JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle GlassFish Server 3.1-3.1.1 High Availability Administration Guide
Oracle Technology Network
Library
PDF
Print View
Feedback
search filter icon
search icon

Document Information

Preface

1.  High Availability in GlassFish Server

2.  Setting Up SSH for Centralized Administration

3.  Administering GlassFish Server Nodes

4.  Administering GlassFish Server Clusters

5.  Administering GlassFish Server Instances

6.  Administering Named Configurations

7.  Configuring Web Servers for HTTP Load Balancing

Supported Operating Systems and Web Servers

Configuring Oracle iPlanet Web Server

To Set up the HTTP Load Balancer in SSL Mode for Oracle iPlanet Web Server 7

Configuring Apache HTTP Server

Configuring Apache Before Installing the GlassFish Loadbalancer Plug-In

To Build and Install Apache With SSL Support

To Create a Security Certificate for Apache

Configuring Apache After Installing the GlassFish Loadbalancer Plug-In

Configuring Security Files to Work With the Load Balancer

Providing Access Permissions to Apache User

Loadbalancer Plug-In Initialization

Modifying Directory Access Permissions to Enable Auto Apply

Starting Apache on Solaris and Linux

Configuring Microsoft IIS

To Configure SSL for IIS 7.5+

Microsoft IIS 7.5+ Post-Install Configuration Steps

To Configure Microsoft IIS 7.5+ After Installing the GlassFish Loadbalancer Plug-In

Automatically Configured sun-passthrough Properties

Configuring Oracle HTTP Server

To Configure Oracle HTTP Server to Use the Loadbalancer Plug-In

To Enable the Load Balancer Auto Apply Feature

Installing the Loadbalancer Plug-In

To Install the Loadbalancer Plug-In

Verifying Loadbalancer Plug-In Configuration

To Verify the Loadbalancer Plug-In Configuration

8.  Configuring HTTP Load Balancing

9.  Upgrading Applications Without Loss of Availability

10.  Configuring High Availability Session Persistence and Failover

11.  Configuring Java Message Service High Availability

12.  RMI-IIOP Load Balancing and Failover

Index

Configuring Oracle HTTP Server

The GlassFish Loadbalancer Configurator does not support Oracle HTTP Server (OHS), so you must manually configure the web server to work with the Loadbalancer Plug-In. These procedures apply to Oracle HTTP Server 11.1.1.4+ only. Other versions of Oracle HTTP Server are not supported.

The following topics are addressed here:

To Configure Oracle HTTP Server to Use the Loadbalancer Plug-In

  1. Download and install Oracle HTTP Server (OHS) 11.1.1.4+ (32-bit), if it is not already installed.

    OHS is available from Oracle Middleware Downloads page. Look for Web Tier Utilities under Required Additional Software. Note that you need to install the complete Web Tier Utilities bundle because OHS is not available separately. Be sure to download the 32–bit product version.

  2. Prepare for and install the GlassFish Loadbalancer Plug-In.
    1. Create a dummy Apache directory named /tmp/apache on the machine on which OHS is installed.
    2. Install the Loadbalancer Plug-In, as described in Installing the Loadbalancer Plug-In.

      Use the following options when running the GlassFish Loadbalancer Configurator:

      • Choose Apache HTTP Server as your web server.

      • Point to the dummy /tmp/apache as the Apache HTTP Server installation directory.

      The GlassFish Loadbalancer Configurator will create a new /tmp/apache/glassfish-lbplugin directory.

  3. Configure OHS at the installation level.
    1. Copy /tmp/apache/glassfish-lbplugin to ohs-install-dir/ohs.
    2. Update ohs-install-dir/ohs/bin/apachectl.

      Enter the following statement on a single line:

      LD_LIBRARY_PATH=$ORACLE_HOME/ohs/lib:$ORACLE_HOME/pcs/lib:$ORACLE_HOME/lib:
$ORACLE_HOME/ohs/glassfish-lbplugin/lib:$LD_LIBRARY_PATH; export LD_LIBRARY_PATH

      Enter the following statement on a single line:

      NSS_STRICT_NOFORK=DISABLED; export NSS_STRICT_NOFORK
  4. Configure OHS at the instance level.
    1. Create the following directories:
      ohs-instance-dir/config/OHS/ohs1/modules/resource
ohs-instance-dir/config/OHS/ohs1/sec_db_files
    2. Copy the following file to ohs-instance-dir/config/OHS/ohs1/modules:
      ohs-install-dir/ohs/glassfish-lbplugin/lib/webserver-plugin/linux/apache2.2/mod_loadbalancer.so
    3. Copy the following directory to ohs-instance-dir/config/OHS/ohs1/modules:
      ohs-install-dir/ohs/glassfish-lbplugin/lib/webserver-plugin/linux/apache2.2/errorpages
    4. Copy the following files to ohs-instance-dir/config/OHS/ohs1/modules/resource:
      ohs-install-dir/ohs/glassfish-lbplugin/lib/webserver-plugin/linux/apache2.2/*.res
    5. Copy the following files to ohs-instance-dir/config/OHS/ohs1/sec_db_files:
      ohs-install-dir/ohs/glassfish-lbplugin/lib/webserver-plugin/linux/apache2.2/*.db
    6. Add the following entry as the last line in ohs-instance-dir/config/OHS/ohs1/httpd.conf:
      include "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/gf.conf"
    7. Also in ohs-instance-dir/config/OHS/ohs1/httpd.conf, modify the worker MPM settings as follows:

      • Set StartServers to 1

      • Set MaxClients to 64

      • Set ThreadsPerChild to 64

    8. In ohs-instance-dir/config/OHS/ohs1/ssl.conf, set <VirtualHost *:4444>.
    9. Create a file named ohs-instance-dir/config/OHS/ohs1/gf.conf and add the following entries.

      In this code sample, note that lines that are too long for this publication are truncated with a space and backslash ( \). In cases where this truncation is used for a line, be sure to enter that line and the subsequent line in a single line in your configuration file.

      LoadModule apachelbplugin_module \
${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/ \
   modules/mod_loadbalancer.so
<IfModule apachelbplugin_module>
   config-file "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/ \
      ${COMPONENT_NAME}/loadbalancer.xml"
   locale en
</IfModule>
<VirtualHost *:7777>
DocumentRoot "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/htdocs"
ServerName myserver
</VirtualHost>

      Note - Replace port 7777 and ServerName with whatever values are used in your configuration.

    10. Copy the following file to ohs-instance-dir/config/OHS/ohs1:
      ohs-install-dir/ohs/glassfish-lbplugin/lib/dtds/glassfish-loadbalancer_1_3.dtd
    11. Generate a load-balancer.xml configuration file on GlassFish Server, and copy this file to ohs-instance-dir/config/OHS/ohs1.

      Use the export-http-lb-config subcommand to generate a load-balancer.xml file. See the export-http-lb-config(1) for more information.

    12. Start OHS.

      For example:

      ohs-instance-dir/bin/opmnctl startall

To Enable the Load Balancer Auto Apply Feature

This procedure is only required if you plan on using the load balancer Auto Apply feature with Oracle HTTP Server (OHS). The Auto Apply feature enables changes made to a configuration through the GlassFish Server Administration Console or from the command line with the apply-http-lb-changes(1) subcommand to be automatically sent over the wire to the web server configuration directory.

Before You Begin

Before proceeding with the instructions in this procedure, ensure the following:

  1. Export the GlassFish Server DAS certificate.

    Enter the following command on a single line:

    keytool -export -rfc -keystore domain-dir/config/keystore.jks
 -alias s1as -file glassfish.crt -storepass keystore-password
  2. Copy the glassfish.crt file to the directory of your choice on the OHS server.
  3. Add the GlassFish Server DAS certificate to the OHS keystore.

    Enter the following command on a single line:

    orapki wallet add
 -wallet ohs-instance-dir/config/OHS/ohs1/keystores/default/cwallet.sso
 -cert glassfish.crt -trusted_cert -auto_login_only

    Refer to the OHS documentation for more information about the orapki utility.

  4. Create a new file named ohs-instance-dir/config/OHS/ohs1/gf-admin.conf and add the following entries:
    # OHS Listen PortListen 5443

<VirtualHost *:5443>
  <IfModule ossl_module>
   #  SSL Engine Switch:
   #  Enable/Disable SSL for this virtual host.
   SSLEngine on

   #  Client Authentication (Type):
   #  Client certificate verification type and depth.  Types are
   #  none, optional and require.
   SSLVerifyClient require

   #  SSL Cipher Suite:
   #  List the ciphers that the client is permitted to negotiate
   #  (enter these ciper names on a single line).
   SSLCipherSuite SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,
   SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_DES_CBC_SHA,
   TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA

   # SSL Certificate Revocation List Check
   # Valid values are On and Off
   SSLCRLCheck Off

   #Path to the wallet (enter path on a single line).
   SSLWallet "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/
   ${COMPONENT_NAME}/keystores/default"
       
  </IfModule>

<Location /lbconfigupdate >
               SSLRequireSSL
               SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)-/ \
                       and %{SSL_CLIENT_S_DN_O} eq "Oracle Corporation" \
                       and %{SSL_CLIENT_S_DN_OU} eq "GlassFish" \
                       and %{SSL_CLIENT_M_SERIAL} eq <SERIAL NUMBER> )
</Location>

</VirtualHost>

    Note - Port 5443 is used in this example. This port can be changed to any port that is appropriate for your system. This same port must be used when running the create-http-lb subcommand.

  5. Update the <SERIAL NUMBER> entry in the new ohs-instance-dir/config/OHS/ohs1/gf-admin.conf file.
    1. Get the serial number from the glassfish.crt file.
      keytool -printcert -file path-name/glassfish.crt
    2. Replace <SERIAL NUMBER> in the gf-admin.conf file with the value from the glassfish.crt file.
    3. Convert the updated <SERIAL NUMBER> string in the gf-admin.conf file to all uppercase.
  6. Add the following line to the httpd.conf:
    include "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/gf-admin.conf"
  7. Stop and restart OHS.
Copyright © 2010, 2011, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous Next