Upgrading OnTime in a container

First of all, a big THANK YOU! to my friend and fellow HCL Ambassador Martijn de Jong . If you don’t know him, he’s one of the gurus for Domino containers, together with Daniel Nashed.
Without his invaluable help, my work would not have been possible.

Running Domino in a container is becoming more and more popular in these days. I assume the reader is familiar with the topic, I am not going to explain how to create and run a Domino container. If you want to know more about Domino containers watch the replay of the webinar that Martijn did for OpenNTF and read his presentation

OnTime is included in Domino, starting with Release 14, is a great tool and I encourage my readers to use it, the version included in Domino is free and very powerful.
The issue is that Intravision, creates new releases of OnTime faster that HCL creates new releases of Domino, which is obviously understandable.
For example the OnTime version included in Domino is 11.1, but the most recent is 11.5. Hence if you want to keep updated your environment, you need to upgrade OnTime.

The upgrade of OnTime is so easy that I am tempted to use the word trivial. Unzip the file you downloaded from their site, and expand it on your local PC where you have Notes installed. Open the installer.nsf database and follow the instructions, i.e. select the language and select if is a first install or an upgrade. That’s it.

On Linux there are a couple of extra steps you have to do
1. Copy the OnTime task for Linux, ‘ontimegc’ from the installation files /ExtraFiles/Tasks to the Domino server program directory.
2. Run as owner or root ‘chmod 755 ontimegc’ (-rwxr-xr-x)

That is OK if you run Domino on Linux native, but what if you run Domino in a container ?

Copying the files in the program directory into the container is easy (again, I assume you are familiar with Docker) and it works, but….. if you stop the container and restart it you will lose the update. Because the updated ontimegc file is not in the base image where you created the container from, so restarting the container will bring you back to 11.1.

There are two ways to solve this, thanks Martijn for pointing me in the right direction, and make the updated file always available in the program directory of Domino:

1) Install the latest version of OnTime as a custom addon when building the image

2) A quick and dirty trick using volumes

Install the latest version of OnTime as a custom addon when building the image

When you use Daniel Nashed script build.sh to create the image there is an option to add a custom addon https://github.com/HCL-TECH-SOFTWARE/domino-container/blob/main/docs/reference_build.md
Martjin made a post on his blog to explain how to do this and how to build the necessary tarball.

Once you have the taz file you just run this command:
./build.sh -custom-addon=OnTime15.taz#e13658bd364b55cb31196242100db36501724e728eac00fc43aa2d50e4cc7f61 menu
In this example OnTime15.taz is the name of the file I created and everything after the # is the SHA256 of the file.

As a result your image will now have the latest version of OnTime and when you run the container it will use it. This way even if you stop and restart the container, it will always use that version.

A quick and dirty trick using volumes

Copy the ontimegc file from the zip file to a location on you machine, e.g. /local/ontime/

I assume that you have used Daniel Nashed startscript to run and configure your server.
If this is not the case, then run, clone that repo and use the scripts.
One of the scripts is dominoctl, which is used to start and stop Domino and to get to the console.
If you run

dominoctl cfg

It will open the config file in edit mode

You should fine something like this inside it : CONTAINER_VOLUMES=”-v /local:/local:z” (it may not have the trailing z:, but that’s only for SELINX so is not a problem is is missing)
Change the line to CONTAINER_VOLUMES=”-v /local:/local:z -v /local/ontime/ontimegc:/opt/hcl/notes/lates/linux/ontimegc:z”
This means that Domino will use the ontimegc you copied, i.e. the latest version, rather than the one in the original one, the older version.

Save the file and restart the container.

This second method is quicker and has an advantage. When the next release of OnTime becomes available, you just copy the new ontimegc file in the /local/ontime/ directory then restart the container (obviously you will have to use install.nsf to upgrade the databases, but that is not specific to containers)


Sametime – Upgrading MongoDB from 4.4 to 7

Initially Sametime 12 supported MongoDB 4.4, so most of the existing installations, at least for my customers, are still running on that version.
Now 4.4 is going EOL and is wise to upgrade to the latest version, MongoDB 7.

I have done an upgrade of a production ST 12.0.2 from MongDB 4.4 to 7, without any issues.
There are some things you need to be aware of, is not just “next, next, next….” 🙂

First of all MongoDB is NOT like Domino, you can’t upgrade directly from an old version to the latest, you have to go 4.4 -> 5 -> 6 -> 7. Not very nice for us used to Domino, but it is what it is.

Upgrade from 4.4 to 5

Follow the note: https://www.mongodb.com/docs/v5.3/release-notes/5.0-upgrade-standalone

1)Enter mongo with command:
mongo

2)Verify the version that is 4.4
db.adminCommand( { getParameter: 1, featureCompatibilityVersion: 1 } )

3)close mongo
systemctl stop mongod

4)install the new executables following the note:
https://www.mongodb.com/docs/v5.3/installation

delete the mongo 4.4 repo file under /etc/yum.repos.d/

5) create the new mongo repo file 5
/etc/yum.repos.d/mongodb-org-5.0.repo

[mongodb-org-5.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/8/mongodb-org/5.0/x86_64/
gpgcheck=1
enabled=1 gpgkey=https://pgp.mongodb.com/server-5.0.asc

6)run the update command
dnf update

7)once updated run the mongod command and pull up the service mongod
systemctl start mongod

It will fail so stop the service and do the following:
systemctl stop mongod
rm -rf /tmp/mongodb-27017.sock
chown -R mongod:mongod /var/lib/mongo
chown -R mongod:mongod /var/log/mongodb
chmod R 777 /var/run/mongod
systemctl start mongod

9) change Mongo compatibility
mongo
db.adminCommand( { setFeatureCompatibilityVersion: "5.0" } )
systemctl stop mongod
systemctl start mongod

Mongo is updated to version 5

Upgrade from 5 to 6

Do the same but use the correct repo:

https://www.mongodb.com/docs/manual/release-notes/6.0-upgrade-standalone/#std-label-6.0-upgrade-standalone

Upgrade from 6 to 7

For mongo 7 follow the instructions here:
https://www.mongodb.com/docs/manual/release-notes/7.0-upgrade-standalone/


Then comment out the following parameter from /etc/mongod.conf:
# journal:
# enabled: true

Set the following parameter to never:

echo never | tee /sys/kernel/mm/transparent_hugepage/enabled > /dev/null && echo never | tee /sys/kernel/mm/transparent_hugepage/defrag > /dev/null


Sametime – Unable to log in to Grafana after upgrade from 12.0.2 to 12.0.2 FP1

For a customer I did the upgrade of Sametime Premium from 12.0.2 to 12.0.2 FP1.

The upgrade itself is uneventful, just run the command ./install and it does everything; as I previously said Sametime is the easiest product to upgrade in the HCL SW portfolio.

But after the upgrade the customer found that he could not access anymore the monitoring dashboard when using the admin console. We found that the upgrade does not keep the existing monitoring.env file but creates a new one, so to log in you have to use the default username and password (admin/admin). Once you log as admin the first time, it will ask you to change the password. Once done that you can edit the file monitoring.env and set the username/password of your choice so you will access the monitoring dashboard without having to manually log in.


Engage 2024 – Some random reflections

The venue – As usual, when you think Theo can’t do better than last time, he surprises you with something wonderful.

This time it was the Handelsbeurs, the old stock exchange. Is a Gothic building, really extraordinary. I did not take pictures, but my good friend Hogne Bo Pettersen did and on the Engage website you will find a link to his great job and pictures taken by others. He told me “it doesn’t happen every day that you can take a picture of a speaker with the background from Game of Thrones”. This should give you an idea of the location we were.

Hogne Bø Pettersen Media

The sessions – As usual great content from the members of the community and HCL people in their sessions, HCL did not make any big announcement in the OGS but pointed to the concept of Community, which fits perfectly with us. As expected, Volt MX Go was mentioned often and there were several sessions on it.

Like every year, the quality of the session is so high that often there are two or three you want to attend, happening at the same time. Unless Engage lasts a week, this is a price you have to pay.

The people – at least 50% of the motivation for me to attend Engage is the chance of meeting with the people I know. Yes, we do chat all year long using the Discord servers for the Ambassadors and from OpenNTF, but seeing your friends face to face is invaluable. And as usual I bring back home good memories. As more than a person said, it feels like family, because in essence that’s what we are. And Theo has shown how much he cares for this family once more, setting up again a wonderful event.

I have only one woe, and this happens every year: the participation from Italian people. This year there were only 7 of us. I understand that in my country customers and partners prefer to speak native language, as in many other countries, but Engage is a really excellent event for those who work with HCL solutions.
If you are Italian and are reading this, it means you can understand English well enough, so please join Engage 2025, you will not be disappointed, trust me.

My sessions – Though I did not have a session as a single speaker, I co-hosted the two OpenNTF sessions, where six of us Directors were present. I believe those went well, I was surprised to see 20+ people attending a session on Open Source at 8 a.m.; I was not thinking there would be only the six of us, but attendance was above my expectations.

End of an era and the future – This year was special; it was the last Engage Theo organized all by himself and we were curious to see what was in plan for 2025. The good news is that Engage will continue under the helm of 2 new skippers, two people I know well and appreciate much: Kris De Bisshop and Tom van Aken. I have worked together with them, they were the organizers, together with us of OpenNTF, of the developer contest we did a couple of years ago. Knowing them, I am sure that the legacy is in good hands and that the next Engage will be a success!
A tip: if you come to Engage 2025 ask Kris about the dancing frog 😊

Theo – it’s not a surprise that he (and Hilde too) received lot of love from all the participants, and more than a few gifts as a recognition from all he has done for this community in the last 15 years organizing Engage. At the OGS he was presented with several gifts: first Richard Jefts gave him a set of beautiful wine glasses engraved with the location of every Engage, just to let you know how beautiful and precious are those glasses, it took two weeks to custom sketch each venue for the engraving, HCL really put a lot of effort in this

Matteo Cogliati

Then Theo was awarded the C3UG (that’s the Canadian user group in case you don’t know) North Star Award. Immediately after that the Directors of OpenNTF gave him a proclamation, naming him “fellow Emeritus” of OpenNTF.

The most emotional moments were at the end of the CGS. On behalf of the whole HCL Ambassadors community, me and Bill Malchisky went on stage with a surprise for Theo and Hilde.

We worked some months in the community, i.e. all of us Ambassadors except one (thanks Maria Nordin for setting up a “top secret” channel where we worked on this) to find the perfect gift and in the end we came up with two, a small one and a bigger one.

First, I presented them with two “environments” of Lego, custom made by our friend and professional Lego builders Warren and Teresa Elsmore. Now Theo and Hilde can show a Lego figure with their faces and brag about it 😊

Warren and Kitty Elsmore
Warren and Kitty Elsmore

Then Bill stepped up and presented them with the main gift. A long weekend in Tuscany visiting Florence, and a Wine masterclass in Montepulciano.

I was fortunate to be on stage at that moving moment so I could see Theo’s face up close, his expression clearly represented the emotion he felt in receiving the love from all the members of our family. You can see it for yourself in this video. https://youtube.com/watch?v=2vi3fTIT36s&feature=shared

Fun, or not so fun, things – On the train from the airport to Antwerp someone stole from my jacket my credit card holder. He must have been in a hurry and took what he thought was valuable, but thank God, he left me the rest of the stuff I had: the passport, the home keys and the wallet, that contained cash. It was the perfect lose-lose situation: he gained nothing, because even before the train arrived in Antwerp I blocked my cards, and I lost time and a welcomed memory with my friends. Because of the situation, I skipped the Ambassadors drink to spend the late afternoon in a Police station in Antwerp dealing with policemen who did not speak and barely understood English. Plus, the nuisance of having to do the duplicates of my driving license and health insurance card.

Had he taken the wallet both would have been happier. I couldn’t block the cash so he would have gained some money, and I wouldn’t have to go thru the hassle of getting duplicates of everything.

I believe my story became a popular topic at Engage, more than one person I did not tell this tale to directly, asked me about the theft when we talked.

I want to publicly thank my friend Marianna Tomasatti, who basically paid everything for me with her cards. The joy of an almost cashless country… I would have been lost without her. There were some jokes about me being her slave for the week, since she had my life in her hands (or rather in her wallet).

On the first day, my friend Hogne came to me with a gift.

I was completely unaware that the figure represented (is called “la linea”) was popular in Norway. Is a cartoon that was popular in Italy in the 80’s. Hogne told me that every time he came to Italy, he tried to find a t-shirt with that but couldn’t find it; then he found it in his country!!!
It was completely unexpected for me and I was really moved by the thought.

And Hogne took this “crazy-cool photo” of me (definition by Devin Olson 😊)

Hogne Bø Pettersen Media

Like every year, I came back home energized and happy for having learned something new and having seen my friends again.


HCL product documentation is Open Source

This is not strictly news, though at Engage HCL announced that the product documentation is now Open Source (and many other things, see this presentation)

anyone who used the official documentation for e.g. Sametime has noticed that is on GitHub.


This is great news from various points of view: it confirms the commitment HCL has for Open Source, see the above presentation (and as a Director of OpenNTF this is great for us), and for the first time gives us users the possibility of improving the documentation.

Now, I know that if you are an Admin you may think “not for me, GitHub and the like are developer stuff”, but this is not true. I am an Admin and I made some changes to the Sametime 12.0.2 official documentation! 🙂

First of all you may want to get familiar a bit with GitHub if you aren’t already. The presentation from the OpenNTF webinar we did on that topic will help you https://www.slideshare.net/slideshow/august-openntf-webinar-git-and-github-explained/250012401

What I did.
I opened the repository of the documentation here https://github.com/HCL-TECH-SOFTWARE/sametime-doc and made a fork (basically is a copy that I can edit)

Then I switched to my fork here https://github.com/rboccadoro/sametime-doc and changed the documents that contained some small errors.

Now, the two copies are different, mine contains the corrections and the HCL one doesn’t. What do you do to have the changes posted in the official repository? Just click on the link in the homepage of your fork, here

This will bring you back to the HCL GitHub repo and you can click here

You will see this

Now fill in the form and submit it.

HCL documentation team (the owner of the repository) will review the changes you propose and if they accept them, they will become part of the official documentation

If you open the HCL repository and click on “Pull requests” you can see that I submitted two and they have been accepted, which means that HCL is really listening to suggestions.

Good job HCL!


Verse 3.2.1, DOMI and Sametime

Verse 3.2.1 has shipped and one of the new things in this release is DOMI. If you lived under a rock in the last years and do not know what DOMI is, it’s a feature that allows you to dynamically create a link to meetings on the following services – GoToMeeting, Microsoft Teams, WebEx, Zoom, and Sametime when creating an invitation. Until now it was available only in Notes, but now is available on Verse too.

There is an issue, though, when using Sametime 12.0.2: when you create a meeting, the online meeting is not created and you see an error message.
I opened a case with HCL Support and they acknowledged that this is a bug and found a solution in a very short time.

1)You have to open a case and they will send you a link where you can download a file “custom-meet.conf”.
2)Place the ‘custom-meet.conf’ into the sametime-config/web/nginx folder
3)Edit the custom.env and update the entries like below.
CONTENT_SECURITY_POLICY=frame-ancestors https://*.company.com
CORS_ALLOWED_ORIGINS=https://verse.company.com
CORS_ALLOW_HEADERS=Content-Type,Authorization,x-csrf-token
4)Restart Sametime

This additional step is not required from the next release(12.0.2 FP1) onwards.


Sametime 12.0.2 client IDs

The new version of Sametime introduces new client IDs, as usual.

These are the new values:

0x1317 for the standalone client
0x14e0 for the web client
0x122c for the embedded client


Issue with Verse and Excel attachments preview

With Domino 12.0.2 and above, and Verse 3.1 and above there’s a new feature that allows the users to preview file attachments in emails using the Domino POI service.

A customer of mine found an edge case, when this feature doesn’t work. If the attachment is an Excel file with more than one tab, it will not be shown and Verse will throw an error.

He reported this to HCL and there’s a SPR open to fix it in a future release.
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109888


Using Domino Leap on V14

If you are using Domino Leap you should know that in V14 something has changed. I found that stopping and restarting dleap in V14 is different from the previous Domino versions

I have tested this with Domino Leap 1.1.3.11 and 1.1.2.18

To launch Leap you go in the server console and issue the command
tell http osgi ss dleap
if everything is OK the result is this


Note the first new thing, in V14 all the commands related to osgi show at the end this line
osgi> gosh: stopping shell

to stop Leap you issue the command
tell http osgi stop dleap


The command does not return anything but leap is stopped
To check issue again the command tell http osgi ss dleap, the result is this

Now, here is the difference between V14 and the previous versions. Until V12 to restart leap you issue the command
tell http osgi start dleap.
This does not work in V14
if you try, you will get this

To start leap again you should note the number of the process, in my case 129, and issue the command
tell http osgi start 129

It does not return anything

but is you now issue again tell http osgi ss dleap you will see that it is active

I am not sure if this is working as designed or is a bug or if is due to the different Java version that is in V14. But now I know how to make it work


Upgrading to Domino 14 on Windows. A reminder

I just finished the upgrade of our production Domino server to V14, and since I remembered the issues that can happen when you use the Local System Account to run the Domino service (which is the way to do up to V12) I read again the excellent post from Daniel Nashed and avoided any problems.

I encourage ( encourage just because I can’t force 😉 ) every admin who wants to upgrade to Domino 14 to read Daniel’s post, before you call Support for a server crash.