JS7 JobScheduler

Space shortcuts

Page tree

Introduction

SOS provides JS7 - Patch Management in the event of severe bugs or Vulnerabilities.

  • Bugs, vulnerabilities and availability of patches are communicated with the SOS Change Management System.
  • The article provides information how to apply patches to a JS7 Agent.
    FEATURE AVAILABILITY STARTING FROM RELEASE 2.3.0
  • The article explains how to manually apply patches. For automated patching see JS7 - Automated Installation and Update.

The following applies to use of patch files:

  • Patches are offered from from .jar Java archive files or from .tar.gz tarball archive files.
  • The same patch files are applied to Unix and Windows.
  • Patch file names follow the scheme:
    • Unix, Windows: js7_agent.<release>-PATCH.<issue-key>.[jar|tar.gz]
    • The following placeholders are used:
      • release: The JS7 release number, see Releases.
      • issue-key: The issue key in the SOS Change Management System, for example: JS-1984.
    • Example:
      • Unix, Windows: js7_agent.2.2.3-PATCH.JS-1984.jar, js7_agent.2.2.3-PATCH.JS-1984.tar.gz
  • Patch .tar.gz archive files
    • include one or more .jar files that hold patches.
    • include a directory hierarchy for .jar files:
      • agent/lib/patches

Download Patches

Find the following examples for a patch:

ProductTypeFile ExtensionPatch Example Download URLHashSigTSR
JS7 AgentJava archive.jarhttps://download.sos-berlin.com/patches/2.2.3-patch/js7_agent.2.2.3-PATCH.JS-1984.jarsha256sigtsr

tarball archive.tar.gzhttps://download.sos-berlin.com/patches/2.2.3-patch/js7_agent.2.2.3-PATCH.JS-1984.tar.gzsha256sigtsr

The patch examples will not impact an Agent installation and are used for instructional purposes only. For details see JS-1984.

Effective download links for Agent patches are indicated with the respective Change Management issue.

Before applying patches users might want to verify the integrity and authenticity of downloaded patch files, see JS7 - Verifying releases.

Patches for Agent On Premises

The Agent expects Java .jar files holding patches in the following locations:

  • Unix
    • /opt/sos-berlin.com/js7/agent/lib/patches
  • Windows
    • C:\Program Files\sos-berlin.com\js7\agent\lib\patches

The paths noted above are specified during installation and can point to a different location. The lib/patches part of the path will be the same for all installations.

Applying Patches

Apply the following steps to an Agent instance. If an Agent cluster is operated then the steps have to be performed for all Agent cluster members.

The patch examples will not impact an Agent installation and are used for instructional purposes only. For details see JS-1984.

Note: The Agent has to be stopped before applying patches.

Applying Patch on Unix

Manual Patching

Example how to apply a patch from a .jar file to an Agent for Unix
# invoke shell and switch to the user account that owns the Agent's home directory

# navigate to the home directory for patches
cd /opt/sos-berlin.com/js7/agent/lib/patches

# download the .jar patch file
curl https://download.sos-berlin.com/patches/2.2.3-patch/js7_agent.2.2.3-PATCH.JS-1984.jar -O
Example how to apply a patch from a .tar.gz file to an Agent for Unix 
# invoke shell and switch to the user account that owns the Agent's home directory

# navigate to the home directory for patches
cd /opt/sos-berlin.com/js7/agent/lib/patches

# download the .tar.gz patch archive
curl https://download.sos-berlin.com/patches/2.2.3-patch/js7_agent.2.2.3-PATCH.JS-1984.tar.gz -O

# extract the .tar.gz patch archive that includes .jar files
tar -xvpozf js7_agent.2.2.3-PATCH.JS-1984.tar.gz

# remove the .tar.gz patch archive
rm js7_agent.2.2.3-PATCH.JS-1984.tar.gz

Automated Patching

Example how to apply a patch from a .jar file to an Agent for Unix
# invoke shell and switch to the user account that owns the Agent's home directory

# download the .jar patch file
curl https://download.sos-berlin.com/patches/2.2.3-patch/js7_agent.2.2.3-PATCH.JS-1984.jar -O

# apply the patch
./js7_install_agent.sh \
    --patch-jar=js7_agent.2.2.3-PATCH.JS-1984.jar \
    --patch=JS-1984 \
    --home=/opt/sos-berlin.com/js7/agent \
    --http-port=4445
Example how to apply a patch from a .tar.gz file to an Agent for Unix 
# invoke shell and switch to the user account that owns the Agent's home directory

# download the .tar.gz patch archive
curl https://download.sos-berlin.com/patches/2.2.3-patch/js7_agent.2.2.3-PATCH.JS-1984.tar.gz -O

# apply the patch
./js7_install_agent.sh \
    --tarball=js7_agent.2.2.3-PATCH.JS-1984.tar.gz \
    --patch=JS-1984 \
    --home=/opt/sos-berlin.com/js7/agent \
    --http-port=4445

Applying Patch on Windows

Manual Patching

Example how to apply a patch from a .jar file to an Agent for Windows
@rem invoke Windows shell and switch to the user account that owns the Agent's home directory

@rem navigate to the home directory for patches
cd %ProgramFiles%\sos-berlin.com\js7\agent\lib\patches

@rem download from URL https://download.sos-berlin.com/patches/2.2.3-patch/js7_agent.2.2.3-PATCH.JS-1984.jar
@rem copy from download location (could be different from this example)
copy %USERPROFILE%\Downloads\js7_agent.2.2.3-PATCH.JS-1984.jar .
Example how to apply a patch from a .tar.gz archive to an Agent for Windows 
@rem invoke Windows shell and switch to the user account that owns the Agent's home directory

@rem navigate to the home directory for patches
cd %ProgramFiles%\sos-berlin.com\js7\agent\lib\patches

@rem download from URL https://download.sos-berlin.com/patches/2.2.3-patch/js7_agent.2.2.3-PATCH.JS-1984.tar.gz
@rem copy from download location (could be different from this example)
copy %USERPROFILE%\Downloads\js7_agent.2.2.3-PATCH.JS-1984.tar.gz .

@rem extract the .tar.gz patch archive that includes .jar files
tar.exe -xzf js7_agent.2.2.3-PATCH.JS-1984.tar.gz
 
@rem remove the .tar.gz patch archive
del js7_agent.2.2.3-PATCH.JS-1984.tar.gz

Automated Patching

Example how to apply a patch from a .jar file to an Agent for Windows
# invoke PowerShell and switch to the user account that owns the Agent's home directory

# download from URL
Invoke-WebRequest `
    -Uri 'https://download.sos-berlin.com/patches/2.2.3-patch/js7_agent.2.2.3-PATCH.JS-1984.jar' `
    -Outfile js7_agent.2.2.3-PATCH.JS-1984.jar

# apply the patch 
./Install-JS7Agent.ps1 `
    -PatchJar js7_agent.2.2.3-PATCH.JS-1984.jar `
    -Patch JS-1984 `
    -HomeDir $env:ProgramFiles\sos-berlin.com\js7\agent `
    -HttpPort 4445
Example how to apply a patch from a .tar.gz archive to an Agent for Windows 
# invoke PowerShell and switch to the user account that owns the Agent's home directory

# download from URL
Invoke-WebRequest `
    -Uri 'https://download.sos-berlin.com/patches/2.2.3-patch/js7_agent.2.2.3-PATCH.JS-1984.tar.gz' `
    -Outfile js7_agent.2.2.3-PATCH.JS-1984.tar.gz 

# apply the patch
/Install-JS7Agent.ps1 `
    -Tarball js7_agent.2.2.3-PATCH.JS-1984.tar.gz `
    -Patch JS-1984 `
    -HomeDir $env:ProgramFiles\sos-berlin.com\js7\agent `
    -HttpPort 4445

Notes

Note: The Agent instance has to be restarted to apply patches.

Note: Users are discouraged from using tools such as 7-Zip to extract the patch archive in case of manual patching. Instead, use the tools available from the OS as indicated by the examples. Do not create a sub-folder from the archive name but extract directly to the directory hierarchy as indicated above.

Hint: For automated rollout of patches see JS7 - Automated Installation and Update.

Removing Patches

Patches are automatically removed when an Agent release is updated or upgraded using the JS7 - Agent - Installation Using the Windows Graphical Installer or the installation scripts as indicated with JS7 - Automated Installation and Update.

Patches can be manually removed by dropping the files in the patches sub-directory which holds the patch archives.

Note: The Agent has to be stopped before patches are removed.

Patches for Agent Container

The Agent container expects Java .jar files for patches in the following location:

  • /var/sos-berlin.com/js7/agent/config/patches
  • The directory /var/sos-berlin.com/js7/agent typically is mounted to a var volume when running the container: for details see the JS7 - Agent Installation for Containers article.
  • If the config/patches sub-directory does not exist then it should be created before storing the patch file.
  • If a patch is provided from a .tar.gz archive file then users should extract the archive and store the .jar files included to the config/patches sub-directory.

Applying Patches

On start-up the Agent container checks the directory noted above for the existence of .jar files and applies the patches, for details see the Patches for Agent On Premises section above.

Patches are not applied persistently to a container. Patch files remain in place in the /var/sos-berlin.com/js7/agent/config/patches sub-directory (typically mounted to a volume) for the lifetime of the Agent release in use. Patches have to be removed if a newer release of the Agent is used.

Note: The Agent container has to be restarted to apply patches.

Removing Patches

Patches are removed by dropping the files in the patches sub-directory.

Patch files are not automatically removed when updating or upgrading the Agent image. If a newer Agent release is used then this includes any fixes provided by previous patches. Users have to remove patch files when applying new releases.

Note: The Agent container has to be restarted to make removal of patches effective.



  • No labels