Skip Navigation Links | |
Exit Print View | |
Oracle GlassFish Server 3.1-3.1.1 High Availability Administration Guide |
1. High Availability in GlassFish Server
2. Setting Up SSH for Centralized Administration
About SSH for Centralized Administration
Determining Whether to Use SSH for Centralized Administration
Setting Up Cygwin SSH on Windows
To Download and Install Cygwin
To Set the Path for Windows and for the Cygwin Shell
To Set the Home Directory for the Cygwin SSH User
To Configure and Start the Cygwin SSH Server Daemon sshd
Setting Up the MKS Toolkit on Windows
To Set the Path for Windows and for the MKS Toolkit Shell
To Set the Home Directory for the MKS Toolkit SSH User
To Configure and Start the MKS Toolkit SSH Server Daemon sshd
Setting Up SSH on UNIX and Linux Systems
To Set Up SSH on Oracle Solaris Systems
To Set Up SSH on MacOS Systems
To Set Up SSH on Linux systems
Testing the SSH Setup on a Host
To Test the SSH Setup on a Host
Setting Up SSH User Authentication
To Set Up Public Key Authentication Without Encryption
To Set Up Encrypted Public Key Authentication
To Set Up Password Authentication
Installing and Removing GlassFish Server Software on Multiple Hosts
To Copy a GlassFish Server Installation to Multiple Hosts
To Remove GlassFish Server Software From Multiple Hosts
3. Administering GlassFish Server Nodes
4. Administering GlassFish Server Clusters
5. Administering GlassFish Server Instances
6. Administering Named Configurations
7. Configuring Web Servers for HTTP Load Balancing
8. Configuring HTTP Load Balancing
9. Upgrading Applications Without Loss of Availability
10. Configuring High Availability Session Persistence and Failover
11. Configuring Java Message Service High Availability
In a typical GlassFish Server deployment, the DAS acts as the SSH client, and hosts where instances reside act as SSH servers. The SSH Server Daemon sshd must be running on hosts where instances reside, but is not required to be running on the DAS host. The DAS uses its own SSH client for communicating with hosts where instances reside. However, to generate keys and test SSH setup, a native SSH client must be installed on the DAS host.
The use of SSH to enable centralized administration of remote instances is optional and is required only for specific operations. Instances local to the DAS can be administered without SSH. If SSH is not practicable in your environment, you can administer remote instances locally.
The requirements for SSH configuration and user management are different for each operating system on which GlassFish Server is supported. Therefore, the use of SSH for centralized administration involves using SSH tools to configure SSH on the operating system that you are using. Before setting up a GlassFish Server cluster, use the following considerations to determine whether to use SSH:
If you are planning a large cluster of many instances, consider setting up SSH to enable centralized administration of the cluster. SSH simplifies the administration of the cluster by enabling you to perform all administrative operations on the cluster and its instances from the DAS. On UNIX and Linux systems, SSH is typically installed and preconfigured, and requires minimal additional setup. On Windows systems, additional setup is required to install and configure an SSH provider.
If you are planning a small cluster of few instances, consider whether setting up SSH requires more effort than logging in to individual hosts to administer remote instances locally.
How you administer instances and the nodes on which they resides varies depending on whether SSH is available. The following table provides cross-references to instructions for administering nodes and instances depending on whether SSH is available.
|
On UNIX and Linux systems, SSH software is typically installed as part of the base operating system.
However, on Windows systems, you must install one of the following SSH providers:
Cygwin release 1.7.6
MKS Toolkit for Developers release 9.2
Before setting up SSH, decide which SSH user GlassFish Server will use when connecting to remote hosts. For the following reasons, administration is simplest if the SSH user is the user that starts the DAS:
For public key authentication, the user that starts the DAS must be able to read the SSH user's private key file.
Remote instances are started as the SSH user.
By default, the DAS assumes that the SSH user is the user that is running the DAS.
The environment of the SSH user on any remote host to which the user will connect must meet the requirements that are stated in Paths and Environment Settings for the JDK Software in Oracle GlassFish Server 3.1-3.1.1 Release Notes.
The SSH user's environment on a host is set by the environment set-up files that are run when the user uses SSH to run a command on the host. You must ensure that these files set up the SSH user's environment correctly.
The files that are run when the user uses SSH to run a command are different than the files that are run when the user logs in to a host. For example, in the bash shell, .profile and .bashrc are run when the user logs in, but only .bashrc is run when the user runs a command. Therefore, in the bash shell, you must ensure that .bashrc contains the required environment settings for the SSH user.
Note - The User Account Control (UAC) feature is available only on some versions of the Windows operating system, for example, Windows 7, Windows Vista, and Windows 2008.
You might be using a UAC-enabled Windows system and choose to store files for GlassFish Server instances in a directory other than the SSH user's home directory. In this situation, the SSH user must have native (that is, nonvirtual) read and write access to the file system where the instances are to be stored. The OS-level administrator has such access by default. You can also configure the system to grant such access to other users. For more information, see the documentation for the Windows operating system.