Develop Reference

How to set job failure alerts in oozie?

I am oozie on Hue interface where i would like to get the email alerts for any killed/Failed/long runnig jobs.
Is there any way to get this.
Below is the component list:
Component Version
Hue 2.6.1
HDP 2.3.6
Hadoop 2.7.1
Oozie 4.2.0
Ambari 2.6.0

You can use the below action
<action name="ErrorHandler">
<email xmlns="uri:oozie:email-action:0.1">
<to>${notify}</to>
<subject>FAILURE - Automated email notification for process</subject>
<body>The upload process for <Process name> failed.</body>
</email>
<ok to="error"/>
<error to="error"/>
</action>
Few points to remember -
In job.properties, mention the required email address for the notify variable.
Set SMTP hostname and port in oozie-site.xml

Service Fabric with nginx and .NET core services

I'm setting up a Service Fabric application which contains:
an Nginx instance as frontend (single instance, port 80)
some applications written with Asp.net core (1 website, some API services) (multiple instances, dynamic port)
a Gateway service for address resolution (single instance, port 8081)
For nginx, I'm using a solution available as Nuget package.
The gateway and, in general, the example to run .NET core app have been taken here
It is suggested by the .NET core team itself to host applications behind a real web server liken nginx.
Therefore I'd like to deploy my Service Fabric application with an instance of nginx as entry point, which redirects to the Gateway service, which will do the service resolution for the replicated stateless services.
My question is about the address that I need to use in the nginx.conf to point to the Gateway address. While trying locally, I can use the local address 127.0.0.1 and it works as expected, but what happens if on a real cluster my Nginx and Gateway instances are deployed to different machines?
This is my application manifest:
<?xml version="1.0" encoding="utf-8"?>
<ApplicationManifest xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ApplicationTypeName="SFApplicationType" ApplicationTypeVersion="1.0.0" xmlns="http://schemas.microsoft.com/2011/01/fabric">
<Parameters>
<Parameter Name="NginxPoC_InstanceCount" DefaultValue="1" />
<Parameter Name="Gateway_InstanceCount" DefaultValue="1" />
</Parameters>
<ServiceManifestImport>
<ServiceManifestRef ServiceManifestName="NginxPoCPkg" ServiceManifestVersion="1.0.0" />
<Policies>
<RunAsPolicy CodePackageRef="Code" UserRef="Admin" EntryPointType="All" />
</Policies>
</ServiceManifestImport>
<ServiceManifestImport>
<ServiceManifestRef ServiceManifestName="Gateway" ServiceManifestVersion="1.0.0" />
</ServiceManifestImport>
<DefaultServices>
<Service Name="NginxPoC">
<StatelessService ServiceTypeName="NginxPoCType" InstanceCount="[NginxPoC_InstanceCount]">
<SingletonPartition />
</StatelessService>
</Service>
<Service Name="Gateway">
<StatelessService ServiceTypeName="GatewayType" InstanceCount="[Gateway_InstanceCount]">
<SingletonPartition />
</StatelessService>
</Service>
</DefaultServices>
<Principals>
<Users>
<User Name="Admin">
<MemberOf>
<SystemGroup Name="Administrators" />
</MemberOf>
</User>
</Users>
</Principals>
</ApplicationManifest>
and this is my current nginx.conf file:
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://127.0.0.1:8081;
}
}
Update 2016-10-09
As requested in the discussion, I've created a test project here. Every contribute to the project is welcome.

f you deploy the nginx and gateway service to all nodes (InstanceCount = -1) you should be good. If the gateway service is down on one node, you would of course not be able to forward the request from nginx to a gateway service on another node. For this, you need the nginx service to look-up the gateway service.
You can get the service endpoint address for the gateway using a REST call: https://msdn.microsoft.com/en-us/library/azure/dn707638.aspx

Configuration for HTTP Connector of apache tomcat server

I am using tomcat version 6. I want to configure ssl by specifying some ciphers in HTTP connector . I am following below link which describes how to configure HTTP connector to prevent logjam vulnerability.
https://weakdh.org/sysadmin.html
Before changes my connector configuration was like this
<Connector sslProtocols = "TLS" SSLEnabled="true" acceptCount="100" connectionTimeout="20000"
executor="tomcatThreadPool" keyAlias="tcserver"
keystoreFile="${catalina.base}/conf/tcserver.keystore" keystorePass="changeme"
maxKeepAliveRequests="15" port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
redirectPort="8443" scheme="https" secure="true"/>
After changes my connector configuration is like this.I just added ciphers to it.
<Connector ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_25‌6_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WIT_RC4_128_SHA"
sslProtocols = "TLS" SSLEnabled="true" acceptCount="100" connectionTimeout="20000"
executor="tomcatThreadPool" keyAlias="tcserver" keystoreFile="${catalina.base}/conf/tcserver.keystore" keystorePass="changeme" maxKeepAliveRequests="15"
port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" redirectPort="8443"
scheme="https" secure="true"/>
But its not working.To make it work i had to change from
protocol="org.apache.coyote.http11.Http11NioProtocol" to protocol="HTTP/1.1".
But i want to use org.apache.coyote.http11.Http11NioProtocol as it is non-blocking and more efficient.
Please tell me how to do this.

I just checked the logs of tomcat and i was getting illegal argument exception whenever i tried to hit my ssl enabled web page.
The issue was with ciphers. In Tomcat 6 some of ciphers won't work if i use org.apache.coyote.http11.Http11NioProtocol. I don't know the particular reason of it.But the name of the ciphers i removed from my connector are given below. Now, i can open my ssl enabled webpages.If anybody know the answer please post.
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_25‌​6_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

How to use nxLog

How to use nxLog? I installed it on my windows 7 and unix box, but not able to use it.
My Conf File(not sure its correct or not):
define ROOT C:\Program Files\nxlog
Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log
<Extension syslog>
Module xm_syslog
</Extension>
<Input in>
Module im_file
File 'D:\dotnet\Analytics\nxLog\association.log'
SavePos TRUE
ReadFromLast TRUE
PollInterval 1
Exec $Message = $raw_event; $SyslogFacilityValue = 22;
</Input>
<Output out1>
Module om_udp
Host 10.1.1.1
Port 514
Exec to_syslog_bsd();
</Output>
<Output out2>
Module om_udp
Host 10.1.1.2
Port 514
Exec to_syslog_bsd();
</Output>
<Route 1>
Path in => out1, out2
</Route>
And not sure what to write in host and port.

nxlog.log should contain the error messages to help you diagnose the problems.
"And not sure what to write in host and port."
The destination where the udp syslog should be sent to.

So your host is the destination IP address or hostname (haven't verified hostname functionality) of your destination. AKA where you want to send your logs to. The port is the port. After you update make sure to go to nxlog/data/nxlog.log to check and see if everything started up OK. If it did you should see no error messages at the bottom. I've only done it with TCP and it says that it's trying to establish a connection and then nothing below it. Not sure what you would see with UDP. I also see a message that says "Info nxlog started"
Good luck

Configuring IIS Express to use default ports for http and https for debugging

I have followed scot's article on how to enable default ports (80 and 443) for http and https respectively. I have followed each step to the letter and in the end IIS express sytem tray shows me that site is running on following urls
Only thing i have done differently is to use netsh>advfirewall>firewall context because it was telling me that netsh firewall is deprecated. I used following command to allow port 80 through firewall
netsh advfirewall firewall add rule name="Open Port 80" dir=in action=allow protocol=TCP localport=80
Here is the relevant site section from applicationhost.config file of IIS Express
<site name="SSLTest" id="4">
<application path="/" applicationPool="Clr4IntegratedAppPool">
<virtualDirectory path="/" physicalPath="G:\Adeel\SSLTest\SSLTest" />
</application>
<bindings>
<binding protocol="http" bindingInformation="*:51518:localhost" />
<binding protocol="https" bindingInformation="*:44301:localhost" />
<binding protocol="http" bindingInformation="*:80:mhlabs" />
<binding protocol="https" bindingInformation="*:443:mhlabs" />
</bindings>
</site>
Edit: The problem is that when i browse to http:/mhlabs or https:/mhlabs it does not work. I get not found page of the browser. how can i get around that.
Edit2: Ok, as a first step, i would like to forget ssl and just reserve a url for test-one on port 80 and run my site on this url. The logical steps that come to mind is that i reserve a url using netsh http add urlacl url=http://test-one:80/ user=everyone and add this entry in bindings section of applicationhost.config file. i also allowed port 80 through firewall but the whole thing does not seem to work for me. Any ideas?

Are you starting iis express from command line or using WebMatrix?
If you are not starting it from command line, try following steps and see if there are any binding errors.
start command prompt, goto iis express installation folder '%programfiles%\iis express'
run following command
iisexpress.exe /site:SSLTest
If there are any bindings registration failure, you would see some error message.
If there is any error for 'mhlabs' binding registration, make sure your URL reservation is correct. URL reservation command should like below
netsh http add urlacl url=http://mhlabs:80/ user=everyone