Every server has a group manager module that monitors availability and facilitates redirection. It is coupled with the Authentication Manager.
In setting policies, the Authentication Manager uses the selected authentication modules and decides what tokens are valid and which users have access.
The same policy must exist on every server in the failover group or undesirable results might occur.
The Group Managers create maps of the failover group topology by
exchanging keepalive
messages among themselves.
These keepalive
messages are sent to a UDP port
(typically 7009) on all of the configured network interfaces. The
keepalive
message contains enough information
for each Sun Ray server to construct a list of servers and the
common subnets that each server can access. In addition, the Group
Manager tracks the last time that a keepalive
message was received from each server on each interface.
The keepalive
message contains the following
information about the server:
Server's host name
Server's primary IP address
Elapsed time since the server was booted
IP information for every interface the server can reach
Machine information, such as the number and speed of CPUs, configured RAM, and so on
Load information, such as the CPU and memory utilization, number of sessions, and so on
The last two items are used to facilitate load balancing.
The information maintained by the Group Manager is used primarily
for server selection when a token is presented. The server and
subnet information is used to determine the servers to which a
given client can connect. These servers are queried about sessions
belonging to the token. Servers whose last
keepalive
message is older than the timeout are
deleted from the list, because either the network connection or
the server is probably down.
The Authentication Manager configuration file,
/etc/opt/SUNWut/auth.props
, contains
properties used by the Group Manager at runtime. The properties
are:
gmport
gmKeepAliveInterval
enableGroupManager
enableLoadBalancing
enableMulticast
multicastTTL
gmSignatureFile
gmDebug
gmTarget
These properties have default values that are rarely changed.
Only Oracle support personnel should direct
you to change these values to help tune or debug your
systems. Any properties that are changed must be changed for
all servers in the failover group because the
auth.props
file must be the same on all
servers in a failover group.
Property changes do not take effect until the Authentication Manager is restarted, which you can do by performing a warm restart of the Sun Ray services.