Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
===========================
CHAPTER 1: Architettura Generale
===========================
1.1.
In questo capitolo lavoreremo con 4 servers distribuiti per creare due cluster orizzantali, per I
quali gli indirizzi IP e I nomi canonici sono i seguenti:
192.168.0.1
webserver
ws (Apache 2.2.x)
192.168.10.0
domain controller
dc (JBoss 7 / EAP6)
192.168.20.0
EAP6)
applicationserver
slave1 of dc (JBoss 7 /
192.168.30.0
EAP6)
applicationserver
slave2 of dc (JBoss 7 /
Naturalmente la stessa configurazione pu essere riutilizzata, invece che per un cluster verticale,
per un cluster orizzontale, ovvero dove tutte le varie istanza del dc, slaves e ws girano su
ununica macchina con risorse adeguate
1.2.
Abbiamo quindi due Apache Virtual hosts che bilanciano le richieste verso due diversi clusters
JBoss, ognuno dei quali consiste da two instances. Ogni istanza che partecipa ad un cluster gira
su una machina fisica diversa dallaltra, ma condivide la stessa macchina con unaltra istanza che
partecipa al secondo cluster.
A livello DNS, entrambi gli URLs www.application1.nl e www.application2.nl sono risolti dal
webserver Apache (bilanciatore), usando mod_cluster in combinazione con ajp (Apache JServ
Protocol) per reindirizzare le chiamate al cluster e sticky session per il bilanciamento corretto in
modalit statefull.
1.3.
Contenuti
=================================
CHAPTER 2: il Domain Controller
=================================
2.1.
Dopo aver scaricato JBoss EAP 6.2 e la Oracle JDK (jdk1.6.0_30.tar.gz) esegui quanto segue:
root@dc # cd /opt
root@dc # cp /tmp/jdk1.6.0_30.tar.gz /tmp/jboss-eap-6.2.zip .
root@dc # tar xfz jdk1.6.0_30.tar.gz ; unzip jboss-eap-6.2.zip
root@dc # ln -s jdk1.6.0_30.tar.gz jdk ; ln -s jboss-eap-6.2 jboss
root@dc # chown -R jboss:jboss jboss-eap-6.2
2.2.
Installare il domain-controller
con:
root@192.168.10.0:/opt# cat
/apps/jboss/192.168.10.0/configs/domain.properties
jboss.bind.address=192.168.10.0
jboss.bind.address.management=192.168.10.0
jboss.socket.binding.port-offset=0
jboss.config.dir=/apps/jboss/nlptc27b09
jboss.domain.log.dir=/var/log/jboss/nlptc27b09
jboss.domain.base.dir=/apps/jboss/profiles/nlptc27b09
jboss.domain.base.url=file:///apps/jboss/profiles/nlptc27b09
jboss.domain.master.address=192.168.10.0
jboss.domain.name=192.168.10.0
Che solo un modo per amministrare le caratteristiche del nostro DC pi pulito. Comunqueil
seguente processo dovrebbe essere in esecuzione:
provider org.jboss.as.host-controller -mp /opt/jboss/modules --pcaddress 127.0.0.1 --pc-port 46303 -default-jvm /opt/jdk/bin/java
--domain-config domain.xml --host-config=host.xml -P
file:///apps/jboss/192.168.10.0/configs/domain.properties
-Djboss.home.dir=/opt/jboss
2.3.
2.3.1
Hai bisogno di questo utente anche se vuoi accedere alla console di jboss-cli del DC da remoto
2.3.2
Lutente slaveuser viene usato dai nodi esterni (Slaves) per collegarsi al Domain Controller:
=====================================
CHAPTER 3: Installare gli slaves
=====================================
Inizia con un nome univoco (qui slave1) per ogni slave e ripeti questa operazione per quanti
slaves vuoi avere nella tua architettura Nota che gli slaves possono risiedere fisicamente
ovunque (ad esempio, per i production servers, da qualche altra parte su internet, o persino sul
tuo laptop). Il nome assegnato deve essere univoco (in ambiente di produzione si usa
solitamente il Fully Qualified Domain Name FQDN, che permette di avere architetture molto
estese e flessibili).
3.1.
3.2.
Darto che sar sempre la stessa cosa (con qualche variazione sul tema) per ogni slave, vediamo
come fare per lapplicationserver slave1 (192.168.20.0):
3.2.1.
Modificare host-slave.xml
<management>
<security-realms>
<security-realm name="ManagementRealm">
<server-identities>
<secret value="$
{jboss.domain.login.password}"/>
</server-identities>
<authentication>
<local default-user="$local"/>
<properties path="mgmt-users.properties"
relative-to="jboss.domain.config.dir"/>
</authentication>
</security-realm>
...
...
<security-realm name="ManagementRealm">
<server-identities>
<secret value="d2Vsa29t"/>
</server-identities>
<authentication>
<local default-user="$local"/>
<properties path="mgmt-users.properties"
relative-to="jboss.domain.config.dir"/>
</authentication>
</security-realm>
...
La secret quella fornita durante il passo 2.3.2. Adesso per rendere lAS slave del DC, apporta la
seguente modifica:
...
<domain-controller>
<remote host="${jboss.domain.master.address}" port="$
{jboss.domain.master.port:9999}" security-realm="ManagementRealm"
username="${jboss.domain.login.user}"/>
</domain-controller>
...
Usiamo delle variabili, perch abbiamo deciso di mettere in campo un file di properties che le
gestisce. (Attenzione a ${jboss.domain.login.user})
In alternativa si possono scrivere I valori direttamente.
Ma noi ci teniamo alla sicurezza, giusto ?
3.2.2.
Avviare lo slave.
con:
jboss.bind.address=192.168.20.0
jboss.bind.address.management=192.168.20.0
jboss.socket.binding.port-offset=0
jboss.domain.log.dir=/var/log/jboss/slave1
jboss.domain.master.address=192.168.10.0
jboss.domain.name=slave1
jboss.domain.login.user=slaveuser
jboss.domain.login.password=welkom
E si ottiene
3.2.3.
Lo slave connesso al domain controller quando puoi visualizzare slave1 come host nella jbosscli cos:
=================================
CHAPTER 4: Creare un nuovo profilo
=================================
4.1.
Dato che non (ancora) possibile copiare un profile con il JBoss client, lo faremo a mano:
<profile name="full-ha">
...
</profile>
<profile="cluster1">
...
</profile>
attenzione:
Le seguenti propriet della nostra architettura dovranno essere impostate a livello del profilo:
* Il nome del bilanciatore, essenzialmente quello che dovremo inserire nell Apache Virtual Host
tra i tags <Proxy> ... </Proxy>.
* Il jdbc-driver.
* Il datasource.
* configurazione del logging per il web system.
4.2.
Controlliamo se il profile c
Dopo aver modificato il file domain.xml del domain controller, restarare il DCte controllare se il
profilo appare sulla jboss-cli:
[domain@145.78.121.33:9999 /] ls -l /profile
cluster1
cluster2
default
full
full-ha
ha
Vediamo che abbiamo ripetuto il passo 4.1 con il cluster-name cluster2, visto che dobbiamo
configurare due clusters separati.
=============================================================
CHAPTER 5: Configurare larchitettura per un cluster funzionante
=============================================================
5.1.
Ricorda sempre che non stiamo facendo una mappatura 1 a 1, ma una configurazione
ortogonale della combinazione profilo + server-group.
#
# Setting the balancer name in the profile
#
/profile=cluster1/subsystem=modcluster/mod-clusterconfig=configuration:write-attribute(name=balancer,
value="cluster1")
#
# Creating the server group
#
#
# Creating JDBC Driver entries and datasource entry for cluster1
# Datasource definition shown for Oracle
#
/profile=cluster1/subsystem=datasources/jdbcdriver=mysql:add(driver-name="mysql",driver-modulename="com.mysql")
/profile=cluster1/subsystem=datasources/jdbcdriver=oracle:add(driver-name="oracle",driver-modulename="com.oracle.ojdbc6")
data-source --name=cluster1_DS \
--connectionurl="jdbc:oracle:thin:@databaseserver:port:database" \
--jndi-name="java:jboss/cluster1_DS" \
--driver-name="oracle" \
--user-name="cluster1_appl" --password="password" \
--use-java-context="true" \
--min-pool-size="0" \
--max-pool-size="64" \
--idle-timeout-minutes="30" \
--background-validation="false" \
--background-validation-millis="1" \
--validate-on-match="true" \
--allocation-retry="0" \
--share-prepared-statements="false" \
--set-tx-query-timeout="false" \
--query-timeout="0" \
--use-try-lock="0" \
--url-delimiter="|" \
--profile=cluster1 add
#
# Creating application properties entry (if needed of course)
#
/server-group=cluster1-server-group/systemproperty=PROPERTY_FILE:add(value="/home/jboss/data/cluster1.proper
ties")
#
# Creating proxy-list for modcluster
#
/profile=cluster1/subsystem=modcluster/mod-clusterconfig=configuration:write-attribute(name=proxy-list,
value=192.168.0.1:80)
#
# Creating access log entry
#
/profile=cluster1/subsystem=web/virtual-server=defaulthost/access-log=configuration:add(extended=false, pattern="%a %t
%H %p %U %s ", prefix=false, resolve-hosts=false, rotate=true
Certo ci potrebbero essere molte alter direttive (puoi mettere quello che credi), a questo punto:
root@dc # cd /opt/jboss/bin
root@dc # /jboss-cli.sh --controller=192.168.10.0 --connect
--file=/tmp/cluster1.cli
5.2.
Un server-group contiene molteplici server-configs, che sono un sinonimo dei nodi cluster nei
bei vecchi tempi andati. Questi server-configs possono essere lanciati ovunque ci sia un JBoss
slave installato. Se non lhai ancora fatto, segui il passo 3.2.3 e controlla se lo slave presente.
Quindi (sempre con jboss-cli):
{
"outcome" => "success",
"result" => undefined
}
5.3.
[domain@192.168.10.0:9999 /] /host=slave1/serverconfig=node11:start
{
"outcome" => "success",
"result" => "STARTING"
}
|-- accesslog
|-- boot.log
`-- access_log.2013-02-13
|-- server.log
`-- server.log.2013-02-11
`-- tmp
5.4.
[domain@192.168.10.0:9999 /]
/profile=cluster1/subsystem=datasources/datasource=cluster1_DS:enable
{
"outcome" => "success",
"result" => undefined,
"server-groups" => {"cluster1-server-group" => {"host" =>
{"slave1" => {"node11" => {"response" => {
"outcome" => "success",
"result" => undefined
}}}}}}
}
[domain@192.168.10.0:9999 /]
/host=slave1/server=node11/subsystem=datasources/datasource=cluster1_DS:test-connection-in-pool
{
"outcome" => "success",
"result" => [true]
=================================================
CHAPTER 6: Deployare e testare le applicazioni
=================================================
6.1.
Deployare unapplicazione
[domain@192.168.10.0:9999 /] deploy
groups=cluster1-server-group
/tmp/testapp.war --server-
Seguire i logfiles su uno dei nodi del cluster1-server-group (node11 sarebbe una buona scelta)/
6.2.
Testare lapplicazione
=====================================
CHAPTER 7: di cosa non abbiamo parlato
=====================================
In questo tutorial abbiamo visto solo il modo facile di configurare cluster e/o
architetture clusterlike in esecuzione su un domain cluster (server-configs).
Non ci siamo addentrati nei meandri dell hibernazione, messaggistica, ecc.
===========================================
CHAPTER 8: Bilanciamento (mod-cluster e sticky-session)
===========================================
8.1. Downloading del pacchetto binary mod_cluster 1.1.1:
ws # unzip /tmp/mod_cluster-1.1.1.Final-linux2-x64-ssl.tar.gz
ws # cd /tmp/opt/jboss/httpd/
ws # cp lib* /distr/jboss-ews/httpd/lib
ws # cd httpd/modules
ws # cp -p mod_advertise.so mod_jk.so mod_manager.so /distr/jbossews/httpd/modules
ws # cp -p mod_proxy_cluster.so mod_slotmem.so /distr/jbossews/httpd/modules
8.2. Creare un file cluster.conf
Il nostro file di configurazione httpd.conf legge le regole da altri files attraverso una direttiva
"Include conf.d/*.conf" allinterno del file http.conf stesso. E possibile che alcune versioni di
Apache non abbiano una cartella conf.d/, ma questo non deve essere un impedimento, baste
crearla e dotarla dei permessi necessary. Quindi baster aggiungere la direttiva
Include conf.d/*.conf
allinterno del file httpd.conf
LoadModule
LoadModule
LoadModule
LoadModule
LoadModule
LoadModule
LoadModule
proxy_module modules/mod_proxy.so
proxy_ajp_module modules/mod_proxy_ajp.so
slotmem_module modules/mod_slotmem.so
manager_module modules/mod_manager.so
proxy_cluster_module modules/mod_proxy_cluster.so
advertise_module modules/mod_advertise.so
rewrite_module modules/mod_rewrite.so
Inseriamo per ogni virtual host una direttiva di inclusione per le configurazioni (che risiedono nel
nostro sistema in ${APACHE_HOME}/conf/virtual_hosts/.
NameVirtualHost *:80
#
# Include various virtual host configurations
#
Include "conf/virtual_hosts/jboss.conf"
Include "conf/virtual_hosts/application1.conf"
Include "conf/virtual_hosts/application2.conf
8.4. jboss.conf, un virtual host dummy
<VirtualHost *:80>
<Directory />
Order deny,allow
Allow from all
</Directory>
<Location /mcm>
SetHandler mod_cluster-manager
Order deny,allow
Allow from 192.168
</Location>
KeepAliveTimeout 60
MaxKeepAliveRequests 0
ManagerBalancerName testcluster
AdvertiseFrequency 5
ServerAdvertise On
EnableMCPMReceive
</VirtualHost>
Attenzione:
application1.conf:
=================
<VirtualHost *:80>
ServerAdmin unix@tntpost.nl
DocumentRoot /apps/www.application1.nl/data
ServerName www.application1.nl:80
ErrorLog logs/www.application1.nl-error_log
CustomLog logs/www.application1.nl-access_log combined
LogLevel debug
ProxyPass / balancer://cluster1/application1
stickysession=JSESSIONID|jsessionid nofailover=On
ProxyPassReverse / balancer://cluster1/application1
</VirtualHost>
application2.conf:
=================
<VirtualHost *:80>
ServerAdmin unix@tntpost.nl
DocumentRoot /apps/www.application2.nl/data
ServerName www.application2.nl:80
ErrorLog logs/www.application2.nl-error_log
CustomLog logs/www.application2.nl-access_log combined
LogLevel debug
ProxyPass / balancer://cluster2/application2
stickysession=JSESSIONID|jsessionid nofailover=On
ProxyPassReverse / balancer://cluster2/
</VirtualHost>
=============================================================
CHAPTER 9: Configurazione attraverso ununico script da console
jboss-cli
==============================================================
/host=master/server-config=server-three:remove
/server-group=main-server-group:remove
/server-group=other-server-group:remove
#add the main-server group and the server which handle the standalone client requests
/server-group=quickstart-ejb-multi-main-server:add(profile=full,socket-binding-group=full-sockets)
/server-group=quickstart-ejb-multi-main-server/jvm=default:add()
/host=master/server-config=app-main:add(auto-start=true, group=quickstart-ejb-multi-main-server)
#add the app-server group and the servers for the destination application
# app-one will be a clustered application, so use HA and add two servers
/server-group=quickstart-ejb-multi-appOne-server:add(profile=ha,socket-binding-group=ha-sockets)
/server-group=quickstart-ejb-multi-appOne-server/jvm=default:add()
/host=master/server-config=app-oneA:add(auto-start=true, group=quickstart-ejb-multi-appOneserver, socket-binding-port-offset=100)
/host=master/server-config=app-oneB:add(auto-start=true, group=quickstart-ejb-multi-appOneserver, socket-binding-port-offset=700)
# app two is not a clustered application, so use default profile
/server-group=quickstart-ejb-multi-appTwo-server:add(profile=default,socket-binding-group=standardsockets)
/server-group=quickstart-ejb-multi-appTwo-server/jvm=default:add()
/host=master/server-config=app-twoA:add(auto-start=true, group=quickstart-ejb-multi-appTwoserver, socket-binding-port-offset=200)
/host=master/server-config=app-twoB:add(auto-start=true, group=quickstart-ejb-multi-appTwoserver, socket-binding-port-offset=800)
# add an alias for app2 bean to demonstrate how to avoid direct dependency to destination app name
/profile=full/subsystem=naming/binding=java\:global\/AliasAppTwo:add(binding-type=lookup,
lookup="ejb:jboss-ejb-multi-server-app-two/ejb//AppTwoBean!
org.jboss.as.quickstarts.ejb.multi.server.app.AppTwo")
# --- add an additional server and group for web application only
# create a new profile
/profile=default-web:add()
/profile=default-web/subsystem=logging:add()
/profile=default-web/subsystem=logging/periodic-rotating-file-handler=FILE:add(file={"relativeto"=>"jboss.server.log.dir", "path"=>"server.log"},append=true,suffix=.yyyy-MMdd,formatter="%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%E%n")
/profile=default-web/subsystem=logging/logger=com.arjuna:add(level=WARN)
/profile=default-web/subsystem=logging/logger=org.apache.tomcat.util.modeler:add(level=WARN)
/profile=default-web/subsystem=logging/logger=sun.rmi:add(level=WARN)
/profile=default-web/subsystem=logging/logger=jacorb:add(level=WARN)
/profile=default-web/subsystem=logging/logger=jacorb.config:add(level=ERROR)
/profile=default-web/subsystem=logging/root-logger=ROOT:add(level=INFO,handlers=["FILE"])
/profile=default-web/subsystem=configadmin:add()
/profile=default-web/subsystem=ee:add(spec-descriptor-property-replacement=false,jboss-descriptorproperty-replacement=true)
/profile=default-web/subsystem=ejb3:add()
/profile=default-web/subsystem=ejb3:write-attribute(name=default-slsb-instance-pool,value=slsbstrict-max-pool)
/profile=default-web/subsystem=ejb3:write-attribute(name=default-sfsb-cache,value=simple)
/profile=default-web/subsystem=ejb3:write-attribute(name=default-stateful-bean-access-timeout,
value=5000)
/profile=default-web/subsystem=ejb3:write-attribute(name=default-singleton-bean-access-timeout,
value=5000)
/profile=default-web/subsystem=ejb3/strict-max-bean-instance-pool=slsb-strict-max-pool:add(maxpool-size=20,timeout=5,timeout-unit=MINUTES)
/profile=default-web/subsystem=ejb3/strict-max-bean-instance-pool=mdb-strict-max-pool:add(maxpool-size=20,timeout=5,timeout-unit=MINUTES)
/profile=default-web/subsystem=ejb3/cache=simple:add(aliases=["NoPassivationCache"])
/profile=default-web/subsystem=ejb3/cache=passivating:add(passivationstore=file,aliases=["SimpleStatefulCache"])
/profile=default-web/subsystem=ejb3/file-passivation-store=file:add
/profile=default-web/subsystem=ejb3/service=async:add(thread-pool-name=default)
/profile=default-web/subsystem=ejb3/service=timer-service:add(default-data-store="default-filestore",thread-pool-name="default")
/profile=default-web/subsystem=ejb3/service=timer-service/file-data-store="default-filestore":add(path="timer-service-data",relative-to="jboss.server.data.dir")
/profile=default-web/subsystem=ejb3/service=remote:add(connector-ref=remoting-connector,threadpool-name=default)
/profile=default-web/subsystem=ejb3/thread-pool=default:add(max-threads=10,keepalivetime={"time"=>"100","unit"=>"MILLISECONDS"})
/profile=default-web/subsystem=jca:add()
/profile=default-web/subsystem=jca/archive-validation=archive-validation:add(enabled=true, fail-onerror=true, fail-on-warn=false)
/profile=default-web/subsystem=jca/bean-validation=bean-validation:add(enabled=true)
/profile=default-web/subsystem=jca/cached-connection-manager=cached-connectionmanager:add(install=true)
/profile=default-web/subsystem=jca/workmanager=default:add(name=default)
/profile=default-web/subsystem=jca/workmanager=default/short-running-threads=default:add(corethreads=50,queue-length=50,max-threads=50,keepalive-time={"time"=>"10",
"unit"=>"SECONDS"})
/profile=default-web/subsystem=jca/workmanager=default/long-running-threads=default:add(corethreads=50,queue-length=50,max-threads=50,keepalive-time={"time"=>"10",
"unit"=>"SECONDS"})
/profile=default-web/subsystem=naming:add()
# remove this command if a 7.1.1 server is used
/profile=default-web/subsystem=naming/service=remote-naming:add
/profile=default-web/subsystem=remoting:add()
/profile=default-web/subsystem=remoting/connector=remoting-connector:add(socketbinding=remoting, security-realm=ApplicationRealm)
# add the outbound connections to the remoting subsystem of the profile used by to connect the app
servers
# it might not necesarry to use a different name for 'outbound-socket-binding-ref', it is just to show the
different configuration
/profile=default-web/subsystem=remoting/remote-outbound-connection=remote-connection-war-ejb1:add(outbound-socket-binding-ref=remote-war-1, security-realm=ejb-security-realm-1,
username=quickuser1)
/profile=default-web/subsystem=remoting/remote-outbound-connection=remote-connection-war-ejb1/property=SASL_POLICY_NOANONYMOUS:add(value=false)
/profile=default-web/subsystem=remoting/remote-outbound-connection=remote-connection-war-ejb1/property=SSL_ENABLED:add(value=false)
/profile=default-web/subsystem=remoting/remote-outbound-connection=remote-connection-war-ejb2:add(outbound-socket-binding-ref=remote-war-2, security-realm=ejb-security-realm-2,
username=quickuser2)
/profile=default-web/subsystem=remoting/remote-outbound-connection=remote-connection-war-ejb2/property=SASL_POLICY_NOANONYMOUS:add(value=false)
/profile=default-web/subsystem=remoting/remote-outbound-connection=remote-connection-war-ejb2/property=SSL_ENABLED:add(value=false)
/profile=default-web/subsystem=security:add
/profile=default-web/subsystem=security/security-domain=other:add(cache-type=default)
/profile=default-web/subsystem=security/security-domain=other/authentication=classic:add(loginmodules=[{"code"=>"Remoting","flag"=>"optional","module-options"=>[("passwordstacking"=>"useFirstPass")]},{"code"=>"RealmDirect","flag"=>"required","moduleoptions"=>[("password-stacking"=>"useFirstPass")]}])
/profile=default-web/subsystem=security/security-domain=jboss-web-policy:add(cache-type=default)
/profile=default-web/subsystem=security/security-domain=jboss-webpolicy/authorization=classic:add(policy-modules=[{"code"=>"Delegating","flag"=>"required"}])
/profile=default-web/subsystem=threads:add
/profile=default-web/subsystem=transactions:add(socket-binding=txn-recovery-environment, statussocket-binding=txn-status-manager, default-timeout=300, process-id-uuid=true)
/profile=default-web/subsystem=web:add(default-virtual-server=default-host,native=false)
/profile=default-web/subsystem=web/connector=http:add(protocol=HTTP/1.1, scheme=http, socketbinding=http)
/profile=default-web/subsystem=web/virtual-server=default-host:add(enable-welcome-root=true,
alias=["localhost","example.com"])
/socket-binding-group=standard-sockets-web:add(default-interface=public)
/socket-binding-group=standard-sockets-web/socket-binding=http:add(port=8080)
/socket-binding-group=standard-sockets-web/socket-binding=remoting:add(port=4447)
/socket-binding-group=standard-sockets-web/socket-binding=txn-recoveryenvironment:add(port=4712)
/socket-binding-group=standard-sockets-web/socket-binding=txn-status-manager:add(port=4713)
# add the socket binding for connection to app-one, app-two
/socket-binding-group=standard-sockets-web/remote-destination-outbound-socket-binding=remotewar-1:add(host=localhost, port=4547)
/socket-binding-group=standard-sockets-web/remote-destination-outbound-socket-binding=remotewar-2:add(host=localhost, port=4647)
/server-group=quickstart-ejb-multi-appWeb-server:add(profile=default-web,socket-bindinggroup=standard-sockets-web)
/server-group=quickstart-ejb-multi-appWeb-server/jvm=default:add()
/host=master/server-config=app-web:add(auto-start=true, group=quickstart-ejb-multi-appWeb-server,
socket-binding-port-offset=300)
run-batch
# without restart, outside the batch, there are different problems
:restart-servers
# finally start the configured servers
/host=master/server-config=app-oneA:start
/host=master/server-config=app-oneB:start
/host=master/server-config=app-twoA:start
/host=master/server-config=app-twoB:start
/host=master/server-config=app-main:start
/host=master/server-config=app-web:start