Admin Infrastructure• The primary function of the administration infrastructure is to manage configurations from a central location.• Configurations can be distributed to one or Administration more Administration Nodes. Infrastructure• Administration framework provides enhanced distributed management across servers in a server farm.• Robust administration capabilities enable Web Servers to be managed and deployed remotely.• Admin Infrastructure facilitates Monitoring Manage and lifecycle management of server instances. Configuration
Admin ServerWhat is it• The Administration Server is a specialized Web Server instance that is used to manage Admin Infrastructure configuration data on one or more Administration Nodes. Admin Admin Admin Infrastructure Server NodeHow is it Accessed• Administrators access the Administration Server through either a graphical user interface(Admin Console) or a command-line interfaceWhat is the Purpose• To perform various operations that manage configuration data and lifecycles of webservers. ManageWhat Tasks are handled• Tasks include such as deploying configurations to the Administration Node and creating server instances. It also includes starting and stopping the instances and gathering instance data for monitoring purposes. Configuration
Admin NodeWhat is it• Administration Node is deployed on a node or a Admin Infrastructure server/host within a server farm and has the ability to communicate with the remote Administration Server Admin Admin• Each Administration Node contains a special Web Admin Infrastructure Server Node Server instance that is used by the Administration Server to control the Administration Node.• An Administration Node can contain zero or more Web Server instancesHow is it Accessed Manage• You cannot directly access the administrative instance on an Administration Node because this instance is reserved for the Administration Server Configuration
Admin InfrastructureRelationship:• There is a master/ slave relationship between Admin Infrastructure the Administration Server and Administration Node that it has been configured to manage. Admin AdminCommunication: Admin Infrastructure Server Node• All communication between the Administration Server and the Administration Node is transmitted securely over SSL and takes place across a special administrative interface.Awareness: Manage• Registration of an administration Node with an Administration Server will make the Administration Server aware of that Administration Node.• A node can be registered only from the same node . You cannot go to the CLI of the Configuration administration server and register any node.
Admin InfrastructureTrust Establishment:• The Administration Server and Administration Node authenticate each other by the Admin Infrastructure Administration Server trusting the Administration Nodes server certificate and the Administration Node trusting the client certificate presented by Admin Admin the Administration Server. Admin Infrastructure Server Node• During registration of an Administration Node, the Administration Server will generate a server certificate for that Administration Node, which is then downloaded and installed on the Administration Node. The issuer of the server certificate is also installed on the Administration Node. Manage Configuration
ConfigurationWhat is Configuration Admin InfrastructureA configuration is a set of meta-data that is used toconfigure the runtime services of a iPlanet Web Server Admin Admin Admininstance. Infrastructure Server NodeWhere is it StoredConfiguration data for each Web Server instance is Managestored in a centralized repository on theAdministration Server and distributed (or deployed) toeach Administration Node.Who uses the ConfigurationThe configuration metadata is used by the serverruntime to load built-in services, third party plug-insand setup other server extensions such as databasedrivers for serving web pages and dynamic web Configurationapplications.How is the Configuration managedA Configuration can be created, modified or deletedusing Command Line Interface or the web basedadministration interface.
ConfigurationWhat is Configuration Store Admin InfrastructureAll the Configuration related files are stored in arepository in Administration server’s file system called as Admin Admin AdminConfiguration Store. The Configuration Store can be Infrastructure Server Nodefound in the following location: install_dir/admin-server/config-store ManageWhen is Initial Configuration Created & its useDuring installation of the Administration Server, an initialconfiguration is created and stored beneath the abovedirectory with a name reflective of the server’shostname and domain name.This configuration is used to create the default WebServer instance that is included with the AdministrationServer ConfigurationWhere is new Configuration StoredEach new configuration is stored in a separatesubdirectory beneath the Configuration Store as follows: install_dir/admin-server/config-store/configname
ConfigurationWhen is Backup created Admin InfrastructureDuring the deployment process, a copy of the previousconfiguration (prior to the deployment) is captured and Admin Admin Adminsaved in the Configuration Store beneath the following Infrastructure Server Nodedirectory:install_dir/admin-server/config-store/configname/backup ManageHow is the Data kept in SyncWhen you deploy a configuration, the entire webapplication directory and configuration directory underconfig-store is zipped up and copied to the serverinstance directory.When you deploy a Configuration to a Node, anInstance of that Configuration is created.When is Data not in Sync and how is it Detected ConfigurationConfiguration files that are edited and altered directlyon a particular Administration Node are no longersynchronized with those in the Configuration Store.NonSync data are detected by the AdministrationServer and noted in the graphical administrativeinterface
ConfigurationWhat can be done with Non Sync Data Admin Infrastructure• Changes can be pulled from Administration Node Admin Admin and the copies in the Configuration Store can be Admin updated, or Infrastructure Server Node• Changes can be overwritten in the Adminstration Node with those contained in the Configuration Store. ManageIf changes are pulled from Administration Node, thecorresponding files in the Configuration Store areupdated and redeployed to other servers that are partof the cluster. Configuration
Configuration• configuration files (such as magnus.conf, Admin Infrastructure server.xml, and obj.conf), Admin Admin Admin• web applications that have been deployed to the server instance, Infrastructure Server Node• search engine collections, and• shared objects for implementing built-in services and third-party NSAPI plug-ins Manage that have been installed in the Web Server instance.• Configuration also refers to the set of metadata that configures the runtime Search services of the server. Configuration Engine Files Collections Configuration Web WebServer Applications Shared Objects
Instances & ClusterWhat is an Instance• Instance refers to the environment of a web server on a given node, including its configuration, log files and other runtime artifacts such as lock databases, caches and temporary files.• For management purposes, an instance can be started, stopped, restarted, or dynamically re-configured.What does Instance do• Provides content to HTTP/S user agents (such as web browsers).When are Instances Created• Instances are created when a configuration is deployed to the Administration Node by the Administration Server.• When you first install the Administration Node, it has zero instances configured. It is not until you deploy a configuration to the node that you get your first Web Server instance.What is a Cluster• A cluster is a set of instances, spanning across one or more nodes, all running identical configuration and offering an identical set of runtime services.Why are clusters used• All instances in a cluster work together to provide high availability, reliability, and scalability.What is the Criteria for the instances in the cluster• All the instances in a cluster are required to be homogeneous. For example they run on an identical operating system version (and patches) and service packs, run an identical web server configuration and offer identical services.
Sample Deployment• Administration can be done using – Admin Console – wadm Command Line• We have Single Administration Server managing the configuration.• We have Admin Node running in each host.• Configurations: – We have three configurations present • site1.example.com • site2.example.com • site3.example.com – Two configurations are deployed to a cluster. • site1.example.com • site2.example.com – One configuration is deployed to a single instance. • site3.example.com
Config Files• The configuration and behavior of Web Server is determined by a set of configuration files.• You can use the Admin Console and the command-line interface (CLI) to change the magnus. configuration file settings. You can also conf manually edit these files. server.• Each server instance has its own directory, xml called instance-dir in this document. obj.conf• The instance-dir/config directory contains configuration files for the Web Server mime. Admin Infrastructure components. The exact number and names of types the configuration files depend on the Trust DB components that have been enabled or loaded Files into the server. server. policy certmap. conf
Config Files – magnus.conf• Request Processing functionality is provided by Server Application Functions (SAFs).• Default Request processing functionality can be changed by using the directives. Each Directive magnus. references a SAF that is used to perform the work during the particular stage of Request Processing. conf server.• Extend the functionality of the server by creating xml shared libraries or plugins through NSAPI.• These plugins must be registered with the Web obj.conf server. This registration is accomplished with the Init directive in the magnus.conf file. Once registered, the mime. Admin Infrastructure functions defined in the plugins can be used to types modify the request processing process. Trust DB• Directives may also contain additional settings that Files control the way the NSAPI plug-ins are run. server.• The magnus.conf file is read when the instance is policy started; therefore, any changes made to the certmap. magnus.conf file require a server restart for the conf changes to take effect.
Config Files – magnus.conf• The magnus.conf file is validated at start-up time. Errors found within the file might prevent the server from starting or processing requests properly. magnus. conf• Each instance can contain only one magnus.conf file; therefore, there is a one-to-one correspondence server. between an instance and the magnus.conf file. The xml directives defined within the magnus.conf file apply to the entire server instance and therefore any virtual obj.conf servers defined within that instance. mime. Admin Infrastructure types Trust DBSample magnus.conf File Files Init fn="load-modules"now)” server. Init fn=”load-modules” shlib=”libfastcgi.so” policy Init fn=”load-modules” shlib=”/sun/webserver7/plugins/myplugin/myplugin certmap. .so” funcs=”myfunc1,myfunc2” conf
Config Files – server.xml• The server.xml file is the main configuration file for a Web Server instance.• It contains initial values for listen sockets, virtual servers, and other components that were configured magnus. during the installation process and some default settings that allow the Web Server to work conf immediately after installation. server. xml• Server.xml document contains a hierarchy of elements and values obj.conf• Each instance can contain only one server.xml file; therefore, there is a one-to one correspondence mime. Admin Infrastructure between an instance and the server.xml file. types• The server.xml file contains definitions for each Trust DB virtual server contained within the instance, so there Files is a one-to-many relationship between the server.xml server. file and virtual servers. policy• You can use the -configtest option to the startserv certmap. script to validate the server.xml file before you stop conf the server. This enables you to detect errors to the file without impacting a running server instance.
Config Files – obj.conf• The obj.conf (or object configuration) file contains instructions or directives on how to process HTTP client requests. This file consists of various directives that map directly to magnus. request processing stages and enable the Web conf Server to process client requests. server.• Each directive invokes a SAF with one or more xml arguments. obj.conf• The object configuration file is read when the instance is started or when a dynamic mime. reconfiguration is performed. The syntax for Admin Infrastructure types the directives and parameters contained in the Trust DB object configuration file is validated within the Files start-up or reconfiguration code base. They are not validated against a schema such as the server. server.xml file. policy certmap. conf
Config Files – obj.conf• Each Virtual Server can have its own Object Configuration file. This is defined in the <object- file> element in server.xml file.• By having different Object Configuration files for magnus. each virtual server provides the flexibility to conf process requests differently for each virtual server. <virtual-server> server. <name>www.zeroproductionincidents.wordpress.com</name> xml <http-listener-name>http-listener-1</http-listener-name> <host>www.wordpress.com</host> obj.conf <object-file>www.zeroprodincidents-obj.conf</object-file> <document-root> /export/home/zeroprodincidents/public_html mime. Admin Infrastructure </document-root> types <access-log> <file>/export/home/zeroprodincidents/logs/access</file> Trust DB </access-log> </virtual-server> Files server.• When the Web Server receives a request, it uses policy information contained within the server.xml file to certmap. select an appropriate virtual server. It then uses the conf file specified by the <object-file> element to determine how to process the request.
Config Files – mime.types• mime.types file contains mappings between file extensions and MIME types. This file is utilized during request processing to tell the server what type of resource is being requested. magnus.• The mime.types file contains a series of associations that helps the instance identify the request type and conf subsequently understand how to process the server. request. xml• It bases this information on the extension of the obj.conf resource (such as .txt, .html, or .cgi) and associates a type, language, or encoding method based on the extension. mime. Admin Infrastructure types• Each Virtual server can have its own mime.types file Trust DB and can be associated using <mime-file> element in the server.xml file. Files server. policy certmap. conf
Config Files – Trust DB Files• The Web Server stores security-based information in three Network Security Services (NSS) libdbm database files as follows: – cert8.db—Stores publicly accessible magnus. objects (such as certificates, certificate conf revocation lists, and S/MIME records) server. – key3.db—Stores the private keys generated xml by the server – secmod.db—Stores PKCS #11 module obj.conf configuration information mime. Admin Infrastructure types Trust DB Files server. policy certmap. conf
Config Files – server.policy• Each Web Server instance has its own standard Java Platform, Standard Edition (Java SE platform) server policy file named server.policy.• The server policy file controls the access that magnus. applications have to the resources such as files on the file system. conf server. xml obj.conf mime. Admin Infrastructure types Trust DB Files server. policy certmap. conf
Config Files – certmap.conf• Web Server 7 can be configured to allow client authentication through the use of an X.509 digital certificate. This can be performed under the SSL settings for a particular HTTP listener. magnus. conf server. xml obj.conf mime. Admin Infrastructure types Trust DB Files server. policy certmap. conf