You can improve performance and increase the availability of the system by using load
balancing. Load balancing distributes tasks across all available processors and enhances
processing capacity and scalability. You can configure load balancing for IBM® Rational® DOORS® Web Access by using Apache HTTP Server.
About this task
In this procedure, you will do these steps:
- Prepare the SSL keystore.
- Configure Rational DOORS Web Access server 1 as a load balancing server.
- Configure Rational DOORS Web Access servers 2 to n as a
load balancing servers.
- Modify the httpd.conf and
httpd-ssl.conf files.
- Start Apache HTTP Server.
- Start Rational DOORS Web Access components.
- Start Rational DOORS Web Access server 1.
- Start Rational DOORS Web Access servers 2 to n.
For the purposes of this procedure, assume that Apache HTTP Server is configured to
expose port 8443 for public access. All requests are redirected to internal servers;
for example, private_host_1 on port 7443 or
private_host_2 on 6443. Depending on your environment, the
port that Apache Tomcat is configured to use might be set to a different value to
avoid port conflicts.
Procedure
- Place a valid SSL certificate key file in an accessible location on your
system.
- Configure Rational DOORS Web Access servers 1 through n as
load balancing servers:
- Open the festival.xml file, which is in the
/server/festival/config/ directory. Set the
instanceId parameter to a unique value in this
format:
48819f14-cecd-49d2-a91a-20e646b83f71
- Copy and increment that value on each server in the cluster; for
example:
On server 2, use
48819f14-cecd-49d2-a91a-20e646b83f72
On
server 3, use
48819f14-cecd-49d2-a91a-20e646b83f73
- Open the server.xml file, which is in the
server/conf directory. Change all of the port
settings in the file to unique values so that a unique set of values is
on each server in the cluster. Modify these values:
Server port="8005"
Connector port="8080"
redirectPort="8443"
port="8443"
Connector port="8009"
- In the server.xml file, add the
jvmRoute to the engine element. Change this
entry:
<Engine name="Catalina" defaultHost="localhost">
to:<Engine name="Catalina" defaultHost="localhost" jvmRoute="DWAbalance1">
where
the jvmRoute value is unique for each of the
Rational DOORS Web Access server instances.
Those values
correspond to routing assignments in the Apache web server, as shown
in 3.c. The
load balancing server uses the routing assignments to support sticky
sessions, which direct user requests to the same server during a
single session.
- Repeat the previous step for each Rational DOORS Web Access server.
Increment the jvmRoute value for each server; for
example: DWAbalance3, DWAbalance4,
DWAbalance5.
- Configure the Apache HTTP Server to process SSL requests by editing the
httpd.conf file, which is in the
conf directory in the Apache installation.
- Uncomment these modules:
- LoadModule proxy_module modules/mod_proxy.so
- LoadModule proxy_ajp_module
modules/mod_proxy_ajp.so
- LoadModule proxy_http_module modules/mod_proxy_http.so
- LoadModule status_module
modules/mod_status.so
- LoadModule ssl_module modules/mod_ssl.so
- Go to the SSL configuration section, which starts with #Secure
(SSL/TLS) connections.
- Add the following entries, being sure to add unique
ProxyPassReverse and
BalancerMember entries for every server in the
cluster.
#
# reverse proxy
#
SSLProxyEngine On
ProxyPreserveHost On
ProxyPass /balancer-manager !
ProxyPass / balancer://mycluster/ stickysession=JSESSIONID|jsessionid nofailover=On
ProxyPassReverse / https://private_host_1:7443/
ProxyPassReverse / https://private_host_n:6443/
<Proxy balancer://mycluster>
BalancerMember https://private_host_1:7443 route=DWAbalance1 loadfactor=50
BalancerMember https://private_host_n:6443 route=DWAbalance2 loadfactor=50
# Add an entry for each BalancerMember in your cluster.
</Proxy>
Change private_host_1 through
private_host_n to the fully qualified host name
for each server; for example, server1.example.com. Add
BalancerMember entries for every host in your load
balancing cluster. Be sure to use the port number that is configured for
Apache Tomcat on each server.
- Uncomment this line:
Include conf/extra/httpd-ssl.conf
For more
information about configuring the Apache HTTP Server for load balancing,
see Apache Module
mod_proxy_balancer in the Apache Software Foundation
documentation.
- Optional: To view the load balancer status add these entries to the
httpd.conf file:
ProxyPass /balancer-manager !
<Location /balancer-manager>
SetHandler balancer-manager
Order Deny,Allow
Allow from your host.domain or another host
Deny from all
</Location>
For more information about access control, see Access Control in the
Apache Software Foundation documentation.
- Edit the httpd-ssl.conf file, which is in the
/conf/extra directory in the Apache installation.
- Update the host name and the port that SSL is configured on.
- Update the settings as required, including these settings:
- SSLCertificateFile
- SSLCertificateKeyFile
Note: If the SSLCertificateKeyFile key file is
protected by a password, the password must be entered each time the
server starts. You can remove the password, but before you do,
consider the security implications of this action for your
environment.
For more information about editing HTTP SSL
files, see Apache Core Features and Apache Module mod_ssl in the
Apache Software Foundation documentation.
- Start Apache HTTP Server. Any errors are written to the
error.log file, which is in the Apache installation in
the /logs folder.
- Start Rational DOORS Web Access components on both servers.
- Start Rational DOORS Web Access servers 1 to n.