Machine


	BEA Home \| Events \| Solutions \| Partners \| Products \| Services \| Download \| Developer Center \| WebSUPPORT
	http://www.oracle.com/technology/documentation/index.html \| Site Map \| Search \| Download Documentation \| Contact \| Glossary

\| WebLogic Server Doc Home \| Console Online Help \| Previous Topic \| Next Topic \| Contents \| Index \| View as PDF

Machine

These procedures describe how to use the Administration Console to set the attributes for configuring and managing machines. For more information, see Starting and Stopping WebLogic Servers and WebLogic Servers and Clusters in the Administration Guide.

Configure a Machine

Click the Machines node. The Machines table displays in the right pane showing all the machines defined in the domain.
Click the Configure a New Machine text link. A dialog displays in the right pane showing the tabs associated with configuring a new machine.
Enter the value in the Name attribute field.

Note: Assign a unique name to the machine. Each configurable resource in your WebLogic environment should have a unique name.

Click Create to create a machine instance with the name you specified in the Name field. The new instance is added under the Machines node in the left pane.
Click the Node Manager tab and modify the attribute values as needed.
Click Apply to save the changes.

For more information about Node Manager and instructions for configuring it, see "Node Manager" in WebLogic Server Administration Guide.

Configure startup arguments for each Managed Server on the machine that you want to start with Node Manager. See "Step 3: Configure Startup Information for Managed Servers" in WebLogic Server Administration Guide.

Clone a Machine

Click the Machines node. The Machines table displays in the right pane showing all the machines defined in the domain.
Click the Clone icon in the row of the machine you want to clone. A dialog displays in the right pane showing the tabs associated with cloning a machine.
Enter the value in the Name attribute field.
Click Clone to create a machine instance with the name you specified in the Name field. The new instance is added under the Machines node in the left pane.
Click the Node Manager tab and modify the attribute values as needed.
Click Apply to save the changes.

Delete a Machine

Click the Machines node. The Machines table displays in the right pane showing all the machines defined in the domain.
Click the Delete icon in the row of the machine you want to delete. A dialog displays in the right pane asking you to confirm your deletion request.
Click Yes to delete the machine. The machine icon under the Machines node is deleted.

Assign a Machine

Click the instance node in the left pane under Machines for the machine you want to assign. A dialog displays in the right pane showing the tabs associated with this instance.
Click the Servers tab.
Select one or more targets in the Available column that you want to assign to the machine.
Click the mover control to move the targets you selected to the Chosen column.
Click Apply to save your assignments.

Binding to Protected Ports on UNIX

On UNIX systems, only processes that run under a privileged user account (in most cases, root) can bind to ports lower than 1024. However, long-running processes like WebLogic Server should not run under these privileged accounts.

If you want a WebLogic Server instance to bind to protected ports (such as port 80), do either of the following:

Start WebLogic Server instances from a non-privileged account and configure your firewall to use Network Address Translation (NAT) software to map protected ports to unprotected ones. BEA does not provide NAT software.
For each WebLogic Server instance that needs access to privileged ports, configure the server to start under a privileged user account, bind to privileged ports, and change its user ID to a non-privileged account.
Note: WebLogic Server uses native code to change user IDs. To verify that this feature is supported for your UNIX platform, refer to "Supported Configurations."

To configure a server instance to bind to protected ports on UNIX:

Start the Administration Server for the domain.
See "Starting and Stopping WebLogic Servers" in the Administration Guide.
Stop the server instances that you want to configure.
Create a UNIX machine and assign the server to the machine:
1. In the Administration Console, in the left pane, click on the Machines folder.
2. In the right pane, select the Configure a New Unix Machine link.
3. On the Create a New UNIX Machine page, in the Name field, enter a name for the new machine.
  A machine represents the physical machine that hosts one or more WebLogic Server instances. BEA recommends that you create one UNIX machine for each UNIX host that runs instances of WebLogic Server.
  
  The machine name is used for identification within the WebLogic Server domain; it does not have to correspond to the machine's network name.
  
  Note: Assign a unique name to the machine. Each configurable resource in your WebLogic Server environment should have a unique name.
4. Click Create.
  The General tab displays additional fields.
5. To specify a non-privileged user account under which the server instance runs, place a check mark in the Enable Post-bind UID field and enter the user ID in the Post-Bind UID field.
  The user ID that you enter must have read, write, and execute privileges within the BEA Home directory, the WebLogic Server product directory tree, and your domain directory.
  
  The default value of the Post-Bind UID field, nobody, is a standard UNIX account that provides the least possible privileges. While the nobody account is acceptable for use in a development environment, in a production environment, BEA recommends that you create an operating-system user account specifically for running instances of WebLogic Server. See "Securing the WebLogic Server Host."
6. To specify a non-privileged group instead of (or in addition to) providing a user ID, place a check mark in the Enable Post-bind GID field and enter the group ID in the Post-Bind GID field.
7. Click Apply.
8. Select the Servers tab. Move each server instance that you want to run on this UNIX machine from the Available list to the Chosen list. Then click Apply.
9. If you want to use the Node Manager to start server instances on this UNIX machine, click the Configuration > Node Manager tab and specify the address and listen port through which the Node Manager can be reached.
  In a production environment, BEA recommends that you specify a listen port that is secured by SSL. See Binding to Protected Ports with Servers That a Node Manager Starts.
  
  Click Apply to apply your changes.
Log in to the WebLogic Server host computer under an account that has access to protected ports.
Do either of the following for the server instances that you assigned to the UNIX machine:
- Start a WebLogic Server instance by invoking the weblogic.Server class or by invoking a script that invokes the class.
- (For Managed Servers only) Start the Node Manager. Then use the Node Manager to start Managed Servers.
  See "Node Manager" in the Administration Guide.

The WebLogic Server instance starts under the privileged user ID. After it binds to ports, it invokes native code to change its user or group ID to the one you specified in the UNIX machine configuration.

Binding to Protected Ports with Servers That a Node Manager Starts

Node Manager is a small Java application that runs on WebLogic Server hosts and can start and stop instances of WebLogic Server. When Node Manager starts a server instance, the server instance starts under the same user account under which the Node Manager is running.

If you Node Manager to start server instances that bind to protected ports, you must run the Node Manager under a privileged account. If you configure a post-bind user ID or group for a server instance, after Node Manager starts a server, the server binds to ports and then changes the user account under which it runs.

In a production environment, BEA recommends that you do the following to secure Node Manager:

Configure the Node Manager to listen on a port that is secured by SSL.
In the Node Manager's nodemanager.hosts file, specify the host name of the Administration Server only.

See "Node Manager" in the Administration Guide.

With the above configuration, Node Manager will accept requests only on a secure port and only from a single, known host.

Configuration

General

Attribute	Description	Range of Values	Default Value
Name	This attribute lists the name of this machine	The name can be up to 256 alphanumeric characters, but may not contain commas or spaces.	Null

Servers

Attribute	Description	Range of Values	Default Value
Servers	This attribute lists the servers running on this machine.	List	null

Node Manager

Attribute	Description	Range of Values	Default Value
Listen Address	The host name or IP address where Node Manager listens for requests from the Administration Server. Specify this address when starting the Node Manager process on the machine.		LocalHost
Listen Port	The port where Node Manager listens for requests from the Administration Server. Specify this port when starting the Node Manager process on the machine.		5555
Certificate	The certificate used by the Administration Server to talk to this Node Manager. The default certificate is . It is recommended that you obtain a new certificate for a production environment.		config/demo.crt
Certificate Password	The certificate password is not displayed because it is encrypted. If you change the certificate used by Node Manager, change the password to match the password used to encrypt the private key in the new digital certificate.	Valid password for the certificate	Null
Trusted Certs File	Contains the list of certificate authorities that are recognized. The certificate authority referred to in the digital certificate you are using must be listed in this file		config/trusted.crt

Notes

Attribute	Description	Range of Values	Default Value
Notes	This attribute provides a space for user supplied information.	The value must be an alphanumeric string.	Null