Elasticsearch in HCL Connections Componentpack is secured with Searchguard and needs certificates to work properly. These certificates are generated by bootstrap during the initial container deployment with helm.
These certificates are valid for 10 years (chain_ca.pem) or 2 years (elasticsearch*.pem) and stored in the Kubernetes secrets elasticsearch-secret, elasticsearch-7-secret. So when your HCL Connections deployment is running for 2 years, the certficates stop working.
Last week I played around with the HCL Connections documentation to backup Elasticsearch in the article Backup Elasticsearch Indices in Component Pack.
In the end I found that I couldn’t get the snapshot restored and that I have to run a command outside of my Kubernetes cluster to get a snapshot on a daily basis. That’s not what I want.
During a migration from Cognos Metrics to Elasticsearch Metrics, I had some issues with the index. So I wanted to create a backup of the already migrated data and start over from scratch.
The official documentation has an article on the topic: Backing up and restoring data for Elasticsearch-based components, but I had to slightly adjust the commands to get a successful snapshot.
CVE-2021-44228 was a very serious problem end of 2021, and we are still finding new occurrences, or security teams scan servers and find vulnerable log4j files. Don’t get me wrong most of these occurrences are not vulnerable any more, because the JVM is hardened like in the Elasticsearch 7 containers, or they use of the JVM parameter -Dlog4j2.formatMsgNoLookups=true.
Today I activated Elasticsearch Metrics and Typeahead Search on my demo HCL Connections cluster.
To my surprise the indices weren’t created and I got errors on the wsadmin.sh commands.
SearchService.createESQuickResultsIndex() I checked the Elasticsearch pods which showed a running state, but the logs showed following messages:
With IBM Connections 6 you can deploy the additional component Orient Me, which provides the first microservices which will build the new IBM Connections pink. Orient Me is installed on top of IBM Spectrum Conductor for Containers (CFC) a new product to help with clustering and orchestrating of the Docker containers.
Last week I wrote a post about Using Docker and ELK to Analyze WebSphere Application Server SystemOut.log, but i wasn’t happy with my date filter and how the websphere response code is analyzed. The main problem was, that the WAS response code is not always on the beginning of a log message, or do not end with “:” all the time.
I often get SystemOut.log files from customers or friends to help them analyzing a problem. Often it is complicated to find the right server and application which generates the real error, because most WebSphere Applications (like IBM Connections or Sametime) are installed on different Application Servers and Nodes. So you need to open multiple large files in your editor, scroll each to the needed timestamps and check the lines before for possible error messages.
