Starting and Stopping Services

In order to start services, the following configuration files must be updated for the specific site configuration:

$NMS_HOME/etc/system.dat.model_build

$NMS_HOME/etc/system.dat

$NMS_HOME/etc/system.dat.init

Starting Services

To start services, complete these steps:

1. Login to the server machine as the Oracle Utilities Network Management System Admin user.

2. Enter:

sms-start

SMService starts. It reads and caches the system.dat file by default and starts the remaining services based on the data it just cached.

Note: Using the -f [filename] option with sms-start will override the default behavior and SMService will cache the specified file instead (for example, system.dat.init or system.dat.model_build).

Stopping Services

• To stop clients:

sms‑stop -c

Stop all user sessions with the -c option, which notifies Web Workspace clients that the administrator is forcing an exit. The session stops immediately if users acknowledge the dialog box or automatically after a 5 second delay.

• To stop services:

sms‑stop -s

When stopping services, you may have other tools running. The services are the core dependencies of all applications, so when services are stopped, all tools should be stopped and then restarted after the services have been re-launched.

• To stop both clients and services:

sms‑stop -a

Note: Occasionally, there are tools or isis processes that may continue to exist as defunct and/or hung processes after the above commands do (or do not) run to completion. Check the process list on the Unix machines for these processes and kill them prior to restarting. Otherwise, otherwise the system may not restart properly.

• To set all users as logged out in the CES_USER_LOG table:

sms‑stop -u

Note: This should only be done when all users are told to stop their processes.

Starting and Stopping the WebLogic Managed Server

Additional scripts are provided to start and stop the WebLogic managed server individually and in parallel with starting or stopping services. These require configuration from the nms‑wls‑config script.

nms‑wls‑config

Generates the configuration required for nms-wls-control, nms-all-start, nms-all-stop, and the WebLogic portion of nms-snapshot. This script has several subcommands. Run "nms-wls-config -h" for full script overview and "nms-wls-config <subcommand> -h" for individual subcommand help. These scripts make REST calls using certificate‑based authentication to communicate with the WebLogic AdminServer. Configuration files are stored in the $NMS_HOME/etc/wls directory. Initial configuration requires the following steps.

1. Configure WebLogic AdminServer and security realm

Prerequisites:

• WebLogic AdminServer is configured to use SSL

For each WebLogic domain, run "nms-wls-config realm <url> <username>" to validate and update configuration. <url> is Base URL for the WebLogic admin console. <username> is the username used to authenticate. The password for connecting to the AdminServer can be passed with the --password option. Otherwise, you will be prompted to enter the password. This command checks the following configuraiton. If any of these are not correctly configured, the user will be prompted whether to update WebLogic.

• Two-Way SSL is enabled in AdminServer.

• The default security realm has "Default User Name Mapper" enabled.

• DefaultIdentityAsserter has have X.509 as an active type.

• Default User Name Mapper Attribute Type is "CN".

Example usage:

nms-wls-config realm http://weblogic.example.com:7001 weblogic

2. Create or import client certificate(s).

Certificate-based authentication is used so that the user does not need to enter a password. This requires the use of a client SSL certificate. One can be created or an existing certificate can be imported. The following command creates a certificate:

nms-wls-config cert [--days DAYS] <user>

<user> is the username to authenticate as with the WebLogic AdminServer. --days specifies the number of days the certificate is valid. If not specified, 365 is used.

Example usage:

nms-wls-config cert weblogic

This is the equivalent of the following openssl command:

openssl req -x509 -newkey rsa:4096 -sha256 -days 365 -nodes -keyout $NMS_HOME/etc/wls/cert/weblogic.key -out $NMS_HOME/etc/wls/cert/weblogic.crt -subj /CN=weblogic

The following command imports an existing certificate:

nms-wls-config import <name> <certfile> <keyfile>

<name> is the name to use for the certificate, <certfile> is the path of the certificate file, and <keyfile> is the path of the key file.

Example usage:

nms-wls-config import weblogic ./weblogic.crt ./weblogic.key

Regardless of where an existing certificate or newly created certificate is used, the certificate must be imported into the trust store used by the WebLogic admin server. The certificate file (for example, weblogic.crt) must be copied to the host where the admin server runs and keytool used to import the certificate into the trust store. If Java Standard Trust is used, the following command can be run as the owner of $JAVA_HOME, changing "weblogic" to the alias used for the entry and "./weblogic.crt" to the path to the certificate file.

$JAVA_HOME/bin/keytool -import -trustcacerts -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -alias weblogic -file ./weblogic.crt

Once the certificate is imported, the AdminServer needs to be restarted for it to take effect.

3. Add WebLogic domains to configuration

For each WebLogic domain, run the following command:

nms-wls-config add [--cert CERT] [--servers SERVERS] <domain> <url>

CERT is the name of the certificate to use. If not passed, you will be prompted.

SERVERS is a comma-separated list of managed servers to control in the domain. If not passed, you will be prompted.

<domain> is the name to use for the WebLogic domain.

<url> is the base URL for the WebLogic admin console. This must use the https protocol.

4. Validate configuration.

Run nms-wls-config check to validate WebLogic configuration files.

nms-wls-config can also be used to create WebLogic managed servers.

It uses a configuration file in the INI format. A template configuration file can be generated with the server-template subcommand. This subcommand takes the name of the configuration file to create as a parameter.

nms-wls-config server-template nms_server1.cfg

The template file is self-documenting. It should be edited and then passed to the create-server command to create the managed server and related configuration in WebLogic.

nms-wls-config create-server nms_server1.cfg

The managed server and related configuration can be deleted by passing the same configuration file to the delete-server subcommand.

nms-wls-config delete-server nms_server1.cfg

About the Configuration File

There are several fields in this file for passwords in the configuration file. If these fields are left unpopulated, the user will be prompted for those passwords at run time. These are the sections of the configuration file.

[weblogic]

This section configures the connection to the WebLogic admin server. This can be done in one of two ways:

1. Specify the key wls_domain matching a domain name already configured by nms‑wls‑config add. This will connect using the existing configured authentication.

2. Specify the keys wls_url, wls_user, and wls_pass (optionally) to the URL of the WebLogic admin server and login credentials.

[managed_server]

This section specifies managed server configuration options. The name should not match an existing managed server and each managed server should specify a different value for suffix. The nms_deployments should be updated to reflect all of the NMS ear files that will be deployed to the managed server, since this affects some of the associated WebLogic configuration.

[ssl]

Configures the SSL options for the managed server.

[cluster]

Configures whether the managed server will be deployed to a WebLogic cluster.

[cesejb]

Additional configuration only used for cesejb deployments.

[jdbc]

Configuration for JDBC Data Sources.

[jms]

JMS Foreign server configuration. This is only used for cesejb and nms-ws deployments.

[log_rotation]

Settings for managed server log rotation.

nms-wls-control

Uses the WebLogic RESTful Management Interface to start, stop, or get the status of WebLogic managed servers associated with an NMS environment. This requires configuration created by the nms-wls-config script.

If one or more managed server names are passed as parameters, the command will only apply to the specified managed servers. Otherwise, all configured managed servers will be controlled.

If the -w option is used for the start and stop commands, nms-wls-control will wait until the command is finished. Otherwise, it will return as soon as the command to start or stop is submitted.

Usage:

nms-wls-control start|stop|status [-w] [servers]

nms-all-start

Starts NMS services and the WebLogic managed server in parallel using sms-start and nms-wls-control. This requires configuration created by the nms-wls-config script.

Usage:

nms-all-start

nms-all-stop

Stops NMS services and the WebLogic managed server in parallel using sms-stop and nms-wls-control. This requires configuration created by the nms-wls-config script.

Usage:

nms-all-stop