Cluster Configuration

Cluster Configuration ^Locate

This chapter contains general notes about the synchronized configuration of a BEA AquaLogic Service Registry cluster and instructs how to deploy BEA AquaLogic Service Registry to a WebLogic Cluster (WebLogic-Specific Settings).

A BEA AquaLogic Service Registry cluster is a group of registries deployed on multiple servers possibly with a clustered database in the back end. It consists of a Configuration Manager, Configuration Listeners and a Load Balancer:

The Configuration Manager is a BEA AquaLogic Service Registry server that manages the configuration of a cluster. It synchronizes the configuration of all BEA AquaLogic Service Registry servers in the cluster. See Configuration Manager and Configuration Listener Setup.
The Configuration Listener is a BEA AquaLogic Service Registry server that supports the interface of configuration synchronization and participates in the cluster's synchronized configuration. It resends configuration change requests to BEA AquaLogic Service Registry servers in the cluster.
For security reasons, the Configuration Manager and Configuration Listener need to know the certificates of the other registries in the cluster. For more information, see Security Certificates Setup.
Load balancing is used to distribute requests among registries to get the optimal load distribution. Configuration of the Load balancer depends on the application server. For detail, follow the documentation of your chosen application server.

Figure 48. BEA AquaLogic Service Registry in WebLogic Cluster

Configuration Manager and Configuration Listener Setup ^Locate

The configuration file, configurator.xml, is located in the following directory on each BEA AquaLogic Service Registry installation in the cluster:

Windows:	REGISTRY_HOME\app\uddi\conf\configurator.xml
UNIX:	REGISTRY_HOME/app/uddi/conf/configurator.xml

By default, it resembles the following configuration:

<?xml version="1.0" encoding="UTF-8"?>
<config name="configurator" savingPeriod="5000" local="false">
    <configManagerUrls>
        <url>https://10.0.0.127:8443</url>
        <managerServiceUrlPath>/uddi/configuratorManager</managerServiceUrlPath>
        <managerConfiguratorUrlPath>/uddi/configurator</managerConfiguratorUrlPath>
    </configManagerUrls>
    <IPFilter name="configuratorFilter">
        <subnet IPAddress="10.0.0.127" subnetMask="255.255.255.255"/>
    </IPFilter>
    <configManager cluster="false" resendInterval="300">
        <configuratorListeners>
        <!--
        <configuratorListener>
            https://hostname:8443/uddi/configuratorListener
            </configuratorListener>
        -->
        </configuratorListeners>
    </configManager>
...
</config>

Element description:

configManagerUrls

Contains information about the URLs of the configuration manager BEA AquaLogic Service Registry server.

url

URL of the configuration manager server. (The server URL, including https protocol, must be fully specified.)

managerServiceUrlPath

URL path of the configurator manager service on configurator manager server.

managerConfiguratorUrlPath

URL path of configurator service on the configurator manager server.

configManager

Contains configuration of the config manager service.

cluster

If the BEA AquaLogic Service Registry server supports clusters, this value must be set to true, otherwise set it to false.

resendInterval

Specifies the interval within which the configuratorManager resends messages that have not been delivered to unavailable configuratorListeners. The value is in seconds. The default value is 300s.

configuratorListeners

List of all configurator listeners in the cluster.

configuratorListener

URL of the configurator listener service. (The server URL must be fully specified including https protocol and the path of configurator listener service path.)

IPFilter

Configuration of IP addresses from which requests are accepted; contains list of subnets.

subnet - a child element of IPFilter, defines the IP range; configuration requests are accepted if (incoming IP address and subnet mask) == (IPaddress and subnetMask)

	Note
	Cluster configuration events are logged in the `REGISTRY_HOME/log/configuratorEvents.log` file.

Security Certificates Setup ^Locate

Because an HTTPS connection is used between the manager and clients, you must import certificates on both sides. On the manager side, you need the certificates of all clients and each client needs the certificate from the manager. These certificates must be imported into the pstore.xml file located in the REGISTRY_HOME/conf directory.

Use the PStoreTool (described in The PStore Tool - Command-line Version). For the standalone installation, the certificate file is located in REGISTRY_HOME/doc/registry.crt. If BEA AquaLogic Service Registry is ported to an application server, use a web browser to obtain the server's certificates and export them into a file.

	Note
	If BEA AquaLogic Service Registry is installed as a cluster of standalone registries, you must ensure that each cluster node shares the same private key that is used for checking of authentication token validity. (By a standalone registry, we mean BEA AquaLogic Service Registry that is not ported to an application server).

To setup each cluster node to share the same private key that is used for checking of authentication token validity, choose one of the cluster nodes and copy it's private key to all other nodes in the cluster by entering these commands at a command prompt: (You do not need to do this if BEA AquaLogic Service Registry is ported to an application server)

PStoreTool copy -alias authTokenIdentity -keyPassword SSL_CERTIFICATE_PASSWORD -config REGISTRY_HOME\conf\pstore.xml -config2 TARGET_REGISTRY_HOME\conf\pstore.xml
PStoreTool export -alias authTokenIdentity -certFile authTokenIdentity.crt -config REGISTRY_HOME\conf\pstore.xml
PStoreTool add -certFile authTokenIdentity.crt -config TARGET_REGISTRY_HOME\conf\pstore.xml

SSL_CERTIFICATE_PASSWORD is a ssl certificate password entered during the installation

TARGET_REGISTRY_HOME is the directory where one of cluster nodes is installed.

Configuration Example ^Locate

This cluster contains three BEA AquaLogic Service Registry servers, BEA AquaLogic Service Registry 1 (IP 10.0.0.1), BEA AquaLogic Service Registry 2 (IP 10.0.0.2), and BEA AquaLogic Service Registry 3 (IP 10.0.0.3). The Configuration Manager Server is BEA AquaLogic Service Registry 1.

<?xml version="1.0" encoding="UTF-8"?>
<config name="configurator" savingPeriod="5000" local="false">
    <configManagerUrls>
        <url>https://10.0.0.1:8443</url>
        <managerServiceUrlPath>/uddi/configuratorManager</managerServiceUrlPath>
        <managerConfiguratorUrlPath>/uddi/configurator</managerConfiguratorUrlPath>
    </configManagerUrls>
    <IPFilter name="configuratorFilter">
        <subnet IPAddress="10.0.0.1" subnetMask="255.255.255.255"/>
        <subnet IPAddress="10.0.0.2" subnetMask="255.255.255.255"/>
        <subnet IPAddress="10.0.0.3" subnetMask="255.255.255.255"/>
    </IPFilter>
    <configManager cluster="true">
        <configuratorListeners>
            <configuratorListener>
              https://10.0.0.2:8443/uddi/configuratorListener
            </configuratorListener>
            <configuratorListener>
              https://10.0.0.3:8443/uddi/configuratorListener
            </configuratorListener>
        </configuratorListeners>
    </configManager>
    ...
</config>

WebLogic-Specific Settings ^Locate

To port BEA AquaLogic Service Registry to a WebLogic cluster follow these steps:

Install WebLogic, then configure it by adding machines to the cluster. In our case, cluster is named cluster, and the configuration manager, named myserver, is running on 10.0.0.79. The nodes in the WebLogic cluster are named:
- kila (10.0.0.79), running on kila.mycompany.com, with an http port of 7101 and https port of 7102
- fido (10.0.0.134), running on fido.mycompany.com, with an http port of 7101 and https port of 7102
Generate the certificates of all cluster nodes: Let's create proper certificates for our two nodes. It will be done via the CertGen tool provided by WebLogic. Go to the directory %WEB_LOGIC_HOME%\weblogic81\server\lib. CertGen is located in weblogic.jar's utils package. Invoke it with the command:
java -cp weblogic.jar utils.CertGen changeit kilacert kilakey export kila.mycompany.com
The output resembles the following:
```
kilacert kilakey export kila.mycompany.com 
        ...... Will generate certificate signed by CA from CertGenCA.der file
        ...... With Export Key Strength 
        ...... Common Name will have Host name kila.mycompany.com
        ...... Issuer CA name is
        CN=CertGenCAB,OU=FOR TESTING ONLY,O=MyOrganization,L=MyTown,ST=MyState,C=US 
```
Use the password changeit for starting particular UDDI node servers. The output file with the certificate is kilacert, and kilakey is the output file containing the private key. Generate certificates for all remaining nodes from their CertGen tools. (In our case, the other node is fido.mycompany.com.)

Once you have certificates from all nodes (in our case files kilacert.der and fidocert.der), import them to pstore.xml using the PstoreTool. Also include CertGenCA.der (from the directory %WEB_LOGIC_HOME%\weblogic81\server\lib). The pstore.xml file is now ready. For more info about WebLogic certificates and SSL settings, please see Configuring SSL in BEA's WebLogic product documentation.

	Note
	If you want to use both a standalone server and a ported application server, make a backup copy of `pstore.xml`. When you have performed the following steps, replace `pstore.xml` with the backup copy.

Edit configurator.xml as described above (where the application server context is wasp).

	Note
	If you want to use both a standalone server and a ported application server, make a backup copy of `configurator.xml`. When you have perfumed the following steps, replace `configurator.xml` with the backup copy.

<?xml version="1.0" encoding="UTF-8"?>
<config name="configurator" savingPeriod="5000" local="true">

    <configManagerUrls>
        <url>https://kila.mycompany.com:7102</url>
        <managerServiceUrlPath>/wasp/uddi/configuratorManager</managerServiceUrlPath>
        <managerConfiguratorUrlPath>/wasp/uddi/configurator</managerConfiguratorUrlPath>
    </configManagerUrls>

    <IPFilter name="configuratorFilter">
        <subnet IPAddress="10.0.0.79" subnetMask="255.255.255.255"/>
        <subnet IPAddress="10.0.0.134" subnetMask="255.255.255.255"/>
    </IPFilter>

    <configManager cluster="true">
        <configuratorListeners>        
            <configuratorListener>
              https://fido.mycompany.com:7102/wasp/uddi/configuratorListener
            </configuratorListener>
        </configuratorListeners>
    </configManager>

    <UDDIInterceptorChain name="configuratorApiChain">
    </UDDIInterceptorChain>

    <UDDIInterceptorMapping>
        <mapping UDDIInterceptorChainName="configuratorApiChain" 
	      UDDIServiceInterface="org.systinet.uddi.configurator.ConfiguratorApi"/>
    </UDDIInterceptorMapping>

</config>

Prepare the ported distribution (REGISTRY_HOME/conf/porting/weblogic/wasp.war) as described in Porting to Application Server.
In our case, the http port is 7101, the https port is 7102, and the application server context is wasp.
Check that the paths for log4j.appender.eventLog.File, log4j.appender.errorLog.File, and wasp.war\conf\log4j.config are valid on all cluster nodes.
Deploy wasp.war into all WebLogic cluster nodes

You must also prepare the package for balancer which will be deployed only to cluster manager server. To do so:

Create a balancer directory, in, for example, REGISTRY_HOME. This directory is referenced in this section as PACKAGE_HOME.
Create a subdirectory of PACKAGE_HOME named WEB-INF.

In this subdirectory, create the file web.xml containing the following text. Under WebLogicCluster specify the names and ports of your cluster nodes separated by a pipe (|). In our case, the file looked like:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" 
                                        "http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
  <servlet>
     <servlet-name>HttpClusterServlet</servlet-name>
     <servlet-class>weblogic.servlet.proxy.HttpClusterServlet</servlet-class>
     <init-param>
        <param-name>WebLogicCluster</param-name>
        <param-value>kila:7101|fido:7101</param-value>
     </init-param>
  </servlet>

  <servlet>
      <servlet-name>FileServlet</servlet-name>
      <servlet-class>weblogic.servlet.FileServlet</servlet-class>
  </servlet>

  <servlet-mapping>
     <servlet-name>FileServlet</servlet-name>
     <url-pattern>/uddi/webdata/*</url-pattern>
  </servlet-mapping>

  <servlet-mapping>
    <servlet-name>FileServlet</servlet-name>
    <url-pattern>/uddi/bsc/webdata/*</url-pattern>
  </servlet-mapping>
  
  <servlet-mapping>
     <servlet-name>FileServlet</servlet-name>
     <url-pattern>/uddi/doc/*</url-pattern>
  </servlet-mapping>
  
  <servlet-mapping>
     <servlet-name>HttpClusterServlet</servlet-name>
     <url-pattern>/</url-pattern>
  </servlet-mapping> 
</web-app>

In the WEB-INF subdirectory, create the file weblogic.xml containing the following text, where /wasp is the context of BEA AquaLogic Service Registry ported to this application server. Your text must be customized for your own installation.
```
<!DOCTYPE weblogic-web-app PUBLIC "-//BEA Systems, Inc.//DTD Web Application 8.1//EN" 
"http://www.bea.com/servers/wls810/dtd/weblogic810-web-jar.dtd">
<weblogic-web-app>
  <context-root>/wasp</context-root>
</weblogic-web-app>
```
Create the directory %PACKAGE_HOME%\uddi\webdata and %PACKAGE_HOME%\uddi\bsc\webdata.
Unjar REGISTRY_HOME\app\uddi\bsc.jar and copy the content of the webroot subdirectory from the jar to %PACKAGE_HOME%\uddi\bsc\webdata
Unjar REGISTRY_HOME\app\uddi\web.jar and copy the content of the webroot subdirectory from the jar to %PACKAGE_HOME%\uddi\webdata.
Copy directory REGISTRY_HOME\doc to %PACKAGE_HOME%\uddi.
Package the content of %PACKAGE_HOME% into the file balancer.war using jar or some other compression utility.
Deploy balancer.war into the cluster manager server.