본문 바로가기

WAS

GossipRouter 설정 방법

2019. 7. 23.

최근들어 AWS 에 was 를 설치하게되면서 적용 한 사례가 생기면서 정리.

TCP 기반 그룹 통신을 위한 라우터로

AWS 에서 TCP 사용이 어려울 때, GossipRouter 서버를 따로 두고 서로 그룹 통신 할 때 사용

GossipRouter 를 여러개 띄워서 사용해도 무방하다.

 

(예시)

1. 구성환경 리눅스 기반, jboss-eap-7.2, GossipRouter 세션클러스터링

2. AWS기반 2EA 세션클러스터링 

 

3. GossipRouter 프로세스 기동

# java -cp /WAS/EAP7/jboss-eap-7.2/modules/system/layers/base/org/jgroups/main/jgroups-4.0.15.Final-redhat-00001.jar org.jgroups.stack.GossipRouter -bindaddress 10.65.40.64 -port 13001
[jboss@scouter_tom1 bin]$ !ps
ps -ef | grep -i gossiprouter
root     32329 20663  0 21:50 pts/0    00:00:00 java -cp /WAS/EAP7/jboss-eap-7.2/modules/system/layers/base/org/jgroups/main/jgroups-4.0.15.Final-redhat-00001.jar org.jgroups.stack.GossipRouter -bindaddress 10.65.40.64 -port 13001
jboss    32385 24353  0 21:52 pts/1    00:00:00 grep --color=auto -i gossiprouter

 

4. 환경변수 설정

# jgroups setting
export JAVA_OPTS=" $JAVA_OPTS -Djboss.bind.address.private=$BIND_ADDR"
export JAVA_OPTS=" $JAVA_OPTS -Djboss.default.jgroups.stack=tcp"
export JAVA_OPTS=" $JAVA_OPTS -Djgroups.tcpgossip.hosts=10.65.40.64[13001] "

 

5. standalone.xml 설정

# standalone-ha.xml
<subsystem xmlns="urn:jboss:domain:jgroups:6.0">
            <channels default="ee">
                <channel name="ee" stack="tcp" cluster="ejb"/>
            </channels>
           <stacks>
                <!--stack name="tcp">
                    <transport type="TCP" socket-binding="jgroups-tcp"/>
                    <socket-protocol type="MPING" socket-binding="jgroups-mping"/>
                    <protocol type="MERGE3"/>
                    <protocol type="FD_SOCK"/>
                    <protocol type="FD_ALL"/>
                    <protocol type="VERIFY_SUSPECT"/>
                    <protocol type="pbcast.NAKACK2"/>
                    <protocol type="UNICAST3"/>
                    <protocol type="pbcast.STABLE"/>
                    <protocol type="pbcast.GMS"/>
                    <protocol type="MFC"/>
                    <protocol type="FRAG3"/>
                </stack-->
                <stack name="tcp">
                                        <transport type="TCP" socket-binding="jgroups-tcp"/>
                    <protocol type="TCPGOSSIP">
                        <property name="initial_hosts">
                            10.65.40.64[13001]
                        </property>
                    </protocol>
                    <protocol type="MERGE3"/>
                    <protocol type="FD_SOCK" socket-binding="jgroups-tcp-fd"/>
                    <protocol type="FD"/>
                    <protocol type="VERIFY_SUSPECT"/>
                    <protocol type="pbcast.NAKACK2"/>
                    <protocol type="UNICAST3"/>
                    <protocol type="pbcast.STABLE"/>
                    <protocol type="pbcast.GMS"/>
                    <protocol type="MFC"/>
                    <protocol type="FRAG2"/>
                </stack>
            </stacks>
        </subsystem>

 

'WAS' 카테고리의 다른 글

[Tomcat] DB 패스워드 암호화  (0) 2019.06.27
Session clustering (udp/tcp), sticky session  (0) 2018.11.01
IIS && EAP 연동  (0) 2018.05.30
[Apache] Permission denied: make_sock: could not bind to address [::]:80  (0) 2018.04.30
[limits.conf] 유저 리소스 파라미터 설정  (0) 2018.04.24
댓글

[Tomcat] DB 패스워드 암호화

2019. 6. 27.

1. tomcat-vault 세팅
cp tomcat-vault.jar $SERVER_HOME(엔진)/lib/
cd $CATALINA_BASE(인스턴스)/bin
vi tomcat-vault.sh
...

2. export JAVA_OPTS 세팅
cd $CATALINA_BASE/bin
vi env.sh
...
JAVA_OPTS="${JAVA_OPTS} -Dorg.apache.tomcat.util.digester.PROPERTY_SOURCE=org.apache.tomcat.vault.util.PropertySourceVault"
...

3. server.xml 세팅
cd $CATALINA_BASE/conf/
vi server.xml
...
password=${VAULT::rp_enc::mariadb_password::}
...

4. enc_db.sh 

#!/bin/bash

BASEDIR=$(dirname "$0")
. $BASEDIR/env.sh

USERNAME=$1
PASSWD=$2

keytool -genseckey -keystore $CATALINA_BASE/conf/vault.keystore -alias rp_vault -storetype jceks -keyalg AES -keysize 128 -storepass rplinux123$ -keypass rplinux123$

if [ e$USERNAME == "e" ];

then
        echo " input DB USER NAME ....."
        echo " ex ) ./enc_db.sh \"DB USER NAME\" \"DB Password\""
        exit 1
elif [ e$PASSWD == "e" ];
then
        echo " input DB Password ....."
        echo " ex ) ./enc_db.sh \"DB USER NAME\" \"DB Password\""
        exit 1
else
        echo " \"DB USER NAME=$USERNAME\" \"DB Password=$PASSWD\""
fi
$CATALINA_BASE/bin/tomcat-vault.sh --keystore $CATALINA_BASE/conf/vault.keystore --keystore-password rplinux123$ --alias rp_vault --enc-dir $CATALINA_BASE/conf/ --iteration 120 --salt rock_enc --vault-block rp_enc --attribute mariadb_password --sec-attr "$PASSWD" |  grep "KEYSTORE_URL" -A 5 > ../vault/vault.properties

sed -e "s/root/$USERNAME/g" -i ../conf/server.xml

'WAS' 카테고리의 다른 글

GossipRouter 설정 방법  (3) 2019.07.23
Session clustering (udp/tcp), sticky session  (0) 2018.11.01
IIS && EAP 연동  (0) 2018.05.30
[Apache] Permission denied: make_sock: could not bind to address [::]:80  (0) 2018.04.30
[limits.conf] 유저 리소스 파라미터 설정  (0) 2018.04.24
댓글

Session clustering (udp/tcp), sticky session

2018. 11. 1.

세션 클러스터링 기본
- JBoss Node Name
Node 별로 Unique하게 설정: -Djboss.node.name

- jvmRoute
Node별로 jvmRout 또는 instance-id 설정
UseJK=true로 설정
 
- 클러스터링 관련 네트웍 설정
Clustering 방식 설정: -Djboss.default.jgroups.stack
UDP멀티캐스트 주소설정: -Djboss.default.multicast.address
UDP멀티캐스트 포트: 45688 (standalone-ha.xml)
최초 연결할 클러스터 멤버: -Djgroups.tcpping.initial_hosts
TCPPING 설정: standalone-ha.xm
 
- 기본 사용포트 확인
configuration/standalone-ha.xml

<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
    <socket-binding name="management-native" interface="management" port="${jboss.management.native.port:9999}"/>
    <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
    <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9443}"/>
    <socket-binding name="ajp" port="8009"/>
    <socket-binding name="http" port="8080"/>
    <socket-binding name="https" port="8443"/>
    <socket-binding name="jgroups-mping" port="0" multicast-address="${jboss.default.multicast.address:230.0.0.4}" multicast-port="45700"/>
    <socket-binding name="jgroups-tcp" port="7600"/>
    <socket-binding name="jgroups-tcp-fd" port="57600"/>
    <socket-binding name="jgroups-udp" port="55200" multicast-address="${jboss.default.multicast.address:230.0.0.4}" multicast-port="45688"/>
    <socket-binding name="jgroups-udp-fd" port="54200"/>
    <socket-binding name="modcluster" port="0" multicast-address="224.0.1.105" multicast-port="23364"/>
    <socket-binding name="remoting" port="4447"/>
    <socket-binding name="txn-recovery-environment" port="4712"/>
    <socket-binding name="txn-status-manager" port="4713"/>
    <outbound-socket-binding name="mail-smtp">
        <remote-destination host="localhost" port="25"/>
    </outbound-socket-binding>
</socket-binding-group>


세션 클러스터링 설정

1) TCP / UDP 공통사항

NODE_NAME설정
Node별로 Name을 Unique하게 설정을 한다.


env.sh

-Djboss.node.name=$NODE_NAME"

 

jvmRoute 또는 instance-id 설정


env.properties

    ...

    jvmRoute=server1


    또는 instance-id 지정




    설정파일

    <subsystem xmlns="urn:jboss:domain:web:2.1" default-virtual-server="default-host" instance-id="server1" native="true">


useJK 설정

env.properties
    ...
    UseJK=true





2) UDP방식 설정


env.sh
export MULTICAST_ADDR=230.1.0.1   # Default로 45688 사용 (standalone-ha.xml)
 
# jgroups setting
export JAVA_OPTS=" $JAVA_OPTS -Djboss.default.jgroups.stack=udp"
export JAVA_OPTS=" $JAVA_OPTS -Djboss.default.multicast.address=$MULTICAST_ADDR"

 

3) TCP방식 설정


env.sh
# jgroups setting
export JAVA_OPTS=" $JAVA_OPTS -Djboss.default.jgroups.stack=tcp"
export JAVA_OPTS=" $JAVA_OPTS -Djgroups.tcpping.initial_hosts=192.168.0.56[7600],192.168.0.56[7700], "

standalone-ha.xml
<stack name="tcp">
    <transport type="TCP" socket-binding="jgroups-tcp"/>
    <protocol type="TCPPING" socket-binding="jgroups-mping">
        <property name="initial_hosts">
            ${jgroups.tcpping.initial_hosts:localhost:7600,localhost:7600}
        </property>
        <property name="port_range">
            0
        </property>
        <property name="timeout">
            3000
        </property>
        <property name="num_initial_members">
            3
        </property>
    </protocol>
    <protocol type="MERGE2"/>
    <protocol type="FD_SOCK" socket-binding="jgroups-tcp-fd"/>
    <protocol type="FD"/>
    <protocol type="VERIFY_SUSPECT"/>
    <protocol type="pbcast.NAKACK"/>
    <protocol type="UNICAST2"/>
    <protocol type="pbcast.STABLE"/>
    <protocol type="pbcast.GMS"/>
    <protocol type="UFC"/>
    <protocol type="MFC"/>
    <protocol type="FRAG2"/>
    <protocol type="RSVP"/>
</stack>


 Sticky Session 설정

env.properties

jvmRoute=server1    # 위에 언급된 instance-id를 통해서도 설정 가능
UseJK=true



※ Application별 클러스터링 설정


어플리케이션 의 web.xml

<distributable/>

라인 추가 시 enable
주석시 disable

web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>simple test</display-name>
  <distributable/>


  <welcome-file-list>
    <welcome-file>index.html</welcome-file>
    <welcome-file>index.jsp</welcome-file>
  </welcome-file-list>
  <session-config>
    <session-timeout>10</session-timeout>
  </session-config>
  <!--
        <filter>
           <filter-name>Set Character Encoding</filter-name>
           <filter-class>filter.SetCharacterEncodingFilter</filter-class>
           <init-param>
               <param-name>encoding</param-name>
               <param-value>UTF-8</param-value>
           </init-param>
        </filter>

        <filter-mapping>
           <filter-name>Set Character Encoding</filter-name>
           <url-pattern>/*</url-pattern>
        </filter-mapping>
         -->
</web-app>




저작자표시

'WAS' 카테고리의 다른 글

GossipRouter 설정 방법  (3) 2019.07.23
[Tomcat] DB 패스워드 암호화  (0) 2019.06.27
IIS && EAP 연동  (0) 2018.05.30
[Apache] Permission denied: make_sock: could not bind to address [::]:80  (0) 2018.04.30
[limits.conf] 유저 리소스 파라미터 설정  (0) 2018.04.24
댓글

IIS && EAP 연동

2018. 5. 30.

테스트에 앞서 용도에 맞는 ISAPI 모듈을 다운받아 준비한다.

나는 내 구성에 맞게 jboss-eap-native-webserver-connectors-6.4.0-win6.x86_64.zip 을 준비했고

isapi_redirect.dll 모듈을 사용했다.



  1. 시작 -> 실행 -> windows 기능
 

  1.  시작 -> 실행 -> inetmgr  (IIS인터넷 정보 서비스) 관리자 실행

  1. ISAPI 및 CGI 제한 


  1. ISAPI 필터


  1. 처리기 매핑



  1. 처리기 매핑 사용권한편집


  1. 가상 디렉터리 추가


  1. 가상 디렉터리 편집


  1. workers.properties 설정 ( 로드밸런싱)

worker.nodelb.type=lb
worker.nodelb.balance_workers=node11,node12
worker.list=nodelb

# Node Configure
worker.template.type=ajp13
worker.template.lbfactor=1
worker.template.socket_timeout=30
worker.template.reply_timeout=7000
worker.template.socket_keepalive=true
worker.template.recovery_options=7
worker.template.ping_mode=A
worker.template.ping_timeout=10000
worker.template.connection_pool_size=25
worker.template.connection_pool_minsize=25
worker.template.connection_pool_timeout=15


# An entry that lists all the workers defined
worker.list=node11,node12

# Entries that define the host and port associated with these workers

# First JBoss EAP 6 server definition, port 8009 is standard port for AJP in EAP
worker.node11.host=10.65.40.100
worker.node11.port=8009
worker.node11.type=ajp13

# First JBoss EAP 6 server definition, port 8109 is standard port for AJP in EAP
worker.node12.host=10.65.40.100
worker.node12.port=8109
worker.node12.type=ajp13

worker.nodelb.sticky_session=false



  1. uriworkers.properties

/*=nodelb
# images and css files for path /status are provided by node11
/status=nodelb
/images/*=nodelb
/css/*=nodelb

# Path /web-console is provided by node11
# IIS (customized) error page is used for http errors with number greater or equal to 400
# css files are provided by node11
/web-console/*=node11;use_server_errors=400
/web-console/css/*=node11

# Example of exclusion from mapping, logo.gif won't be displayed  
# /web-console/images/logo.gif=*

# Requests to /app-01 or /app-01/something will be routed to node11
/app-01|/*=node11

# Requests to /app-02 or /app-02/something will be routed to node11
/app-02|/*=node12


  1. isapi_redirect.properties

# Configuration file for the ISAPI Connector
# Extension uri definition
extension_uri=/jboss/isapi_redirect.dll

# Full path to the log file for the ISAPI Connector
log_file=c:\connectors\isapi_redirect.log

# Log level (debug, info, warn, error or trace)
log_level=info

# Full path to the workers.properties file
worker_file=c:\connectors\workers.properties

# Full path to the uriworkermap.properties file
worker_mount_file=c:\connectors\uriworkermap.properties

#Full path to the rewrite.properties file
rewrite_rule_file=c:\connectors\rewrite.properties


  1.  최종 화면



  1. 연동화면












저작자표시

'WAS' 카테고리의 다른 글

GossipRouter 설정 방법  (3) 2019.07.23
[Tomcat] DB 패스워드 암호화  (0) 2019.06.27
Session clustering (udp/tcp), sticky session  (0) 2018.11.01
[Apache] Permission denied: make_sock: could not bind to address [::]:80  (0) 2018.04.30
[limits.conf] 유저 리소스 파라미터 설정  (0) 2018.04.24
댓글

[Apache] Permission denied: make_sock: could not bind to address [::]:80

2018. 4. 30.
Permission denied: make_sock: could not bind to address [::]:80

 

$ ./apachectl start

httpd: Could not reliably determine the server's fully qualified domain name, using 192.168.149.130 for ServerName

(13)Permission denied: make_sock: could not bind to address [::]:80

(13)Permission denied: make_sock: could not bind to address 0.0.0.0:80

no listening sockets available, shutting down

Unable to open logs



원인


1024 이하 포트는 root 계정으로만 접근이 가능하다.


나는 jboss 계정으로 기동이 필요하여 아래 조치를 취했다.




 

chown root:jboss httpd

$ chmod +s httpd



 

$ ./apachectl start

httpd: Could not reliably determine the server's fully qualified domain name, using 192.168.149.130 for ServerName

$

$

$ ps -ef | grep -i httpd

root     21454     1  0 03:15 ?        00:00:00 /jboss/apache/bin/httpd -k start

daemon   21455 21454  0 03:15 ?        00:00:00 /jboss/apache/bin/httpd -k start

daemon   21456 21454  0 03:15 ?        00:00:00 /jboss/apache/bin/httpd -k start

daemon   21457 21454  0 03:15 ?        00:00:00 /jboss/apache/bin/httpd -k start

daemon   21458 21454  0 03:15 ?        00:00:00 /jboss/apache/bin/httpd -k start

daemon   21459 21454  0 03:15 ?        00:00:00 /jboss/apache/bin/httpd -k start

jboss    21461 21423  0 03:15 pts/0    00:00:00 grep -i httpd



일반계정으로 해야 하는 경우


$ /etc/sudoers 수정

jboss all:(ALL)


및 


apache/conf/httpd.conf 수정

user jboss

group jboss


저작자표시

'WAS' 카테고리의 다른 글

GossipRouter 설정 방법  (3) 2019.07.23
[Tomcat] DB 패스워드 암호화  (0) 2019.06.27
Session clustering (udp/tcp), sticky session  (0) 2018.11.01
IIS && EAP 연동  (0) 2018.05.30
[limits.conf] 유저 리소스 파라미터 설정  (0) 2018.04.24
댓글

티스토리툴바