Automated upgrade process

One of the services we run is apache-tomcat.  I was asked to upgrade it to the latest version on 3 of our environments.  Normally you’d kick of something like yum update or the like, but we download packages manually, extract them, copy config files, logs, extras, etc over and then restart the service.  So it’s pretty straight forward and give the option for a super easy rollback if needed.

 

I don’t feel like it’s appropriate to post the script here, but I’ll post a couple of the things I learned while doing it:

 

I had seen the ‘case $1’ used before and understood it, but never implemented it.  I set it up to have 2 options
-v for verbose output

-h for help and then exit program

 

This_Tomcat_File="${To_Download##*/}"

This little bit of code will take the file that you enter (which would be something like http://mirrors.sorengard.com/apache/tomcat/tomcat-9/v9.0.13/bin/apache-tomcat-9.0.13.tar.gz and then get just the file name, so it would be something like apache-tomcat-9.0.13.tar.gz

 

This_Tomcat_Directory="${This_Tomcat_File%.tar.gz}"

What this does is remove the tar.gz part of the file, so I know what directory I’m working with – useful if you need to change a symlink or something like that.

 

read -n 1 -srp "Press any key to continue..."

This was a pause I’d put in the script to make sure it was behaving appropriately.

 

There were other little things like if statements that got me tripped up for a bit and other times I’d mis typed something or the other, but as far as I can tell, it’s working.  I’ll not be running the script today though so I’ll save it for later.

 

What I like most about doing things like this, is it solves a problem not just the one or two or fifteen times, but all of the rest of the times that you’d normally have to upgrade something.  Even though it took me a about 2 hours to do, it will save lots of time in the long run and anyone else can run it if they have the right permissions.

 

It reminds me of the scene in the movie “Ender’s Game” where Ender is jumped in the bathroom by 2 or 3 guys but Ender surprises them and beats one guy up a few inches from his life.  When he was questioned about it later, and was asked why he beat the guy up so hard and continued to beat him up after it was obvious that he won the fight and was able to get away.  His answer was something like ‘I didn’t want to win this fight, but all the fights going forward’.  And the bully never fought him again, thus solving his bully problem completely and allowing him to focus on other things.  I like to think of this in the same way – it’s solved (I mean probably, I’m sure there’s things I could improve on and extend) and can move on to bigger and better.

 

Half way done with Sybex book

I can’t believe it, but I am a little over halfway through the Sybex 8th edition book.  It’s a monster and pretty detailed so the way I’ve been going through it is taking the end of chapter quizzes and then reviewing the chapter, based on how well I did on the quiz.  Some a better than others, but his in this way I can focus on the areas I’m weak in the most.  After that it’s gonna be Larry’s videos and more practice tests.

 

Based on the next few days of work and having Thursday off, my goal is to finish the book before this coming up Sunday, so I have 4 days plus today to get it done.  I sort of want to test before the end of the year, that way I can free up some time to go through other material that I have – AWS, DevOps, scripting, etc – but the other part of me wants to make sure I can pass the test during the first try, since I’m paying for it out of pocket.

Friend got a new job

So a good friend of mine got a new job recently!  Way better environment, doing something he loves, closer to work, better pay, etc etc.   Coincidentally he works in the same building as I do, for the time being, but once he get Clearance he’ll move to his permanent location.

 

He’s worked hard, had his job relocated but took something else that was more of a lateral move, finally finished his Masters Degree and was working hard on side projects and interviewing at a ton of different places.  And after all that work, it finally happened.  I am so proud and happy for him, and it goes to show, that if you work hard and don’t give up, reach out to people (that’s how he got it, the position wasn’t even open) then good things can happen.

 

On a side note, CISSP has been going well, but we are getting back into the time that we’ll be working on more controls soon.  I’m doing 1 chapter a day out of the official Sybex book after I take that chapters test.  I have also been watching the videos from Larry, and they are ok, but he rambles and I don’t get a lot out of it.  Keep on grinding.

 

I was given a VM to upgrade Alfresco to a while back .  I did it, and passed the information off to the person who needed it.  When he got back to me to make some changes (basically set up a reverse proxy on it and match the /jira to the port jira is on, etc), I started digging and realized a few things:

  1. I didn’t document what I was doing, so now that I’m going back into it, it’s taking me longer to realize the changes I made
  2. I removed Alfresco and re downloaded it and somewhere along the way there was another account for it so that got confusing
  3. I didn’t install the application the same way that it is on the production server – some of the directories are in different places, etc.
  4. The VM is running Centos 6.8
  5. Almost all the RAM and half the swap are in use, even though no ones using it

So with all of these things I thought it would be best to remake the VM with a fresh install.  I also spoke with the person who I passed it off to in the first place and he said it was running kinda slow – even though nothing was really loaded on to it.

 

What I (re)learned from this:

  1. Gather requirements before you make changes and be adaptable in your approach.
  2. Upgrade to the latest OS if possible before you install a service.  If we left it on 6, then we’d just have to go through the upgrade and migration again in a few years vs a couple extra hours rebuilding it (if that, more like 1 hour)
  3. Documentation.  Write things down, even if it’s the website you followed because then you don’t have to spend more time solving the problem of searching for what you did + actually doing the work
  4. From there, you can automate the process of the actual work

 

SAP Business Objects

Today I was given the task of setting up SAP Business Objects on a new VM we set up a few weeks ago.  The guide I had was for Centos 6 (we are using 7) and was for a previous version of Business Objects, but I was able to get through it.  Here are few things that I learned.

 

The install didn’t work unless the /etc/centos-release file was edited to reflect a previous version of centos.  I want to say I changed it to version 6.7 Santiago.

 

I had seen the ‘tnsping’ command used before, but never actually used it myself so that was fun to try.  Also, I hadn’t used the ‘sqlplus’ command to query/connect to a database.  Our environment uses TNS files (.ora) so I copied the most recent version to the correct directory of my installation.  It didn’t work though.  I thought I was going crazy because it was working the last time I checked in TOAD.  I went to Hardy, and he figured it out quick.  Basically, the ‘dos2unix’ command was issued on the file to convert the CRLF into what Linux understands – almost exclusively we use Windows, but for servers it’s Linux.  So that was good to see.

 

Also, the ‘file’ command was pretty cool – basically it shows what a file is even if the extension is something else.  There are times when this would be good to use, like for email if you can’t send an attachment (like .docx) you could rename it to a different extension and the mail server would take it just fine.  But this would look at the actual file and not the extension.

 

I don’t have a lot more to write about installing it – it was pretty straightforward, but I did update the document I was given & learned some things along the way.  There is more configuration I’m doing tomorrow with another co worker to configure it.

 

I also took another Boson CISSP exam the other day and passed!  It was 73% and there was one domain that I scored something like 55% in, one I just barely failed and was above passing for the rest of the Domains.  I’m going to keep chipping away at that.  I also bought a few courses today from Udemy: one on DevOps (kind of an overall big course), one on Ansible/Puppet and a third on Wireshark, tcpdump & snort.  Hopefully I’ll be able to get to them after CISSP is done.