test

Sun Java System Reference Configuration Series: Portal Service on Application Server Cluster

Computer Hardware and Operating System Specification

A computer hardware and operating system specification describes the hardware and operating system configuration for the computers in your deployment. You want to size your hardware to the level of performance you require.

Table 3–1 lists the computer hardware that has been chosen for the Portal Service on Application Server Cluster reference configuration. This specification is meant to satisfy the requirements in Chapter 1, Performance Requirements.

In general, a hardware specification is based upon a sizing analysis that takes into account the size of the user base, the resource needs of each component, and the relative number of interactions (or hits) that are made on each component (see Interactions Between Reference Configuration Components). For the reference configuration, however, the approach has been to select the same hardware for each computer in the deployment architecture, and then use performance tests to determine the utilization of each computer under load conditions.

Using this approach, the absolute and relative sizing of the different computers in the deployment architecture can be determined and documented. For this purpose, the Sun FireTM T2000 server was selected as a basic, low-end, high-performance computer.

Note –

The T2000 server has performance limitations for deployments in which write-intensive Directory Server operations are required. Write operations are serialized and the T2000 cannot perform them in parallel. As a result, CPU utilization can be lower then 50 percent. This reference configuration does not involve write-intensive operations. However, if your solution has such requirements, consider using computers with a faster clock rate than the T2000 for the directory service module.

If your performance requirements are significantly different than the requirements of the reference configuration, you can specify hardware with more or less CPUs, more or less memory, and so on.

Table 3–1 Computer Hardware and Operating System Specification

Computer(s)  

Service Module  

Components Installed  

Hardware Model  

Operating System 

ds1, ds2

Directory Service 

Directory Server 

Sun Fire T2000 server, 8 core 1.2 GHz UltraSPARC® T1 processor, 16 Gbyte DDR2 memory

Solaris 10 8/07 OS with the Solaris Zones facility 

am1, am2

Access Manager Service 

Access Manager 

Message Queue 

Application Server 

Sun Fire T2000 server, 8 core 1.2 GHz UltraSPARC T1 processor, 16 Gbyte DDR2 memory 

Solaris 10 8/07 OS with the Solaris Zones facility 

ps1, ps2

Portal Service 

Portal Server 

Application Server 

Access Manager SDK 

Java DB 

HADB 

Sun Fire T2000 server, 8 core 1.2 GHz UltraSPARC T1 processor, 16 Gbyte DDR2 memory 

Solaris 10 8/07 OS with the Solaris Zones facility 

sra1, sra2

SRA Gateway Service 

Portal Server SRA 

Access Manager SDK 

Sun Fire T2000 server, 8 core 1.2 GHz UltraSPARC T1 processor, 16 Gbyte DDR2 memory 

Solaris 10 8/07 OS with the Solaris Zones facility 

Solaris OS Minimization and Hardening

The Solaris OS version that is used to build the Portal Service on Application Server Cluster reference configuration is Solaris 10 8/07. However, the architecture and implementation is expected to be supported by later versions of the Solaris 10 operating system.

For maximum security of your portal service, use a minimized version of the Solaris 10 OS. Most implementations of the reference configuration portal service will be exposed to the Internet or some other public or untrusted network, which makes minimization especially important. If your portal service will be exposed to these conditions, you must reduce the Solaris OS installation to the minimum number of packages that are required to support the portal service components. This minimization of services, libraries, and component software increases security by reducing the number of subsystems that must be disabled, patched, and maintained.

Minimization increases the security of the computer systems, but it also limits the software that you can run on the computer systems. Therefore, you need to use the appropriate minimal configuration for your environment. Minimizing the operating system you use for a portal service involves the following:

The operating systems that were used in testing the reference configuration described in this guide were installed with the minimal number of Solaris packages required to run the Java Enterprise System components, as described in the Platform Requirements and Issues in Sun Java Enterprise System 5 Release Notes for UNIX. Most of the required packages are included in the "Core System Solaris Software Group (SUNWCreq)." The additional packages needed are:

Solaris Zones

The Solaris 10 OS provides the Solaris Zones facility, which allows application components to be isolated from one another, even though the zones share a single instance of the operating system. From an application perspective, a zone is a fully functional Solaris OS environment. Multiple zones can be created on a single computer system, each zone serving its own set of applications. Detailed information about the use and features that are provided by Solaris zones can be found in the Solaris OS documentation.

It is possible to replace each of the computers in the portal service reference configuration's deployment architecture with a dedicated zone. The installation and configuration steps in this document would apply to a deployment in Solaris non-global zones. The installation of Java ES components in Solaris zones (whole root or sparse) is supported with certain restrictions as described in the Java Enterprise 5 Update 1 documentation.Appendix A, Java ES and Solaris 10 Zones, in Sun Java Enterprise System 5 Installation Planning Guide

One reason to use Solaris zones is for improved security. A non-global zone can be used to run applications (for example, Directory Server, Access Manager, Portal Server, and so forth), while the administration and monitoring can be done from the global zone. A non-global zone cannot access resources in the global zone. So the management and monitoring applications installed in the global zone will not be visible and will not interfere with the applications installed in the non-global zones.

Another reason to use Solaris zones is for better resource utilization. The portal service reference configuration uses a modularized deployment architecture that is based on a number of dedicated computers. This approach improves the manageability, scalability, and availability of the reference configuration. Using zones, it is possible to install multiple modules on the same computer and still achieve the reference configuration quality-of-service goals. For example, it is possible to install directory, Access Manager, and portal service modules on a single computer, with each using a dedicated Solaris zone. You need to size the individual systems properly, so the memory, disk, and processing power of each component is considered in sizing the whole computer. Solaris Resource Management can be used in conjunction with Solaris zones. The benefit of this approach is that resources (memory, CPU cycles) can be dynamically allocated for each zone, providing a better overall resource utilization.

Beyond this general explanation, this guide does not provide procedures for implementing the reference configuration in Solaris zones. The procedures are very similar, except that the zones need to be configured and networked before you install any of the Java ES components.