Chapter 24. Administering and Monitoring Your WebLogic Domain

In This Chapter

Understanding WebLogic Domains

A WebLogic domain is an important administrative feature for a WebLogic Server administrator to understand because it defines the administrative boundaries of a WebLogic Server’s environment. All applications that are deployed to WebLogic Server are deployed and managed in the context of a WebLogic domain. A WebLogic domain is composed of one or more WebLogic Servers, where one server is configured as the administration server and all additional servers in the same domain are configured as managed servers, which can exist independently or in the context of one or more WebLogic clusters. A WebLogic cluster is essentially two or more managed servers that share their resources to provide scalability and high-availability solutions for applications. WebLogic clusters are discussed in more detail in Chapter 25, “Implementing Highly Available and Scalable Solutions Using the WebLogic Cluster.”

The types of WebLogic Server instances that constitute a WebLogic domain are shown in Figure 24.1.

This WebLogic domain contains an administration server, two independent managed servers, and a WebLogic cluster.

Figure 24.1. This WebLogic domain contains an administration server, two independent managed servers, and a WebLogic cluster.

If a WebLogic domain contains a standalone administration server, that WebLogic Server instance will function as an administration server as well as a managed server. This is a common configuration for developers who require their own WebLogic development environment, or for anyone who is becoming familiar with WebLogic Server because this is the easiest WebLogic domain configuration to implement.

WebLogic administrators have the option to manage their entire WebLogic Server environment as a single domain. Alternatively, administrators can opt to define multiple mutually exclusive domains based on different administration/monitoring, business, or technical criteria. Scenarios in which it may be necessary to define multiple domains include the following:

  • There is a need to create separate development, test, and production WebLogic Server environments.

    This is the de facto standard for staging applications and their operating environments through a software development life cycle.

    Tip

    Alternatively, you can achieve the same objective by having one WebLogic domain and different managed servers configured for development and testing. A production WebLogic domain should always be kept separate from nonproduction WebLogic domains.

  • The applications to be deployed possess varying service-level agreements or grades of criticality.

    Separate domains can be used to deploy mission-critical applications, where the degree of administration and monitoring diligence will differ from non–mission-critical type applications.

    Tip

    Alternatively, you can configure different managed servers with varying service-level agreements in the same domain.

  • The WebLogic Server environment is dispersed across multiple machines that are physically and geographically disparate.

    The concept of domains can be used to create localized WebLogic Server administration environments (units), which for example can be based on the physical location of WebLogic Servers.

  • There is a need to manage large mission-critical applications.

    Mission-critical applications always require extensive administration and monitoring, and sometimes partitioning the applications into manageable, tightly coupled functional domains is the most efficient solution. For example, if an application has distinct functional modules such as Accounting, Sales, and Human Resources, each of these modules can be managed by a separate WebLogic domain.

Having multiple mutually exclusive WebLogic domains does not imply that applications in those domains cannot communicate with each other. It just defines independent administration environments for a select number of WebLogic Server instances.

If you decide to create multiple domains to manage your WebLogic environment, you should keep the following caveats in mind:

  • All WebLogic cluster instances in a WebLogic domain must be of the same version and service pack of the WebLogic Server software.

    Note

    The WebLogic Server 7 administration server can be used to manage WebLogic Server 6.x managed servers.

  • WebLogic clusters cannot span across multiple WebLogic domains.

  • WebLogic resources, such as JDBC connection pools, security configurations, and J2EE applications, in one domain cannot be shared with other domains.

The Relationship Between Administration and Managed Servers

The role of the administration server is to run the administration service for the entire domain, providing a central control for configuring, managing, and monitoring all aspects of a WebLogic domain, including

  • Logging critical activities and events related to the WebLogic domain

  • Configuring and managing the WebLogic domain security policies

  • Monitoring the health of the managed server instances in the WebLogic domain, such as the JDBC, JMS, Web, and EJB container subsystems

  • Configuring and managing the WebLogic domain resources and J2EE services, such as machines, network channels, JDBC, JMS, JNDI, JTA, and JavaMail

  • Managing (deploying and monitoring) J2EE Web and enterprise applications

  • Starting up and shutting down the managed servers and WebLogic clusters within the domain

The configuration information for the entire WebLogic domain is maintained by the administration server in a configuration repository, which currently exists as an XML file named config.xml. The config.xml file is, by default, located in the root of the directory from which the administration server is launched, and can be viewed using a Web browser or any XML editor. The config.xml file is discussed in detail in the next section.

The role of a managed server is to execute the applications that are deployed to its WebLogic domain and make available their status to the administration server. Upon startup, managed servers

  • Retrieve their configuration and application deployment settings from their designated administration server.

  • Register themselves with the administration server, at which point the administration server will begin to gather runtime state and monitoring information from them.

The configuration settings that are received by a managed server from an administration server include the config.xml and the SerializedSystemIni.dat files. Upon receiving these files, a managed server always caches them to its root directory on the local file system. You also have the option to manually copy these files from the administration server’s root directory to the managed server’s root directory. By default, the directory from which an administration or managed server is launched is considered its respective root directory. Without the presence of these files, you cannot start a managed server.

By default, the encrypted boot.properties file, which enables WebLogic Server to start up while bypassing the startup prompt for username and password, is not automatically copied from the administration server to any managed server. If you want to use this file in the startup of your managed servers, you will need to manually copy the file from the root directory of the administration server to the root directory of your managed server.

After the initial startup and shutdown of a managed server, if the administration server becomes unavailable before a managed server is started, these cached configuration files are used to start the managed server. However, the managed server cannot persist any changes of its state or even be managed or monitored until its designated administration server is available again. Managed servers that are started in this manner are in Managed Server Independence (MSI) mode. When an administration server is started, it queries its running-managed-servers.xml file to identify the managed servers that were registered with it so that they can be notified to reregister with the administration service.

Tip

If a managed server runs on the same machine as its administration server, the cached configuration files will be located in the same root directory of the administration server. If these files are not located in a directory from which the managed server is started, you can explicitly specify the location of the configuration files by using the -Dweblogic.RootDirectory=path startup option.

It is only at startup that managed servers have a slight dependency on the availability of an administration server. When they are operational, the only consequence for shutting down an administration server is that the administration service will not be running, which has no effect on the execution of an application on the managed servers.

Note

When the administration service is not running, no changes can be made to the WebLogic domain’s configuration.

The relationship between the administration and managed servers is summarized in Figure 24.2.

The relationship between the administration and managed servers in a WebLogic domain.

Figure 24.2. The relationship between the administration and managed servers in a WebLogic domain.

Tip

To ensure the administration service does not present a point of failure or impede the performance for an application in a domain, BEA recommends you use a dedicated WebLogic Server instance within a domain as an administration server, with all applications deployed on the domain member managed servers.

Administering a WebLogic Domain from an Infrastructure Perspective

The management of a WebLogic domain is, in essence, a collective management effort of all the subsystems (resources and services) of WebLogic Servers that constitute a domain. The management capabilities (configuration and monitoring) of these subsystems as well as the applications they support are represented within WebLogic Server as MBeans (managed beans), which are implemented as Java classes in compliance with the Java Management Extension (JMX) specification as defined by Sun. The WebLogic administration service institutes management of subsystems such as the Web and EJB containers, JDBC, JMS, SNMP, and JTA, through their respective MBeans.

Each WebLogic Server subsystem has a set of attributes that can be configured and monitored, with some subsystems providing additional management capabilities through administration methods. The role of an MBean is to provide an administration interface to these attributes and methods of a WebLogic Server subsystem, decoupling the subsystem from its management interface.

As shown in Figure 24.3, one or more MBeans can be associated with each WebLogic subsystem, and can include the following elements:

The elements of a WebLogic Server MBean.

Figure 24.3. The elements of a WebLogic Server MBean.

  • A set of attributes that define parameters for various management functions, which are persisted to the config.xml domainwide configuration file

  • A suite of methods used to execute management functions such as listing, setting, and getting the MBean attributes

  • Methods for executing additional WebLogic Server resource administration operations

  • A notification system for broadcasting MBean events

The following three types of MBeans are used to manage a WebLogic domain:

  • Administration MBeans—These MBeans reside only in the administration server of a domain. They initially contain preset configuration parameters for the management functions for all WebLogic Servers in a domain. When an administration server is started, these default parameter values are overridden by their associated values from the config.xml file, which provides persistent storage of Administration MBean attribute values. Every five minutes, the administration service determines whether the Administration MBeans have been modified, with any changes persisting to the config.xml file.

  • Configuration MBeans—These MBeans are used to configure the managed servers in a WebLogic domain and are resident only on managed servers. They are copies of the Administration MBeans that are received from the administration server by the WebLogic managed servers when they are started.

    To provide a central management system of Configuration MBeans on managed servers, the administration server hosts an Administration MBean for each Configuration MBean in a WebLogic domain. When changes occur to these Administration MBeans, they are propagated to their counterpart Configuration MBeans on the managed servers.

    The Administration MBeans attribute values can be overridden by specifying attributes directly on the command line while starting the managed server. If any of the configuration attributes in a Configuration MBean are overridden by specifying the value of the Mbean attribute at the command line while starting the Managed server, the values do not persist to the domainwide config.xml file of the administration service.

    Note

    The interface types for Administration and Configuration MBeans are located in the weblogic.management.configuration package, which can be reviewed in the BEA JavaDocs.

  • Runtime MBeans—These MBeans contain attributes that specify the runtime information of a WebLogic Server resource or an application in a domain. They are primarily used to provide monitoring information and hence cannot be directly set by the Administration Console or the weblogic.Admin utility.

Note

The interface types for Runtime MBeans are located in the weblogic.management.runtime package.

Because the administration server can also behave as a managed server, it also hosts the Configuration MBeans and Runtime MBeans that pertain to its own resources and applications.

The system administration tools provided with WebLogic Server—the Administration Console and weblogic.Admin utility—provide an interface to the administration service, allowing you to manage a WebLogic domain without requiring any knowledge of the JMX API. However, knowledge of the WebLogic MBean interfaces is required to use the weblogic.Admin utility to interface with the administration service.

The Administration Console is the preferred Administration tool, allowing you to manage and view the attributes of Administration and Runtime MBeans through a graphical interface (such as a Web browser). The Administration Console can manage only one WebLogic domain at a time; therefore, multiple WebLogic domains require their own instance of the Administration Console. From the Administration Console, you can also determine the MBean attribute you are working with by clicking the question mark next to an attribute field. However, the Administration Console enables you to manage and view only the attributes of Configuration MBeans.

Alternatively, the weblogic.Admin tool enables you to manage and retrieve the attributes of Administration and Configuration MBeans, as well as invoke the methods of Runtime MBeans through the CREATE, DELETE, GET, SET, and INVOKE commands.

Note

For the syntax and usage of the weblogic.Admin commands, refer to the MBean Management Command Reference in the WebLogic Server Administration Guide.

Both the Administration Console and the weblogic.Admin tools should provide you with the initial administration and monitoring capabilities you need for your environment. However, if you have administration requirements that are not satisfied by these tools, you can either write your own JMX extensions to the Administration Console, or you can purchase a suitable WebLogic Server administration tool provided by one of BEA’s solution partners, which are listed on the BEA Web site.

Creating and Extending WebLogic Domains

The creation and extension of WebLogic domains are fundamental administration tasks that anyone required to create a WebLogic Server environment (whether development, test, or production) must be proficient in performing. BEA provides two tools to assist in you these tasks: the Configuration Wizard and the Administration Console.

The Configuration Wizard is a standalone Java-based GUI application that uses domain templates to assist you in creating the most appropriate preconfigured WebLogic domain for the type of solution/application your WebLogic Server instances will host. The types of templates presented by the Configuration Wizard vary according to what software components of WebLogic Platform (WebLogic Server, Portal, or Integration) you have installed on the machine where you launch the Configuration Wizard. However, the Configuration Wizard does not support the migration of domains from previous WebLogic Server versions or support the modification of existing domains. These operations are supported only by the administration console.

Table 24.1 shows the full list of WebLogic domain templates the Configuration Wizard can present and their respective domain context. The domain templates are located under the WebLogic Platform installation directory in common emplatesdomains.

Table 24.1. The Domain Templates of the Configuration Wizard

Template Name

Domain Context

Template Description

WLS Domain

WebLogic Server

Creates a very basic WebLogic Server domain. (This is the most appropriate domain template if you want to create an empty WebLogic domain.)

WLS Petstore

WebLogic Server

Creates a WebLogic Server domain comparable with the Pet Store sample domain.

WLS Examples

WebLogic Server

Creates a WebLogic Server domain comparable to the WebLogic Server Examples domain.

WebLogic Workshop

WebLogic Server

Configured to support the development of WebLogic Workshop solutions.

BPM Domain

WebLogic Integration

In addition to configuring the Business Process Management (BPM) functionality within a WebLogic domain, this template also configures a domain to contain all the necessary Application Integration components required for internal Enterprise Integration.

EAI Domain

WebLogic Integration

Configures a domain to support the development of Enterprise Application Integration solutions. This template configures a domain that contains all the necessary components for internal Enterprise Integration.

WLI Domain

WebLogic Integration

Configures a domain to support the development of solutions that employ the full range of WebLogic Integration functionality, which includes both internal and external integration.

WLP Domain

WebLogic Portal

Supports the development of WebLogic Portal solutions.

Platform Domain

WebLogic Platform (This template requires all WebLogic Platform components to be installed.)

Provides support for developing applications using all WebLogic Platform software components.

The Configuration Wizard also allows you to organize WebLogic Server instances within a domain, as shown in Table 24.2.

Table 24.2. The Configuration Wizard’s Options for Organizing WebLogic Server Instances in a Domain

WebLogic Server Instance Option

Description

Single Server (Standalone Server)

Creates a new WebLogic domain with a single WebLogic Server instance that behaves as the administration server as well as the managed server.

Admin Server with Managed Server(s)

Creates a new domain with a dedicated administration server and one or more managed servers, which are used to host the deployed applications.

Admin Server with Clustered Managed Server(s)

Creates a new domain with a dedicated administration server with one or more managed servers assigned to a cluster. (Clustering managed servers requires the WebLogic Server machine to have dedicated IP addresses for each managed server in the cluster.)

Managed Server (with owning Admin Server configuration)

Allows you to extend an existing WebLogic domain by creating a new managed server on the same machine as the Configuration Wizard.

Tip

You can also use the Administration Console to extend a WebLogic domain that was initially created by the Configuration Wizard.

The option you select for creating the WebLogic Server instances depends on the topology of the WebLogic Server instances that will optimally host your deployed applications and the resources available on those WebLogic Server machines. For example, creating a WebLogic domain where the administration server and one or more managed servers are resident on the same machine may not be ideal for a development or production enterprise environment from an application availability perspective, or if resource utilization will be an issue.

Tip

Before you create your WebLogic domain and populate it with managed servers, you should graphically represent the topology of your domain, providing a visual structure of how the WebLogic instances within the domain will be used to host their respective applications and the machines that will host the administration server and respective managed servers.

The following sections provide a step-by-step guide for creating and extending a WebLogic domain using the following information:

  • Domain Name: objectmind

  • Administration Server Name: AdminServer

  • Managed Server Name: mServer

Note

These names are used in the following examples, but you can use your own names if you prefer for the domain, administration, and managed server.

Because a WebLogic domain can always be extended, the ObjectMind domain with the AdminServer standalone WebLogic Server will be created first. The domain will then be extended through the introduction of the mServer remote managed server.

Creating a WebLogic Domain and Standalone WebLogic Server Using the Configuration Wizard

To create a WebLogic domain in a Windows environment, follow these steps:

  1. Launch the Configuration Wizard by clicking Start, Programs, WebLogic Platform 7.0, Domain Configuration Wizard.

    Alternatively, you can start the Configuration Wizard by executing the dmwiz.cmd script from the command prompt. This script is located in the %WL_HOME%commonin directory.

  2. On the Choose Domain Type and Name screen, do the following:

    • Select the domain template that is most aligned to what type of application you will be hosting and the WebLogic infrastructure that will be needed to support it. For the purposes of this example, use the WLS Domain template.

    • Enter a suitable name for the domain. For the purposes of this example, the name objectmind is used.

    Click Next.

  3. On the Choose Server Type screen, select the Single Server (Standalone Server) option. Click Next.

  4. On the Choose Domain Location screen, enter the top-level directory to store your WebLogic domain. Even though you can create this directory anywhere on your local file system, BEA recommends that you do not locate this directory under the WebLogic Platform software directory.

    The default location is BEA_HOME/user_projects/domain, where

    BEA_HOME is the BEA Home directory that contains the WebLogic Platform installation files—for example, c:ea.

    user_projects is the root directory location specified for the domain—for example, c:eauser_projects.

    domain is the name of the domain directory, which correlates with the name of the associated WebLogic domain—for example, objectmind.

    Click Next.

  5. On the Configure Standalone/Administrative Server screen, enter the following information:

    • Server Name—Enter the server name using alphanumeric characters. Hyphen (-) and underscore (_) characters are supported, but spaces are not. For the examples in this chapter, use an administration server with the name AdminServer.

    • Server Listen Address—Enter the IP address or DNS name that will be assigned to your WebLogic Server. For a standalone WebLogic Server, you can also use Localhost as the server listen address.

      Note

      If you provide a DNS name for the listen address, you should include the -Dweblogic.system.ReverseDNSAllowed=TRUE startup option in the administration server startup script (startWebLogic.cmd).

    • Server Listen Port—Enter a numeric value for the listening port of the WebLogic Server. The default port is 7001, and the range of values is 1 to 65535.

    • Server SSL Listen Port—Enter a numeric value for the SSL listening port. The default port is 7002, and the range of values is 1 to 65535.

    Click Next.

  6. On the Create Administrative User screen, enter the administrator username and password that will be used to start and connect to the WebLogic Server you have just configured. The password must be at least eight characters. Click Next.

  7. On the Install Server as Windows Service screen, indicate whether you want WebLogic Server to start with the Windows operating system. It is recommended you do not use this option in development environments. Click Next.

    Note

    You must have Windows Administration rights to be able to create a Windows service.

  8. In the Create Start Menu Entry for Server screen, indicate whether you would like the option to start your WebLogic Server via a Windows Start menu. Click Next.

  9. In the Configuration Summary screen, review the information that has been collected to create your WebLogic domain and administration server. The Configuration Wizard will use this information to create a new config.xml file, which describes the organization of your WebLogic domain, including any necessary network configurations for the administration server. It also creates and populates the necessary startup scripts and other files and directories to enable you to immediately start your administration server. If you need to modify this information, you can use the Back button to edit an entry on any of the Configuration Wizard screens.

  10. Click Next to create your WebLogic domain and its administration server.

If you select the Admin Server with Managed Server(s) option in step 3, the only difference from the preceding series of steps would be that you would see the Configure Managed Servers in Admin Server screen, as shown in Figure 24.4. From this screen, you can add multiple managed servers to your WebLogic domain by clicking the Add button and entering the new managed server information in the displayed Add Server dialog. However, these managed servers will be configured to run on the same machine as the administration server of the domain.

Adding managed servers to a WebLogic domain using the Admin Server with Managed Server(s) option in the Configuration Wizard.

Figure 24.4. Adding managed servers to a WebLogic domain using the Admin Server with Managed Server(s) option in the Configuration Wizard.

You can start the administration server (AdminServer) you have just created by executing the following scripts from the command prompt, which can be located in the BEA_HOME/user_projects/domain directory:

  • setEnv.cmd—. Configures the WebLogic Server operating system environment, including the CLASSPATH variable.

  • startWebLogic.cmd—. Starts your administration server. You need to enter the administrator username and password you specified in the configuration of the administration server using the Configuration Wizard.

After you successfully start the administration server, the last two lines of the startup process in the command console should look similar to the following:

<Oct 8, 2002 3:20:11 AM EDT> <Notice> <WebLogicServer> <000365> <Server state changed to RUNNING>

<Oct 8, 2002 3:20:11 AM EDT> <Notice> <WebLogicServer> <000360> <Server started in RUNNING mode>

Tip

If you have problems starting the administration server, make sure you have set up the WebLogic environment correctly using the setEnv.cmd script. You can also review the config.xml file using an XML editor, ensuring the attribute values you specified using the Configuration Wizard are correct.

Extending a WebLogic Domain with a Remote Managed Server Using the Configuration Wizard

To extend a WebLogic domain using the Configuration Wizard, you must install the WebLogic Server software, which includes the Configuration Wizard, on the machine that will host the managed server. After you satisfy this prerequisite, you can follow these steps to add a remote managed server named mServer to your newly created WebLogic domain (ObjectMind):

  1. Start the Configuration Wizard.

  2. On the Choose Domain Type and Name screen, enter the domain type and name of the target WebLogic domain where your managed server will reside. Your entry should correlate with the information you used to initially create the domain. Click Next.

  3. On the Choose Server Type screen, select the managed server (with owning Admin Server configuration) option and click Next.

  4. On the Choose Domain Location screen, enter the top-level directory to store your WebLogic domain. For management purposes, you should try to have a consistent location for your domain directories on the WebLogic Server machine.

  5. On the Configure Administrative Server Connection screen, as shown in Figure 24.5, enter the following information required to satisfy a remote connection to the administration server of your target WebLogic domain:

    The Configure Administrative Server Connection screen of the Configuration Wizard.

    Figure 24.5. The Configure Administrative Server Connection screen of the Configuration Wizard.

    • Admin Server Name or IP—Enter the DNS server name or IP address of the administration server.

    • Admin Server Listen Port—Enter the listening port of the administration server.

    • Admin Server SSL Listen Port—Enter the SSL listening port of the administration server.

    • Managed Server Name—Enter the machine name of the managed server.

    Click Next after you have entered this information.

  6. On the Configure Standalone/Administrative Server screen, as shown in Figure 24.6, enter the following information to configure your managed server:

    The Configure Standalone/Administrative Server screen of the Configuration Wizard.

    Figure 24.6. The Configure Standalone/Administrative Server screen of the Configuration Wizard.

    • Server Name—Enter the server name using alphanumeric characters. Hyphen (-) and underscore (_) characters are supported, but spaces are not.

    • Server Listen Address—Enter the IP address or DNS name that will be assigned to your WebLogic Server.

    • Server Listen Port—Enter a numeric value for the listening port of the managed server.

    • Server SSL Listen Port—Enter a numeric value for the SSL listening port.

    Click Next.

  7. On the Create Administrative User screen, enter the administrator username and password that will be used to start the managed server. You should try to keep the administrator username and password consistent throughout your WebLogic domain. Click Next.

  8. On the Install Server as Windows Service screen, indicate whether you want WebLogic Server to start in the Windows operating system. Click Next.

  9. On the Create Start Menu Entry for Server screen, indicate whether you would like the option to start your managed server via a Windows Start menu. Click Next.

  10. On the Configuration Summary screen, review the information that has been collected to create your managed server and connect to the administration server of your target WebLogic domain.

  11. Click Next to create and populate the scripts, files, and directory structure necessary to support your managed server.

A common misconception of extending a WebLogic domain using the Configuration Wizard is that you can start a remote managed server after it is created. This is not true, and most people make this mistake. If you want to start a remote managed server:

  • The domainwide config.xml file needs to be updated with the remote managed server’s information—for example, server and machine name as well as the listening port information.

  • A config.xml file, which contains a subset of the information contained in the domainwide config.xml file specific to the managed server, needs to be copied from the administration server to the managed server.

Note

These tasks are performed automatically for you, only if the managed servers are created locally on the same machine as the administration server using the Admin Server with Managed Server(s) option of the Configuration Wizard.

Because the Configuration Wizard does not make a connection with the administration server, the domainwide config.xml file is not updated with the new managed server information, and a config.xml file is not copied from the administration server to the remote managed server’s file system. Instead, the Configuration Wizard just creates a skeleton version of the config.xml file and places it in the root of the managed server’s domain directory.

To successfully start a remote managed server, you need to use the Administration Console to register the managed server with its associated domain’s administration server. This two-step process involves

  • Configuring a machine definition for the machine that is hosting the managed server instance

  • Configuring a server definition for the remote managed server

These tasks are described in the following two sections.

Configuring a New Machine Definition within a WebLogic Domain

The following steps will guide you through the configuration of a new machine definition within a WebLogic domain using the Administration Console:

  1. Start the Administration Console using

    http://hostname:port/console

    where hostname is the DNS name or IP address of the administration server and port is the address of the port on which the administration server is listening for requests (7001 by default).

  2. Enter the appropriate administration username and password.

  3. Click the Machines node in the left panel of the Administration Console.

  4. Click the Configure a New Machine link in the right panel of the Administration Console.

  5. On the screen shown in Figure 24.7, enter the machine name of the managed server. This machine name is used to identify the machine only within the WebLogic domain and does not need to correspond to the machine’s network name. Click Create.

    Configuring a new machine definition using the Administration Console.

    Figure 24.7. Configuring a new machine definition using the Administration Console.

    Note

    In scenarios in which the physical location of the server is required (for example, in clustering and Node Manager operations), you need to specify the machine names for the respective server.

  6. If you now click the Machine node in the left panel of the Administration Console, you can verify the machine has been added to the WebLogic domain.

You should repeat these steps to create a machine definition for the administration server machine.

Configuring a New Server Definition within a WebLogic Domain

The following steps will guide you through the configuration of a new WebLogic Server definition for your remote managed server using the Administration Console:

  1. Select the Servers node in the left panel of the Administration Console.

  2. In the right panel of the Administration Console, click the Configure a New Server link.

  3. Enter the following information in the General tab to configure your managed server, as shown in Figure 24.8:

    Configuring a new server in a WebLogic domain using the Administration Console.

    Figure 24.8. Configuring a new server in a WebLogic domain using the Administration Console.

    • Name—Enter the name of the managed server, for example, mServer.

    • Machine—Select the machine name that hosts the managed server from the drop-down list box.

    • Cluster—Select None from the drop-down list box.

    • Listen Address—Enter the TCP/IP address or DNS name of the machine that will host the managed server.

    • Listen Port Enabled—Select this box because it indicates the managed server will enable non-SSL HTTP communication.

    • Listen Port—Enter the number assigned to your listen port.

    • Startup Mode—Enter Running for the startup mode of the managed server.

    • External DNSName—If the managed server will receive HTTP requests from behind a firewall that performs Network Address Translation, enter the DNS name of the machine name, to enable requests to be routed to the appropriate managed server.

  4. Click Create to configure your managed server in the WebLogic domain’s config.xml file.

You should also assign your administration server to a machine definition.

After you complete these steps, you can start your remote managed servers by executing the following scripts from the command prompt, which can be located in the BEA_HOME/user_projects/domain directory of the remote physical machine where the managed server is being hosted:

  • setEnv.cmd—. Configures the managed server’s operating system environment, including the CLASSPATH variable.

  • startManagedWebLogic.cmd—. Starts your managed server. You will be promoted to enter the administrator username and password you specified in the configuration of the managed server using the Configuration Wizard. However, you can securely bypass this prompt using the boot.properties file. You can also provide the respective username and password values to the WLS_USER and WLS_PW variables in the startup script. The disadvantage of this approach is that the username and password are in clear text and viewable through any text editor.

During the startup operation, the managed server connects to its associated administration server and copies over the necessary configuration files it requires to start, which will be cached to the managed server’s root directory. From this point onward, by default, the managed server is configured to start in independence mode if the administration server is not available during its startup operation.

If your domain’s configuration changes frequently—for example, during the development phase of your project—the administration server has an option that can replicate the configuration files to the managed server every five minutes, if required. You can enable this option by selecting the MSI File Replication Enabled option in the Configuration, Tuning tab for a managed server in the Administration Console, as shown in Figure 24.9.

Enabling the replication of configuration files for a managed server.

Figure 24.9. Enabling the replication of configuration files for a managed server.

Caution

Because changes to a WebLogic domain should be very tightly controlled in a production environment, MSI should be enabled only for development managed servers. BEA recommends that you not enable file replication for a server that shares an installation or root directory with another server because unpredictable errors can occur for both servers.

Configuring the Network Resources for a WebLogic Domain

In version 6.x of WebLogic Server, the network configuration capabilities of a WebLogic domain and its associated WebLogic Server instances were very limited, which constrained the opportunities to improve networking performance and resolve networking problems. The following are some examples of these networking constraints:

  • Each WebLogic Server instance could accept connections from only one IP address bound to a single network interface card (NIC), preventing the capability to improve network throughput from multiple NICs.

  • Each WebLogic Server instance could segment incoming and outgoing network traffic only through the following distinct ports:

    • A nonsecure port reserved for nonsecure HTTP, IIOP, and T3 traffic (port 7001 by default)

    • A secure port reserved for HTTPS, IIOPS, and T3S traffic (port 7002 by default)

    • An optional administration port used to isolate administration traffic

  • The Network configurations that were port specific could be assigned only at the WebLogic instance level, which implied that all network ports shared the same settings.

WebLogic Server 7 still uses the default network configuration found in the previous version of WebLogic Server. The attributes that constitute this default network configuration are specified when a WebLogic Server is created—for example, the HTTP and HTTPS port numbers as well as the listen address of WebLogic Server. Also, as in previous WebLogic Server versions, WebLogic Server 7 stores this information as attributes in the ServerMBean and SSLMBean, respectively.

The listen address and port attributes are defined in the ServerMBean, and the SSL attributes are defined in the SSLMBean.

To extend the capabilities of the default network configuration, WebLogic Server 7 introduces two new configurable network resources: network channels and network access points (NAPs). They are stored in two new MBeans: NetworkChannelMBean and NetworkAccessPointMBean.

The fact that these new network resources extend the default network configuration implies that you do not need to use them if you feel that you cannot leverage their new features. The default network configuration can still be used and is a requirement for all WebLogic Servers within a domain.

The following sections discuss network channels and network access points (NAPs) in detail, after which you can decide whether leveraging these new network resources is applicable in your environment.

An Introduction to Network Channels

WebLogic Server uses network channels to define the basic attributes of a network connection to a WebLogic Server instance. Sample attributes of a network channel include

  • The communication protocols (HTTP, HTTPS, T3, T3S, COM)

  • The default listen ports to use for secure and nonsecure communication

  • The default properties for the connection, such as the login timeout value and maximum message sizes

The previous version of WebLogic Server used one default network channel for all its network communication. When you define multiple network channels, you can configure additional port numbers and protocol settings for use with one or more WebLogic Server instances. For example, you can do the following:

  • You can simplify your domain’s network configuration by defining a single network channel, which is assigned to every WebLogic Server instance in a domain, as shown in Figure 24.10.

    A simple example showing how you can use a domainwide network channel.

    Figure 24.10. A simple example showing how you can use a domainwide network channel.

  • You can apply weighted values to network channels to prioritize server-to-server traffic such as internal connections made for remote references, such as a resource located via JNDI.

Note

Channel weights do not apply to connections initiated directly via a URL.

Taking this approach, you can ensure the same network connection properties for each WebLogic Server instance in a domain. Any changes to the network channel’s connection attributes automatically propagate to the WebLogic Server instances that employ that network channel. Network channels, in a way, serve as templates for the network configuration of a WebLogic domain, and can be exploited further when they are used in conjunction with network access points (NAPs), which are discussed in the “Understanding Network Access Points” section later in this chapter.

For each WebLogic Server instance, you can use three types of network channels, which are all bound to the same network IP address:

  • The default network channel, which is automatically created by WebLogic Server based on the initial listen address and port settings defined in the ServerMBean.

    If no other network channel is available to service a network connection, the default network channel is used.

  • An optional administration channel, which can be defined to separate the administration traffic from application traffic in your domain.

  • A custom channel that you define and assign to a WebLogic Server instance within a domain using the Administration Console.

    The defined ports are in addition to the ports defined in the ServerMBean and SSLMBean.

The following sections describe how to view your default network configuration information, enable the administration port, and configure a simple network channel using the Administration Console.

Viewing Your Default Network Configuration

To view the default network configuration of a WebLogic Server instance in your domain, follow these steps:

  1. Select the Servers node in the left pane to display the servers configured for your WebLogic domain.

  2. Select the name of the server in the left pane.

  3. Click the Connections, Summary tab in the right pane to display the server’s current default network settings, as shown in Figure 24.11.

    Viewing the network configurations for WebLogic Server in a domain.

    Figure 24.11. Viewing the network configurations for WebLogic Server in a domain.

Enabling the Administration Port

When the administration port is enabled for a WebLogic domain, an administration network channel is automatically created for each WebLogic Server instance in that domain upon startup. This administration network channel is then used for all administration-type traffic within the domain. Having a distinct and dedicated domainwide administration port provides the following advantages:

  • The administration traffic is assured no contention with application traffic for critical administration operations.

  • WebLogic Server can be started in a standby state, which is a new WebLogic Server Lifecycle feature.

Even though these advantages are very appealing from an administration perspective, the administration port accepts only secure (SSL) connections, which implies that you will have to set up each WebLogic Server in your domain with support for SSL. All managed servers within a domain will need to establish an SSL connection to the administration server. Also, the administration port is a domainwide option, so you cannot configure an administration port for individual managed servers within a domain; it is an all-or-none option.

Because SSL communication is a prerequisite for using the administration port, enabling this feature is a three-step process, which first involves setting up an SSL for each WebLogic Server in your domain, including the administration server. When this task is complete, you can enable the administration port feature. Finally, you must modify the startup scripts for each managed server in the domain so they use the SSL protocol and the administration port to connect to the administration server.

Caution

After you enable the Administration port, no communication between the administration and managed servers is possible over the plain-text HTTP protocol. Only communication using the secure HTTPS protocol is allowed.

The following steps will guide you through enabling the SSL protocol for each WebLogic Server in your domain, using the default certificate (democert.pem) and private keys (demokey.pem) provided with WebLogic Server:

Caution

The default WebLogic certificate and private keys are for demonstration purposes only. They should be used only to proof an SSL configuration.

  1. From the Server node in the left pane of the Administration Console, select a WebLogic Server.

  2. In the Connections, SSL tab, enter the following information, as shown in Figure 24.12:

    Setting the demonstration SSL attributes for the SSL protocol using the Administration Console.

    Figure 24.12. Setting the demonstration SSL attributes for the SSL protocol using the Administration Console.

    • Server Certificate File Name—Enter democert.pem.

    • Hostname Verification Ignored—Enable this option.

      Note

      The Hostname Verification Ignored attribute should be enabled only for demo or trial certificates.

    • Server Key File Name—Enter demokey.pem.

    • Trusted CA File Name—Enter ca.pem.

    Note

    Using ca.pem for Trusted CA File Name is required only for two-way SSL communication.

    Click Apply.

  3. In the Connections, SSL Ports screen, make sure you have enabled the SSL Listen Port, as shown in Figure 24.13, and click Apply.

    Enabling the SSL protocol for a WebLogic Server.

    Figure 24.13. Enabling the SSL protocol for a WebLogic Server.

The following steps will guide you through enabling the administration port for your domain using the Administration Console:

  1. Click the name of your domain in the left pane.

  2. Click the Configuration, General tab in the right pane to display the domain’s general configuration information.

  3. Select the Enable Domain Wide Administration Port checkbox in the right pane, as shown in Figure 24.14.

    Enabling the Domain Wide Administration Port.

    Figure 24.14. Enabling the Domain Wide Administration Port.

  4. Enter a value in the Domain Wide Administration Port field to specify the default administration port that all servers will use. By default, this value is set to 9002. Click Apply.

  5. Shut down all the WebLogic Server instances in your domain, including the administration server.

Before starting the WebLogic Servers, make sure you have modified the startup scripts for your WebLogic Servers as follows:

  • Ensure you have specified the following startup options for the JAVA_OPTION variable in both the startWebLogic.cmd and startManagedServer.cmd scripts:

    -Dweblogic.security.SSL.ignoreHostnameVerification=TRUE

-Dweblogic.security.SSL.trustedCAKeyStore=d:eaweblogic700serverlibcacerts

    Caution

    Even though you have enabled this feature via the Administration Console, there is currently a problem with the managed servers acknowledging this feature has been enabled. It is only for this reason that you have to be explicit in the startup script of the managed servers.

  • For each managed server’s startup script (startManagedServer.cmd), ensure the ADMIN_URL variable specifies the SSL protocol for connecting to the administration server port, as in this example:

    SET ADMIN_URL=https://host:admin_port

To restart your domain’s WebLogic Servers, start the administration server first. To use the Administration Console from this point onward, you will need to use the HTTPS protocol and the defined administration port, as shown in this example:

https://host:admin_port/console

You should validate the default administration channel using the Connections, Summary tab in the Administration Console, as shown in Figure 24.15.

Validating the configuration of your administration port.

Figure 24.15. Validating the configuration of your administration port.

After you start your administration server and validate the default administration port settings, you can start your managed servers using their respective startup scripts.

Note

If you run into any SSL handshake problems, they imply that you have not correctly set the SSL attributes via the Administration Console, or the Hostname Verification Ignored startup option has not been specified in your startup scripts. In such a case, make sure you have declared the following options in your startup scripts:

-Dweblogic.security.SSL.ignoreHostnameVerification=TRUE
-Dweblogic.security.SSL.trustedCAKeyStore=d:eaweblogic700serverlib
cacerts

Configuring a Network Channel

The following steps will guide you through configuring a network channel, which you can then assign to the WebLogic Servers in your domain:

  1. Select the Network Channels node in the left pane of the Administration Console.

  2. Click Configure a New Network Channel in the right pane.

  3. From the Configuration, General tab, enter the following attribute values for the new network channel, as shown in Figure 24.16:

    Configuring a network channel using the Administration Console.

    Figure 24.16. Configuring a network channel using the Administration Console.

    • Name—Enter a name to identify the network channel—for example, MyNetworkChannel.

      Caution

      Do not use a name that begins with .WL because the WebLogic Server reserves this prefix internally for the naming of channels.

    • Description—Even though this field is optional, it is good administration practice to describe what purpose the network channel will have in your WebLogic domain.

    • Listen Port Enabled—Enable the nonsecure listen port.

    • Listen Port—Leave the default listen port number as 8001.

    • SSL Listen Port Enabled—Enable the secure listen port.

    • SSL Listen Port—Leave the default SSL listen port number as 8002.

    • ClusterAddress—Leave the cluster address blank.

    • T3 Enabled—Enable the T3 protocol.

    • T3S Enabled—Enable the T3S protocol.

    • HTTP Enabled—Enable the HTTP protocol.

    • HTTPS Enabled—Enable the HTTPS protocol.

    • Tunneling Enabled—Disable HTTP Tunneling using the network channel.

    • COM Enabled—Disable COM-based network traffic.

    Click Apply to create a network channel.

  4. Select the Configuration, Tuning tab to change the backlog and timeout attributes for the new channel. Keep the default settings for the purposes of this example and click Apply.

  5. Select the Configuration, Protocols tab to configure protocol support for the new channel. Keep the default settings for the purposes of this example and click Apply.

  6. Select the Targets, Servers tab to select the WebLogic Servers in the domain that will use the new channel. Select one or more servers in the Available column and use the arrow button to place the server in the Chosen column.

  7. Click Apply to assign the network channel to the chosen servers or clusters.

To use the new channel port designations, you must reboot any servers that you assigned as targets. You can view the new network configuration for the assigned server using their respective Connections, Summary tab in the Administration Console.

Understanding Network Access Points

A network access point (NAP) is an optional configurable resource that is used in the context of a network channel to override certain network channel attributes on a per-server basis. For example, because all network channels inherit their listen address from their target WebLogic Server’s default network channel, you can use NAPs to override this value to take advantage of multiple NICs with different IP addresses or multiple IP addresses assigned to one NIC. However, only one NAP can be assigned to each defined network channel on a WebLogic Server instance.

You can leverage together network channels and NAPs as follows:

  • You can define separate network channels for nonsecure and secure connections and assign them to different IP addresses, as shown in Figure 24.17.

    Using network channels and NAPs to segment nonsecure and secure network traffic in a WebLogic domain.

    Figure 24.17. Using network channels and NAPs to segment nonsecure and secure network traffic in a WebLogic domain.

  • You can physically separate incoming client traffic from internal server-server traffic for a specific WebLogic Server domain through the definition and assignment of two network channels using unique IP addresses, where one channel has no support for outgoing connections. Such a configuration, known as an edge server configuration, is shown in Figure 24.18.

    Using network channels and NAPs in an edge server configuration.

    Figure 24.18. Using network channels and NAPs in an edge server configuration.

Note

You can also use network channels with different port numbers to logically segment external client and internal server-server network traffic.

If you do not configure a NAP for a network channel, the WebLogic Server instance uses the configuration associated with the network channel to generate a new network connection.

Leveraging Network Access Points in Your Network Channel

As stated earlier, NAPs in conjunction with network channels allow you to leverage multiple NICs and IP addresses, enabling you to physically segment the network traffic within your WebLogic domain. To showcase how you can use NAPs, this section describes how to create an edge server configuration, similar to Figure 24.18.

Tip

If you do not have multiple IP addresses on your machine, you can use ports instead of IP addresses to logically segment your network traffic because the principle is still the same.

As shown in Figure 24.19, the network channel and NAP configuration required for this example are as follows:

A simple edge server configuration example showcasing the use of network channels and NAPs.

Figure 24.19. A simple edge server configuration example showcasing the use of network channels and NAPs.

  • An ncPublic network channel will be created to allow public incoming and outgoing network traffic. However, it will not be configured to allow server-server connections between WebLogic Servers in a domain. For this reason, this channel will be assigned to the WebLogic Server that will accept network connections from clients (the edge server). In this example, the AdminServer will serve as the edge server.

  • The ncPublic network channel will use the same IP address assigned to the default network channel.

  • An ncInternal network channel will be created to service all server-server connections from the edge server (AdminServer) to the managed servers, which in this example will be mServer.

  • The ncInternal network channel will use NAP to be assigned to a unique private IP address on the edge server.

The following steps will guide you through creating your edge server configuration:

  1. To create the ncPublic and ncInternal network channels, use the steps described earlier in this chapter in the “Configuring a Network Channel” section.

  2. Using the Targets, Server tab for each channel, as shown in Figure 24.20, assign the newly created network channels to their WebLogic Servers as follows:

    Assigning the network channels to their WebLogic Servers.

    Figure 24.20. Assigning the network channels to their WebLogic Servers.

    • Assign the ncPublic channel to your edge server (AdminServer).

    • Assign the ncInternal channel to your edge and support (mServer) servers, respectively.

    Click Apply.

  3. For the ncPublic network channel, disable the Outgoing Enabled option using the Configuration, Tuning tab, as shown in Figure 24.21.

    Disabling the Outgoing Enabled option for a network channel.

    Figure 24.21. Disabling the Outgoing Enabled option for a network channel.

  4. In the left pane, select the edge server (AdminServer) and display the Connections, Tuning tab.

  5. Click the Channel Overrides link.

  6. From the displayed assigned network channels, select the ncInternal channel because this is the channel where you will be applying the new NAP settings (overriding default network channel settings).

  7. From the Configuration, General tab, enter a new listen address for this channel, as shown in Figure 24.22.

    Creating a NAP for the listen address of a network channel.

    Figure 24.22. Creating a NAP for the listen address of a network channel.

    If you do not have multiple IP addresses, you can override the default ports for both the listen and SSL ports. This way, you can logically segment your network traffic from the ncPublic channel.

  8. Click Apply to save your NAP settings.

Tip

You should always use NAPs to explicitly specify the listen address of a network channel on a machine that has multiple NICs. If you leave the listen address blank or use Localhost, the network channel’s listen port and SSL listen ports will be bound to all available IP addresses on the NICs.

Managing Your WebLogic Servers Using the Node Manager

When you have a production WebLogic domain consisting of distributed managed servers, it is important for critical tasks such as starting, stopping, killing, and restarting the managed servers to be performed in the most efficient manner. Rather than creating your own scripts to perform these tasks, you can use the Node Manager.

The Node Manager, as shown in Figure 24.23, is a standalone Java program that can be leveraged to improve the availability of your distributed managed servers within a WebLogic domain by performing the following automated administration tasks:

The architecture and operation of a Node Manager within a WebLogic domain.

Figure 24.23. The architecture and operation of a Node Manager within a WebLogic domain.

  • Monitor the quality of health of one or managed servers and restart those managed servers that are deemed to be in a Failed state.

  • Provide auto detection and restart of crashed managed servers (through system crashes, hardware reboots, or server failures).

  • Remotely start up, shut down, or force shutdown (kill) individual managed servers, as well as a whole domain or cluster of managed servers.

Note

You cannot automatically restart managed servers that were booted without using the Node Manager (for example, servers started directly from scripts or the command line). To automatically restart managed servers, you must configure and start the servers using the Node Manager.

You can use the Administration Console to shut down a managed server, but you cannot use it to start a managed server without employing a Node Manager.

As illustrated in Figure 24.23,

  • The Node Manager is a separate Java process from WebLogic Server and runs on the same physical machine as the WebLogic Server you want to remotely manage.

  • Communication is dispatched from the administration server to the Node Manager using the Administration Console or weblogic.Admin utility.

  • A Node Manager can monitor the health of one or more managed servers running on one machine, even if those managed servers belong to different WebLogic domains.

  • The Node Manager can be run as a Windows service or Unix daemon to ensure it is always running, even after a machine is rebooted. This is imperative for a production environment.

  • All communications between the administration server and the managed servers via the Node Manager occur using SSL; hence, all managed servers must have SSL enabled.

    Note

    The Node Manager is specifically meant for operations only on managed servers. Hence, you cannot use the Node Manager to start, shut down, or kill the administration server.

  • The operations and events of the Node Manager are written to the Node Manager log file.

  • The Node Manager software must be at the highest release of all the managed servers it is monitoring on that machine node. Also, you can use it only with WebLogic Server software that is version 6.1 SP2 and higher.

Configuring the Node Manager on a Machine Node

Now that you have learned the objectives and reasons for using a Node Manager within a distributed WebLogic domain, the next step is to learn how to configure and start the Node Manager.

The steps in the following sections guide you through the process of configuring a Node Manager on the machine nodes where your managed servers are located.

Step 1: Configuring Your Trusted Hosts

To ensure the Node Manager receives only legitimate and trusted communication, you need to explicitly specify the network address of the administration server machines from which the Node Manager node will be receiving connection requests.

You can do so by editing the nodemanager.hosts text file located in the WL_HOME common odemanagerconfig directory and entering the IP address or DNS names of the administration servers that will be initiating Node Manager connections. You need to perform this task only for the machines that will be hosting managed servers.

If you specify a DNS name for an administration server in nodemanager.hosts, you will need to enable reverse DNS lookup in the Node Manager startup script using the following command-line argument:

-Dweblogic.nodemanager.reverseDnsEnabled=true

Note

By default, reverse DNS lookup is disabled for a Node Manager.

Step 2: Configuring SSL Communication Between the Administration Server and Managed Servers

All communications between administration servers and the Node Manager use the SSL protocol, which requires the use of the same public key infrastructure as WebLogic Server 7: a certificate as well as a private key. To enable SSL, you have two options:

  • You can use the default WebLogic Server demonstration key and certificate files (demokey.pem and democert.pem), which will help you to quickly enable SSL communication in a development or test environment.

  • You can obtain your own digital certificates and private keys, which are required within a production WebLogic Server deployment environment.

Because using the default WebLogic Server demonstration key and certificate files is the fastest and easiest roadmap for configuring SSL within a WebLogic domain, use the same steps to enable SSL as discussed in the section “Enabling the Administration Port” earlier in this chapter. The administration server SSL configuration applies to the domain as a whole.

Step 3: Configuring the Node Manager Machines

Because the administration server is the client of the Node Manager, it must be configured to recognize the following:

  • The managed servers that will be managed and monitored using the Node Manager

  • The machine nodes that host the managed servers in the domain

  • The listen address and port number it will use to connect to the Node Manager process running on machine node

The first two points can be accomplished by following the steps to configure the machines and servers using the Administration Console, described earlier in this chapter. These steps ensure you have mapped the managed servers to their respective machine nodes.

To configure the listen address and port number the administration server will use to connect to a Node Manager process, follow these steps:

  1. Select the machine on which the Node Manager will be hosted in the left pane of the Administration Console.

  2. Select the Configuration, Node Manager tab, and enter the following information:

    • Listen Address—Enter the host name or IP address the Node Manager will use for incoming requests from the administration server. (The default is Localhost.)

    • Listen Port—Enter the port number on which the Node Manager will listen for requests. (The default is 5555.)

  3. Click Apply.

Step 4: Specifying the Managed Server’s Startup Information

You should have a consistent set of startup arguments for each managed server in your domain, regardless of the startup method you use. For a Node Manager to start a managed server successfully, it must receive that managed server’s startup arguments and environment information from the administration server.

To enter these startup arguments and environment information for each managed server using the Administration Console, follow these steps:

  1. In the left pane, select Servers; then select the name of the managed server that will be remotely started using the Node Manager.

  2. Select the Configuration, Remote Start tab in the right pane to display the managed server’s startup configuration.

  3. As shown in Figure 24.24, edit the following attributes for starting the respective managed server:

    Configuring a managed server’s startup information via the Node Manager.

    Figure 24.24. Configuring a managed server’s startup information via the Node Manager.

    • Java Home—Enter the fully qualified path of the Java home directory (Java Runtime Environment, or JRE), which will be used to start the managed server. For example, if you are using the JRE provided by BEA, you can enter <drive>:eajdk131.

    • BEA Home—Enter the root directory of the BEA-installed products and license—for example, <drive>:ea.

    • Root Directory—Enter the root directory of the managed server domain—for example, <drive>:eauser_projectsdomain_name. This will also serve as the directory for lookups by the applications deployed in the respective managed server.

    • Class Path—Specify the CLASSPATH variable to use when starting the managed servers, which must include the weblogic.jar and weblogic_sp.jar files—for example,

      drive>:eaweblogic700serverlibweblogic.jar
drive>:eaweblogic700serverlibweblogic_sp.jar

    • Arguments—Specify any additional arguments to pass to the JVM—for example, the JAVA_OPTIONS arguments specified in the managed server’s startup script.

    • Security Policy File—Enter the fully qualified path to the weblogic.policy file.

    • Username—Enter the name of a user who has the credentials to start the managed server.

    • Password—Leave the password as is, unless you need to change it.

    Caution

    Do not add a at the end of each of the paths because it will cause an error starting the respective managed server.

  4. Click Apply.

You have now completed all the steps required to configure the Node Manager and the managed servers that will be managed via the Node Manager.

Starting the Node Manager Process

You can start the Node Manager Java program by using one of the following methods:

  • Manually, using the java command at the command prompt.

  • Invoking a startup script.

  • As a Windows service or Unix daemon process, which enables the Node Manager to be automatically started whenever its hosting machine is booted. This is the recommended startup method for production WebLogic environments.

Because you have to specify the same Node Manager environment variables and properties regardless of the startup method you select, you should use the startup script initially. This approach allows you to easily proof your Node Manager startup settings. When you have the Node Manager fully operational with the ability to start, monitor, and shut down a managed server via the Administration Console, you can implement a Windows service or Unix daemon with a proven set of Node Manager environment variables and properties.

The following sections discuss how to configure and start the Node Manager using a startup script and then how to create a Node Manager Windows service.

Starting the Node Manager Using a Startup Script

The default Node Manager startup script, named startNodeManager.cmd, is located in the WL_HOME serverin directory, where WL_HOME is the WebLogic Server installation directory (C:eaweblogic700 by default). To start the Node Manager, you need to review and edit the environment variables and properties (startup arguments) set in this file using any text editor. To assist in this task, you can use the Node Manager and WebLogic environment variables and properties described in Table 24.3 as a guide for correctly configuring your Node Manager startup script.

Table 24.3. The Environment Variables and Properties for a Node Manager Startup Script

Node Manager Startup Variables and Properties

Description

%NODEMGR_HOME%

The Node Manager working directory for storing output and log files

%JAVA_HOME%

The root directory of the installed JDK used to start the Node Manager

%DOMAIN%

The root directory of the managed server domain

%MEM_ARGS%

The memory arguments you want to pass to the JVM

-Dbea.home

The directory where the BEA license files are located

-Djava.security.policy

The path to the WebLogic security policy file

-Dweblogic.nodemanager.sslHostNameVerificationEnabled

Determines if the Node Manager performs host name verification

-Dweblogic.nodemanager.javaHome

The Java home directory that Node Manager uses to start the managed servers

-Dweblogic.nodemanager.reverseDnsEnabled

Determines if DNS names will be used instead of an IP address for the listen port

Dweblogic.ListenAddress

The address on which Node Manager listens for connection requests

Dweblogic.nodemanager.keyFile

The path to the private key file to use for SSL communication

Dweblogic.security.SSL.trustedCAKeyStore

The path to the KeyStore that contains the certificates of trusted authorities

Dweblogic.nodemanager.certificateFile

The path to the certificate file used for SSL authentication

The following are sample values that can be assigned to the environment variables and properties described in Table 24.3:

WL_HOME=C:eaweblogic700

NODEMGR_HOME=%WL_HOME%common
odemanager

JAVA_HOME=C:eajdk131_03

DOMAIN=c:eauser_projects

MEM_ARGS=-Xms32m -Xmx50m

-Djava.security.policy=%WL_HOME% serverlibweblogic.policy

-Dweblogic.nodemanager.sslHostNameVerificationEnabled=false

-Dweblogic.nodemanager.javaHome=%JAVA_HOME%

-Dweblogic.nodemanager.sslHostNameVerificationEnabled=FALSE

weblogic.nodemanager.reverseDnsEnabled=TRUE

-Dweblogic.ListenAddress=SOCRATES

-Dweblogic.ListenPort=7266

-Dweblogic.nodemanager.javaHome=%JAVA_HOME%

-Dweblogic.nodemanager.keyFile=c:eauser_projectsobjectminddemokey.pem

-Dweblogic.nodemanager.certificateFile=c:eauser_projectsobjectminddemocert.pem

After you appropriately edit the Node Manager startup arguments, you can start the Node Manager from the command line by executing the startNodeManager.cmd command, as shown in Figure 24.25.

The startup console for the Node Manager.

Figure 24.25. The startup console for the Node Manager.

Creating a Node Manager Windows Service

The script that is used to create a Node Manager service, named installNodeMgrSvc.cmd, is located in the WL_HOME serverin directory. You need to edit this file before it can be invoked, similar to the startNodeManager.cmd script, to ensure the Node Manager’s service name and startup arguments are set according to your WebLogic environment.

You also need to reflect the changes you make in the uninstallNodeMgrSvc.cmd file, which is the script used to uninstall the Node Manager service.

After the Node Manager service is created, you can start and stop it using the Windows Service Manager.

Remotely Starting the Managed Servers

After a Node Manager is successfully started on a machine, you can engage in starting one, multiple, or a cluster of managed servers on that machine in the context of a WebLogic domain using the Administration Console.

Note

All managed servers you intend to remotely start must be configured as described earlier in the section “Step 4: Specifying the Managed Servers Startup Information.”

To start a managed server—for example, mServer that was created earlier in this chapter—using the Administration Console, follow these steps:

  1. From the Servers node, select the name of the configured server you want to start (mServer).

  2. Select the Control, Start/Stop tab in the right pane.

  3. Click the Start This Server link.

  4. Click Yes or No to verify your selection.

When you start a managed server using the Administration Console via the Node Manager, you can view the startup messages using the Details tab, as shown in Figure 24.26.

Reviewing the startup messages for a remotely started managed server.

Figure 24.26. Reviewing the startup messages for a remotely started managed server.

To stop the server, you can perform the same steps except that you select the shutdown option. You can also use the Administration Console to start and stop all the managed servers in a cluster or in a domain, as long as the managed servers are configured for remote start.

The Node Manager always starts or restarts a managed server in its last runtime state, regardless of the startup mode you have specified.

Reviewing the Node Manager–Associated Log Files

If you incur any problems starting a Node Manager or while starting or stopping managed servers via the Node Manager, reviewing the log files associated with Node Manager should be your first task in diagnosing the root cause of the problem. These files hold valuable information that will help you isolate the problem.

The log files related with a Node Manager and the managed servers it starts are located on the machine that hosts the Node Manager within the NodeManagerLogs directory, which is within the directory specified by the %NODEMGR_HOME% variable in the startNodeManager.cmd script.

The Node Manager Startup Log Files

Each time a Node Manager is started, the related startup and status messages are written to a unique log file named NodeManagerInternal_timestamp, which is located in the NodeManagerInternal subdirectory of the NodeManagerLogs directory. You should view this file using a text editor to ensure there are no problems with the startup or operation of the Node Manager.

Tip

Because the NodeManagerInternal_ timestamp file is created each time you start a Node Manager, whether or not the startup process is successful, it is good practice to delete the log files that are no longer required.

The Managed Server Log Files

For each managed server that is successfully started using the Node Manager, a separate log file subdirectory is created under the NodeManagerLogs directory. The naming convention used for these managed server directories is domain_server, where domain represents the name of the domain and server represents the name of the managed server.

The files generated for each started managed server in this directory are as follows:

  • Managed_Server_Name_pidStores the process ID of the managed server to enable the administration server to kill the managed server via the Node Manager.

  • config.xml—. Is the configuration property file that is used to start the managed server. This subset of the domainwide config.xml file is copied from the administration server upon the managed server’s connection.

  • Managed_Server_Name_ log—. Stores the startup information of the managed server.

  • Managed_Server_Name_ error_log—. Stores any error messages related to the managed server.

Caution

BEA recommends not deleting this file when a managed server is running.

Alternatively, you can also view the log files on the administration server. The NodeManagerClientLogs directory, which is located in the root directory of the administration server, contains a log file subdirectory for each managed server that is started via the Node Manager.

Tip

If you are having problems starting a managed server via the Node Manager for the first time, there is a possibility that no managed server log files will be generated because this depends on how far the startup process goes before it fails. For this reason, you should initially review the Node Manager log (NodeManagerInternal_timestamp) if you have problems starting a managed server.

Monitoring the Health of Your WebLogic Domain Using the Node Manager

The Self-Health monitoring capability is a new feature of the WebLogic Server; it enables decoupled critical subsystems such as the WebLogic Server Kernel, JMS, and JTA to provide feedback on their health to determine the overall health of a WebLogic Server instance.

When a WebLogic Server starts, all self-health–enabled subsystems register themselves with their Health Monitoring System. Rather than the WebLogic Server determining the health of these subsystems, which can be a resource/performance overhead, each of the registered subsystems is responsible for internally and asynchronously monitoring its own health based on criteria specific to its subsystem. If at any point a self-health–enabled subsystem determines it can no longer operate in a consistent and reliable manner, it registers a Failed health state with its associated runtime MBean—for example, the JMSRuntimeMBean for a JMS subsystem.

To determine the overall health of a WebLogic Server instance, the Health Monitoring System periodically (the default is 180 seconds) queries the health state attribute of the runtime MBeans associated with self-health–enabled subsystems. If any of these subsystems are found to be in a Failed state, the overall state of the associated WebLogic Server instance is also considered to be in a Failed state because the overall health of a WebLogic Server instance is determined as the sum of all the registered subsystems.

To improve the reliability and availability of your WebLogic domain, you can use the Health Monitoring System in conjunction with the Node Manager to ensure managed servers that are deemed to be in a Failed state are immediately shut down and, if required, restarted again. A Node Manager can deem a managed server to be in Failed state for a number a reasons; the following are some examples:

  • The managed server has crashed.

  • The managed server is hung and hence not responding.

  • The managed server is not responding to any health check queries, which could be because it is busy.

  • One or more critical self-health monitoring services have declared a Failed state.

The only caveat is that the Node Manager can monitor the health state of only those managed servers it has started.

To configure a Node Manager to monitor a managed server’s health, you need to edit the managed server’s Health Monitoring attributes, which you can do using the Administration Console as follows:

  1. From the Administration Console, select the name of the managed server you want to configure for automated health monitoring using the Node Manager—for example, mServer.

  2. Select the Configuration, Health Monitoring tab.

  3. From the displayed managed server’s automated restart and monitoring attributes, as shown in Figure 24.27, enable and edit those that pertain to your health monitoring requirements using the attribute descriptions in Table 24.4 as a guide.

    A managed server’s self-health monitoring attributes.

    Figure 24.27. A managed server’s self-health monitoring attributes.

  4. Click Apply.

Table 24.4. The Node Manager Self-Health Monitoring Attribute Descriptions

Health Monitoring Attribute

Description

Auto Restart

This attribute should be enabled to ensure the Node Manager restarts a managed server that has been shut down. (This attribute is enabled by default.)

Auto Kill If Failed

This attribute enables the Node Manager to automatically kill a managed server after its health state has been deemed to be in a Failed state.

Restart Interval

If Auto Restart is enabled, this attribute specifies the length of time (seconds) during which the Node Manager will attempt to restart the managed server. The default is 3600 seconds or one hour. (This value should be a reflection of the duration of time before human intervention is a necessity.)

Max Restarts Within Interval

If Auto Restart is enabled, this attribute specifies the maximum number of times a Node Manager can restart the managed server during the Restart Interval. The default is 2. (If a managed server needs to be restarted more than twice during the Restart Interval, there is a high degree of probability the managed server will continue to fail, and the root cause of the problem will need to be immediately discovered.)

Health Check Interval

This attribute specifies the interval of time (seconds) between which periodic scans are performed by the Node Manager to verify whether the managed servers are in a Failed state. The default is 180 seconds. (The value should be set in accordance to the stability and criticality of the deployed application or applications on the managed server.)

Health Check Timeout

This attribute specifies the length of time (in seconds) the Node Manager will wait for a response to the health check query after which it will deem the monitored managed server to be in a Failed state. The default is 60 seconds. (This value should be based on the managed server’s response time during its peak transaction period, which can prevent the server from being prematurely deemed to be in a Failed state.)

Restart Delay Seconds

This attribute specifies the duration of time the Node Manager will wait after a managed server has been restarted before it initiates its health monitoring activities. The default is 120 seconds. (You should set this attribute based on a proven time period for the successful start and the deployed application activity of a managed server.)

Note

Disabling the Auto Restart and enabling the Auto Kill If Failed attributes will cause a Node Manager to kill a Failed managed server if a Failed state is detected. However, the managed server will not be restarted.

Because a Node Manager can apply the Health monitoring and subsequent shutdown and restart activities only on those servers it starts, you need to shut down and then restart those servers that will be monitored via the Node Manager.

Understanding the WebLogic Server Logs

From a WebLogic Server administration perspective, you should become familiar with two types of log files: the domainwide and local WebLogic Server log files. These log files not only provide information on the condition and the events that are occurring within your WebLogic Server, but they also serve as a vital resource for performing root cause analysis in the advent of any problems that may occur with the operation of your WebLogic Server or deployed applications.

The default name and location of a WebLogic Server’s local log file is server server.log, where server is the name of the WebLogic Server and the log file path is relative to the root directory from which the respective WebLogic Server is started. The default name of the domainwide log file is wl-domain and is located in the root directory from which the administration server is started.

The administration server has a local as well as a domainwide log file associated with it.

The logging subsystem of WebLogic Server is responsible for the event logging operation, and it outputs messages to both the local and domainwide log files using a consistent set of attributes, as shown in Table 24.5.

Table 24.5. The Logging Attributes of the WebLogic Server Log Files

Attribute

Description

Timestamp

The time and date when the message was created.

Severity

The degree of criticality of the event or condition as follows:

 

INFO

 

Specifies normal operation.

 

WARNING

 

Specifies suspicious activity or configuration that should not impact the normal operation of WebLogic Server.

 

ERROR

 

Specifies an error has occurred in WebLogic Server or application with limited degradation of operation.

 

NOTICE

 

Specifies a monitoring message with the same severity level as INFO and WARNING.

 

CRITICAL

 

Specifies an error has occurred with permanent loss or degradation of service.

 

ALERT

 

Specifies a specific subsystem has failed and immediate administrative attention is required to recover the subsystem.

 

EMERGENCY

 

Specifies WebLogic Server is in a Failed state and must be shut down.

Subsystem

The WebLogic Server subsystem that was the source of the message.

Message Source

The origin of the message—for example, Server Name, Machine Name, Thread ID, or Transaction ID.

User ID

The user from the security context that caused the message to be created.

Message ID

A six-digit identifier used to uniquely identify the message.

Message Description

The description of the related event.

The following sections discuss how you can use the Administration Console to modify the logging operations and output related to the local and domainwide log files, respectively.

Modifying the Logging Behavior of the Local Log File

The logging characteristics for a local log file can be modified on a per WebLogic Server basis, using the following tabs in the Administration Console:

  • Logging, General tab

  • Logging, Rotation tab

You can also enable WebLogic Server to create separate local HTTP, JDBC, and JTA subsystem log files.

The following sections describe each of these tabs.

The General Tab

From the General tab, as shown in Figure 24.28, you can specify the following attribute values:

A WebLogic Server’s Logging, General tab.

Figure 24.28. A WebLogic Server’s Logging, General tab.

  • File Name—Specifies the location and name of the WebLogic Server’s Local log file.

    Caution

    If you modify the local log filename, you will need to restart WebLogic Server to enable the logging activities to occur to the new file.

  • Log to Stdout—Specifies whether logging information should be sent to standard output as well as the local log file. This is enabled by default.

  • Debug to Stdout—Specifies whether debug messages should be sent to the standard output. This is disabled by default.

  • Stdout Severity Threshold—Specifies the severity level of the messages sent to the standard output, if it has been enabled.

The Rotation Tab

By default, WebLogic Server’s local log file will grow in size indefinitely. To keep the log file to a manageable and viewable size, you can rotate the log file based on its size or on a specific time interval. Upon rotation, the current log file is renamed by adding a sequence number suffix, and a new local log file is created, which will store all subsequent WebLogic Server messages. For example, if you have a log file named AdminServer.log, after the first rotation, it will be renamed AdminServer.log00001.

You can specify the rotation criteria for your local log file using the Rotation tab, as shown in Figure 24.29.

WebLogic Server’s Logging, Rotation tab.

Figure 24.29. WebLogic Server’s Logging, Rotation tab.

From the Rotation tab, you can specify the following:

  • Rotation Type—The criteria to rotate the local log file, which are None, By Size, and By Time. If you select None, your local log file will not rotate.

  • File Min Size—If you selected to rotate the log file using the By Size criteria, you will need to specify the maximum size of the log file upon which it is rotated.

  • Rotation Time—If you selected to rotate the log file using the By Time criteria, you will need to specify the starting time for the time-based rotation to occur. You can create a recurring or nonrecurring start time using the MM-dd-yyyy-k:mm:ss date-time format, where

    • MM—Month

    • dd—Day in the month

    • yyyy—Year

    • k—Hour in the day (1–24)

    • mm—Minute in the hour

    • ss—Second in the minute

    For example, if you want to start the time-based rotation in your current day at 12:55 p.m., you can just enter 12:55.

    Caution

    Log rotation by time is based on the time stamp of the local log file. For this reason, you should not modify the log file, thus causing the time stamp to change.

  • File Time Span—If you selected time-based rotation, you can specify the number of hours between each log file rotation. The minimum is one hour.

  • Number of Files Limited and File Count—If you selected either the size or time-based rotation, enabling this option specifies the File Count number of rotated log files to create, before the oldest log file is overwritten.

You do not need to restart WebLogic Server after you specify your rotation criteria.

Modifying the Logging Behavior of the Domainwide Log File

You can modify the name and rotation criteria for the default domainwide log file using the domain’s Configuration, Logging tab in the Administration Console, as shown in Figure 24.30.

Modifying the default domainwide log file attributes.

Figure 24.30. Modifying the default domainwide log file attributes.

Even though messages of varying severity levels are broadcast by managed servers within a domain via their own JMX facilities, the administration server’s Message Listener, by default, filters out messages with the ERROR severity level and higher and writes them to the domainwide log file. Hence, the domainwide log provides only an overall summary of the status of the domain.

DEBUG and stack trace messages are never broadcast from managed servers to the administration server.

However, if you have a service-level agreement that warrants the need to monitor domainwide messages with a different minimum severity level, it is very impractical to try to perform this task by accessing the local WebLogic Server log files, especially if you have a large and distributed WebLogic domain.

When you require comprehensive domainwide log monitoring, you can override this default filter for specific WebLogic Servers in your domain by creating a domain log filter, which can be customized to receive messages based on different criteria.

The following steps describe how to create a domain log filter using the Administration Console:

  1. Click the Domain Log Filters node in the left pane.

  2. From the right pane, click Configure a New Domain Log Filter.

  3. In the Configuration tab, as shown in Figure 24.31, enter the following information:

    Creating a domain log filter.

    Figure 24.31. Creating a domain log filter.

    • Name—Enter a name that will uniquely identify the domain filter—for example, dfmServer, which can be assigned to mServer.

    • Severity Level—Enter the minimum severity level of the messages to be written to the domainwide log file.

    • User Ids—Enter the user IDs of the users associated with the broadcast messages. If you do not select any users, all users from the security context will be logged.

    • Subsystems—Select the subsystems from which you want to receive messages. If you do not select any subsystems, messages from all subsystems will be logged.

  4. Click Create to create the domain log filter.

  5. From the Targets tab, as shown in Figure 24.32, select the WebLogic Servers the filter will apply to and click Apply.

    Assigning a domain log filter to WebLogic Server.

    Figure 24.32. Assigning a domain log filter to WebLogic Server.

Note

Only one domain log filter can be assigned to a WebLogic Server.

You can also enable and reselect the domain log filter for a specific WebLogic Server using the Logging, Domain tab in the Administration Console for a specific WebLogic Server, as shown in Figure 24.33.

Enabling and selecting a domain log filter for WebLogic Server.

Figure 24.33. Enabling and selecting a domain log filter for WebLogic Server.

Summary

WebLogic Server is, in essence, a management system, and similar to other types of software management systems, such as relational database management systems, it has an administration aspect that must be addressed. Every organization that uses WebLogic Server as a deployment platform for its J2EE applications requires a WebLogic Server administrator who is theoretically and practically versed with the WebLogic Server product and its operating environment, also known as a WebLogic domain.

This chapter described the concepts, skills, and practical knowledge necessary for you to confidently create, configure, and manage a WebLogic domain as a true WebLogic Server practitioner.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset