Integrity-Check
The Integrity-Check is started automatically during installation of VISULOX to make sure, that all requirements are met for a properly running system.
However Integrity-Check can also be used in an already running environment for diagnose purpose.
Integrity-Check can be started via the visulox command:
visulox integrityIn the quiet mode no shell output and no log entries in /tmp/visulox-integrity.log are written.
Only the Integrity-Check exit code will be returned:
visulox integrity -quietAvailable Integrity-Check commands
| Command | Description |
|---|---|
| -sw | Check of online software status |
| -vlx | Check the VLX Services and cluster ports |
| -sys | Check the system environment |
| -lib | Check for missing libs |
| -cmd | Check command for missing libraries |
| -disk | Check disk |
| -users | Check VISULOX transit users |
| -portal | Check the VISULOX PORTAL Service |
| -cert | Check certificates within VISULOX and VISULOX PORTAL |
| -store | Check store |
| -recorder | Check recorder |
| -datasources | Check datasources |
| -assignments | Check datastore assignments and dynamic applications |
| -license | Check license |
| -policies | Check policies (VISULOX must be online) |
| -index | Check index |
| -scripts | Check scripts |
| -x11forward | Check x11forward |
| -gate | Check gate config |
| Check mail configuration |
General commands
| Command | Description |
|---|---|
| -format <value> | Format of output (text,xml,csv,json,tcl) <text> |
| -verbose | More messages on stdout |
| -- | Forcibly stop option processing |
-help | Print this message |
| -? | Print this message |
Usage
visulox integrity
Please wait ....
Integrity-Check: amitego engineering - in house license / beta2-3.1.1 / 2016-07-12 12:46:32 UTC
-----------------------------------------------------------------------------------
| option | cat | info | returnCode |
-----------------------------------------------------------------------------------
| -license | check | Evaluation | WARNING(2) |
| -sys | Script /opt/visulox/tools/filecheck.sh | not configured | WARNING(2) |
| -sys | Script /opt/visulox/tools/event.sh | not configured | WARNING(2) |
| -portal | 5.60 Warnings | see logfile | WARNING(2) |
-----------------------------------------------------------------------------------
ExitCode: WARNING
Check the warnings. For more information see /tmp/visulox-integrity.log
visulox integrity -portal
---------------------------------------------------------------------------
| option | cat | info | returnCode |
---------------------------------------------------------------------------
| -portal | core | PORTAL 5.60 | SUCCESS(0) |
| -portal | connect | yes | SUCCESS(0) |
| -portal | webtop | ok | SUCCESS(0) |
| -portal | var | security-xsecurity ok | SUCCESS(0) |
| -portal | var | xpe-maxsessions ok | SUCCESS(0) |
| -portal | var | xpe-maxusers ok | SUCCESS(0) |
| -portal | role | administrator is root | WARNING(2) |
| -portal | array | P: mp-vlx32-ol7.tbsol.de | SUCCESS(0) |
| -portal | security-gateway | mp-vlx32-ol7.tbsol.de is good | SUCCESS(0) |
---------------------------------------------------------------------------visulox integrity -cert
-------------------------------------------------------------------------------------------------
| option | cat | info | returnCode |
-------------------------------------------------------------------------------------------------
| -cert | SSL-CERT | issuer = /C=de/ST=de/O=amitego/CN=test.tbsol.de | SUCCESS(0) |
| -cert | SSL-CERT | subject = test.tbsol.de | SUCCESS(0) |
| -cert | SSL-CERT | serial = EA8628EF3B3A7F44 | SUCCESS(0) |
| -cert | SSL-CERT | from = 2016-12-16 09:12 | SUCCESS(0) |
| -cert | SSL-CERT | until = 2017-12-16 09:12 | SUCCESS(0) |
| -cert | SSL-CERT | remain = 360d 21h | SUCCESS(0) |
| -cert | PEER-CERT | issuer = /CN=mp-ol6u3-devel.tbsol.de CA Cert | SUCCESS(0) |
| -cert | PEER-CERT | subject = test.tbsol.de CA Cert | SUCCESS(0) |
| -cert | PEER-CERT | serial = 9F3D8E05D8800F22 | SUCCESS(0) |
| -cert | PEER-CERT | from = 2013-07-15 12:20 | SUCCESS(0) |
| -cert | PEER-CERT | until = 2023-07-13 12:20 | SUCCESS(0) |
| -cert | PEER-CERT | remain = 2395d 23h | SUCCESS(0) |
| -cert | SSL-CA | issuer = /C=de/ST=de/O=amitego/CN=test.tbsol.de | SUCCESS(0) |
| -cert | SSL-CA | subject = test.tbsol.de | SUCCESS(0) |
| -cert | SSL-CA | serial = EA8628EF3B3A7F44 | SUCCESS(0) |
| -cert | SSL-CA | from = 2016-12-16 09:12 | SUCCESS(0) |
| -cert | SSL-CA | until = 2017-12-16 09:12 | SUCCESS(0) |
| -cert | SSL-CA | remain = 360d 21h | SUCCESS(0) |
-------------------------------------------------------------------------------------------------Integrity check with the parameter -cert shows the status of the both VISULOX PORTAL certificates. PEER-CERT and SSL-CERT.
The serials can be displayed on the local VISULOX GATEWAY with the command visulox-gateway server list and have to match with the serials of the VISULOX PORTAL certificates.
Integrity check shows a warning, when the lifetime is lower than 30 days or an error when the lifetime is expired.
visulox integrity -disk
Please wait ...Integrity-Check: VISULOX EVALUATION / xdevelopment / development
------------------------------------------------------------------------------------------
| option | cat | info | returnCode |
------------------------------------------------------------------------------------------
| -disk | Diskspace | ok in base (base threshold at 2.0GB has 39.67GB) | SUCCESS(0) |
| -disk | Diskspace | ok in var (var threshold at 5.0GB has 39.67GB) | SUCCESS(0) |
| -disk | Diskspace | ok in data (data threshold at 20.0GB has 39.67GB) | SUCCESS(0) |
| -disk | Diskspace | ok | SUCCESS(0) |
| -disk | DB Partition | ok fileserver.tbsol.de:/home/users/xxx | SUCCESS(0) |
| -disk | DB Partition | needs atleast 157.30MB - has 39.67GB | SUCCESS(0) |
------------------------------------------------------------------------------------------
ExitCode: SUCCESSAmong the checks also the diskspace for the database is checked. VLX_DATADIR must have at least 2.5 of size of the database available because VACUUM creates a copy of the database.
For example: a 4GB database needs 6 GB free diskspace. The diskspace is checked with integriy check.
Troubleshooting
VISULOX PORTAL connect failure
On servers, where VISULOX Service is installed together with VISULOX PORTAL Service, the connection to the VISULOX PORTAL Service can be checked with a small tool:CODE/opt/visulox/lib/utils/sgd.tcl check Check connections --------------------------------------------------------------------------------------------------------------------------- | scottasessionid | scottasessionowner | --------------------------------------------------------------------------------------------------------------------------- | test-ol6u5.tbsol.de:1434362892796:1108252004568201775 | {.../_ens/o=Tarantella System Objects/ou=Visulox/cn=test-ol6u5} | ---------------------------------------------------------------------------------------------------------------------------
The following command reinstalls the necessary VISULOX PORTAL Service components on the server and mostly fixes connection errors:CODEvisulox portal attach- VISULOX PORTAL Service warnings
More details can be found in visulox-integrity.log. The Java tuning values should be adjusted for the environment.
Mostly, the following settings will be adequate:- tuning-jvm-initial: 1024
- tuning-jvm-max: 2048
- tuning-jvm-scale: 150
Adjust the values, with:
visulox-portal config edit --tuning-jvm-initial 2048
visulox-portal config edit --tuning-jvm-max 2048
visulox-portal config edit --tuning-jvm-scale 150The following VISULOX PORTAL Service default values should also be checked:
- sessions-timeout-always
- sessions-timeout-session
- webtop-session-idle-timeout
Changes of VISULOX PORTAL Service configurations is known to VISULOX after "visulox portal attach -portal".
- "Administrator is root" warning
The warning can be disabled by adding a new administrator to VISULOX PORTAL:
Add a user
CODEuseradd <name of the new portal administrator> passwd <name of the new portal administrator>Add the new administrator to the VISULOX PORTAL administrators
CODEvisulox-portal object edit --name "/o=tarantella system objects/cn=administrator" --user adminAfter changes to the VISULOX PORTAL, VISULOX needs to be reregistered
CODEvisulox portal attachDoing a VISULOX Integrity-Check again, the warning has disappeared. root can be removed from the administrators list.
event.sh and filecheck.sh missing
The files event.sh.template and filecheck.sh.template in /opt/visulox/tools/ must be copied to event.sh and filecheck.sh, if needed.
The correct permission (0550 / vlx:vlxgroup) has to be set as well for these files.CODEcd /opt/visulox/tools cp events.sh.tmplate events.sh cp filecheck.sh.template filecheck.sh chown vlx: events.sh filecheck.sh chmod 0550 events.sh filecheck.sh