

The following Enterprise Server man pages:

• create-domain(1)

• create-node-agent(1)

• start-domain(1)

• start-node-agent(1)

AIX: 0403-027 The parameter list is too long (6625591)

Description

On the AIX operating system, some OS-related operations might fail with the following error:

0403-027 The parameter list is too long

Examples of OS-related operations are deploying applications or running the application client container.

This issue is commonly caused by long file paths in the CLASSPATH environment variable.

Solution

Use one of the following solutions:

• Increase the maximum length of the command line. For more information, see (AIX) To Increase the Maximum Length of the Command Line.

• Use the xargs command to construct the argument list and start the command. The xargs command allows commands to exceed the maximum length of the command line.

(AIX) To Increase the Maximum Length of the Command Line

The ncargs attribute determines maximum length of the command line, including environment variables. On the AIX operating system, the default value of the ncargs attribute is four, 4–Kbyte blocks. To ensure that Enterprise Server commands do not exceed the maximum length of the command line , increase this value to 16 4–Kbyte blocks.

1. Determine the value of the ncargs attribute.

   lsattr -EH -l sys0 | grep ncargs

2. If the value of the ncargs attribute is less than 16 4–Kbyte blocks, increase the value to 16.

   chdev -l sys0 -a ncargs=16