Sun Java System Web Server 7.0 Update 3 Administrator's Guide

Setting Up a Cluster

This section describes the procedure to set up the cluster and enable reverse proxy to support load-balancing of HTTP requests.

The following flowchart illustrates the procedure to set up a cluster.

Figure 4–3 Flowchart illustrating the cluster set up

Flowchart illustrating the steps to set up a cluster.

  1. On one of the nodes, install Web Server that acts as the Administration Server in a cluster.

  2. On other three nodes, install Web Server. Select the option of installing Web Server as an Administration Node. During the installation, choose the option of registering the node with the server.

  3. Make sure the Administration Server is using SSL port for communication, as an Administration Node can be registered with the server only in secure mode.

  4. Make sure the system date and time on all the nodes where the Administration Server and the Administration Nodes are installed are the same. The certificate associated with the server is created based on the system date and time of the node where the Administration Server is installed. If the system date of the Administration Node is earlier than the Administration Server, the registration fails as the certificate of the Administration Server will not yet be valid. As a corollary, the certificate may be deemed valid if it is has expired.

  5. Start the Administration Server from the install_dir/admin-server/bin/ directory.

    install_dir/admin-server/bin>./startserv

  6. Start the wadm command-line tool from the Administration Node. The wadm command-line tool is located in the install_dir/bin directory.

    install_dir/bin>./wadm

  7. Register each Administration Node with the Administration Server. Use the register-node command to register each node with the server.

    For Example:


    ./wadm register-node -user=admin --host=abc.sfbay.sun.com --port=8989

    Where,

    abc.sfbay.sun.com

    is the host name of the Administration Server to which you are registering the Node.

    port

    is the SSL Port number of the Administration Server.

  8. You will be prompted to enter the administration password. Enter the administration password of the Administration Server.

    The Administration Server authenticates each other by the Administration Server trusting the Administration Node's server certificate and the Administration Node trusting the client certificate presented by the Administration Server. During registration of an Administration Node, the Administration Server generates a server certificate for that Administration Node, which is then downloaded and installed on the Administration Node. The issuer of the server certificate is also installed on the Administration Node.


    Note –

    The registration can be done only over SSL.


    For information about registering nodes, see the Registering the Administration Node From the Command-Line in Sun Java System Web Server 7.0 Update 3 Installation and Migration Guide.

  9. Start all the Administration Nodes using the startserv command from the install_dir/admin-server/bin/ directory.

  10. Using the Admin Console or the CLI, create a new configuration in the Administration Server.

    Provide configuration information such as configuration name, HTTP Listener port, and the server name for the new configuration.

  11. Create instances of the configuration on all the nodes.

  12. Start the instances on all the nodes.


    Note –

    Web Server provides the flexibility to expand or reduce your cluster. You can add or remove instances to the cluster at any point of time.


Configuring Reverse Proxy for Load-balancing

Web Server 7.0 provides a sophisticated built-in load balancer, the reverse proxy. A reverse proxy is a gateway for Web Servers in a server farm. By configuring reverse proxy, the requests are forwarded to multiple similarly configured web servers

Use the following procedure to enable reverse proxy in Web Server 7.0:

  1. Install Web Server on the node that you want to use for configuring reverse proxy.

  2. Create a configuration. For example, rp.

  3. Using the Administration Console, select Configurations > Virtual Servers > Content Handling > Reverse Proxy tab. Click the New button.

  4. Enter the reverse proxy URI and the server URLs of all the machines in the cluster separated by comma.

    The format for entering the server URL is hostname:portnumber.

  5. Save the changes.

  6. Deploy the modified configuration to apply the changes to the configuration.

  7. Start all the instance of this modified configuration.

This completes configuring reverse proxy for load balancing HTTP requests.


Note –

To configure a reverse proxy in a cluster environment, issue a wildcard server certificate or the alternate subject names that can be set to the actual origin server host names. The other option of specifying the original server's host names in the subject name field limits the size of the cluster, leading the cluster to fail if another node is added to the cluster.

A wildcard server certificate can be created using the administration interfaces. After creating the server certificate use certutil to get the base64 encoded version of the certificate and install it as a trusted CA certificate on the load balancer configuration.

Type the following command to generate the base64 encoded certificate bash$./certutil -L -a -d instancedir/config. Copy the output of the command and paste it in the install certificate wizard.


Configuring Timeout Parameter in Reverse Proxy

ProcedureTo Configure Timeout Parameter in Reverse Proxy

  1. Login to Administration Console

  2. Select the configuration from the list

  3. Click the Edit Virtual Server button

  4. Click the Content Handling tab

  5. Click the Reverse Proxy sub tab

  6. Click the URI from the list of reverse proxies

    A new window appears.

  7. Click the HTTP Client Configuration link

  8. You can edit the Idle Timeout parameter. Default value is 300.

Monitoring Backend Instances

This section describes the status check of backend instances in detail.

The route_offline_thread in Web Server 7.0, performs a status check of backend instances. It looks up for all the alive backend instances by sending OPTIONS HTTP request. If the server responds, it is confirmed that the backend instance is alive. After the initial phase, the thread performs status check of offline backend instances every 60 seconds (time duration is not configurable). The route_offline_thread now tries to connect to offline instance and when the connection is successful, it sends OPTIONS HTTP request. If the instance responds, once it recovers from a hang, the route_offline_thread immediately identifies it as online. Thus, the thread does not impose any performance impact to the system and to the backend instances.

After a backend instance is identified as online, if it shuts down or crashes, the route_offline_thread will not be able to track. When such an instance is chosen by the Web Server reverse proxy parameter, for serving a request, it results in read or send failure, indicating that the connection to the instance is broken.

You can define a response timeout value using http-client-config ObjectType function in obj.conf file.


ObjectType fn="http-client-config" timeout="400"

Note –

The default timeout value is 300 seconds.


Once the response timeout value is defined, the reverse proxy parameter closes the connection to the backend instance if the connection hangs for more than 400 seconds and identifies it as offline.

When a reverse proxy parameter tries to establish a connection with a backend instance which is hanging or too busy, it waits for a connection response for a maximum period of five seconds and then identifies the instance as offline.

Using Web Server as Reverse Proxy in Graphical Interface

ProcedureTo Configure Reverse Proxy in Graphical Interface

  1. Login to Administration Console

  2. Select the configuration from the list

  3. Click the Edit Virtual Server button

  4. Click the Content Handling tab

  5. Click the Reverse Proxy sub tab

  6. Click the New button

    A new window appears.

  7. In URI enter (/) if you want all the requests to be set revers proxy. Else, enter the URI to be set to reverse proxy.

  8. Enter the server's URL, which you want to reverse proxy.

    For example, http://<content server-hostname>:port

  9. Click the OK button

  10. Click the Deployment Pending link in the top right of the screen.

  11. Click the Deploy button

    Deployment successful message appears.

  12. Click the Configuration tab

  13. Start the instance.

    Access the URI, which you configured as the reverse proxy.

Customizing Reverse Proxy

To configure conditional request processing you need to manually edit the virtual server specific obj.conf file.

For example, if you want to configure reverse proxy for all .jsp, .php requests. You need to include the following text in your obj.conf file.


<If $uri =~ '.jsp$' or $uri =~ '.php$'> 
NameTrans fn="map" from="/" to="http:/" name="custom_reverse_proxy"
</If>

Note –

You should insert the above text under the object name default.Add the following text to the end of the obj.conf file.


<Object name ="custom_reverse_proxy">
Route fn="set-origin-server" server="http://<hostname>:<port>"
</Object>

<Object name ppath="http:*"
Service fn="proxy-retrieve" method="*"
</Object>

Using Web Server as Reverse Proxy in CLI Mode

Follow the below steps to configure reverse proxy in CLI mode. For examples, let us create a configuration config1 and also create an instance rp as reverse proxy.

  1. Start the Administration Server:

    $ <install-dir>/admin-server/bin/startserv

  2. Invoke the CLI shell:

    <install-dir>/admin-server/bin/wadm -user <username>

    Now, you can see the wadm shell

  3. Create config1:

    wadm>create-config --http-port 8080 --server-name config1 --server-user root config1

  4. Create an instance for the config1 configuration:

    wadm>create-instance --config config1 <host-name>

  5. Add the web application on the created configuration:

    wadm>add-webapp --config config1 -vs config1 --uri/test <warfile>

  6. Deploy the web application

    wadm>deploy-config --user=admin --password-file=admin.pwd --host=serverhost --port=8989 config1

  7. Create a rp configuration:

    wadm>create-config --http-port 8081 --server-name rp --server-user root rp

    Enable the rp configuration to reverse proxy using the following command:

    wadm>create-reverse-proxy --config rp --vs rp --uri-prefix/--server http://<host-name>:8080

  8. Create an instance for the rp configuration

    wadm>create-instance --config rp <host-name>

  9. Start the instances:

    wadm>start-instance --config config1 <host-name>

    wadm>start-instance --config rp <hostname>

Now, the web application deployed in config1 can be viewed through rp instance.

http://<rp instance hostname>:8081/test