Skip Navigation Links | |
Exit Print View | |
Oracle GlassFish Server 3.1-3.1.1 High Availability Administration Guide |
1. High Availability in GlassFish Server
2. Setting Up SSH for Centralized Administration
3. Administering GlassFish Server Nodes
4. Administering GlassFish Server Clusters
5. Administering GlassFish Server Instances
6. Administering Named Configurations
7. Configuring Web Servers for HTTP Load Balancing
Supported Operating Systems and Web Servers
Configuring Oracle iPlanet Web Server
To Set up the HTTP Load Balancer in SSL Mode for Oracle iPlanet Web Server 7
Configuring Apache HTTP Server
Configuring Apache Before Installing the GlassFish Loadbalancer Plug-In
To Build and Install Apache With SSL Support
To Create a Security Certificate for Apache
Configuring Apache After Installing the GlassFish Loadbalancer Plug-In
Configuring Security Files to Work With the Load Balancer
Providing Access Permissions to Apache User
Loadbalancer Plug-In Initialization
Modifying Directory Access Permissions to Enable Auto Apply
Starting Apache on Solaris and Linux
Microsoft IIS 7.5+ Post-Install Configuration Steps
To Configure Microsoft IIS 7.5+ After Installing the GlassFish Loadbalancer Plug-In
Automatically Configured sun-passthrough Properties
Installing the Loadbalancer Plug-In
To Install the Loadbalancer Plug-In
Verifying Loadbalancer Plug-In Configuration
To Verify the Loadbalancer Plug-In Configuration
8. Configuring HTTP Load Balancing
9. Upgrading Applications Without Loss of Availability
10. Configuring High Availability Session Persistence and Failover
11. Configuring Java Message Service High Availability
The GlassFish Loadbalancer Configurator does not support Oracle HTTP Server (OHS), so you must manually configure the web server to work with the Loadbalancer Plug-In. These procedures apply to Oracle HTTP Server 11.1.1.4+ only. Other versions of Oracle HTTP Server are not supported.
The following topics are addressed here:
OHS is available from Oracle Middleware Downloads page. Look for Web Tier Utilities under Required Additional Software. Note that you need to install the complete Web Tier Utilities bundle because OHS is not available separately. Be sure to download the 32–bit product version.
Use the following options when running the GlassFish Loadbalancer Configurator:
Choose Apache HTTP Server as your web server.
Point to the dummy /tmp/apache as the Apache HTTP Server installation directory.
The GlassFish Loadbalancer Configurator will create a new /tmp/apache/glassfish-lbplugin directory.
Enter the following statement on a single line:
LD_LIBRARY_PATH=$ORACLE_HOME/ohs/lib:$ORACLE_HOME/pcs/lib:$ORACLE_HOME/lib: $ORACLE_HOME/ohs/glassfish-lbplugin/lib:$LD_LIBRARY_PATH; export LD_LIBRARY_PATH
Enter the following statement on a single line:
NSS_STRICT_NOFORK=DISABLED; export NSS_STRICT_NOFORK
ohs-instance-dir/config/OHS/ohs1/modules/resource ohs-instance-dir/config/OHS/ohs1/sec_db_files
ohs-install-dir/ohs/glassfish-lbplugin/lib/webserver-plugin/linux/apache2.2/mod_loadbalancer.so
ohs-install-dir/ohs/glassfish-lbplugin/lib/webserver-plugin/linux/apache2.2/errorpages
ohs-install-dir/ohs/glassfish-lbplugin/lib/webserver-plugin/linux/apache2.2/*.res
ohs-install-dir/ohs/glassfish-lbplugin/lib/webserver-plugin/linux/apache2.2/*.db
include "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/gf.conf"
Set StartServers to 1
Set MaxClients to 64
Set ThreadsPerChild to 64
In this code sample, note that lines that are too long for this publication are truncated with a space and backslash ( \). In cases where this truncation is used for a line, be sure to enter that line and the subsequent line in a single line in your configuration file.
LoadModule apachelbplugin_module \ ${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/ \ modules/mod_loadbalancer.so <IfModule apachelbplugin_module> config-file "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/ \ ${COMPONENT_NAME}/loadbalancer.xml" locale en </IfModule> <VirtualHost *:7777> DocumentRoot "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/htdocs" ServerName myserver </VirtualHost>
Note - Replace port 7777 and ServerName with whatever values are used in your configuration.
ohs-install-dir/ohs/glassfish-lbplugin/lib/dtds/glassfish-loadbalancer_1_3.dtd
Use the export-http-lb-config subcommand to generate a load-balancer.xml file. See the export-http-lb-config(1) for more information.
For example:
ohs-instance-dir/bin/opmnctl startall
This procedure is only required if you plan on using the load balancer Auto Apply feature with Oracle HTTP Server (OHS). The Auto Apply feature enables changes made to a configuration through the GlassFish Server Administration Console or from the command line with the apply-http-lb-changes(1) subcommand to be automatically sent over the wire to the web server configuration directory.
Before You Begin
Before proceeding with the instructions in this procedure, ensure the following:
SSH is configured on the host where the DAS is running. For more information, see Chapter 2, Setting Up SSH for Centralized Administration.
You have completed the instructions in To Configure Oracle HTTP Server to Use the Loadbalancer Plug-In.
Enter the following command on a single line:
keytool -export -rfc -keystore domain-dir/config/keystore.jks -alias s1as -file glassfish.crt -storepass keystore-password
Enter the following command on a single line:
orapki wallet add -wallet ohs-instance-dir/config/OHS/ohs1/keystores/default/cwallet.sso -cert glassfish.crt -trusted_cert -auto_login_only
Refer to the OHS documentation for more information about the orapki utility.
# OHS Listen PortListen 5443 <VirtualHost *:5443> <IfModule ossl_module> # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on # Client Authentication (Type): # Client certificate verification type and depth. Types are # none, optional and require. SSLVerifyClient require # SSL Cipher Suite: # List the ciphers that the client is permitted to negotiate # (enter these ciper names on a single line). SSLCipherSuite SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_DES_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA # SSL Certificate Revocation List Check # Valid values are On and Off SSLCRLCheck Off #Path to the wallet (enter path on a single line). SSLWallet "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/ ${COMPONENT_NAME}/keystores/default" </IfModule> <Location /lbconfigupdate > SSLRequireSSL SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)-/ \ and %{SSL_CLIENT_S_DN_O} eq "Oracle Corporation" \ and %{SSL_CLIENT_S_DN_OU} eq "GlassFish" \ and %{SSL_CLIENT_M_SERIAL} eq <SERIAL NUMBER> ) </Location> </VirtualHost>
Note - Port 5443 is used in this example. This port can be changed to any port that is appropriate for your system. This same port must be used when running the create-http-lb subcommand.
keytool -printcert -file path-name/glassfish.crt
include "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/gf-admin.conf"