JS7 JobScheduler

Space shortcuts

Page tree

Introduction

SOS provides JS7 - Patch Management in a situation of severe bugs or Vulnerabilities.

  • Bugs, vulnerabilities and availability of patches are communicated with the SOS Change Management System.
  • The article provides information how to apply patches to the JOC Cockpit.
    FEATURE AVAILABILITY STARTING FROM RELEASE 2.5.0
  • The article explains how to manually apply patches. For automated patching see JS7 - Automated Installation and Update.

The following information applies to patches of the JOC Cockpit GUI. For patches of the JS7 - REST Web Service API (API Server) see JS7 - Patches for JOC Cockpit API.

  • Patches are offered from .tar.gz tarball archive files.
  • The same patch files are applied to Unix and Windows.
  • Patch file names follow the scheme:
    • Unix, Windows: js7_joc.<release>-PATCH.GUI-<sequence>.<issue-key>.tar.gz
    • The following placeholders are used:
      • release: The JS7 release number, for example 2.5.3, see Releases.
      • sequence:  Patches for a given release are assigned ascending numbers starting from 1. Patches with a higher number include any patches with lower numbers.
      • issue-key: The issue key in the SOS Change Management System, for example: JOC-1550.
    • Example:
      • Unix, Windows:js7_joc.2.5.3-PATCH.GUI-1.JOC-1550.tar.gz
  • Patch .tar.gz archive files do not include a directory hierarchy.

Download Patches

Find the following example for a patch:

ProductTypeMediaPatch Download URLHashSigTSR
JOC Cockpittarball archive.tar.gz

https://download.sos-berlin.com/patches/2.5.3-patch/js7_joc.2.5.3-PATCH.GUI-1.JOC-1550.tar.gz

sha256sigtsr

Caution: Do not apply the patch from the above example to any JOC Cockpit release different from 2.5.3, for details see JOC-1550.

Effective download links for JOC Cockpit patches are indicated with the respective Change Management issue.

Before applying patches users might want to verify the integrity and authenticity of downloaded patch files, see JS7 - Verifying releases.

Patches for JOC Cockpit On Premises

The JOC Cockpit GUI expects patches to be extracted to its data directory in following location:

  • Unix
    • /var/sos-berlin.com/js7/joc/webapps/joc
    • /var/sos-berlin.com/js7/joc/webapps/joc/assets
    • /var/sos-berlin.com/js7/joc/webapps/joc/styles
  • Windows
    • C:\ProgramData\sos-berlin.com\js7\joc\webapps\joc
    • C:\ProgramData\sos-berlin.com\js7\joc\webapps\joc\assets
    • C:\ProgramData\sos-berlin.com\js7\joc\webapps\joc\styles

The first part of the path including the jetty_base is specified during installation and can point to a different location. The remaining webapps/joc part of the path will remain the same for all installations.

Applying Patches

Apply the following steps to a JOC Cockpit instance. If a JOC Cockpit cluster is operated then the steps are to be performed for all JOC Cockpit instances.

Caution: Do not apply the patch from the example to any JOC Cockpit release different from 2.5.3, for details see JOC-1550.

Note: The JOC Cockpit has to be stopped before applying patches.


The examples "Automated Patching" make use of scripts 

  • Unix: js7_install_joc.sh
  • Windows: Install-JS7CJoc.ps1

For download these scripts see https://kb.sos-berlin.com/display/JS7/JS7+-+Download

Applying Patch on Unix

Manual Patching

Example how to apply a patch from a .tar.gz archive to JOC Cockpit for Unix
# invoke shell and switch to the user account that owns the JOC Cockpit's data directory

# navigate to the data directory for patches
cd /var/sos-berlin.com/js7/joc/webapps/joc

# verify the directory by checking if this file is available
ls version.json

# take a backup
tar --exclude=./WEB-INF -cvpzf /tmp/backup-joc-cockpit-$(date +"%Y%m%d-%H%M%S").tar.gz .

# remove existing files and directories
find . -maxdepth 1 -type f -delete && rm -d -r ./assets ./styles

# download the patch archive
curl https://download.sos-berlin.com/patches/2.5.3-patch/js7_joc.2.5.3-PATCH.GUI-1.JOC-1550.tar.gz -O

# extract the .tar.gz patch archive
tar -xvpozf js7_joc.2.5.3-PATCH.GUI-1.JOC-1550.tar.gz

# remove the .tar.gz patch archive
rm js7_joc.2.5.3-PATCH.GUI-1.JOC-1550.tar.gz

Automated Patching

Example how to apply a patch from a .tar.gz archive to JOC Cockpit for Unix
# invoke shell and switch to the user account that owns the JOC Cockpit's data directory

# download from patch URL
curl 'https://download.sos-berlin.com/patches/2.5.3-patch/js7_joc.2.5.3-PATCH.GUI-1.JOC-1550.tar.gz' -O

# apply patch
./js7_install_joc.sh \
    --tarball=js7_joc.2.5.3-PATCH.GUI-1.JOC-1550.tar.gz \
    --patch=JOC-1550 \
    --patch-key=GUI-1 \
    --home=/opt/sos-berlin.com/js7/joc \
    --data=/var/sos-berlin.com/js7/joc \
    --backup-dir=/tmp

Applying Patch on Windows

Manual Patching

Example how to apply a patch from a .tar.gz archive to JOC Cockpit for Windows 
@rem invoke shell and switch to the user account that owns the JOC Cockpit's data directory

@rem navigate to the data directory for patches
cd %ProgramData%\sos-berlin.com\js7\joc\webapps\joc

@rem verify the directory by checking if this file is available
dir version.json

@rem take a backup
set month=%date:~3,2%
set day=%date:~0,2%
set year=%date:~6,4%
set hour=%time:~0,2%
set minute=%time:~3,2%
set second=%time:~6,2%
tar.exe --exclude .\WEB-INF -cf %TEMP%\backup-joc-cockpit-%year%%month%%day%-%hour%%minute%%second%.zip .

@rem remove existing files and directories
del /q *.*
rmdir /q /s .\assets
rmdir /q /s .\styles

@rem download from URL https://download.sos-berlin.com/patches/2.5.3-patch/js7_joc.2.5.3-PATCH.GUI-1.JOC-1550.tar.gz
@rem copy from download location (could be different from this example)
copy %USERPROFILE%\Downloads\js7_joc.2.5.3-PATCH.GUI-1.JOC-1550.tar.gz .

@rem extract the .tar.gz patch archive
tar.exe -xzf js7_joc.2.5.3-PATCH.GUI-1.JOC-1550.tar.gz

@rem remove the .tar.gz patch archive
del js7_joc.2.5.3-PATCH.GUI-1.JOC-1550.tar.gz

Automated Patching

Example how to apply a patch from a .tar.gz archive to JOC Cockpit for Windows 
# invoke PowerShell and switch to the user account that owns the JOC Cockpit's data directory

# download from patch URL
Invoke-WebRequest `
    -Uri 'https://download.sos-berlin.com/patches/2.5.3-patch/js7_joc.2.5.3-PATCH.GUI-1.JOC-1550.tar.gz' `
    -Outfile js7_joc.2.5.3-PATCH.GUI-1.JOC-1550.tar.gz

# apply patch
./Install-JS7Joc.ps1 `
    -Tarball js7_joc.2.5.3-PATCH.GUI-1.JOC-1550.tar.gz `
    -Patch JOC-1550 `
    -PatchKey GUI-1 `
    -HomeDir $env:ProgamFiles\sos-berlin.com\js7\joc `
    -Data $env:ProgramData\sos-berlin.com\js7\joc `
    -BackupDir $env:TEMP

Note: The JOC Cockpit has to be restarted to apply patches.

Note: Users are discouraged from using tools such as 7-Zip to extract the patch archive in case of manual patching. Instead, use the tools available from the OS as indicated by the examples. Do not create a sub-folder from the archive name but extract directly to the directory hierarchy as indicated above.

Removing Patches

Patches are automatically removed when a JOC Cockpit release is updated or upgraded by JS7 - JOC Cockpit Installation On Premises or using the installation scripts as indicated with JS7 - Automated Installation and Update.

Patches can be manually removed

Note: The JOC Cockpit has to be stopped before patches are removed.

Patches for JOC Cockpit Container

Caveat:

  • As a larger number of files are included in a GUI patch this will create overlays in your container storage.
  • Users can apply patches when creating JOC Cockpit images. Use the same sequence of OS commands as indicated with chapter Patches for JOC Cockpit On Premises in your Dockerfile when creating the image. For details how to build the image see JS7 - JOC Cockpit Build of Container Image.

JOC Cockpit expects .tar.gz archive files for patches from the following location:

  • /var/sos-berlin.com/js7/joc/resources/joc/patches
  • The directory /var/sos-berlin.com/js7/joc/resources/joc typically is mounted to a config volume when running the container: for details see JS7 - JOC Cockpit Installation for Containers. The patches sub-directory should be created if it does not exist before storing the patch file to this location.

Applying Patches

On start-up the JOC Cockpit container checks the above directory for existence of *.tar.gz files. If a file is found then:

Patches are applied on start-up of a container. Patch files remain in place in the /var/sos-berlin.com/js7/joc/resources/joc/patches sub-directory (typically mounted to the config/patches volume directory) for the lifetime of the JOC Cockpit release in use. Patches have to be removed if a newer release of JOC Cockpit is used.

Note: The JOC Cockpit container has to be restarted to apply patches.

Removing Patches

Patch files are removed by dropping the files in the patches sub-directory.

Patches are not automatically removed when updating or upgrading the JOC Cockpit image. If a newer JOC Cockpit release is used then this includes any fixes provided by previous patches. Users have to remove patch files when applying new releases.

Note: The JOC Cockpit container has to be restarted to make removal of patches effective.



  • No labels