Wow! Please! Do it again!

Saturday, May 28, 2016

Everybody loves NPE


Sunday, April 13, 2014

Sharing is Caring: WebSphere Application Server 8.5

Environment Setup
OS: AIX 7.1, WAS + IHS 8.5.0.2

#1. IHS (IBM HTTP Server) slows to a crawl during high load
Observation: Slow response times (up to minutes), errors in http_plugin.log suggests an issue with SSL & GSKit.

Fix: IBM had a fix for the GSKit component a month ago, but no, they didn't feel the need to inform other customers running the same version of their product.

Lesson Learnt: Stress test must cover static resources too (e.g. images, stylesheets, javascripts, fonts).

#2 WAS (WebSphere Application Server) memory leak
Observation: OutOfMemoryError (duh!), due to usage of JMS Queue Connection Factories over a long period of time (more than 12 hours).

Fix: IBM came out with a spanking new fix.

Lession Learnt: Endurance stress test should span across a few days.

How to enable debug mode in production

"I don't always enable debug mode, but when I do I do it in production" -Biggest bank in Malaysia





Thursday, February 13, 2014

How To: Setup a Forward Proxy using IBM HTTP Server

First of all, this is a setup for a forward proxy, not a reverse proxy. Too many people have believed that God only created reverse proxies. For example, "Let's create a reverse proxy to allow our applications to connect to the Internet", or "Our application is sitting in the secure zone and needs to access this API available on the internet. All I need is a reverse proxy". Enough is enough!

Version(s):
1. IBM HTTP Server 8.5.0.2 (IHS)
2. AIX 7.1 (not that it matters)

Example scenario:
  • 2-tier firewall architecture
  • the web server (with IHS installed) behind the Tier-1 firewall.
  • the application server (e.g. WAS, Tomcat) behind the Tier-2 firewall
  • need to connect to https://some.bloody.api.com from the application via HTTPS

Step(s):
1. Make sure all firewall ports are open. Get your favourite firewall-opener (usually a person) to open the ports from your application server to the web server, let's say port 8080. Also, from the web server to the target site.
2. Time to modify the IHS config, the one and only httpd.conf
  • Search the keyword "Listen" and add the following line. Your proxy will start listening at this port.
     Listen 8080  
    

  • Uncomment the following lines, if they aren't already
     LoadModule proxy_module modules/mod_proxy.so  
     LoadModule proxy_connect_module modules/mod_proxy_connect.so  
     LoadModule proxy_http_module modules/mod_proxy_http.so  

  • Modify the "Proxy Server directives" section, to look like the following. APPSERVER1 and APPSERVER2 are the "clients" of this proxy. If the target port is not the standard HTTP (80) or HTTPS (443); for example https://some.bloody.api.com:6767/services, then add 6767 to the AllowCONNECT list of ports.
 #  
 # Proxy Server directives. Uncomment the following lines to  
 # enable the proxy server:  
 #  
 <IfModule mod_proxy.c>  
 #Enable the forward proxy server. Note: Do not use the ProxyRequests directive if  
 #all you require is reverse proxy.  
 #  
 ProxyRequests On  
 #  
 <Proxy *>  
   Order deny,allow  
   Allow from 127.0.0.1 APPSERVER1 APPSERVER2   
   Deny from all       
 </Proxy>  
 #  
 # Enable/disable the handling of HTTP/1.1 "Via:" headers.  
 # ("Full" adds the server version; "Block" removes all outgoing Via: headers)  
 # Set to one of: Off | On | Full | Block  
 #  
 ProxyVia On  
 AllowCONNECT 8080 80 443 6767  
 </IfModule>  
 # End of proxy directives.  

Have a break, have a Samsung Galaxy S2 on KitKat!

It's been a while since the last post. Because they were all Jelly Bean releases! 4.1, 4.2, 4.3... Enough is enough! Then came KitKat, but guess what, oh no, there's no maintainer for my phone model for CM11. Thanks to XDA, I came to know of OmniROM, which I've tried but regretted (there were 3 different packages for gapps, what's up with that?). However, the difference in smoothness compared to Jelly Bean was amazing. I couldn't go back to CM10.2. Then I found CyanFox, a modified version of CM11 and possibly other ROMs. It's fast, and nothing feels broken so far. How am I going to change my phone now? :P


Highest scores on JellyBean vs KitKat


Saturday, August 31, 2013

SGS2: Flash CM10.2 20130831 Nightly Build

Steps:
1. Downloaded cm-10.2-20130831-NIGHTLY-i9100.zip and copied to internal SD. Verified MD5 checksum (57c8450efbd3cf145dfb751c595fbd9c).
2. Downloaded gapps-jb-20130813-signed.zip and copied to internal SD. Verified MD5 checksum (1f51b5cc6370c1f45dc951109b6ce6ed).
3. Reboot into CWM Recovery.
4. Created backup.
5. Flashed cm-10.2-20130831-NIGHTLY-i9100.zip
6. Flashed gapps-jb-20130813-signed.zip
7. wipe cache partition.
8. advanced > Wipe Dalvik Cache.
9. Reboot.