Every server has a group manager module that monitors availability and facilitates redirection. It is coupled with the Authentication Manager.
In setting policies, the Authentication Manager uses the selected authentication modules and decides what tokens are valid and which users have access.
The same policy must exist on every server in the failover group or undesirable results might occur.
The Group Managers create maps of the failover group topology by
exchanging keepalive
messages among
themselves. These keepalive
messages are sent
to a UDP port (typically 7009) on all of the configured network
interfaces. The keepalive
message contains
enough information for each Sun Ray server to construct a list
of servers and the common subnets that each server can access.
In addition, the Group Manager tracks the last time that a
keepalive
message was received from each
server on each interface.
The keepalive
message contains the following
information about the server:
Server's host name
Server's primary IP address
Elapsed time since the server was booted
IP information for every interface the server can reach
Machine information, such as the number and speed of CPUs, configured RAM, and so on
Load information, such as the CPU and memory utilization, number of sessions, and so on
The last two items are used to facilitate load balancing.
The information maintained by the Group Manager is used
primarily for server selection when a token is presented. The
server and subnet information is used to determine the servers
to which a given client can connect. These servers are queried
about sessions belonging to the token. Servers whose last
keepalive
message is older than the timeout
are deleted from the list, because either the network connection
or the server is probably down.
The Authentication Manager configuration file,
/etc/opt/SUNWut/auth.props
, contains
properties used by the Group Manager at runtime. The
properties are:
gmport
gmKeepAliveInterval
enableGroupManager
enableLoadBalancing
enableMulticast
multicastTTL
gmSignatureFile
gmDebug
gmTarget
These properties have default values that are rarely
changed. Only very knowledgeable Sun support personnel
should direct customers to change these values to help tune
or debug their systems. Any properties that are changed must
be changed for all servers in the failover group because the
auth.props
file must be the same on all
servers in a failover group.
Property changes do not take effect until the Authentication Manager is restarted, which you can do by performing a warm restart of the Sun Ray services.