iplanet basics

Oracle iPlanet Webserver

Basics

ZeroProductionIncidents.wordpress.com


Topics Covered

• Admin Infrastructure– Administration Server– Administration Node

• Configuration• Instances & Cluster• Config Files

– magnus.conf– server.xml– obj.conf– mime.types– Trust Database files– Server.policy– certmap.conf


Administration

Admin Infrastructure

Configuration

Manage



Administration Infrastructure

Configuration

Manage

• The primary function of the administration infrastructure is to manage configurations from a central location.

• Configurations can be distributed to one or more Administration Nodes.

• Administration framework provides enhanced distributed management across servers in a server farm.

• Robust administration capabilities enable Web Servers to be managed and deployed remotely.

• Admin Infrastructure facilitates Monitoring and lifecycle management of server instances.


Admin Server


Configuration

Manage

Admin Server

Admin Node


What is it• The Administration Server is a specialized Web

Server instance that is used to manage configuration data on one or more Administration Nodes.

How is it Accessed• Administrators access the Administration Server

through either a graphical user interface(Admin Console) or a command-line interface

What is the Purpose• To perform various operations that manage

configuration data and lifecycles of webservers.

What Tasks are handled• Tasks include such as deploying configurations to

the Administration Node and creating server instances. It also includes starting and stopping the instances and gathering instance data for monitoring purposes.


Admin Node


Configuration

Manage

Admin Server

Admin Node


What is it• Administration Node is deployed on a node or a

server/host within a server farm and has the ability to communicate with the remote Administration Server

• Each Administration Node contains a special Web Server instance that is used by the Administration Server to control the Administration Node.

• An Administration Node can contain zero or more Web Server instances

How is it Accessed• You cannot directly access the administrative

instance on an Administration Node because this instance is reserved for the Administration Server




Configuration

Manage

Admin Server

Admin Node


Relationship:• There is a master/ slave relationship between

the Administration Server and Administration Node that it has been configured to manage.

Communication:• All communication between the

Administration Server and the Administration Node is transmitted securely over SSL and takes place across a special administrative interface.

Awareness:• Registration of an administration Node with an

Administration Server will make the Administration Server aware of that Administration Node.

• A node can be registered only from the same node . You cannot go to the CLI of the administration server and register any node.




Configuration

Manage

Admin Server

Admin Node


Trust Establishment:• The Administration Server and Administration

Node authenticate each other by the Administration Server trusting the Administration Node's server certificate and the Administration Node trusting the client certificate presented by the Administration Server.

• During registration of an Administration Node, the Administration Server will generate a server certificate for that Administration Node, which is then downloaded and installed on the Administration Node. The issuer of the server certificate is also installed on the Administration Node.


Configuration


Configuration

Manage

Admin Server


Admin Node

What is Configuration

A configuration is a set of meta-data that is used to configure the runtime services of a iPlanet Web Server instance.

Where is it Stored

Configuration data for each Web Server instance is stored in a centralized repository on the Administration Server and distributed (or deployed) to each Administration Node.

Who uses the Configuration

The configuration metadata is used by the server runtime to load built-in services, third party plug-ins and setup other server extensions such as database drivers for serving web pages and dynamic web applications.

How is the Configuration managed

A Configuration can be created, modified or deleted using Command Line Interface or the web based administration interface.


Configuration


Configuration

Manage

Admin Server


Admin Node

What is Configuration StoreAll the Configuration related files are stored in a repository in Administration server’s file system called as Configuration Store. The Configuration Store can be found in the following location:

install_dir/admin-server/config-store

When is Initial Configuration Created & its useDuring installation of the Administration Server, an initial configuration is created and stored beneath the above directory with a name reflective of the server’s hostname and domain name. This configuration is used to create the default Web Server instance that is included with the Administration Server

Where is new Configuration StoredEach new configuration is stored in a separate subdirectory beneath the Configuration Store as follows: install_dir/admin-server/config-store/configname


Configuration


Configuration

Manage

Admin Server

Admin Infrastructure Admin Node

When is Backup createdDuring the deployment process, a copy of the previous configuration (prior to the deployment) is captured and saved in the Configuration Store beneath the following directory:install_dir/admin-server/config-store/configname/backup

How is the Data kept in SyncWhen you deploy a configuration, the entire web application directory and configuration directory under config-store is zipped up and copied to the server instance directory.When you deploy a Configuration to a Node, an Instance of that Configuration is created.

When is Data not in Sync and how is it DetectedConfiguration files that are edited and altered directly on a particular Administration Node are no longer synchronized with those in the Configuration Store.NonSync data are detected by the Administration Server and noted in the graphical administrative interface


Configuration


Configuration

Manage

Admin Server


Admin Node

What can be done with Non Sync Data• Changes can be pulled from Administration Node

and the copies in the Configuration Store can be updated, or

• Changes can be overwritten in the Adminstration Node with those contained in the Configuration Store.

If changes are pulled from Administration Node, the corresponding files in the Configuration Store are updated and redeployed to other servers that are part of the cluster.


Configuration


Configuration

Manage

Admin Server

Admin Infrastructure• configuration files (such as magnus.conf, server.xml, and obj.conf),

• web applications that have been deployed to the server instance,

• search engine collections, and • shared objects for implementing built-in

services and third-party NSAPI plug-ins that have been installed in the Web Server instance.

• Configuration also refers to the set of metadata that configures the runtime services of the server.

Admin Node

Configuration Files

Web Applications

Search Engine

Collections

WebServer Shared Objects


Instances & ClusterWhat is an Instance• Instance refers to the environment of a web server on a given node, including its configuration, log files and

other runtime artifacts such as lock databases, caches and temporary files.• For management purposes, an instance can be started, stopped, restarted, or dynamically re-configured.

What does Instance do• Provides content to HTTP/S user agents (such as web browsers).

When are Instances Created• Instances are created when a configuration is deployed to the Administration Node by the Administration

Server.• When you first install the Administration Node, it has zero instances configured. It is not until you deploy a

configuration to the node that you get your first Web Server instance.

What is a Cluster• A cluster is a set of instances, spanning across one or more nodes, all running identical configuration and

offering an identical set of runtime services.

Why are clusters used• All instances in a cluster work together to provide high availability, reliability, and scalability.

What is the Criteria for the instances in the cluster• All the instances in a cluster are required to be homogeneous. For example they run on an identical operating

system version (and patches) and service packs, run an identical web server configuration and offer identical services.


Administration Framework


Sample Deployment• Administration can be done using

– Admin Console

– wadm Command Line

• We have Single Administration Server managing the configuration.

• We have Admin Node running in each host.

• Configurations:– We have three configurations present

• site1.example.com



– Two configurations are deployed to a cluster.



– One configuration is deployed to a single instance.



Config Files• The configuration and behavior of Web Server

is determined by a set of configuration files.

• You can use the Admin Console and the command-line interface (CLI) to change the configuration file settings. You can also manually edit these files.

• Each server instance has its own directory, called instance-dir in this document.

• The instance-dir/config directory contains configuration files for the Web Server components. The exact number and names of the configuration files depend on the components that have been enabled or loaded into the server.


server.xml

magnus.conf

obj.conf

mime.types

Trust DB Files

server.policy

certmap.conf


• Request Processing functionality is provided by Server Application Functions (SAFs).

• Default Request processing functionality can be changed by using the directives. Each Directive references a SAF that is used to perform the work during the particular stage of Request Processing.

• Extend the functionality of the server by creating shared libraries or plugins through NSAPI.

• These plugins must be registered with the Web server. This registration is accomplished with the Init directive in the magnus.conf file. Once registered, the functions defined in the plugins can be used to modify the request processing process.

• Directives may also contain additional settings that control the way the NSAPI plug-ins are run.

• The magnus.conf file is read when the instance is started; therefore, any changes made to the magnus.conf file require a server restart for the changes to take effect.


server.xml

magnus.conf

obj.conf

mime.types

Trust DB Files

server.policy

certmap.conf

Config Files – magnus.conf


• The magnus.conf file is validated at start-up time. Errors found within the file might prevent the server from starting or processing requests properly.

• Each instance can contain only one magnus.conf file; therefore, there is a one-to-one correspondence between an instance and the magnus.conf file. The directives defined within the magnus.conf file apply to the entire server instance and therefore any virtual servers defined within that instance.

Sample magnus.conf FileInit fn="load-modules"now)”Init fn=”load-modules” shlib=”libfastcgi.so”Init fn=”load-modules” shlib=”/sun/webserver7/plugins/myplugin/myplugin.so” funcs=”myfunc1,myfunc2”


server.xml

magnus.conf

obj.conf

mime.types

Trust DB Files

server.policy

certmap.conf

Config Files – magnus.conf


• The server.xml file is the main configuration file for a Web Server instance.

• It contains initial values for listen sockets, virtual servers, and other components that were configured during the installation process and some default settings that allow the Web Server to work immediately after installation.

• Server.xml document contains a hierarchy of elements and values

• Each instance can contain only one server.xml file; therefore, there is a one-to one correspondence between an instance and the server.xml file.

• The server.xml file contains definitions for each virtual server contained within the instance, so there is a one-to-many relationship between the server.xml file and virtual servers.

• You can use the -configtest option to the startserv script to validate the server.xml file before you stop the server. This enables you to detect errors to the file without impacting a running server instance.


server.xml

magnus.conf

obj.conf

mime.types

Trust DB Files

server.policy

certmap.conf

Config Files – server.xml


• The obj.conf (or object configuration) file contains instructions or directives on how to process HTTP client requests. This file consists of various directives that map directly to request processing stages and enable the Web Server to process client requests.

• Each directive invokes a SAF with one or more arguments.

• The object configuration file is read when the instance is started or when a dynamic reconfiguration is performed. The syntax for the directives and parameters contained in the object configuration file is validated within the start-up or reconfiguration code base. They are not validated against a schema such as the server.xml file.


server.xml

magnus.conf

obj.conf

mime.types

Trust DB Files

server.policy

certmap.conf

Config Files – obj.conf


• Each Virtual Server can have its own Object Configuration file. This is defined in the <object-file> element in server.xml file.

• By having different Object Configuration files for each virtual server provides the flexibility to process requests differently for each virtual server.<virtual-server>

<name>www.zeroproductionincidents.wordpress.com</name><http-listener-name>http-listener-1</http-listener-name><host>www.wordpress.com</host><object-file>www.zeroprodincidents-obj.conf</object-file><document-root> /export/home/zeroprodincidents/public_html</document-root><access-log>

<file>/export/home/zeroprodincidents/logs/access</file></access-log>

</virtual-server>

• When the Web Server receives a request, it uses information contained within the server.xml file to select an appropriate virtual server. It then uses the file specified by the <object-file> element to determine how to process the request.


server.xml

magnus.conf

obj.conf

mime.types

Trust DB Files

server.policy

certmap.conf

Config Files – obj.conf


• mime.types file contains mappings between file extensions and MIME types. This file is utilized during request processing to tell the server what type of resource is being requested.

• The mime.types file contains a series of associations that helps the instance identify the request type and subsequently understand how to process the request.

• It bases this information on the extension of the resource (such as .txt, .html, or .cgi) and associates a type, language, or encoding method based on the extension.

• Each Virtual server can have its own mime.types file and can be associated using <mime-file> element in the server.xml file.


server.xml

magnus.conf

obj.conf

mime.types

Trust DB Files

server.policy

certmap.conf

Config Files – mime.types


• The Web Server stores security-based information in three Network Security Services (NSS) libdbm database files as follows:– cert8.db—Stores publicly accessible

objects (such as certificates, certificate revocation lists, and S/MIME records)

– key3.db—Stores the private keys generated by the server

– secmod.db—Stores PKCS #11 module configuration information


server.xml

magnus.conf

obj.conf

mime.types

Trust DB Files

server.policy

certmap.conf

Config Files – Trust DB Files


• Each Web Server instance has its own standard Java Platform, Standard Edition (Java SE platform) server policy file named server.policy.

• The server policy file controls the access that applications have to the resources such as files on the file system.


server.xml

magnus.conf

obj.conf

mime.types

Trust DB Files

server.policy

certmap.conf

Config Files – server.policy


• Web Server 7 can be configured to allow client authentication through the use of an X.509 digital certificate. This can be performed under the SSL settings for a particular HTTP listener.


server.xml

magnus.conf

obj.conf

mime.types

Trust DB Files

server.policy

certmap.conf

Config Files – certmap.conf


THANKYOU

iplanet basics

Technology