explore advanced ca release automation configuration topics
TRANSCRIPT
Explore Advanced CA Release Automation Configuration Topics
Keith Puzey
DevOps Continuous Delivery
CA Technologies
Sr Principal Engineering Services Architect
DO4X96E
KeithPuzey
CAWorld
2 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
copy 2015 CA All rights reserved All trademarks referenced herein belong to their respective companies
The content provided in this CA World 2015 presentation is intended for informational purposes only and does not form any type of
warranty The information provided by a CA partner andor CA customer has not been reviewed for accuracy by CA
For Informational Purposes Only
Terms of this Presentation
3 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Abstract
In this session we will cover configuring SSLTLS communications within your environment integrating with Microsoft Active Directoryreg via LDAPLDAPS and review the usage of user roles and permissions We will also cover how to manage deployments using REST complex architects security communications scalability and troubleshooting
Keith Puzey
CA Technologies
Senior Principal Engineering Services Architect
4 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agenda
ARCHITECT TERMINOLOGY AND OVERVIEW
ROLES AND PERMISSIONS - ACTIVE DIRECTORY INTEGRATION
REST INTERFACE
EXECUTION SERVER ARCHITECTURE AND FIREWALLS
SECURING COMMUNICATION
TROUBLESHOOTING
1
2
3
4
5
6
5 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Architecture Component Terminology
Release Operation Center ROC
Artifact Repository Nexus
NAC Data Management Server Management Server
NES Execution Server
ASAP Designer UI Studio
Agent AGT
Database
6 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
High Level Architecture
Execution
Server
Management
Server (NAC)
amp Repository
Agent
Node
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Execution
Server
Agent
Node
Agent
Node
Agent
Node
Agent
Node
4Agent Communication ndash TCP 6600
HTTP Traffic ndash HTTP 80832
1
3
4
Active
Directory
(Optional)
Server
(optional)
1
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
Active MQ ndash TCP 616167
7
7
Action Pack FTP download site
Action Pack download and Updates Ftpcacom or Internal ftp site ndash TCP 21
8
8
2
Management Server (NAC) amp
Repository
Execution Server
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
End Users
7 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Release Automation Internals
3RD PARTY INTEGRATIONS
CI ServerTFS Hudson Jenkins
Help DeskService Desk Service Now
RepositoryArtifactory Nexus Archiva
SCMSVN TFS
ProvisioningCA Cloud Manager
Monitoring
Test Systems
AuthenticationLdapAD
INFRASTRUCTURELAYER
DatabaseUsers Process Release
Audit Environment
RepositoryArtifacts
Repository amp Action
Pack Store
Nexus
PRESENTATION LAYER
Designer Swing UI Dashboard UI Release Operations Center UI
DATA MANAGER
Application Management
Artifact ManagementUser Roles amp Permissions
EnvironmentManagement
Process amp Flow Compilation
Template amp ReleaseCompilation
Action Pack Download Manager
Execution Engine
Scheduler amp Calendar Audit amp Reports Active MQServer Management Dat
a A
cces
s Fr
amew
ork
Hib
ern
ate
Op
en A
PIrsquos
REST SO
AP
CLI
EXECUTION SERVER
LocalGeo Proxy File Distribution amp CachingFlow Control
EventsMessagesActive MQ
AGENT
Workflow Engine amp Actions Executor File Caching - Artifacts
8 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution
Server
Repository
Server
Management
Server
(NAC)
Agent
Node
Database
Server
Proxy
9
3
SuperNode
Execution Server
End Users
Execution
Server
Execution
Server
Agent
Node
Agent
Node
Agent
Node
Agent
Node
7
4
Active
Directory
(Optional)
Server
(optional)
1
1
1
1
4
5
6
Management
Server
(NAC)
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
Agent Communication ndash TCP 6600
Repository Traffic ndash TCP 80809
1
3
4
5
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
Active MQ ndash TCP 616167
Action Pack download and Updates Ftpcacom or Internal ftp site ndash TCP 21
8
8
2
HTTP Traffic ndash HTTP 80832
7
1
7
Action Pack FTP download site
End Users
Highly Available Architecture
Management Server (NAC)
Execution Server
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Management Server (NAC)
Repository Server
Proxy
Working with Roles and Permissions Active Directory Integration
10 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
User Roles
USER Application Creator Artifact Manager
SUPERUSERNote The superuser role should only be used for system administration
ADMIN USER Security and Permissions Administrator Servers Administrator General System Administrator
Note Admin Users cannot access applications
11 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Enable LDAP Integration
CONFIGURE ACTIVE DIRECTORY CONNECTION DETAILSEdit distributedproperties file
useactivedirectoryauthentication=true
useactivedirectorydomain=domain1ad1com
useactivedirectoryurl=ldap172171790
useactivedirectoryuserusername=ldap_browsedomain1ad1com
useactivedirectoryuserpassword=ldap_browse-Password
RESTART MANAGEMENT SERVERNote All users from the specified domain can now login but have no rights
12 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
1 Identify the Active Directory group which
contains the relevant users based on
there roles and application requirements
2 Import the relevant group using the
Import AD user groups section of ASAP
3 Any user who is a member of the AD
Group will inherit the role defined here
Assigning Role
13 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
Permissions are set for the imported groups at the application level and also the environment level
Assigning Permissions
ENVIRONMENT LEVEL PERMISSIONSAPPLICATION LEVEL PERMISSIONS
14 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Active Directory Login Example
The user1 is an Active Directory user who is a member of an AD group with permissions for two applications ldquoFinancerdquo and ldquoTest Applicationrdquo but can not see the application ldquoHealthcarerdquo
Execution Server Architecture and Firewalls
16 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Overview
Number of Agents Per Execution Server NES depends on several factors Number of executions performed in parallel
The complexity of those executions
The size of files transferred during the process executions
Default setting is 200 Agents per Execution Server NES 552 supports 1000 agents with 400 active deployments
Execution servers should be located electronically close to agent machines
17 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture - STAR
Simple Execution Server NES routing Architecture
Execution
Server A
Execution
Server C
Execution
Server D
Execution
Server E
Agent
Node
4
Agent
Node
3
Agent
Node
2
Agent
Node
1
Agent
Node
6
Agent
Node
5
Rep Agent1
Management
Server
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffice ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
18 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Ring Execution Server with High Availability Architecture
ManagementServer
Execution Server A
Execution Server C
Execution Server D
Execution Server B
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Management Server
LegendHTTP Traffic ndash HTTP 8080 HTTPS 8443Active MQ Traffic ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
OracleDatabase Server
Agent Node6
Agent Node5
Repository Server
JDBC TCP 1521
Repository TCP 8080
Datacenter Two
Datacenter One
Management Network
ExecutionServer C
Execution Server A
Management Server
Agent Node 1
Agent Node 2
Management Server
Execution Server B
ExecutionServer D
Agent Node 3
Agent Node 4
Agent Node 5
Agent Node 6
Agent Node 5
Agent Node 6
RepositoryServer
19 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture ndashSTAR with High Availability
No single point of failure in Execution Server NES routing
Execution Server A
Execution Server B
Execution Server C
Execution Server D
Execution Server E
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Rep Agent1
ManagementServer
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffic ndash TCP 61616 SSL 61617
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
Execution Server B
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
2 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
copy 2015 CA All rights reserved All trademarks referenced herein belong to their respective companies
The content provided in this CA World 2015 presentation is intended for informational purposes only and does not form any type of
warranty The information provided by a CA partner andor CA customer has not been reviewed for accuracy by CA
For Informational Purposes Only
Terms of this Presentation
3 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Abstract
In this session we will cover configuring SSLTLS communications within your environment integrating with Microsoft Active Directoryreg via LDAPLDAPS and review the usage of user roles and permissions We will also cover how to manage deployments using REST complex architects security communications scalability and troubleshooting
Keith Puzey
CA Technologies
Senior Principal Engineering Services Architect
4 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agenda
ARCHITECT TERMINOLOGY AND OVERVIEW
ROLES AND PERMISSIONS - ACTIVE DIRECTORY INTEGRATION
REST INTERFACE
EXECUTION SERVER ARCHITECTURE AND FIREWALLS
SECURING COMMUNICATION
TROUBLESHOOTING
1
2
3
4
5
6
5 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Architecture Component Terminology
Release Operation Center ROC
Artifact Repository Nexus
NAC Data Management Server Management Server
NES Execution Server
ASAP Designer UI Studio
Agent AGT
Database
6 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
High Level Architecture
Execution
Server
Management
Server (NAC)
amp Repository
Agent
Node
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Execution
Server
Agent
Node
Agent
Node
Agent
Node
Agent
Node
4Agent Communication ndash TCP 6600
HTTP Traffic ndash HTTP 80832
1
3
4
Active
Directory
(Optional)
Server
(optional)
1
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
Active MQ ndash TCP 616167
7
7
Action Pack FTP download site
Action Pack download and Updates Ftpcacom or Internal ftp site ndash TCP 21
8
8
2
Management Server (NAC) amp
Repository
Execution Server
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
End Users
7 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Release Automation Internals
3RD PARTY INTEGRATIONS
CI ServerTFS Hudson Jenkins
Help DeskService Desk Service Now
RepositoryArtifactory Nexus Archiva
SCMSVN TFS
ProvisioningCA Cloud Manager
Monitoring
Test Systems
AuthenticationLdapAD
INFRASTRUCTURELAYER
DatabaseUsers Process Release
Audit Environment
RepositoryArtifacts
Repository amp Action
Pack Store
Nexus
PRESENTATION LAYER
Designer Swing UI Dashboard UI Release Operations Center UI
DATA MANAGER
Application Management
Artifact ManagementUser Roles amp Permissions
EnvironmentManagement
Process amp Flow Compilation
Template amp ReleaseCompilation
Action Pack Download Manager
Execution Engine
Scheduler amp Calendar Audit amp Reports Active MQServer Management Dat
a A
cces
s Fr
amew
ork
Hib
ern
ate
Op
en A
PIrsquos
REST SO
AP
CLI
EXECUTION SERVER
LocalGeo Proxy File Distribution amp CachingFlow Control
EventsMessagesActive MQ
AGENT
Workflow Engine amp Actions Executor File Caching - Artifacts
8 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution
Server
Repository
Server
Management
Server
(NAC)
Agent
Node
Database
Server
Proxy
9
3
SuperNode
Execution Server
End Users
Execution
Server
Execution
Server
Agent
Node
Agent
Node
Agent
Node
Agent
Node
7
4
Active
Directory
(Optional)
Server
(optional)
1
1
1
1
4
5
6
Management
Server
(NAC)
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
Agent Communication ndash TCP 6600
Repository Traffic ndash TCP 80809
1
3
4
5
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
Active MQ ndash TCP 616167
Action Pack download and Updates Ftpcacom or Internal ftp site ndash TCP 21
8
8
2
HTTP Traffic ndash HTTP 80832
7
1
7
Action Pack FTP download site
End Users
Highly Available Architecture
Management Server (NAC)
Execution Server
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Management Server (NAC)
Repository Server
Proxy
Working with Roles and Permissions Active Directory Integration
10 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
User Roles
USER Application Creator Artifact Manager
SUPERUSERNote The superuser role should only be used for system administration
ADMIN USER Security and Permissions Administrator Servers Administrator General System Administrator
Note Admin Users cannot access applications
11 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Enable LDAP Integration
CONFIGURE ACTIVE DIRECTORY CONNECTION DETAILSEdit distributedproperties file
useactivedirectoryauthentication=true
useactivedirectorydomain=domain1ad1com
useactivedirectoryurl=ldap172171790
useactivedirectoryuserusername=ldap_browsedomain1ad1com
useactivedirectoryuserpassword=ldap_browse-Password
RESTART MANAGEMENT SERVERNote All users from the specified domain can now login but have no rights
12 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
1 Identify the Active Directory group which
contains the relevant users based on
there roles and application requirements
2 Import the relevant group using the
Import AD user groups section of ASAP
3 Any user who is a member of the AD
Group will inherit the role defined here
Assigning Role
13 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
Permissions are set for the imported groups at the application level and also the environment level
Assigning Permissions
ENVIRONMENT LEVEL PERMISSIONSAPPLICATION LEVEL PERMISSIONS
14 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Active Directory Login Example
The user1 is an Active Directory user who is a member of an AD group with permissions for two applications ldquoFinancerdquo and ldquoTest Applicationrdquo but can not see the application ldquoHealthcarerdquo
Execution Server Architecture and Firewalls
16 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Overview
Number of Agents Per Execution Server NES depends on several factors Number of executions performed in parallel
The complexity of those executions
The size of files transferred during the process executions
Default setting is 200 Agents per Execution Server NES 552 supports 1000 agents with 400 active deployments
Execution servers should be located electronically close to agent machines
17 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture - STAR
Simple Execution Server NES routing Architecture
Execution
Server A
Execution
Server C
Execution
Server D
Execution
Server E
Agent
Node
4
Agent
Node
3
Agent
Node
2
Agent
Node
1
Agent
Node
6
Agent
Node
5
Rep Agent1
Management
Server
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffice ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
18 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Ring Execution Server with High Availability Architecture
ManagementServer
Execution Server A
Execution Server C
Execution Server D
Execution Server B
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Management Server
LegendHTTP Traffic ndash HTTP 8080 HTTPS 8443Active MQ Traffic ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
OracleDatabase Server
Agent Node6
Agent Node5
Repository Server
JDBC TCP 1521
Repository TCP 8080
Datacenter Two
Datacenter One
Management Network
ExecutionServer C
Execution Server A
Management Server
Agent Node 1
Agent Node 2
Management Server
Execution Server B
ExecutionServer D
Agent Node 3
Agent Node 4
Agent Node 5
Agent Node 6
Agent Node 5
Agent Node 6
RepositoryServer
19 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture ndashSTAR with High Availability
No single point of failure in Execution Server NES routing
Execution Server A
Execution Server B
Execution Server C
Execution Server D
Execution Server E
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Rep Agent1
ManagementServer
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffic ndash TCP 61616 SSL 61617
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
Execution Server B
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
3 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Abstract
In this session we will cover configuring SSLTLS communications within your environment integrating with Microsoft Active Directoryreg via LDAPLDAPS and review the usage of user roles and permissions We will also cover how to manage deployments using REST complex architects security communications scalability and troubleshooting
Keith Puzey
CA Technologies
Senior Principal Engineering Services Architect
4 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agenda
ARCHITECT TERMINOLOGY AND OVERVIEW
ROLES AND PERMISSIONS - ACTIVE DIRECTORY INTEGRATION
REST INTERFACE
EXECUTION SERVER ARCHITECTURE AND FIREWALLS
SECURING COMMUNICATION
TROUBLESHOOTING
1
2
3
4
5
6
5 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Architecture Component Terminology
Release Operation Center ROC
Artifact Repository Nexus
NAC Data Management Server Management Server
NES Execution Server
ASAP Designer UI Studio
Agent AGT
Database
6 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
High Level Architecture
Execution
Server
Management
Server (NAC)
amp Repository
Agent
Node
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Execution
Server
Agent
Node
Agent
Node
Agent
Node
Agent
Node
4Agent Communication ndash TCP 6600
HTTP Traffic ndash HTTP 80832
1
3
4
Active
Directory
(Optional)
Server
(optional)
1
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
Active MQ ndash TCP 616167
7
7
Action Pack FTP download site
Action Pack download and Updates Ftpcacom or Internal ftp site ndash TCP 21
8
8
2
Management Server (NAC) amp
Repository
Execution Server
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
End Users
7 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Release Automation Internals
3RD PARTY INTEGRATIONS
CI ServerTFS Hudson Jenkins
Help DeskService Desk Service Now
RepositoryArtifactory Nexus Archiva
SCMSVN TFS
ProvisioningCA Cloud Manager
Monitoring
Test Systems
AuthenticationLdapAD
INFRASTRUCTURELAYER
DatabaseUsers Process Release
Audit Environment
RepositoryArtifacts
Repository amp Action
Pack Store
Nexus
PRESENTATION LAYER
Designer Swing UI Dashboard UI Release Operations Center UI
DATA MANAGER
Application Management
Artifact ManagementUser Roles amp Permissions
EnvironmentManagement
Process amp Flow Compilation
Template amp ReleaseCompilation
Action Pack Download Manager
Execution Engine
Scheduler amp Calendar Audit amp Reports Active MQServer Management Dat
a A
cces
s Fr
amew
ork
Hib
ern
ate
Op
en A
PIrsquos
REST SO
AP
CLI
EXECUTION SERVER
LocalGeo Proxy File Distribution amp CachingFlow Control
EventsMessagesActive MQ
AGENT
Workflow Engine amp Actions Executor File Caching - Artifacts
8 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution
Server
Repository
Server
Management
Server
(NAC)
Agent
Node
Database
Server
Proxy
9
3
SuperNode
Execution Server
End Users
Execution
Server
Execution
Server
Agent
Node
Agent
Node
Agent
Node
Agent
Node
7
4
Active
Directory
(Optional)
Server
(optional)
1
1
1
1
4
5
6
Management
Server
(NAC)
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
Agent Communication ndash TCP 6600
Repository Traffic ndash TCP 80809
1
3
4
5
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
Active MQ ndash TCP 616167
Action Pack download and Updates Ftpcacom or Internal ftp site ndash TCP 21
8
8
2
HTTP Traffic ndash HTTP 80832
7
1
7
Action Pack FTP download site
End Users
Highly Available Architecture
Management Server (NAC)
Execution Server
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Management Server (NAC)
Repository Server
Proxy
Working with Roles and Permissions Active Directory Integration
10 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
User Roles
USER Application Creator Artifact Manager
SUPERUSERNote The superuser role should only be used for system administration
ADMIN USER Security and Permissions Administrator Servers Administrator General System Administrator
Note Admin Users cannot access applications
11 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Enable LDAP Integration
CONFIGURE ACTIVE DIRECTORY CONNECTION DETAILSEdit distributedproperties file
useactivedirectoryauthentication=true
useactivedirectorydomain=domain1ad1com
useactivedirectoryurl=ldap172171790
useactivedirectoryuserusername=ldap_browsedomain1ad1com
useactivedirectoryuserpassword=ldap_browse-Password
RESTART MANAGEMENT SERVERNote All users from the specified domain can now login but have no rights
12 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
1 Identify the Active Directory group which
contains the relevant users based on
there roles and application requirements
2 Import the relevant group using the
Import AD user groups section of ASAP
3 Any user who is a member of the AD
Group will inherit the role defined here
Assigning Role
13 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
Permissions are set for the imported groups at the application level and also the environment level
Assigning Permissions
ENVIRONMENT LEVEL PERMISSIONSAPPLICATION LEVEL PERMISSIONS
14 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Active Directory Login Example
The user1 is an Active Directory user who is a member of an AD group with permissions for two applications ldquoFinancerdquo and ldquoTest Applicationrdquo but can not see the application ldquoHealthcarerdquo
Execution Server Architecture and Firewalls
16 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Overview
Number of Agents Per Execution Server NES depends on several factors Number of executions performed in parallel
The complexity of those executions
The size of files transferred during the process executions
Default setting is 200 Agents per Execution Server NES 552 supports 1000 agents with 400 active deployments
Execution servers should be located electronically close to agent machines
17 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture - STAR
Simple Execution Server NES routing Architecture
Execution
Server A
Execution
Server C
Execution
Server D
Execution
Server E
Agent
Node
4
Agent
Node
3
Agent
Node
2
Agent
Node
1
Agent
Node
6
Agent
Node
5
Rep Agent1
Management
Server
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffice ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
18 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Ring Execution Server with High Availability Architecture
ManagementServer
Execution Server A
Execution Server C
Execution Server D
Execution Server B
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Management Server
LegendHTTP Traffic ndash HTTP 8080 HTTPS 8443Active MQ Traffic ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
OracleDatabase Server
Agent Node6
Agent Node5
Repository Server
JDBC TCP 1521
Repository TCP 8080
Datacenter Two
Datacenter One
Management Network
ExecutionServer C
Execution Server A
Management Server
Agent Node 1
Agent Node 2
Management Server
Execution Server B
ExecutionServer D
Agent Node 3
Agent Node 4
Agent Node 5
Agent Node 6
Agent Node 5
Agent Node 6
RepositoryServer
19 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture ndashSTAR with High Availability
No single point of failure in Execution Server NES routing
Execution Server A
Execution Server B
Execution Server C
Execution Server D
Execution Server E
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Rep Agent1
ManagementServer
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffic ndash TCP 61616 SSL 61617
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
Execution Server B
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
4 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agenda
ARCHITECT TERMINOLOGY AND OVERVIEW
ROLES AND PERMISSIONS - ACTIVE DIRECTORY INTEGRATION
REST INTERFACE
EXECUTION SERVER ARCHITECTURE AND FIREWALLS
SECURING COMMUNICATION
TROUBLESHOOTING
1
2
3
4
5
6
5 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Architecture Component Terminology
Release Operation Center ROC
Artifact Repository Nexus
NAC Data Management Server Management Server
NES Execution Server
ASAP Designer UI Studio
Agent AGT
Database
6 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
High Level Architecture
Execution
Server
Management
Server (NAC)
amp Repository
Agent
Node
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Execution
Server
Agent
Node
Agent
Node
Agent
Node
Agent
Node
4Agent Communication ndash TCP 6600
HTTP Traffic ndash HTTP 80832
1
3
4
Active
Directory
(Optional)
Server
(optional)
1
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
Active MQ ndash TCP 616167
7
7
Action Pack FTP download site
Action Pack download and Updates Ftpcacom or Internal ftp site ndash TCP 21
8
8
2
Management Server (NAC) amp
Repository
Execution Server
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
End Users
7 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Release Automation Internals
3RD PARTY INTEGRATIONS
CI ServerTFS Hudson Jenkins
Help DeskService Desk Service Now
RepositoryArtifactory Nexus Archiva
SCMSVN TFS
ProvisioningCA Cloud Manager
Monitoring
Test Systems
AuthenticationLdapAD
INFRASTRUCTURELAYER
DatabaseUsers Process Release
Audit Environment
RepositoryArtifacts
Repository amp Action
Pack Store
Nexus
PRESENTATION LAYER
Designer Swing UI Dashboard UI Release Operations Center UI
DATA MANAGER
Application Management
Artifact ManagementUser Roles amp Permissions
EnvironmentManagement
Process amp Flow Compilation
Template amp ReleaseCompilation
Action Pack Download Manager
Execution Engine
Scheduler amp Calendar Audit amp Reports Active MQServer Management Dat
a A
cces
s Fr
amew
ork
Hib
ern
ate
Op
en A
PIrsquos
REST SO
AP
CLI
EXECUTION SERVER
LocalGeo Proxy File Distribution amp CachingFlow Control
EventsMessagesActive MQ
AGENT
Workflow Engine amp Actions Executor File Caching - Artifacts
8 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution
Server
Repository
Server
Management
Server
(NAC)
Agent
Node
Database
Server
Proxy
9
3
SuperNode
Execution Server
End Users
Execution
Server
Execution
Server
Agent
Node
Agent
Node
Agent
Node
Agent
Node
7
4
Active
Directory
(Optional)
Server
(optional)
1
1
1
1
4
5
6
Management
Server
(NAC)
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
Agent Communication ndash TCP 6600
Repository Traffic ndash TCP 80809
1
3
4
5
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
Active MQ ndash TCP 616167
Action Pack download and Updates Ftpcacom or Internal ftp site ndash TCP 21
8
8
2
HTTP Traffic ndash HTTP 80832
7
1
7
Action Pack FTP download site
End Users
Highly Available Architecture
Management Server (NAC)
Execution Server
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Management Server (NAC)
Repository Server
Proxy
Working with Roles and Permissions Active Directory Integration
10 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
User Roles
USER Application Creator Artifact Manager
SUPERUSERNote The superuser role should only be used for system administration
ADMIN USER Security and Permissions Administrator Servers Administrator General System Administrator
Note Admin Users cannot access applications
11 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Enable LDAP Integration
CONFIGURE ACTIVE DIRECTORY CONNECTION DETAILSEdit distributedproperties file
useactivedirectoryauthentication=true
useactivedirectorydomain=domain1ad1com
useactivedirectoryurl=ldap172171790
useactivedirectoryuserusername=ldap_browsedomain1ad1com
useactivedirectoryuserpassword=ldap_browse-Password
RESTART MANAGEMENT SERVERNote All users from the specified domain can now login but have no rights
12 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
1 Identify the Active Directory group which
contains the relevant users based on
there roles and application requirements
2 Import the relevant group using the
Import AD user groups section of ASAP
3 Any user who is a member of the AD
Group will inherit the role defined here
Assigning Role
13 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
Permissions are set for the imported groups at the application level and also the environment level
Assigning Permissions
ENVIRONMENT LEVEL PERMISSIONSAPPLICATION LEVEL PERMISSIONS
14 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Active Directory Login Example
The user1 is an Active Directory user who is a member of an AD group with permissions for two applications ldquoFinancerdquo and ldquoTest Applicationrdquo but can not see the application ldquoHealthcarerdquo
Execution Server Architecture and Firewalls
16 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Overview
Number of Agents Per Execution Server NES depends on several factors Number of executions performed in parallel
The complexity of those executions
The size of files transferred during the process executions
Default setting is 200 Agents per Execution Server NES 552 supports 1000 agents with 400 active deployments
Execution servers should be located electronically close to agent machines
17 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture - STAR
Simple Execution Server NES routing Architecture
Execution
Server A
Execution
Server C
Execution
Server D
Execution
Server E
Agent
Node
4
Agent
Node
3
Agent
Node
2
Agent
Node
1
Agent
Node
6
Agent
Node
5
Rep Agent1
Management
Server
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffice ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
18 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Ring Execution Server with High Availability Architecture
ManagementServer
Execution Server A
Execution Server C
Execution Server D
Execution Server B
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Management Server
LegendHTTP Traffic ndash HTTP 8080 HTTPS 8443Active MQ Traffic ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
OracleDatabase Server
Agent Node6
Agent Node5
Repository Server
JDBC TCP 1521
Repository TCP 8080
Datacenter Two
Datacenter One
Management Network
ExecutionServer C
Execution Server A
Management Server
Agent Node 1
Agent Node 2
Management Server
Execution Server B
ExecutionServer D
Agent Node 3
Agent Node 4
Agent Node 5
Agent Node 6
Agent Node 5
Agent Node 6
RepositoryServer
19 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture ndashSTAR with High Availability
No single point of failure in Execution Server NES routing
Execution Server A
Execution Server B
Execution Server C
Execution Server D
Execution Server E
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Rep Agent1
ManagementServer
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffic ndash TCP 61616 SSL 61617
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
Execution Server B
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
5 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Architecture Component Terminology
Release Operation Center ROC
Artifact Repository Nexus
NAC Data Management Server Management Server
NES Execution Server
ASAP Designer UI Studio
Agent AGT
Database
6 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
High Level Architecture
Execution
Server
Management
Server (NAC)
amp Repository
Agent
Node
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Execution
Server
Agent
Node
Agent
Node
Agent
Node
Agent
Node
4Agent Communication ndash TCP 6600
HTTP Traffic ndash HTTP 80832
1
3
4
Active
Directory
(Optional)
Server
(optional)
1
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
Active MQ ndash TCP 616167
7
7
Action Pack FTP download site
Action Pack download and Updates Ftpcacom or Internal ftp site ndash TCP 21
8
8
2
Management Server (NAC) amp
Repository
Execution Server
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
End Users
7 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Release Automation Internals
3RD PARTY INTEGRATIONS
CI ServerTFS Hudson Jenkins
Help DeskService Desk Service Now
RepositoryArtifactory Nexus Archiva
SCMSVN TFS
ProvisioningCA Cloud Manager
Monitoring
Test Systems
AuthenticationLdapAD
INFRASTRUCTURELAYER
DatabaseUsers Process Release
Audit Environment
RepositoryArtifacts
Repository amp Action
Pack Store
Nexus
PRESENTATION LAYER
Designer Swing UI Dashboard UI Release Operations Center UI
DATA MANAGER
Application Management
Artifact ManagementUser Roles amp Permissions
EnvironmentManagement
Process amp Flow Compilation
Template amp ReleaseCompilation
Action Pack Download Manager
Execution Engine
Scheduler amp Calendar Audit amp Reports Active MQServer Management Dat
a A
cces
s Fr
amew
ork
Hib
ern
ate
Op
en A
PIrsquos
REST SO
AP
CLI
EXECUTION SERVER
LocalGeo Proxy File Distribution amp CachingFlow Control
EventsMessagesActive MQ
AGENT
Workflow Engine amp Actions Executor File Caching - Artifacts
8 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution
Server
Repository
Server
Management
Server
(NAC)
Agent
Node
Database
Server
Proxy
9
3
SuperNode
Execution Server
End Users
Execution
Server
Execution
Server
Agent
Node
Agent
Node
Agent
Node
Agent
Node
7
4
Active
Directory
(Optional)
Server
(optional)
1
1
1
1
4
5
6
Management
Server
(NAC)
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
Agent Communication ndash TCP 6600
Repository Traffic ndash TCP 80809
1
3
4
5
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
Active MQ ndash TCP 616167
Action Pack download and Updates Ftpcacom or Internal ftp site ndash TCP 21
8
8
2
HTTP Traffic ndash HTTP 80832
7
1
7
Action Pack FTP download site
End Users
Highly Available Architecture
Management Server (NAC)
Execution Server
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Management Server (NAC)
Repository Server
Proxy
Working with Roles and Permissions Active Directory Integration
10 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
User Roles
USER Application Creator Artifact Manager
SUPERUSERNote The superuser role should only be used for system administration
ADMIN USER Security and Permissions Administrator Servers Administrator General System Administrator
Note Admin Users cannot access applications
11 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Enable LDAP Integration
CONFIGURE ACTIVE DIRECTORY CONNECTION DETAILSEdit distributedproperties file
useactivedirectoryauthentication=true
useactivedirectorydomain=domain1ad1com
useactivedirectoryurl=ldap172171790
useactivedirectoryuserusername=ldap_browsedomain1ad1com
useactivedirectoryuserpassword=ldap_browse-Password
RESTART MANAGEMENT SERVERNote All users from the specified domain can now login but have no rights
12 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
1 Identify the Active Directory group which
contains the relevant users based on
there roles and application requirements
2 Import the relevant group using the
Import AD user groups section of ASAP
3 Any user who is a member of the AD
Group will inherit the role defined here
Assigning Role
13 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
Permissions are set for the imported groups at the application level and also the environment level
Assigning Permissions
ENVIRONMENT LEVEL PERMISSIONSAPPLICATION LEVEL PERMISSIONS
14 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Active Directory Login Example
The user1 is an Active Directory user who is a member of an AD group with permissions for two applications ldquoFinancerdquo and ldquoTest Applicationrdquo but can not see the application ldquoHealthcarerdquo
Execution Server Architecture and Firewalls
16 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Overview
Number of Agents Per Execution Server NES depends on several factors Number of executions performed in parallel
The complexity of those executions
The size of files transferred during the process executions
Default setting is 200 Agents per Execution Server NES 552 supports 1000 agents with 400 active deployments
Execution servers should be located electronically close to agent machines
17 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture - STAR
Simple Execution Server NES routing Architecture
Execution
Server A
Execution
Server C
Execution
Server D
Execution
Server E
Agent
Node
4
Agent
Node
3
Agent
Node
2
Agent
Node
1
Agent
Node
6
Agent
Node
5
Rep Agent1
Management
Server
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffice ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
18 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Ring Execution Server with High Availability Architecture
ManagementServer
Execution Server A
Execution Server C
Execution Server D
Execution Server B
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Management Server
LegendHTTP Traffic ndash HTTP 8080 HTTPS 8443Active MQ Traffic ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
OracleDatabase Server
Agent Node6
Agent Node5
Repository Server
JDBC TCP 1521
Repository TCP 8080
Datacenter Two
Datacenter One
Management Network
ExecutionServer C
Execution Server A
Management Server
Agent Node 1
Agent Node 2
Management Server
Execution Server B
ExecutionServer D
Agent Node 3
Agent Node 4
Agent Node 5
Agent Node 6
Agent Node 5
Agent Node 6
RepositoryServer
19 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture ndashSTAR with High Availability
No single point of failure in Execution Server NES routing
Execution Server A
Execution Server B
Execution Server C
Execution Server D
Execution Server E
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Rep Agent1
ManagementServer
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffic ndash TCP 61616 SSL 61617
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
Execution Server B
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
6 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
High Level Architecture
Execution
Server
Management
Server (NAC)
amp Repository
Agent
Node
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Execution
Server
Agent
Node
Agent
Node
Agent
Node
Agent
Node
4Agent Communication ndash TCP 6600
HTTP Traffic ndash HTTP 80832
1
3
4
Active
Directory
(Optional)
Server
(optional)
1
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
Active MQ ndash TCP 616167
7
7
Action Pack FTP download site
Action Pack download and Updates Ftpcacom or Internal ftp site ndash TCP 21
8
8
2
Management Server (NAC) amp
Repository
Execution Server
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
End Users
7 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Release Automation Internals
3RD PARTY INTEGRATIONS
CI ServerTFS Hudson Jenkins
Help DeskService Desk Service Now
RepositoryArtifactory Nexus Archiva
SCMSVN TFS
ProvisioningCA Cloud Manager
Monitoring
Test Systems
AuthenticationLdapAD
INFRASTRUCTURELAYER
DatabaseUsers Process Release
Audit Environment
RepositoryArtifacts
Repository amp Action
Pack Store
Nexus
PRESENTATION LAYER
Designer Swing UI Dashboard UI Release Operations Center UI
DATA MANAGER
Application Management
Artifact ManagementUser Roles amp Permissions
EnvironmentManagement
Process amp Flow Compilation
Template amp ReleaseCompilation
Action Pack Download Manager
Execution Engine
Scheduler amp Calendar Audit amp Reports Active MQServer Management Dat
a A
cces
s Fr
amew
ork
Hib
ern
ate
Op
en A
PIrsquos
REST SO
AP
CLI
EXECUTION SERVER
LocalGeo Proxy File Distribution amp CachingFlow Control
EventsMessagesActive MQ
AGENT
Workflow Engine amp Actions Executor File Caching - Artifacts
8 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution
Server
Repository
Server
Management
Server
(NAC)
Agent
Node
Database
Server
Proxy
9
3
SuperNode
Execution Server
End Users
Execution
Server
Execution
Server
Agent
Node
Agent
Node
Agent
Node
Agent
Node
7
4
Active
Directory
(Optional)
Server
(optional)
1
1
1
1
4
5
6
Management
Server
(NAC)
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
Agent Communication ndash TCP 6600
Repository Traffic ndash TCP 80809
1
3
4
5
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
Active MQ ndash TCP 616167
Action Pack download and Updates Ftpcacom or Internal ftp site ndash TCP 21
8
8
2
HTTP Traffic ndash HTTP 80832
7
1
7
Action Pack FTP download site
End Users
Highly Available Architecture
Management Server (NAC)
Execution Server
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Management Server (NAC)
Repository Server
Proxy
Working with Roles and Permissions Active Directory Integration
10 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
User Roles
USER Application Creator Artifact Manager
SUPERUSERNote The superuser role should only be used for system administration
ADMIN USER Security and Permissions Administrator Servers Administrator General System Administrator
Note Admin Users cannot access applications
11 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Enable LDAP Integration
CONFIGURE ACTIVE DIRECTORY CONNECTION DETAILSEdit distributedproperties file
useactivedirectoryauthentication=true
useactivedirectorydomain=domain1ad1com
useactivedirectoryurl=ldap172171790
useactivedirectoryuserusername=ldap_browsedomain1ad1com
useactivedirectoryuserpassword=ldap_browse-Password
RESTART MANAGEMENT SERVERNote All users from the specified domain can now login but have no rights
12 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
1 Identify the Active Directory group which
contains the relevant users based on
there roles and application requirements
2 Import the relevant group using the
Import AD user groups section of ASAP
3 Any user who is a member of the AD
Group will inherit the role defined here
Assigning Role
13 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
Permissions are set for the imported groups at the application level and also the environment level
Assigning Permissions
ENVIRONMENT LEVEL PERMISSIONSAPPLICATION LEVEL PERMISSIONS
14 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Active Directory Login Example
The user1 is an Active Directory user who is a member of an AD group with permissions for two applications ldquoFinancerdquo and ldquoTest Applicationrdquo but can not see the application ldquoHealthcarerdquo
Execution Server Architecture and Firewalls
16 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Overview
Number of Agents Per Execution Server NES depends on several factors Number of executions performed in parallel
The complexity of those executions
The size of files transferred during the process executions
Default setting is 200 Agents per Execution Server NES 552 supports 1000 agents with 400 active deployments
Execution servers should be located electronically close to agent machines
17 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture - STAR
Simple Execution Server NES routing Architecture
Execution
Server A
Execution
Server C
Execution
Server D
Execution
Server E
Agent
Node
4
Agent
Node
3
Agent
Node
2
Agent
Node
1
Agent
Node
6
Agent
Node
5
Rep Agent1
Management
Server
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffice ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
18 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Ring Execution Server with High Availability Architecture
ManagementServer
Execution Server A
Execution Server C
Execution Server D
Execution Server B
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Management Server
LegendHTTP Traffic ndash HTTP 8080 HTTPS 8443Active MQ Traffic ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
OracleDatabase Server
Agent Node6
Agent Node5
Repository Server
JDBC TCP 1521
Repository TCP 8080
Datacenter Two
Datacenter One
Management Network
ExecutionServer C
Execution Server A
Management Server
Agent Node 1
Agent Node 2
Management Server
Execution Server B
ExecutionServer D
Agent Node 3
Agent Node 4
Agent Node 5
Agent Node 6
Agent Node 5
Agent Node 6
RepositoryServer
19 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture ndashSTAR with High Availability
No single point of failure in Execution Server NES routing
Execution Server A
Execution Server B
Execution Server C
Execution Server D
Execution Server E
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Rep Agent1
ManagementServer
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffic ndash TCP 61616 SSL 61617
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
Execution Server B
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
7 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Release Automation Internals
3RD PARTY INTEGRATIONS
CI ServerTFS Hudson Jenkins
Help DeskService Desk Service Now
RepositoryArtifactory Nexus Archiva
SCMSVN TFS
ProvisioningCA Cloud Manager
Monitoring
Test Systems
AuthenticationLdapAD
INFRASTRUCTURELAYER
DatabaseUsers Process Release
Audit Environment
RepositoryArtifacts
Repository amp Action
Pack Store
Nexus
PRESENTATION LAYER
Designer Swing UI Dashboard UI Release Operations Center UI
DATA MANAGER
Application Management
Artifact ManagementUser Roles amp Permissions
EnvironmentManagement
Process amp Flow Compilation
Template amp ReleaseCompilation
Action Pack Download Manager
Execution Engine
Scheduler amp Calendar Audit amp Reports Active MQServer Management Dat
a A
cces
s Fr
amew
ork
Hib
ern
ate
Op
en A
PIrsquos
REST SO
AP
CLI
EXECUTION SERVER
LocalGeo Proxy File Distribution amp CachingFlow Control
EventsMessagesActive MQ
AGENT
Workflow Engine amp Actions Executor File Caching - Artifacts
8 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution
Server
Repository
Server
Management
Server
(NAC)
Agent
Node
Database
Server
Proxy
9
3
SuperNode
Execution Server
End Users
Execution
Server
Execution
Server
Agent
Node
Agent
Node
Agent
Node
Agent
Node
7
4
Active
Directory
(Optional)
Server
(optional)
1
1
1
1
4
5
6
Management
Server
(NAC)
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
Agent Communication ndash TCP 6600
Repository Traffic ndash TCP 80809
1
3
4
5
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
Active MQ ndash TCP 616167
Action Pack download and Updates Ftpcacom or Internal ftp site ndash TCP 21
8
8
2
HTTP Traffic ndash HTTP 80832
7
1
7
Action Pack FTP download site
End Users
Highly Available Architecture
Management Server (NAC)
Execution Server
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Management Server (NAC)
Repository Server
Proxy
Working with Roles and Permissions Active Directory Integration
10 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
User Roles
USER Application Creator Artifact Manager
SUPERUSERNote The superuser role should only be used for system administration
ADMIN USER Security and Permissions Administrator Servers Administrator General System Administrator
Note Admin Users cannot access applications
11 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Enable LDAP Integration
CONFIGURE ACTIVE DIRECTORY CONNECTION DETAILSEdit distributedproperties file
useactivedirectoryauthentication=true
useactivedirectorydomain=domain1ad1com
useactivedirectoryurl=ldap172171790
useactivedirectoryuserusername=ldap_browsedomain1ad1com
useactivedirectoryuserpassword=ldap_browse-Password
RESTART MANAGEMENT SERVERNote All users from the specified domain can now login but have no rights
12 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
1 Identify the Active Directory group which
contains the relevant users based on
there roles and application requirements
2 Import the relevant group using the
Import AD user groups section of ASAP
3 Any user who is a member of the AD
Group will inherit the role defined here
Assigning Role
13 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
Permissions are set for the imported groups at the application level and also the environment level
Assigning Permissions
ENVIRONMENT LEVEL PERMISSIONSAPPLICATION LEVEL PERMISSIONS
14 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Active Directory Login Example
The user1 is an Active Directory user who is a member of an AD group with permissions for two applications ldquoFinancerdquo and ldquoTest Applicationrdquo but can not see the application ldquoHealthcarerdquo
Execution Server Architecture and Firewalls
16 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Overview
Number of Agents Per Execution Server NES depends on several factors Number of executions performed in parallel
The complexity of those executions
The size of files transferred during the process executions
Default setting is 200 Agents per Execution Server NES 552 supports 1000 agents with 400 active deployments
Execution servers should be located electronically close to agent machines
17 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture - STAR
Simple Execution Server NES routing Architecture
Execution
Server A
Execution
Server C
Execution
Server D
Execution
Server E
Agent
Node
4
Agent
Node
3
Agent
Node
2
Agent
Node
1
Agent
Node
6
Agent
Node
5
Rep Agent1
Management
Server
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffice ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
18 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Ring Execution Server with High Availability Architecture
ManagementServer
Execution Server A
Execution Server C
Execution Server D
Execution Server B
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Management Server
LegendHTTP Traffic ndash HTTP 8080 HTTPS 8443Active MQ Traffic ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
OracleDatabase Server
Agent Node6
Agent Node5
Repository Server
JDBC TCP 1521
Repository TCP 8080
Datacenter Two
Datacenter One
Management Network
ExecutionServer C
Execution Server A
Management Server
Agent Node 1
Agent Node 2
Management Server
Execution Server B
ExecutionServer D
Agent Node 3
Agent Node 4
Agent Node 5
Agent Node 6
Agent Node 5
Agent Node 6
RepositoryServer
19 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture ndashSTAR with High Availability
No single point of failure in Execution Server NES routing
Execution Server A
Execution Server B
Execution Server C
Execution Server D
Execution Server E
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Rep Agent1
ManagementServer
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffic ndash TCP 61616 SSL 61617
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
Execution Server B
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
8 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution
Server
Repository
Server
Management
Server
(NAC)
Agent
Node
Database
Server
Proxy
9
3
SuperNode
Execution Server
End Users
Execution
Server
Execution
Server
Agent
Node
Agent
Node
Agent
Node
Agent
Node
7
4
Active
Directory
(Optional)
Server
(optional)
1
1
1
1
4
5
6
Management
Server
(NAC)
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
Agent Communication ndash TCP 6600
Repository Traffic ndash TCP 80809
1
3
4
5
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
Active MQ ndash TCP 616167
Action Pack download and Updates Ftpcacom or Internal ftp site ndash TCP 21
8
8
2
HTTP Traffic ndash HTTP 80832
7
1
7
Action Pack FTP download site
End Users
Highly Available Architecture
Management Server (NAC)
Execution Server
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Management Server (NAC)
Repository Server
Proxy
Working with Roles and Permissions Active Directory Integration
10 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
User Roles
USER Application Creator Artifact Manager
SUPERUSERNote The superuser role should only be used for system administration
ADMIN USER Security and Permissions Administrator Servers Administrator General System Administrator
Note Admin Users cannot access applications
11 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Enable LDAP Integration
CONFIGURE ACTIVE DIRECTORY CONNECTION DETAILSEdit distributedproperties file
useactivedirectoryauthentication=true
useactivedirectorydomain=domain1ad1com
useactivedirectoryurl=ldap172171790
useactivedirectoryuserusername=ldap_browsedomain1ad1com
useactivedirectoryuserpassword=ldap_browse-Password
RESTART MANAGEMENT SERVERNote All users from the specified domain can now login but have no rights
12 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
1 Identify the Active Directory group which
contains the relevant users based on
there roles and application requirements
2 Import the relevant group using the
Import AD user groups section of ASAP
3 Any user who is a member of the AD
Group will inherit the role defined here
Assigning Role
13 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
Permissions are set for the imported groups at the application level and also the environment level
Assigning Permissions
ENVIRONMENT LEVEL PERMISSIONSAPPLICATION LEVEL PERMISSIONS
14 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Active Directory Login Example
The user1 is an Active Directory user who is a member of an AD group with permissions for two applications ldquoFinancerdquo and ldquoTest Applicationrdquo but can not see the application ldquoHealthcarerdquo
Execution Server Architecture and Firewalls
16 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Overview
Number of Agents Per Execution Server NES depends on several factors Number of executions performed in parallel
The complexity of those executions
The size of files transferred during the process executions
Default setting is 200 Agents per Execution Server NES 552 supports 1000 agents with 400 active deployments
Execution servers should be located electronically close to agent machines
17 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture - STAR
Simple Execution Server NES routing Architecture
Execution
Server A
Execution
Server C
Execution
Server D
Execution
Server E
Agent
Node
4
Agent
Node
3
Agent
Node
2
Agent
Node
1
Agent
Node
6
Agent
Node
5
Rep Agent1
Management
Server
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffice ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
18 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Ring Execution Server with High Availability Architecture
ManagementServer
Execution Server A
Execution Server C
Execution Server D
Execution Server B
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Management Server
LegendHTTP Traffic ndash HTTP 8080 HTTPS 8443Active MQ Traffic ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
OracleDatabase Server
Agent Node6
Agent Node5
Repository Server
JDBC TCP 1521
Repository TCP 8080
Datacenter Two
Datacenter One
Management Network
ExecutionServer C
Execution Server A
Management Server
Agent Node 1
Agent Node 2
Management Server
Execution Server B
ExecutionServer D
Agent Node 3
Agent Node 4
Agent Node 5
Agent Node 6
Agent Node 5
Agent Node 6
RepositoryServer
19 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture ndashSTAR with High Availability
No single point of failure in Execution Server NES routing
Execution Server A
Execution Server B
Execution Server C
Execution Server D
Execution Server E
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Rep Agent1
ManagementServer
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffic ndash TCP 61616 SSL 61617
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
Execution Server B
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
Working with Roles and Permissions Active Directory Integration
10 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
User Roles
USER Application Creator Artifact Manager
SUPERUSERNote The superuser role should only be used for system administration
ADMIN USER Security and Permissions Administrator Servers Administrator General System Administrator
Note Admin Users cannot access applications
11 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Enable LDAP Integration
CONFIGURE ACTIVE DIRECTORY CONNECTION DETAILSEdit distributedproperties file
useactivedirectoryauthentication=true
useactivedirectorydomain=domain1ad1com
useactivedirectoryurl=ldap172171790
useactivedirectoryuserusername=ldap_browsedomain1ad1com
useactivedirectoryuserpassword=ldap_browse-Password
RESTART MANAGEMENT SERVERNote All users from the specified domain can now login but have no rights
12 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
1 Identify the Active Directory group which
contains the relevant users based on
there roles and application requirements
2 Import the relevant group using the
Import AD user groups section of ASAP
3 Any user who is a member of the AD
Group will inherit the role defined here
Assigning Role
13 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
Permissions are set for the imported groups at the application level and also the environment level
Assigning Permissions
ENVIRONMENT LEVEL PERMISSIONSAPPLICATION LEVEL PERMISSIONS
14 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Active Directory Login Example
The user1 is an Active Directory user who is a member of an AD group with permissions for two applications ldquoFinancerdquo and ldquoTest Applicationrdquo but can not see the application ldquoHealthcarerdquo
Execution Server Architecture and Firewalls
16 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Overview
Number of Agents Per Execution Server NES depends on several factors Number of executions performed in parallel
The complexity of those executions
The size of files transferred during the process executions
Default setting is 200 Agents per Execution Server NES 552 supports 1000 agents with 400 active deployments
Execution servers should be located electronically close to agent machines
17 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture - STAR
Simple Execution Server NES routing Architecture
Execution
Server A
Execution
Server C
Execution
Server D
Execution
Server E
Agent
Node
4
Agent
Node
3
Agent
Node
2
Agent
Node
1
Agent
Node
6
Agent
Node
5
Rep Agent1
Management
Server
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffice ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
18 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Ring Execution Server with High Availability Architecture
ManagementServer
Execution Server A
Execution Server C
Execution Server D
Execution Server B
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Management Server
LegendHTTP Traffic ndash HTTP 8080 HTTPS 8443Active MQ Traffic ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
OracleDatabase Server
Agent Node6
Agent Node5
Repository Server
JDBC TCP 1521
Repository TCP 8080
Datacenter Two
Datacenter One
Management Network
ExecutionServer C
Execution Server A
Management Server
Agent Node 1
Agent Node 2
Management Server
Execution Server B
ExecutionServer D
Agent Node 3
Agent Node 4
Agent Node 5
Agent Node 6
Agent Node 5
Agent Node 6
RepositoryServer
19 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture ndashSTAR with High Availability
No single point of failure in Execution Server NES routing
Execution Server A
Execution Server B
Execution Server C
Execution Server D
Execution Server E
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Rep Agent1
ManagementServer
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffic ndash TCP 61616 SSL 61617
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
Execution Server B
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
10 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
User Roles
USER Application Creator Artifact Manager
SUPERUSERNote The superuser role should only be used for system administration
ADMIN USER Security and Permissions Administrator Servers Administrator General System Administrator
Note Admin Users cannot access applications
11 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Enable LDAP Integration
CONFIGURE ACTIVE DIRECTORY CONNECTION DETAILSEdit distributedproperties file
useactivedirectoryauthentication=true
useactivedirectorydomain=domain1ad1com
useactivedirectoryurl=ldap172171790
useactivedirectoryuserusername=ldap_browsedomain1ad1com
useactivedirectoryuserpassword=ldap_browse-Password
RESTART MANAGEMENT SERVERNote All users from the specified domain can now login but have no rights
12 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
1 Identify the Active Directory group which
contains the relevant users based on
there roles and application requirements
2 Import the relevant group using the
Import AD user groups section of ASAP
3 Any user who is a member of the AD
Group will inherit the role defined here
Assigning Role
13 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
Permissions are set for the imported groups at the application level and also the environment level
Assigning Permissions
ENVIRONMENT LEVEL PERMISSIONSAPPLICATION LEVEL PERMISSIONS
14 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Active Directory Login Example
The user1 is an Active Directory user who is a member of an AD group with permissions for two applications ldquoFinancerdquo and ldquoTest Applicationrdquo but can not see the application ldquoHealthcarerdquo
Execution Server Architecture and Firewalls
16 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Overview
Number of Agents Per Execution Server NES depends on several factors Number of executions performed in parallel
The complexity of those executions
The size of files transferred during the process executions
Default setting is 200 Agents per Execution Server NES 552 supports 1000 agents with 400 active deployments
Execution servers should be located electronically close to agent machines
17 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture - STAR
Simple Execution Server NES routing Architecture
Execution
Server A
Execution
Server C
Execution
Server D
Execution
Server E
Agent
Node
4
Agent
Node
3
Agent
Node
2
Agent
Node
1
Agent
Node
6
Agent
Node
5
Rep Agent1
Management
Server
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffice ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
18 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Ring Execution Server with High Availability Architecture
ManagementServer
Execution Server A
Execution Server C
Execution Server D
Execution Server B
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Management Server
LegendHTTP Traffic ndash HTTP 8080 HTTPS 8443Active MQ Traffic ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
OracleDatabase Server
Agent Node6
Agent Node5
Repository Server
JDBC TCP 1521
Repository TCP 8080
Datacenter Two
Datacenter One
Management Network
ExecutionServer C
Execution Server A
Management Server
Agent Node 1
Agent Node 2
Management Server
Execution Server B
ExecutionServer D
Agent Node 3
Agent Node 4
Agent Node 5
Agent Node 6
Agent Node 5
Agent Node 6
RepositoryServer
19 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture ndashSTAR with High Availability
No single point of failure in Execution Server NES routing
Execution Server A
Execution Server B
Execution Server C
Execution Server D
Execution Server E
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Rep Agent1
ManagementServer
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffic ndash TCP 61616 SSL 61617
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
Execution Server B
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
11 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Enable LDAP Integration
CONFIGURE ACTIVE DIRECTORY CONNECTION DETAILSEdit distributedproperties file
useactivedirectoryauthentication=true
useactivedirectorydomain=domain1ad1com
useactivedirectoryurl=ldap172171790
useactivedirectoryuserusername=ldap_browsedomain1ad1com
useactivedirectoryuserpassword=ldap_browse-Password
RESTART MANAGEMENT SERVERNote All users from the specified domain can now login but have no rights
12 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
1 Identify the Active Directory group which
contains the relevant users based on
there roles and application requirements
2 Import the relevant group using the
Import AD user groups section of ASAP
3 Any user who is a member of the AD
Group will inherit the role defined here
Assigning Role
13 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
Permissions are set for the imported groups at the application level and also the environment level
Assigning Permissions
ENVIRONMENT LEVEL PERMISSIONSAPPLICATION LEVEL PERMISSIONS
14 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Active Directory Login Example
The user1 is an Active Directory user who is a member of an AD group with permissions for two applications ldquoFinancerdquo and ldquoTest Applicationrdquo but can not see the application ldquoHealthcarerdquo
Execution Server Architecture and Firewalls
16 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Overview
Number of Agents Per Execution Server NES depends on several factors Number of executions performed in parallel
The complexity of those executions
The size of files transferred during the process executions
Default setting is 200 Agents per Execution Server NES 552 supports 1000 agents with 400 active deployments
Execution servers should be located electronically close to agent machines
17 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture - STAR
Simple Execution Server NES routing Architecture
Execution
Server A
Execution
Server C
Execution
Server D
Execution
Server E
Agent
Node
4
Agent
Node
3
Agent
Node
2
Agent
Node
1
Agent
Node
6
Agent
Node
5
Rep Agent1
Management
Server
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffice ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
18 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Ring Execution Server with High Availability Architecture
ManagementServer
Execution Server A
Execution Server C
Execution Server D
Execution Server B
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Management Server
LegendHTTP Traffic ndash HTTP 8080 HTTPS 8443Active MQ Traffic ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
OracleDatabase Server
Agent Node6
Agent Node5
Repository Server
JDBC TCP 1521
Repository TCP 8080
Datacenter Two
Datacenter One
Management Network
ExecutionServer C
Execution Server A
Management Server
Agent Node 1
Agent Node 2
Management Server
Execution Server B
ExecutionServer D
Agent Node 3
Agent Node 4
Agent Node 5
Agent Node 6
Agent Node 5
Agent Node 6
RepositoryServer
19 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture ndashSTAR with High Availability
No single point of failure in Execution Server NES routing
Execution Server A
Execution Server B
Execution Server C
Execution Server D
Execution Server E
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Rep Agent1
ManagementServer
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffic ndash TCP 61616 SSL 61617
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
Execution Server B
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
12 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
1 Identify the Active Directory group which
contains the relevant users based on
there roles and application requirements
2 Import the relevant group using the
Import AD user groups section of ASAP
3 Any user who is a member of the AD
Group will inherit the role defined here
Assigning Role
13 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
Permissions are set for the imported groups at the application level and also the environment level
Assigning Permissions
ENVIRONMENT LEVEL PERMISSIONSAPPLICATION LEVEL PERMISSIONS
14 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Active Directory Login Example
The user1 is an Active Directory user who is a member of an AD group with permissions for two applications ldquoFinancerdquo and ldquoTest Applicationrdquo but can not see the application ldquoHealthcarerdquo
Execution Server Architecture and Firewalls
16 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Overview
Number of Agents Per Execution Server NES depends on several factors Number of executions performed in parallel
The complexity of those executions
The size of files transferred during the process executions
Default setting is 200 Agents per Execution Server NES 552 supports 1000 agents with 400 active deployments
Execution servers should be located electronically close to agent machines
17 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture - STAR
Simple Execution Server NES routing Architecture
Execution
Server A
Execution
Server C
Execution
Server D
Execution
Server E
Agent
Node
4
Agent
Node
3
Agent
Node
2
Agent
Node
1
Agent
Node
6
Agent
Node
5
Rep Agent1
Management
Server
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffice ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
18 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Ring Execution Server with High Availability Architecture
ManagementServer
Execution Server A
Execution Server C
Execution Server D
Execution Server B
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Management Server
LegendHTTP Traffic ndash HTTP 8080 HTTPS 8443Active MQ Traffic ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
OracleDatabase Server
Agent Node6
Agent Node5
Repository Server
JDBC TCP 1521
Repository TCP 8080
Datacenter Two
Datacenter One
Management Network
ExecutionServer C
Execution Server A
Management Server
Agent Node 1
Agent Node 2
Management Server
Execution Server B
ExecutionServer D
Agent Node 3
Agent Node 4
Agent Node 5
Agent Node 6
Agent Node 5
Agent Node 6
RepositoryServer
19 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture ndashSTAR with High Availability
No single point of failure in Execution Server NES routing
Execution Server A
Execution Server B
Execution Server C
Execution Server D
Execution Server E
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Rep Agent1
ManagementServer
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffic ndash TCP 61616 SSL 61617
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
Execution Server B
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
13 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Assigning Roles and Permissions
Permissions are set for the imported groups at the application level and also the environment level
Assigning Permissions
ENVIRONMENT LEVEL PERMISSIONSAPPLICATION LEVEL PERMISSIONS
14 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Active Directory Login Example
The user1 is an Active Directory user who is a member of an AD group with permissions for two applications ldquoFinancerdquo and ldquoTest Applicationrdquo but can not see the application ldquoHealthcarerdquo
Execution Server Architecture and Firewalls
16 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Overview
Number of Agents Per Execution Server NES depends on several factors Number of executions performed in parallel
The complexity of those executions
The size of files transferred during the process executions
Default setting is 200 Agents per Execution Server NES 552 supports 1000 agents with 400 active deployments
Execution servers should be located electronically close to agent machines
17 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture - STAR
Simple Execution Server NES routing Architecture
Execution
Server A
Execution
Server C
Execution
Server D
Execution
Server E
Agent
Node
4
Agent
Node
3
Agent
Node
2
Agent
Node
1
Agent
Node
6
Agent
Node
5
Rep Agent1
Management
Server
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffice ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
18 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Ring Execution Server with High Availability Architecture
ManagementServer
Execution Server A
Execution Server C
Execution Server D
Execution Server B
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Management Server
LegendHTTP Traffic ndash HTTP 8080 HTTPS 8443Active MQ Traffic ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
OracleDatabase Server
Agent Node6
Agent Node5
Repository Server
JDBC TCP 1521
Repository TCP 8080
Datacenter Two
Datacenter One
Management Network
ExecutionServer C
Execution Server A
Management Server
Agent Node 1
Agent Node 2
Management Server
Execution Server B
ExecutionServer D
Agent Node 3
Agent Node 4
Agent Node 5
Agent Node 6
Agent Node 5
Agent Node 6
RepositoryServer
19 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture ndashSTAR with High Availability
No single point of failure in Execution Server NES routing
Execution Server A
Execution Server B
Execution Server C
Execution Server D
Execution Server E
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Rep Agent1
ManagementServer
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffic ndash TCP 61616 SSL 61617
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
Execution Server B
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
14 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Active Directory Login Example
The user1 is an Active Directory user who is a member of an AD group with permissions for two applications ldquoFinancerdquo and ldquoTest Applicationrdquo but can not see the application ldquoHealthcarerdquo
Execution Server Architecture and Firewalls
16 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Overview
Number of Agents Per Execution Server NES depends on several factors Number of executions performed in parallel
The complexity of those executions
The size of files transferred during the process executions
Default setting is 200 Agents per Execution Server NES 552 supports 1000 agents with 400 active deployments
Execution servers should be located electronically close to agent machines
17 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture - STAR
Simple Execution Server NES routing Architecture
Execution
Server A
Execution
Server C
Execution
Server D
Execution
Server E
Agent
Node
4
Agent
Node
3
Agent
Node
2
Agent
Node
1
Agent
Node
6
Agent
Node
5
Rep Agent1
Management
Server
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffice ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
18 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Ring Execution Server with High Availability Architecture
ManagementServer
Execution Server A
Execution Server C
Execution Server D
Execution Server B
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Management Server
LegendHTTP Traffic ndash HTTP 8080 HTTPS 8443Active MQ Traffic ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
OracleDatabase Server
Agent Node6
Agent Node5
Repository Server
JDBC TCP 1521
Repository TCP 8080
Datacenter Two
Datacenter One
Management Network
ExecutionServer C
Execution Server A
Management Server
Agent Node 1
Agent Node 2
Management Server
Execution Server B
ExecutionServer D
Agent Node 3
Agent Node 4
Agent Node 5
Agent Node 6
Agent Node 5
Agent Node 6
RepositoryServer
19 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture ndashSTAR with High Availability
No single point of failure in Execution Server NES routing
Execution Server A
Execution Server B
Execution Server C
Execution Server D
Execution Server E
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Rep Agent1
ManagementServer
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffic ndash TCP 61616 SSL 61617
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
Execution Server B
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
Execution Server Architecture and Firewalls
16 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Overview
Number of Agents Per Execution Server NES depends on several factors Number of executions performed in parallel
The complexity of those executions
The size of files transferred during the process executions
Default setting is 200 Agents per Execution Server NES 552 supports 1000 agents with 400 active deployments
Execution servers should be located electronically close to agent machines
17 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture - STAR
Simple Execution Server NES routing Architecture
Execution
Server A
Execution
Server C
Execution
Server D
Execution
Server E
Agent
Node
4
Agent
Node
3
Agent
Node
2
Agent
Node
1
Agent
Node
6
Agent
Node
5
Rep Agent1
Management
Server
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffice ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
18 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Ring Execution Server with High Availability Architecture
ManagementServer
Execution Server A
Execution Server C
Execution Server D
Execution Server B
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Management Server
LegendHTTP Traffic ndash HTTP 8080 HTTPS 8443Active MQ Traffic ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
OracleDatabase Server
Agent Node6
Agent Node5
Repository Server
JDBC TCP 1521
Repository TCP 8080
Datacenter Two
Datacenter One
Management Network
ExecutionServer C
Execution Server A
Management Server
Agent Node 1
Agent Node 2
Management Server
Execution Server B
ExecutionServer D
Agent Node 3
Agent Node 4
Agent Node 5
Agent Node 6
Agent Node 5
Agent Node 6
RepositoryServer
19 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture ndashSTAR with High Availability
No single point of failure in Execution Server NES routing
Execution Server A
Execution Server B
Execution Server C
Execution Server D
Execution Server E
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Rep Agent1
ManagementServer
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffic ndash TCP 61616 SSL 61617
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
Execution Server B
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
16 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Overview
Number of Agents Per Execution Server NES depends on several factors Number of executions performed in parallel
The complexity of those executions
The size of files transferred during the process executions
Default setting is 200 Agents per Execution Server NES 552 supports 1000 agents with 400 active deployments
Execution servers should be located electronically close to agent machines
17 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture - STAR
Simple Execution Server NES routing Architecture
Execution
Server A
Execution
Server C
Execution
Server D
Execution
Server E
Agent
Node
4
Agent
Node
3
Agent
Node
2
Agent
Node
1
Agent
Node
6
Agent
Node
5
Rep Agent1
Management
Server
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffice ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
18 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Ring Execution Server with High Availability Architecture
ManagementServer
Execution Server A
Execution Server C
Execution Server D
Execution Server B
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Management Server
LegendHTTP Traffic ndash HTTP 8080 HTTPS 8443Active MQ Traffic ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
OracleDatabase Server
Agent Node6
Agent Node5
Repository Server
JDBC TCP 1521
Repository TCP 8080
Datacenter Two
Datacenter One
Management Network
ExecutionServer C
Execution Server A
Management Server
Agent Node 1
Agent Node 2
Management Server
Execution Server B
ExecutionServer D
Agent Node 3
Agent Node 4
Agent Node 5
Agent Node 6
Agent Node 5
Agent Node 6
RepositoryServer
19 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture ndashSTAR with High Availability
No single point of failure in Execution Server NES routing
Execution Server A
Execution Server B
Execution Server C
Execution Server D
Execution Server E
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Rep Agent1
ManagementServer
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffic ndash TCP 61616 SSL 61617
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
Execution Server B
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
17 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture - STAR
Simple Execution Server NES routing Architecture
Execution
Server A
Execution
Server C
Execution
Server D
Execution
Server E
Agent
Node
4
Agent
Node
3
Agent
Node
2
Agent
Node
1
Agent
Node
6
Agent
Node
5
Rep Agent1
Management
Server
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffice ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
18 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Ring Execution Server with High Availability Architecture
ManagementServer
Execution Server A
Execution Server C
Execution Server D
Execution Server B
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Management Server
LegendHTTP Traffic ndash HTTP 8080 HTTPS 8443Active MQ Traffic ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
OracleDatabase Server
Agent Node6
Agent Node5
Repository Server
JDBC TCP 1521
Repository TCP 8080
Datacenter Two
Datacenter One
Management Network
ExecutionServer C
Execution Server A
Management Server
Agent Node 1
Agent Node 2
Management Server
Execution Server B
ExecutionServer D
Agent Node 3
Agent Node 4
Agent Node 5
Agent Node 6
Agent Node 5
Agent Node 6
RepositoryServer
19 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture ndashSTAR with High Availability
No single point of failure in Execution Server NES routing
Execution Server A
Execution Server B
Execution Server C
Execution Server D
Execution Server E
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Rep Agent1
ManagementServer
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffic ndash TCP 61616 SSL 61617
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
Execution Server B
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
18 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Ring Execution Server with High Availability Architecture
ManagementServer
Execution Server A
Execution Server C
Execution Server D
Execution Server B
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Management Server
LegendHTTP Traffic ndash HTTP 8080 HTTPS 8443Active MQ Traffic ndash TCP 61616
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
OracleDatabase Server
Agent Node6
Agent Node5
Repository Server
JDBC TCP 1521
Repository TCP 8080
Datacenter Two
Datacenter One
Management Network
ExecutionServer C
Execution Server A
Management Server
Agent Node 1
Agent Node 2
Management Server
Execution Server B
ExecutionServer D
Agent Node 3
Agent Node 4
Agent Node 5
Agent Node 6
Agent Node 5
Agent Node 6
RepositoryServer
19 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture ndashSTAR with High Availability
No single point of failure in Execution Server NES routing
Execution Server A
Execution Server B
Execution Server C
Execution Server D
Execution Server E
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Rep Agent1
ManagementServer
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffic ndash TCP 61616 SSL 61617
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
Execution Server B
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
19 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server NES Routing Architecture ndashSTAR with High Availability
No single point of failure in Execution Server NES routing
Execution Server A
Execution Server B
Execution Server C
Execution Server D
Execution Server E
Agent Node4
Agent Node3
Agent Node2
Agent Node1
Agent Node6
Agent Node5
Rep Agent1
ManagementServer
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443ActiveMQ Traffic ndash TCP 61616 SSL 61617
Agent Communication ndash TCP 6600
NES Routing Link TCP 6600
Execution Server C
Execution Server D
Execution Server E
Execution Server A
Management Server
Rep Agent 1
Agent Node
1
Agent Node
2
Agent Node
3
Agent Node
4
Agent Node
5
Agent Node
6
Execution Server B
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
20 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Clustered jFrog Repository architecture
End Users
Management Server (NAC)
Database Server
Execution Server
Agent Node
Agent Node
Agent Node
Agent Node
Agent Node
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Proxy
Repository HTTP Proxy Load
Balancer
Proxy
Management Server (NAC)
Execution Server
JFrog Artifactory
Node
JFrog Artifactory
Node
NFS Storage
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
21 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Considerations
If a small number of agents are outside of a firewall a Execution Server NES can be located inside the firewall and configured for outbound communication only
If a large number of agents are outside the firewall the best practice is to place a Execution Server NES outside the firewall as this will restrict the number of firewall rules required
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
22 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Firewall Environment ndash Agent Outbound Port
Execution
ServerManagement
Server
(NAC)
Agent Node
IP Address
12121212
Agent Port
6600
Database
Server
3
Legend
HTTP Traffic ndash HTTP 8080 HTTPS 8443
Database Communication
End Users
Agent Communication ndash TCP 6600
Active MQ ndash TCP 616162
1
3
4
Act ive
Directory
(Optional)
Server
(optional)
1
1
4
5
5
6
6
AD User Authentication ndash LDAP 389 LDAPS 636
Email Communication ndash SMTP 25
4
Agent Node
IP Address
12121213
Agent Port
6600
nimi_configxml configuration
-ltreverse_settingsgt -ltnodesgt ltnodegt121212126600ltnodegt ltnodegt121212136600ltnodegt ltnodesgt ltconnection_queue_sizegt5242880ltconnection_queue_sizegt lt--5MB--gt ltconnection_queue_wait_timegt180000ltconnection_queue_wait_timegt lt--in milliseconds--gt ltpoll_intervalgt150000ltpoll_intervalgt lt-- poll every 25 min--gt ltpoll_retrygt150000ltpoll_retrygt lt-- poll retry in case of other side is dead every 25 min--gt ltreverse_settingsgt ltnetworkgt
Firewall configuration
TCP Port 6600 open from Execution Server to Agent Network
2
4
End Users
Management Server (NAC)
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Execution Server
Agent NodeIP Address
12121212Agent Port 6600
Agent NodeIP Address
12121213Agent Port 6600
Firewall ConfigurationTCP Port 6600 open from Execution Server to
Agent Network
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
23 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
End Users
Firewall Environments ndash Execution Server NES outside Firewall
Firewall ConfigurationTCP Port 8080 open from NAC to Execution Server
TCP Port 616161 open from NAC to Execution ServerTCP Port 6600 open from NES to NES
Management Server (NAC) amp
RepositoryExecution
Server
Database Server
Active Directory(optional)
E ma i lS er v er
( opt i ona l )
Agent Node
Agent NodeAgent Node Agent Node
Execution Server
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
Securing Communication
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
25 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Securing Release Automation Communication Overview
Release Automation is shipped with self signed certificated and by choosing to use the secured ports these certificates will be used
Browser and ASAP to Data Manager
- HTTPS - 8443
Data manager to Execution Servers
- HTTPS ndash 8443 and ActiveMQ - 61616
Execution Server to Agents
- Nimi TLS - 6600
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
26 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
UI to Management Server
Use the following URL to connection between ASAP Browsers and the management servers using HTTPS and the default CA Certificates
httpsmanagementserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
27 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Management Server to Execution Server
Use the following URL to connection between the management servers and the execution server using HTTPS and the default CA Certificates
httpsexecutionserver8443
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
28 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server to Agents
At installation time of the agent an option can be selected to use secure communications
Post agent installation you can enable this functionality by editing RA_HOMEconfnimi_configxml
Enable secure communication by editing this section and setthing it to true
ltsecuritygt
ltenabledgtfalseltenabledgt
If the certificates need to be replaced with custom certificates details can be found on the CA Wiki
httpsgoogl4ko5Dz
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
Troubleshooting
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
30 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
JMX is a java technology that
supplies tools for managing and
monitoring applications
JMX can be used to interrogate Release
Automation internals but should only be
used when directed by CA support
JMX is available on NAC NES on port 20203 and
agents on port 8282
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
31 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Java Management Extensions (JMX)
Primary JMX Domain is called noliocenter
Type=HighAvailabilityShows the status of the NAC High Availability
Type=InfoIs a useful view of process Status and can be used to Remove jobs
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
32 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ
CA Release Automation is now using ActiveMQ
starting from version 50
ActiveMQ is a message queues server implementation
Implements the JMS standard
Broker
Broker
Broker
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
Consumer
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
33 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Topology
ActiveMQ runs as an embedded server in the NAC and in the NES
All JMS (MQ) traffic is in the direction of the NAC All consumers are on the NAC
All producers are on the NES
The activeMQ server is exposed in JMX (port 20203 look for ActiveMQ)
When the NES and the NAC are on the same machine (full install) than the NES uses the NAC ActiveMQ server
NES (standalone)
ActiveMQ broker on NES
NES (all-in-one)
ActiveMQ brokeron NAC
NAC
MQ
MQ
MQ
MQ
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
34 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Network Connections
All JMS Traffic flows from the NES to the
NAC The NAC still uses HTTP to send
instructions and messages to the NES
ActiveMQ runs by default on TCP port
61616 (can be configured)
The NAC creates a duplex connection to
the NES machines
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
35 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Queues on ActiveMQ
We define multiple queues on ActiveMQ
The queues are distributes (itrsquos the same queue on all the brokers)ndash Connectivity queue
Holds keep-alive messages
ndash Requests queue
For example ndash request of parameter values
ndash Events queue
For example ndash flow started flow finished file transfer done
ndash Step events queue
For example step started step in progress
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
36 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Configuration
The configuration of ActiveMQ is done in several XMLrsquos
Comes preconfigured ndash no need to touch (except in the case of SSL)
NAC FILES
activemq-broker-nacxml
inbound-nacxml
NES FILES
activemq-broker-nesxml
activemq-external-broker-nesxml
outbound-nesxml
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
37 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
ActiveMQ Property Files
Different files for NAC and the NES
webappsdatamanagementWEB-INFjmsproperties
webappsexecutionWEB-INFjmsproperties
Automatically created and configured during upgradeinstall
Wed Feb 18 154707 GMT 2015
jmstransportportnes=61616
httptonac=false
jmstruststore=confnoliojks
jmsencryptedkeystorepassword=A30B6F1F8F7
A0E456311C3142AE07D7A
jmsencryptedtruststorepassword=A30B6F1F8F
7A0E456311C3142AE07D7A
jmstransportportnac=61617
jmsactivatebroker=true
jmskeystore=confkeyStorejks
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
38 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
JMX interface ActiveMQ
One of the first lines (brokerName=BrokerNacServer) links to controlling the activeMQ server
The next lines contains the queues the consumers and the producers
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
39 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting
1 IS THE CORRECT PROFILE ACTIVE (ON BOTH NAC AND NES)
a Profiles can be found in the log of the NAC and the NES (during the spring context definition) Just look for the words Active spring profiles
i [main] INFO (comnolioplatformservercontextProfilesApplicationContextInitializer30) - Active spring profiles [httptones jmstonac JPA jmsexternalbroker]
2 VERIFY THAT THE ACTIVEMQ SERVER IS UP AND RUNNING
a The server is exposed by JMX Enter the JMX management page (httphostname20203) (user nolio password nolio)
b Look for domain orgapacheactivemq
c Check in both NAC and NES (unless NES is all-in-one)
d orgapacheactivemqtype=BrokerbrokerName=brokerNacServer
i TotalConsumerCount should be gt 10
ii TotalDequeueCount should be gt 0
iii TotalEnqueueCount should be gt 0
e orgapacheactivemqtype=BrokerbrokerName=brokerNacServerservice=HealthYou can check the health status of the embedded activeMQ broker The attribute CurrentStatus should be good
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
40 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting (2)
1 Verify that the queues were created (under the JMX)
2 Look at the dm logs - are there any connection refused exceptions
look for the word brokerldquo
Its ok to have some connection refused exceptions at the beginning The
NES connects to the NAC before the NAC is fully up and running
3 Is the NES showing as available in the UI Try to edit and save
Is the broker port configured correctly
4 Check the firewall settings
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
41 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
NiMi
Execution Servers and Agents connect using NiMi which is CA Technologies proprietary protocol
In NiMi the serialized Java objects are transferred over plain TCP with the option of Transport Layer Security (TLS)
Execution Servers and Agents use NiMi to communicate with each other
NiMi is a P2P proprietary protocol each Agent can connect to any other Agent as long as they are part of the same NiMi network Agents or Execution Servers are nodes in the NiMi network
NiMi security configuration is defined in the configuration file nimi_configxml found in the conf subfolder of an Agent or an Execution Server
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
42 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
nimi_configxml
NAME REQUIRED POSSIBLE VALUES DESCRIPTION
enabled YES true false
Element which determines whether current node requires TLS connection If the value is true this node will use secure communication Any other value will be regarded as false
keystore YES ltfile pathgt Path to the main keystore which contains the key pair for TLS communication
keystore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used to read the keystore and the key pair Note The keystore_password is used to open both keystore and the key pair
trust_store YES ltfile pathgt Path to the main truststore which contains the public keys that should be trusted by current node
trustore_password YES ltencrypted stringgt Encrypted password in BASE64 form which will be used in order to read the truststore and the keys in it
cipher_suitescipher_suite NO ltJAAS identification of a cipher suitegt
Element which contains cipher_suite elements each of which defines a single cipher suite permitted for use by the node If no cipher suite is defined all cipher suites will be eligible for usage The specific value to use can be determined by inspection of nimilog of logs subfolder just after the node was started At start-up each NiMi node lists all available cipher suites and ones that were configured
Xml file contains the settings for config network and security
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
43 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE MANAGEMENT Data Manager Log file properties file Location
ndash ltRelease_Automation_Install_FoldergtwebappsdatamanagementWEB-INFlog4jproperties
Execution Server Log file properties file Location
ndash ltRelease_Automation_Install_Foldergt webappsexecutionWEB-INFlog4jproperties
Agent Log file properties file Location
ndash ltRelease_Automation_Install_Foldergtconflog4jproperties
To change the default backups and size of your logs you can alter these Properties
ndash log4jappenderauditingMaxFileSize=5000KB
ndash log4jappenderauditingMaxBackupIndex=5
Service restart is not required
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
44 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
Log files wrap when they reach the size specified in the log4jproperties file so the logs should be collected as soon after an error has occurred
When Troubleshooting issues with the Data Manager first check that the data manager has completed startup by searching for the string $$$$ in the log Nolio_dm_alllog
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
45 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Troubleshooting Best Practice
LOG FILE REVIEWING
If the Data Manager does not start correctly a key configuration file to check is the database configuration file
ndash CAReleaseAutomationServerwebappsdatamanagementWEB-INFdistributedpropertiesldquo
Log files can be gathered from the designer UI
When initially reviewing log files first search for the string ldquoerrorrdquo
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
46 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Overview
Management Server (NAC)
Release Operations CenterAutomation StudioDelivery Dashboard
Embedded Repository
Sonatype Nexus DefaultURL httpDataManagerserver8080nexus Credentials admin nolionolio
JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Management Server Apache Default Port 8080 8443 8083 61616 61617 DefaultURL httpDataManagerserver8080 ROC URL httpDataManagerserver8080datamanagementasapuihtml Dashboard URL httpDataManagerserver8080datamanagementMngConsolehtm
Superuser Credentials superuser suser
Windows service names Nolio Release Automation Server Service Nolio Update Service Nolio Agent
Management Server (NAC)Release Operations Center
Automation StudioDelivery Dashboard
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
47 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
PRIMARY LOG FILE nolio_dm_alllog
LOG FILE CONTAINS THE FOLLOWING INFORMATION NAC start-up sequence
DB connectivity
Amount of agents that connected to each NES and unreachable agents
Status of processes execution
Logged in users
Details about design and publish activities
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
48 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
nolio_documentlog Contains information about processes that exported to xml document
File Location = ltInstall dirgtlogsnolio_documentlog
nolio_exportlog Contains information about componentsapplications that importedexported tofrom
the system
LogFile Location = ltInstall dirgtlogsnolio_exportlog
nolio_auditinglog Contains all design and administration changes (Note that audit report need to be
enable)
Log file Location = ltInstall dirgtlogsnolio_auditinglog
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
49 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Data Management Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog installationlog
- Contains a summary of system upgrade from previous version
- ltInstall dirgtinstall4jinstallationlog
Agent_upgradelog
Contains a summary of agents upgrade
Log file Location = ltInstall dirgtlogsAgent_upgradelog
Installation log can be found in temp folder
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
50 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
CONFIGURATION The Action Management panel in the Release
Operations Center displays the installed Action Packs and also a list of available action packs that can be downloaded from the CA FTP site as shown in the following screenshot
The REST_PORT value is the port used to connect the Action management portlet within the ROC UI to the update service on the NAC
If the NAC does not have access to the internet the content of the FTP url can be copied to an internal FTP server and the values for CA_URL and CA_PACK_URL modified accordingly
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
51 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
The default ports for this service can be modified in the following file which
can be found on the NAC
CProgram FilesCAReleaseAutomationServerUpdateServiceURLini
The configuration file contains the following information
Wed Jan 29 153812 EST 2014
CA_URL=ftpftpcacompubdpmReleaseAutomationUpdateService
CA_PACK_URL=ftpftpcacompubdpmReleaseAutomationActionsActionPacks
INTERVAL=1440
REST_PORT=8083
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
52 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Update Service Log location
CAReleaseAutomationServerUpdateServiceupdate-servicelog
CAReleaseAutomationServerUpdateServicenolio_update_service_errorlog
CAReleaseAutomationServerUpdateServicenolio_update_service_outputlog
LOGGING
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
53 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
Confirm that the following URL is accessible from the NAC server through a direct internet connection with no Proxies
ndash ftpftpcacompubdpmReleaseAutomationActionsActionPacks
Confirm that the Nolio Update service is running
ndash On Windows check that the ldquoNolio Update Servicerdquo is running
ndash On Linux run the command nolio_update_service status
Check the nolio_update_service_outputlog and confirm that you see the following
INFO Cannot parse the ftp port from URLini will use the default port 21
INFO remote ftp file pubdpmReleaseAutomationUpdateServiceupxml
INFO Ftp File ftpftpcacompubdpmReleaseAutomationUpdateServiceupxml has been downloaded successfully
TROUBLESHOOTING
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
54 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Action Pack Download Service
If the connection to the FTP server has succeeded the file pkgListxml will be found in the following locationndash CProgram FilesCAReleaseAutomationServerUpdateService
Use Netstat to confirm that the port 8083 is listening and if a firewall is used on the NAC or between the NAC and the Browser (ROC) ensure that port TCP 8083 is open
From the Browser machine confirm that port 8083 is accessible using telnet
TROUBLESHOOTING
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
55 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution server Overview
Execution Server JMX Management Console
MX4J DefaultURL httpDataManagerserver20203 Credentials nolio nolio Changes should only be made directly within the JMX when instructed to by Support
Execution Server Apache Default Port = 8080 8443 6600 and 61616 61617
Windows service names CA LISA Release Automation Server Service CA LISA Release Automation watchdog Service
Execution Server
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
56 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
Nimilog Contains Information regarding communication between NAGs and NES such as handshake activity
Contains Network topology (NAG and NES versions IDrsquos IPrsquos etc)
Contains Information regarding parameters values and files that transfers between NAGs
Log file location = ltInstall dirgtlogsnimilog
Nolio_exec_alllog and executionlog Contains Information regarding execution events and parameters that transfers between NAGrsquos NES
and NAC
Contains Remote agent installations logging
Log file Locations = ltInstall dirgtlogsNolio_exec_alllog ltInstall dirgtlogsexecutionlog
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
57 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Execution Server Log files
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
installationlog Contains a summary of system upgrade from previous version
ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
58 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Overview
Agent Node
Agent Default Port = 6600
Windows service name
Nolio Agent
JMX Management Console
MX4J
DefaultURL httpDataManagerserver8282
Credentials nolio nolio
Changes should only be made directly within the JMX when instructed to by Support
Agent Node
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
59 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nimilog Contains Information regarding communication between agent and NES
Contains Information regarding parameters values and files that transfers
Log file location = ltInstall dirgtlogsnimilog
Nolio_alllog All NAG activity except the network layer (stored in nimilog)
Log file Locations = ltInstall dirgtlogsNolio_alllog
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
60 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Agent Server Log Files
Nolio_action_exelog Contains specific information about actions executions and their results
Log file Locations = ltInstall dirgtlogs
installationlog Contains a summary of system installation
Log file Location = ltInstall dirgtinstall4jinstallationlog
Installation log can be found in temp folder
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
Rest API
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
62 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
REST stands for Representational State Transfer
It relies on a stateless client-server cacheable communications protocol using the HTTP protocol
REST API can be used to Externalise functionality within CA Release Automation
Rest API documentation is available from the Help link within the ROC
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
63 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Open a REST client in this example we are using ldquoPOSTMANrdquo within the Chrome browser
To list the applications within Release Automation the online help has the following information
Enter this URL into the Rest Client and change the type of connection to ldquoGETrdquo
Example
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
64 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
Change the Authentication tab to ldquoBasic Authrdquo and enter credentials for your release automation server
Enter header parametersContent-Type Texthtml
Click ldquoSendrdquo to test the Rest connection and retrieve the response
Example ndash Continued
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
65 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Rest API
The output can be shown as JSON or XML and the client shows the Status return code and response time
Example ndash Continued
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
66 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Recommended Sessions
SESSION TITLE DATETIME
DO4X210L
Hands-On Lab Build Integrations You Need with CA
Release Automation Rapid Development Kit (RDK) and
Software Development Kit (SDK)
11192015 at 300 pm
DO4T20SCase Study Euroclear Adopts Continuous Delivery for
New Customer-Facing Application 11192015 at 430 pm
DO4T33TTech Talk Evolve from Continuous Integration to
Continuous Delivery11192015 at 1215 pm
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
67 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Must See Demos
CA Release Automation
CA Release Automation
Theater 4
CA Release Pipeline ManagerTheater 4
CA RA Rapid Dev Kit SDKCA Release Automation
Theater 4
Integrations
CA Release Automation
Theater 4
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
68 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Follow On Conversations Athellip
Smart Bar
CA Release Pipeline Manager
Theater 4
Tech Talks
CA Release Automation
Theater 4
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
69 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
Q amp A
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15
70 copy 2015 CA ALL RIGHTS RESERVEDCAWORLD CAWORLD
For More Information
To learn more please visit
httpcainctoNv2VOe
CA World rsquo15