|
|
The following sections provide information on configuring the Java version of Node Manager:
Oracle recommends that you configure Node Manager to run as an operating system service or a Windows service on Windows systems. By default, the operating system service starts up Node Manager to listen on localhost:5556. For more information, see
Installing the Node Manager Windows Service in the Installation Guide.
When you configure Node Manager to accept commands from remote systems, you must uninstall the default Node Manager service, then reinstall it to listen on a non-localhost listen address.
Depending on your platform, follow the instructions in Reconfigure Startup Service for Windows Installations or Configuring Java-based Node Manager Security
The directory WL_HOME\server\bin (where WL_HOME is the top-level directory for the WebLogic Server installation) contains uninstallNodeMgrSvc.cmd, a script for uninstalling the Node Manager service, and installNodeMgrSvc.cmd, a script for installing Node Manager as a service.
uninstallNodeMgrSvc.cmd.installNodeMgrSvc.cmd to specify Node Manager’s Listen Address and Listen Port.
Make the same edits to uninstallNodeMgrSvc.cmd as you make to installNodeMgrSvc.cmd, so that you can successfully uninstall the service in the future, as desired.
installNodeMgrSvc.cmd to re-install Node Manager as a service, listening on the updated address and port.
Node Manager security relies on a one-way SSL connection between the client and server.
If you are establishing a command line connection to the Java Node Manager using the WebLogic Server Scripting Tool (WLST) nmConnect command, you provide the Node Manager username and password. Node Manager verifies the username and password against the domain nm_password.properties file. For more information on nm_password.properties, see Step 2: Specify Node Manager Username and Password.
Node Manager credentials are located on the domain_name
SecurityGeneralAdvanced Options page in the Administration Console.
Administration Console users do not need to explicitly provide credentials to connect to Node Manager—the Node Manager username and password are available in the domain configuration and are provided automatically.
A remote start username and password is required to start a server instance with Node Manager. These credentials are provided differently for Administration Servers and Managed Servers.
boot.properties file. The Configuration Wizard initializes the boot.properties file and the startup.properties file for an Administration Server when you create the domain.
Any server instance started by Node Manager encrypts and saves the credentials with which it started in a server-specific boot.properties file, for use in automatic restarts.
Node Manager properties define a variety of configuration settings for a Java-based Node Manager process. You can specify Node Manager properties on the command line or define them in the nodemanager.properties file, which is created in the directory where you start Node Manager the first time it starts up after installation of WebLogic Server. Values supplied on the command line override the values in nodemanager.properties.
nodemanager.properties is created in the directory specified in NodeManagerHome, where NodeManagerHome is WL_HOME/common/nodemanager. If NodeManagerHome is not defined, nodemanager.properties is created in the current directory.
Each time you start Node Manager, it looks for nodemanager.properties in the current directory, and creates the file if it does not exist in that directory. You cannot access the file until Node Manager has started up once.
Table 4-1 describes Node Manager properties.
In many environments, the SSL-related properties in nodemanager.properties may be the only Node Manager properties that you must explicitly define. However, nodemanager.properties also contains non-SSL properties in that you might need to specify, depending on your environment and preferences. For example:
StartScriptEnabled and NativeVersionEnabled properties. ListenAddress and ListenPort.
If true, use the start script specified by
StartScriptName to start a server. For more information, see Configuring Node Manager to Use Start and Stop Scripts.
|
||||
If
true, execute the stop script specified by StopScriptName after the server has shutdown. For more information, see Configuring Node Manager to Use Start and Stop Scripts.
|
||||
The amount of time Node Manager will spend attempting to restart a failed server. Within this period of time Node Manager will attempt to restart the failed server up to the number defined by
RestartMax. By default, Node Manager will attempt to restart a server indefinitely until the FAILED_NOT_RESTARTABLE state is reached
|
||||
Specifies the password defined when creating the Identity keystore. This field is optional or required depending on the type of keystore. All keystores require the passphrase in order to write to the keystore. However, some keystores do not require the passphrase to read from the keystore. WebLogic Server only reads from the keystore, so whether or not you define this property depends on the requirements of the keystore.
|
||||
Specifies the password defined when creating the Trust keystore. This field is optional or required depending on the type of keystore. All keystores require the passphrase in order to write to the keystore. However, some keystores do not require the passphrase to read from the keystore. WebLogic Server only reads from the keystore, so whether or not you define this property depends on the requirements of the keystore.This property is required when the
Keystores property is set as CustomIdentityandJavaStandard Trust or DemoIdentityAndDemoTrust.
|
||||
Indicates the keystore configuration the Node Manager uses to find its identity (private key and digital certificate) and trust (trusted CA certificates). Possible values are:
Use the demonstration Identity and Trust keystores located in the
Uses a keystore you create, and the trusted CAs defined in the cacerts file in the |
||||
|
For more information on these files, see Node Manager Configuration and Log Files
|
||||
Root directory of the WebLogic Server installation. This is used as the default value of
-Dweblogic.RootDirectory for a Managed Server that does not have a root directory configured in its Remote Start tab. If not specified in either place, Node Manager starts the Managed Server in the directory where Node Manager runs.
|
||||
|
||||
|
||||
|
||||
This section lists the Node Manager properties that are deprecated in WebLogic Server 9.x.
| Note: | These properties are published for backwards compatibility and should not be used. SSL configurations will continue to work when migrating to WebLogic Server 9.x. However, the trusted key store is not used when running Node Manager. |
You can configure Node Manager to use a script to start a Managed Server or to execute a script after server shutdown has completed. These scripts can be used to perform tasks that need to be performed before a server is started or after it is shutdown. Mounting and unmounting remote disks is one example of a task that can be performed using scripts.
| Note: | Node Manager uses startup scripts to perform any required configuration, then start the server. In contrast, stop scripts are executed after the server has shutdown. |
Both the start and stop scripts should be placed in the following directory:
<DOMAIN_HOME>/bin/service_migration
Script execution should occur relative to this directory.
When using start and stop scripts to control server behavior, Oracle recommends that you only edit the top line of the scripts that are provided. This ensure that all of the necessary environment variables are used during script execution.
You can use a start script to specify required startup properties and perform any other work you need performed at start up. To define a start script:
nodemanager.properties file, set the StartScriptEnabled property to true. (The default is false.) If your start script is named startWebLogic.sh or startWebLogic.cmd, Node Manager uses one of those scripts as the default. StartScriptName property to the name of your script in the nodemanager.properties file.You can use a stop script to perform any tasks that are required after the server has failed.
| Note: | Stop scripts are used only to execute a script after a server fails and must be migrated. |
The following example shows a stop script that can be used to unmout a disk on UNIX systems:
#!/bin/sh
FS=/cluster/d2
if grep $FS /etc/mnttab > /dev/null 2>&1 ; then
sync
PIDS=`/usr/local/bin/lsof $FS | awk
'{if ($2 ~/[0-9]+/) { print $2} }' | sort -u`
kill -9 $PIDS
sleep 1
sync
/usr/sbin/umount -f $FS
fi
Administration Servers and Managed Servers communicate with Java-based Node Manager using one-way SSL.
The default WebLogic Server installation includes demonstration Identity and Trust keystores that allow you to use SSL out of the box. The keystores, DemoIdentity.jks and DemoTrust.jks, are installed in WL_HOME/server/lib. For testing and development purposes, the keystore configuration is complete.
Configuring SSL for a production environment involves obtaining identity and trust for the Node Manager and each Administration and Managed Server with which the Node Manager will be communicating and then configuring the Node Manager, the Administration Server, and Managed Servers with the proper identity and trust. In addition, the use of host name verification and the Administration port must be taken into consideration. To configure production SSL components, see Configuring the SSL Protocol in Managing WebLogic Security.
If you have a domain that has Managed Servers on multiple physical machines, you must ensure that Node Manager is installed and configured on each machine. You can use the WLST command nmEnroll to copy all of the required domain and configuration information from one machine to another. For more information, see Accessing Node Manager and nmEnroll in WebLogic Scripting Tool.
When configuring Node Manager to run as an inetd or xinetd service, the following considerations apply:
The following example shows how Node Manager can be configured within xinetd:
# default: off
# description:nodemanager as a service
service nodemgrsvc
{
type = UNLISTED
disable = no
socket_type = stream
protocol = tcp
wait = yes
user = <username>
port = 5556
flags = NOLIBWRAP
log_on_success += DURATION HOST USERID
server = <path-to-jave>/java
env = CLASSPATH=<cp> LD_LIBRARY_PATH=<ldpath>
server_args = -client -DNodeManagerHome=<NMHome> <java options>
<nodemanager options> weblogic.NodeManager -v
}
|