Technical Case Study: Sun Java Enterprise System SunWeb 4.0

Chapter 1 Introducing the SunWeb Deployment

This technical case study describes the implementation of a Sun Java^TM Enterprise System (Java ES) architecture for the deployment of SunWeb^TM 4.0, the web-based internal portal for Sun Microsystems employees. This document describes the business and technical requirements for the deployed solution, the Java ES architecture developed to meet those requirements, and the deployment specifications developed from the architecture.

The intent of this document is to describe the SunWeb portal deployment so that you can adapt the information for your own deployment. While every deployment is different, the SunWeb 4.0 portal is a good example of how Java ES can be deployed in a complex enterprise environment.

This chapter introduces the SunWeb portal and provides an overview of the SunWeb 4.0 deployment. Subsequent chapters provide technical details for the deployment.

This chapter contains the following sections:

About the SunWeb Portal

The SunWeb portal is the primary means through which business information and services are delivered to Sun employees and is the standard way the Sun workforce collaborates and shares knowledge. The primary goal of the SunWeb portal is to provide content and services to a global workforce anywhere, anytime, and on any device. SunWeb is continuously evaluated and enhanced to meet that goal.

The SunWeb portal provides services to internal users around the world, which includes employees, contractors, interns, and anyone with a valid Sun ID. Users access email, calendars, applications, collaboration tools, and a wide variety of content sources such as news and blogs.

The following image shows the main page users might see when they log in.

Figure 1–1 Main SunWeb Page

Graphical representation of the main SunWeb
page.

Some features are standard for all users, while others vary depending on the user's role at Sun and how SunWeb was accessed. SunWeb can be accessed from a computer or device connected to Sun's corporate network (SWAN) or from a computer or device not connected to SWAN using the public Internet and secure remote access.

Business Case for SunWeb 4.0

The SunWeb portal is driven by the current realities of work. The workforce is global and knowledge based, the work location is anywhere with a high-speed Internet connection, and the work schedule is whatever is needed to get the job done across multiple time zones.

The SunWeb portal is driven by these work realities and the continuous challenges that come with them, such as access anywhere, anytime, and on any device, while meeting security, availability, response time, and redundancy requirements and fulfilling corporate compliance and reporting responsibilities. The complexities posed by Sun's work realities are considerable and underscore the critical nature of SunWeb:

Approximately 40,000 employees in 170 countries
18 major business divisions
18,000 internal web sites
4 million internal web pages
5 million emails per day
More than 900 internal applications

The SunWeb 4.0 portal deployment addressed these complexities by consolidating content, services, and applications on a single platform built on Java ES. The Java ES solution helped Sun achieve many key business objectives, including the following:

Improved employee productivity. Sun's workforce is connected to whom and what they need when and where they need it based on user roles and entitlements.
Reduced operational costs and complexity. Sun's business groups use a single platform for all phases of the information management and distribution life cycle.
Demonstration of Sun's use of Sun technology. Sun's customers see a real-world implementation of a Java ES architecture and gain a better understanding of how a Java ES solution might be designed and deployed in their own environment to address similar business problems and requirements.

Deployment Planning

The SunWeb portal deployment began with deployment planning, a critical piece of any successful deployment. The following table briefly describes the high-level tasks involved with planning the SunWeb deployment and points to specific information in this case study. Consider using a similar approach when planning your own deployment.

This case study is specific to the SunWeb portal deployment. For general information about deployment planning, see the Sun Java Enterprise System Deployment Planning Guide in the Java ES documentation set.

Table 1–1 SunWeb Deployment Planning Task Map


Task	SunWeb Information
1. Analyze business goals and develop business requirements. Business requirements are used to determine the technical requirements for the deployment.	See Chapter 2, SunWeb Requirements, which describes SunWeb requirements.
2. Convert the business requirements into technical requirements. Technical requirements are used to design the deployment architecture and specify quality of service (QoS) features such as performance, availability, and scalability.	See Chapter 2, SunWeb Requirements, which describes SunWeb requirements.
3. Develop the deployment scenario. The deployment scenario is used to design the deployment architecture. The scenario consists of a logical architecture, which identifies the Java ES components and other software needed to provide the services, and the requirements defined in the previous step.	See Chapter 3, Designing the SunWeb Architecture, which describes designing the SunWeb architecture.
4. Develop the deployment architecture. The deployment architecture is based on the deployment scenario and is used to define the specifics of the deployment, mapping the components specified in the logical architecture to a physical environment. While the logical architecture deals with components in a general sense, the deployment architecture specifies details such as the number of computers, how they are connected, how many instances of each component are needed, and so on.	See Chapter 3, Designing the SunWeb Architecture, which describes designing the SunWeb architecture.
5. Develop the deployment specifications. Deployment specifications are used to implement the solution. The specifications are based on the deployment architecture, but add the detailed information needed to install and configure the set of components identified in the architecture.	See Chapter 4, Preparing the SunWeb Deployment Specifications, which describes preparing the deployment specifications.
6. Implement the deployment architecture. Implementation typically involves installing and configuring the hardware infrastructure, installing and configuring the software, modeling users and resources within an LDAP directory design, and so on. The detailed installation and configuration plans are developed from the deployment specifications.	Specific installation and configuration procedures are not provided in this case study. For detailed information about installing and configuring Java ES software, see the Java ES documentation resources at `http://docs.sun.com/app/docs/prod/entsys`. Additional Java ES resources are also available at `http://www.sun.com/bigadmin/hubs/javaes/`.

Deployment Overview

The core SunWeb portal platform is a suite of applications built primarily on Java ES, complemented by content management, document management, search, and collaboration applications. All services are available from a single, distributed Java ES deployment.

As with other such production deployments, the SunWeb 4.0 portal uses an arrangement of portal and Java ES components distributed among several computers behind a load balancer. The deployment encompasses configuration information, a variety of data and data sources, custom code that defines the user interface, security mechanisms, content sources and access, and integration with other in-house and third-party products and services.

Non-Java ES software is included in the deployment, as are services and applications already running on SWAN. For more information about non-Java ES software used in the deployment architecture, see Preparing the Logical Architecture.

SunWeb content is aggregated from a number of different sources, including a content management system and other content providers that are integrated with the SunWeb infrastructure. Content providers include the following:

MySales and MyMarketing portals, which provide extensive sales and marketing tools and resources
SunWeb Collaboration, an online knowledge management service that enables virtual teams to develop, share, and retain information
An executive management portal, available only to executives
The search engine

More information about the mechanics of content delivery is provided in Chapter 3, including Analyzing User Interactions with the SunWeb Components.

The Sun IT team designed SunWeb 4.0 to meet several key objectives and provide several key services. An overview of those objectives and services is provided in the following sections.

Key Objectives of SunWeb 4.0

The following table lists the key objectives of the SunWeb 4.0 deployment. These objectives might be similar to your own.

Table 1–2 Key Objectives of SunWeb 4.0


Objective	Description
Integration and consolidation	SunWeb resources were split across many systems and the integration and consolidation of services was a key driver for the SunWeb 4.0 deployment. The SunWeb 4.0 portal integrated Portal Server Secure Remote Access, mobile access, communication channels (mail and calendar), a blogs channel, and the SunWeb portal desktop into one common platform. This integration of services onto one platform required substantial modification to the existing architecture. Single sign-on functionality was also implemented to provide single sign-on between Portal Server with Access Manager to other applications.
Multitier architecture implementation	A key objective of the deployment was to implement a multitier reference architecture to meet new scalability needs and to decouple the Portal Server, Access Manager, and Directory Server deployment for the multitier architecture.
Software upgrade	A software upgrade was necessary to leverage the latest functionality in Java ES components and the Solaris^TM Operating System (Solaris OS). The SunWeb 4.0 framework implemented Sun Java Enterprise System 2005Q1 and Solaris 10 OS with zones (see Software in SunWeb 4.0).
Hardware upgrade	A hardware upgrade was long overdue. The SunWeb 4.0 deployment moved from shared hardware to dedicated Sun Fire^TM x64 servers running Solaris 10 OS, demonstrating a reference architecture with zones on AMD Opteron^TM processors (see Hardware in SunWeb 4.0).

Key Services Provided by SunWeb 4.0

The SunWeb 4.0 deployment provided enhanced capabilities in many areas, including personalization, remote access, and search. Many of the enhancements were made in response to user input and feature requests.

The following table provides an overview of some of the key services delivered with the deployed solution. Your enterprise might require similar services. Technical details for these and other services are provided in Detailed Service Requirements.

Note –

Mail and calendar services are provided by instances of Sun Java System Messaging Server and Sun Java System Calendar Server that are already deployed and running on the main corporate network. The SunWeb portal deployment uses Portal Server channels to provide SunWeb users with access to these services on their portal desktops (to enable this feature, users must add the channels to their portal view).

Table 1–3 Key Services Provided by SunWeb 4.0


Service	Description
Portal Server Secure Remote Access (SRA)	Provides secure remote access from outside of Sun's corporate network (SWAN). Replaces an older application used for remote access, providing enhanced, updated, and integrated services that are more comprehensive and reliable. Provides device independence that enables users to connect to SunWeb securely from any Java enabled, web-connected computer or mobile device. Remote users launch a browser, enter the URL for the SRA service, authenticate using token-based authentication, and are logged directly into SunWeb with secure access to a customized portal desktop, applications, and content. Enables users to access SunWeb from most customer sites, providing an advantage over virtual private network (VPN), which is often blocked. Provides enhanced security in certain situations when compared with VPN. Enables users to send and receive mail, update their calendars, access their home directories, surf sites within SWAN, and open telnet sessions. Provides a remote access channel to users who log in using SRA. This channel provides various tools such as FTP.
Mail channel	Enables remote users to add the mail channel to their SunWeb view and to read, write, and reply to messages using the mail channel when connecting to SunWeb through a remote access gateway. Brings the most recent mail messages to the SunWeb view. Enables users to choose how many messages to display and to launch messages directly from SunWeb. Is highly customizable and enables users to perform a high degree of personalization.
Calendar channel	Complements the mail channel (requires a Calendar Server account). Enables remote users to add the calendar channel to their SunWeb view and to manage their calendar when accessing SunWeb through a remote access gateway. Is highly customizable and enables users to perform a high degree of personalization.
Blogs@Sun channel	Enables users to subscribe to specific blogs and authors. Enables the personalized SunWeb view to be updated as new postings become available.
SunWeb (Java ES) search	Integrates the Portal Server search engine with the portal desktop and the SRA service to provide a single entry point. Gives users a more robust search engine for searching within SWAN.

Software in SunWeb 4.0

SunWeb was one of the first implementations of Sun's suite of middleware products known as Sun Java Enterprise System (Java ES). Java ES is a software infrastructure that provides a complete set of middleware services to support enterprise applications distributed across a network or Internet environment. The Java ES components that provide the services are installed using a common installer, synchronized on a common set of shared libraries, and share an integrated user identity and security management system. The SunWeb 4.0 portal is built on Sun Java Enterprise System 2005Q1 and demonstrates a comprehensive implementation of the Java ES platform.

The following table lists the key Sun software components used in SunWeb 4.0 and the functionality each component provides. Your enterprise might require similar functionality.

Note –

All software used in the deployment is not listed in the table, just the key Java ES components. For more information about other components and applications used in the deployment, see Preparing the Logical Architecture.

Table 1–4 Key Sun Software Used in SunWeb 4.0


Product	Functionality
Sun Java System Portal Server 6.1	Portal Server is the integration framework for the presentation of content and services and performs display-specific tasks such as desktop and channel presentations. Portal Server provides the following SunWeb functionality: Mobile access desktop for internal users SRA End-to-end secure SSL using the Rewriter and Netlet proxies
Sun Java System Access Manager 6.3	Access Manager performs tasks related to authentication, roles, and policies and provides the following SunWeb functionality: Enforces authorized access to network services and resources through the SunWeb portal and Access Manager infrastructure. Manages Sun employee user identity and tightly integrates with policy, identity management, service management, and SAML (Security Assertion Markup Language) to simplify and provide a single point of administration of users. Provides a single identity (single sign-on) across web and application servers and services, such as the MySales and MyMarketing SunWeb portals and also mail and calendar applications. Provides users filtered roles.
Sun Java System Application Server 8.1	Provides the Java 2 Platform, Enterprise Edition (J2EE^TM) container.
Sun Java System Directory Server 5.2	Directory Server stores the user profile information used by Portal Server and Access Manager. Portal Server and Access Manager read and write to Directory Server, and several other critical operations also occur on the directory servers to perform the following tasks: Update user profiles based on Human Resources records. Implement multimaster replication, which enables data to be replicated between directory servers in real time to keep the data synchronized.
Solaris 10 OS	Provides the operating system (secure build, x86, zones).

Hardware in SunWeb 4.0

A key piece of the SunWeb 4.0 deployment was hardware. SunWeb had quickly outgrown the systems on which it was originally deployed. SunWeb moved to a stack of Sun Fire x64 servers running Solaris 10 OS, which provided greater performance, stability, and scalability.

The hardware used in SunWeb 4.0 includes the following:

Nine V20z Opteron servers (dual 1.8 GHz CPUs, 16 Gbyte RAM, 2x 72 Gbyte SAS)
One Sun Fire x4100 (Galaxy, dual 2.2 GHz CPUs, 16 Gbyte RAM, 2x 73 Gbyte SAS)
Load balancer

For more information about hardware, see Preparing the Computer Hardware and Operating System Specification. For more information about load balancing and redundancy strategies, see Choosing Redundancy Strategies for the SunWeb Architecture.