This procedure describes how to configure an instance of the Sun Java System Web server to be highly available. Use the Netscape browser to interact with this procedure.
Consider the following points before you perform this procedure.
Before you start, ensure that you have installed the browser on a machine that can access the network on which the cluster resides. You can install the browser on a cluster node or on the administrative workstation for the cluster.
Sun Cluster HA for Sun Java System Web Server now supports Sun Java System Proxy Server. For Sun Java System Proxy Server installation and configuration information, see Chapter 1, Installing Sun Java System Web Proxy Server, in Sun Java System Web Proxy Server 4.0.5 Installation and Migration Guide.
Your configuration files can reside on either a local file system or on the cluster file system.
Any certificates that are installed for the secure instances must be installed from all cluster nodes. This installation involves running the admin console on each node. Thus, if a cluster has nodes n1, n2, n3, and n4, the installation steps are as follows.
Run the admin server on node n1.
From your Web browser, connect to the admin server as http://n1.domain:port—for example, http://n1.eng.sun.com:8888—or whatever you specified as the admin server port. The port is typically 8888.
Install the certificate.
Stop the admin server on node n1 and run the admin server from node n2.
From the Web browser, connect to the new admin server as http://n2.domain:port, for example, http://n2.eng.sun.com:8888.
Repeat these steps for nodes n3 and n4.
After you have considered the preceding points, complete the following steps.
If you will configure Sun Java System Web Server as a scalable data service, create a directory on the local disk of all the nodes to hold the logs and error files that Sun Java System Web Server manages.
For the scalable configuration to work correctly, these files must be located on each node of the cluster, not on the cluster file system. Use shared storage only if you will configure Sun Java System Web Server as a failover data service.
Choose a location on the local disk that is the same for all the nodes in the cluster. Use the mkdir -p command to create the directory. Make nobody the owner of this directory.
The following example shows how to complete this step.
phys-schost-1# mkdir -p /var/pathname/http-instance/logs/ |
If you anticipate large error logs, do not put them in a directory under /var because they will overwhelm this directory. Rather, create a directory in a partition with adequate space to handle large files.
From the administrative workstation or a cluster node, start the Netscape browser.
On one of the cluster nodes, go to the directory admin-server, then start the Sun Java System admin server.
# cd admin-server # ./startserv |
Enter the URL of the Sun Java System admin server in the Netscape browser.
The URL consists of the logical hostname and port number that the Sun Java System installation script established in Step 4 of the server installation procedure, for example, n1.eng.sun.com:8888. When you perform Step 2 of this procedure, the ./start command displays the admin URL.
When prompted, use the user ID and password you specified in Step 6 of the server installation procedure to log in to the Sun Java System administration server interface.
Using the administration server where possible and manual changes otherwise, complete the following:
Verify that the server name is correct.
Verify that the server user is set as superuser.
Change the bind address field to one of the following addresses.
A logical hostname or shared address if you use DNS as your name service
The IP address associated with the logical hostname or shared address if you use NIS as your name service
Update the ErrorLog and Access Log entries to reflect the directory created in Step 1 of this section.
Save your changes.
Create a file that contains the secure key password you need to start this instance, and place this file under the server root directory. Name this file keypass.
Because this file contains the NSS database password, protect the file with the appropriate permissions.
If you do not want to save the password in the keypass file, add the following to the server.xml file located in the server root directory.
<pkcs11> <enabled>true</enabled> <token> <name>internal</name> <pin>admin123</pin> </token> </pkcs11>