Weblogic Clustering thru DMZ (Firewall)....

Similar Messages

• Clustering across a firewall

            Hi,
            Would like to know what protocol can be used thru a firewall when the web server
            acts as a front end. Is it t3, if so can t3 cross firewalls, I assume it needs
            to be tunneled using http.
            Anil
            

  Open the ports. Tunneling would be pointless for this exersize.
            Peace,
            Cameron Purdy
            Tangosol, Inc.
            http://www.tangosol.com/coherence.jsp
            Tangosol Coherence: Clustered Replicated Cache for Weblogic
            "Anil Jacob" <[email protected]> wrote in message
            news:[email protected]..
            >
            > Hi,
            > Would like to know what protocol can be used thru a firewall when the web
            server
            > acts as a front end. Is it t3, if so can t3 cross firewalls, I assume it
            needs
            > to be tunneled using http.
            >
            > Anil
            

• OIM installation on RAC DB and Weblogic clusters

  I understand its a very broad question but tell me the links/resource/metalink documents references for installing OIM 9.1.0.1 on Weblogic clusters and Oracle RAC DB clusters ? (either or both)
  Is OIM 9.1.0.1 compatible with Oracle RAC DB 10gR2 ? I have checked the configuration matrix but still not sure on it. Can anybody confirm this ?
  I have gone through the basic installation guide for the same but I still find loopholes in it. If anybody has made any document for his/her purpose, please let me know, very appreciative!
  It does not give information about the schema design needed for OIM on Oracle RAC DB like -
  1.) During installation of OIM, we need to specify the "User Name" and "Password" of the database account that is created for Oracle Identity Manager.
  So is that user needed to be created with all the necessary privileges in RAC DB before starting this installation ?
  Thanks in advance,
  - oidm.
  Edited by: oidm on Aug 3, 2009 12:06 AM

  Hey there,
  I have checked the certification matrix but still just wanted to specifically know about compatibility of OIM 9.1.0.1 with Oracle RAC DB 10.2.0.2 ? Do they go hand in hand ?
  Thanks,
  - oidm.
  Edited by: oidm on Aug 3, 2009 7:52 PM

• Calrification for Weblogic Clustering

  Our J2EE application is multitiered where JSPs&Servlets(Frontend) runs in a weblogic instance and EJBs(Backend) runs in two weblogic instances which are clustered. Here the Frontend weblogic instance and one of the clustered Backend weblogic instance are running in a same machine A and the other clustered Backend weblogic instance is running in another machine B. We had tested the following cases for Failover
  Note :
  please consider "JSPs&Servlets" as Frontend and "EJBs" as Backend.
  Weblogic 9.2 and stateless session beans are used.
  Frontend is not clustered.
  Case 1:
  We are doing a transaction where the request from frontend goes to one of the of the Clustered Backend weblogic instance. Before the transaction gets completed this backend weblogic instance is made to shutdown. The transaction has failed over to the another available Clustered Backend weblogic instance . The transaction had completed successfully and the Failover is working fine.
  Case 2:
  We are doing a transaction where the request from frontend(running in Machine A) goes to the Clustered Backend weblogic instance running in the Machine A itself. Before the transaction gets completed, the machine A is made to shutdown (i.e. both frontend and backend weblogic instance shuts down at the same time). Here the transaction has failed and could not able failover to the other available Backend weblogic instance .
  Please clarify whether weblogic cluster supports the Backend failover when both the Frontend and Backend are brought down at the same time?
  Any weblogic CLustering experts, please clarify...

  Hi Jayesh,
  Thanks very much for your reply.
  I understood that your reply "You might want to consider collapsing front end (servlet & JSP) and back end (EJB) servers into a single WebLogic server for better fail over support." means that JSP&Servlet and EJB should be combined to form a single archive(EAR) which has to be deployed in single weblogic instance.
  Please check whether my assumptions are correct for your suggestion on better failover.
  1.The cluster configuration of JSPs&Servlet(web.xml) and EJBs(ejb-jar.xml) running in single weblogic instance will be similar to the cluster configuration of JSPs&Servlet(web.xml) and EJBs(ejb-jar.xml) running in separate weblogic instances. i.e All the configurations are same, but instead of the application running in separate weblogic instances, it will run in single weblogic instance.
  2.In the URL for specifying the EJB connection from the JSP&Servlet, the cluster IP address should be used.
  You have mentioned that if EJB client is not alive, the failover will not work. Please clarify how the failover will work in this case only(JSP&Servlet and EJB running in single weblogic instance and clustered).
  Thanks,
  Thiyagu

• Weblogic clustering with IIS as web server

            Hi,
            I have two IIS servers and two machines for weblogic. I am planning to have
            a weblogic clustering. I have seen the documentation online. But has some questions
            for which dint find any answers.
            Somewhere on the newsgroup I read , if we will be having IIS proxy-plug in we
            do not need the DNS setup. Is that true ?
            How many IPs and other things I need to do this setup ? What is admin server &
            its role ? configuration how to do it is not avaliable in the documentation.
            Could someone help ?
            Thanks and Regards,
            Sheetal
            

  Hi
            you can find the ore information in the following link
            http://bernal.bea.com/stage/wls/docs70/plugins/isapi.html
            Regards,
            Prasanna Yalam

• Can we configure webserver to loaedbalance multiple weblogic clusters?

  Can we configure webserver to loadbalance to multiple weblogic clusters?
  E.g. Web server X -> Cluster Y & Cluster Z
  In the plugin documentation it is not explicit that you can or can't do so.

  Refer:- http://download.oracle.com/docs/cd/E17904_01/web.1111/e16435/apache.htm#CDEHDGJG
  http://download.oracle.com/docs/cd/E12839_01/web.1111/e13709/failover.htm#i1040344
  -Akshay

• Weblogic clustering steps

  Hi Everybody, I'm new to weblogic so I need your help to know each and every steps that are involved in setting up the weblogic on two different boxes and cluster it finally this cluster should be load balanced with apache server.
  I would like to explain little more about the infrastructure that i want to have.
  1) Two weblogic servers runs on two different machines (on Linux box).
  2) I'll have apache in one server.
  3) Each weblogic will have its own adminserver.
  4) Both the weblgic servers will connect to same DB
  5) Client will connect to the Loadbalancer which is apache server(On windows box).
  6) Apache server has to load balance the requests coming from client between the two weblogic servers.
  7) I've weblogic12c installed in the servers.
  Please let me know if any info that you need for clarifications.
  Thanks in advance.
  Karthik S

  Hi,
  Please follow the below link for clustering on two boxes
  http://middlewaremagic.com/weblogic/?p=971
  and follow the below link for apache to communicate with the weblogic clustered boxes,
  http://middlewaremagic.com/weblogic/?p=1311
  Regards,
  Fabian

• Weblogic clustering - Non session objects

  Hi,
  I have an app that doesn't have any HttpSession object or EJBs. We have only one servlet for entire application that works as a controller and we store all the information regarding the user in the servlet instance variable as cache. None of our objects are Serializable. Can i deploy my application on weblogic cluster. Will weblogic support clustering for thsi kind of applications. We have only one servlet and all other classes are normal java classes. No JSP, EJB etc. No HttpSession or ApplicationContext of servlets are being used.
  thanks,
  webbie.

  Hi,
  The There are basically two reasons ...for which we want Clustering:
  <h3><font color=maroon>Reason - 1): Failover</font></h3>
  This feature needs HttpSession replication...Failover means if a Userhas Logged in to our application and accessing some pages ...then his HttpSession Replica will be available in a Secondary WebLogic Server so...even if his Promary WebLogic Server Goes Down ...His Session data will not be lost...and client can interact with the Application without any Interruption. To Enable Failover in your Clustered Application you need to provide the <persistent-store-type>Tag inside your "<Application>/WEB-INF/weblogic.xml"
     <session-descriptor>
        <persistent-store-type>replicated</persistent-store-type>
     </session-descriptor>
  <font color=red><b>NOTE:</b> until u dont put <persistent-store-type> Tag inside your "weblogic.xml" file...by default HttpSession replication will be disabled....because it's default value is "inMemory" means even If your Application has HttpSession ... it wont be replicated on Secondary Server.</font>
  <h3><font color=maroon>Reason - 2): LoadBalancing</font></h3>
  This feature has NOTHING TO DO with HttpSession replication (in general). It means simply different clients request will be processed by different WebLogic Server Instances in a Round-Robin fashion. I Think this is what you want to implement. Because your application is not using any HttpSession .So thet Application willl not have any Failover. But LoadBalancing is the Default Feature of WebLogic Cluster. U need not to do anything additionally to Achieve it.
  <font color=green><b>Note:</b>Means Without Having HttpSession Objects in your Application Still u can have WebLogic Clustering Feature to get the benifit of LoadBalancing.</font>
  To know more about Session Replication and it's related issues : http://weblogic-wonders.com/weblogic/2009/12/08/session-replication-issues/
  Thanks
  Jay SenSharma

• WebLogic clustering within the box

            Folks,
            Is it possible to do weblogic clustering within a single UNIX box?
            For example,
            UNIX Machine A(10.9.44.25) have two domains mydomain1 and mydomain2.
            mydomain1 - AdminServer7001 - ManagedServer8001
            mydomain2 - ManagedServer9001
            Is it possible to clustering for ManagedServer8001 and ManagedServer9001?
            Thanks
            - Robot
            

            "Majic Robot" <[email protected]> wrote:
            >
            >Folks,
            >
            >Is it possible to do weblogic clustering within a single UNIX box?
            >
            >For example,
            >
            >UNIX Machine A(10.9.44.25) have two domains mydomain1 and mydomain2.
            >
            >mydomain1 - AdminServer7001 - ManagedServer8001
            >mydomain2 - ManagedServer9001
            >
            >Is it possible to clustering for ManagedServer8001 and ManagedServer9001?
            >
            >Thanks
            >
            >- Robot
            You can create a clustered environment on a single machine; limits to the numbers
            of managed servers within the cluster is a variable based on available machine
            resources (memory, file handles, kernel limits, etc.).
            You cannot create a cluster though as you suggest above. Recall that clusters
            are defined within a single domain, and you cannot create a cluster that spans
            (is split) between domains.
            To create a cluster on a single machine, you just need to keep the rule that each
            managed server has a unique ipaddress:port combination for its listening address.
            On a single machine you have the option of multi-homing the machine (eg multiple
            IP addresses on a single NIC) or use a single address, but use different ports;
            or use a combination of both.
            

• RV120w DMZ Firewall Rules

  Hello,
  I am trying to set up a DMZ server.  I have an internal LAN IP address (192.168.1.10) that I would like to make a DMZ server. 
  In the GUI, I set this IP address to be the DMZ server.
  For firewall rules, I want to permit only one port from the WAN to the DMZ and none from the DMZ to the LAN.
  In my firewall rules, I don't see any options for DMZ options.  I only see WAN to LAN and LAN to WAN.
  I presume the DMZ setting doesn't do anything per se execept allow the firewall rules to have a target.  Is this correct?
  I am running the latest firmware.
  How do I get the DMZ firewall rules to show up?
  Thanks,
  John

  Hello,
  I have to say that this DMZ definition is not what I would excect Cisco to use.
  Basically, my DMZ host is fully exposed to the internet and if someone penetrates it, they are fully on my LAN.
  The manual says:
  Configuring a DMZ Host
  The Cisco RV120W supports DMZ options. A DMZ is a sub-network that is open to
  the public but behind the firewall. DMZ allows you to redirect packets going to
  your WAN port IP address to a particular IP address in your LAN. It is
  recommended that hosts that must be exposed to the WAN (such as web or e-mail
  servers) be placed in the DMZ network. Firewall rules can be allowed to permit
  access to specific services and ports to the DMZ from both the LAN or WAN. In
  the event of an attack on any of the DMZ nodes, the LAN is not necessarily
  vulnerable as well.
  You must configure a fixed (static) IP address for the endpoint that will be
  designated as the DMZ host. The DMZ host should be given an IP address in the
  same subnet as the router's LAN IP address but it cannot be identical to the IP
  address given to the LAN interface of this gateway.
  The bold section indicates that the LAN is not vulnerable if the DMZ host falls.  This is different from what you were talking about.  Can you double check this?
  I would like to know if there is a plan to add DMZ firewall rules.  Or, can I get into the box and use IPtables to create my own (knowing that I would be in an unsupported mode)?
  Or, make port access control lists on the inter VLAN routing option?
  Thanks for fully explaining this.  The manually is woefully inadequate in discussing what exactly the DMZ does.
  Can you please forward these concerns to product management.  Basically the DMZ is a security hole that I can't mitigate.  It provides no value to me beyond not having to port forward manually. 
  If I am mistaken, please provide the correct information.
  Thanks,
  John

• Weblogic Clustering Advantages + Disadvantages

  Hi All,
  I have a query about Weblogic clustering concept. First of all I would like to explain my environment architecture.We have SOA and ADF domain configured with High Availability mode in weblogic level.
  ie SOA is installed in two servers ( primary & secondary ) and ADF respectively. So total 4 servers.
  My Query is     :    Just want to know about advantages and disadvantages if we configured both Primary and
                              Secondary in Cluster mode and Stand alone mode in Weblogic.

  Hi,
  There are no disadvantages as such with the clustering feature.
  But  you can go through the basic advantages that a clustering feature provides:
  http://docs.oracle.com/cd/E11035_01/wls100/cluster/overview.html#wp1011562
  Thanks,
  Sharmela

• Replicated DB & WebLogic Clustering

  Hi All,
            In the documentation I've seen on WebLogic clustering, the individual application servers always connect to a single DB back-end. My
            distributed application is connecting to a replicated DB and I would like each of the application servers to connect to a different DB instance. Is
            this possible with WebLogic? How would I set upt the connection pool/data source to achieve this?
            Thanks.
            Kris
            

  Hi,
  It is depend on what kind of Load Balancer you are using.
  Many H/W Load Balancer has their own server fail detect method.
  Most of them are checking the port is reachable.
  If the port is not reachable, then the L4 send the request to another port.
  Some L7 switchs can detect the URI. and check the index page or other web page.
  You don't need too much care how to set the H/W load balaner exactly act like a plug-in module.
  Best Regards,
  Luke Ham
  Edited by: user2088723 on 2008. 9. 6 오전 1:31

• Socks proxy call  from a weblogic server across the firewall to an external program

  Hi,
  From our weblogic server, we are trying to connect to an external
  program outside our firewall through SSL. The SSL connection is being
  tunneled through a socks proxy in the DMZ. (We have not yet made it
  work so far. Currently, we are trying to make it work)
  From the weblogic bean, we are doing the following
  System.setProperty("socksProxySet", "true");
  System.setProperty("socksProxyHost", "w.x.y.z");
  System.setProperty("socksProxyPort", "1080");
  Not that weblogic bean is the initiator of the connection and it talks
  to a program outside our firewall.
  My question is, will this kind of system level setting in the weblogic
  server have any negative impact? This is because, RMI is over sockets
  and weblogic might be talking to its internal components through
  sockets.
  Is it advisable to have such socks related setting the weblogic bean
  level?
  thanks,
  jas.

  Hi,
  From our weblogic server, we are trying to connect to an external
  program outside our firewall through SSL. The SSL connection is being
  tunneled through a socks proxy in the DMZ. (We have not yet made it
  work so far. Currently, we are trying to make it work)
  From the weblogic bean, we are doing the following
  System.setProperty("socksProxySet", "true");
  System.setProperty("socksProxyHost", "w.x.y.z");
  System.setProperty("socksProxyPort", "1080");
  Not that weblogic bean is the initiator of the connection and it talks
  to a program outside our firewall.
  My question is, will this kind of system level setting in the weblogic
  server have any negative impact? This is because, RMI is over sockets
  and weblogic might be talking to its internal components through
  sockets.
  Is it advisable to have such socks related setting the weblogic bean
  level?
  thanks,
  jas.

• Weblogic clustered server instance failed in less than 30 hours with no load/utilization

  system description: hpux 11, jdk 1.2.2_03, weblogic 5.1 sp1, two clustered
  instances on one box, fail over to second box on shared file system.
  problem:
  in our custom weblogic monitoring scripts, we run the weblogic ping command
  every ten seconds with the following command:
  java weblogic.Admin t3://10.7.192.103:7001 PING 10 56 system weblogic
  this weekend, both of our instances failed at one point and returned this
  error message multiple times:
  Exception in thread "main" java.lang.NullPointerException
  at
  weblogic.common.internal.BootServicesStub.findOrCreateClientContext(BootServ
  icesStub.java:112)
  at weblogic.common.T3Client.connect(T3Client.java:384)
  at weblogic.Admin.connect(Admin.java:133)
  at weblogic.Admin.main(Admin.java:216)
  our monitoring scripts successfull revived the instances, but there is a
  problem with this.
  problem: there was no load or utlization of the weblogic server instances
  at the time of the failure. both instances had only been up for about 30
  hours when they failed. is this due to weblogic instability? i hope not.
  a max uptime of 30 hours doesn't say much for the reliability of the product
  especially since there was zero utilization...
  andrew park

  This looks to be a bug (obviously). I will have someone take a look and
  let you know.
  Cheers
  Mark g
  In article <8gbj2d$m9m$[email protected]>, [email protected] says...
  system description: hpux 11, jdk 1.2.2_03, weblogic 5.1 sp1, two clustered
  instances on one box, fail over to second box on shared file system.
  problem:
  in our custom weblogic monitoring scripts, we run the weblogic ping command
  every ten seconds with the following command:
  java weblogic.Admin t3://10.7.192.103:7001 PING 10 56 system weblogic
  this weekend, both of our instances failed at one point and returned this
  error message multiple times:
  Exception in thread "main" java.lang.NullPointerException
  at
  weblogic.common.internal.BootServicesStub.findOrCreateClientContext(BootServ
  icesStub.java:112)
  at weblogic.common.T3Client.connect(T3Client.java:384)
  at weblogic.Admin.connect(Admin.java:133)
  at weblogic.Admin.main(Admin.java:216)
  our monitoring scripts successfull revived the instances, but there is a
  problem with this.
  problem: there was no load or utlization of the weblogic server instances
  at the time of the failure. both instances had only been up for about 30
  hours when they failed. is this due to weblogic instability? i hope not.
  a max uptime of 30 hours doesn't say much for the reliability of the product
  especially since there was zero utilization...
  andrew park
  ==================================================
  NewsGroup Rant
  ==================================================
  Rant 1.
  The less info you provide about your problem means
  the less we can help you. Try to look at the
  problem from an external perspective and provide
  all the data necessary to put your problem in
  perspective.

• Issue with Distributed Queue and WebLogic Clustering

  Hi, When a message is received by distributed queue, MDB is processing the message on two managed servers. There seems to be issue with clustering and the physical queues present on both the managed servers are receving the message.
  Our environment configuration details are as below:
  One Web logic Cluster with 2 nodes (2 managed web logic servers).
  One MDB deployed on the cluster listening to a queue with JNDI name “xng/jms/CODEventsQueue”
  One Distributed queue with two members on the two nodes of the cluster, and with JNDI name “xng/jms/CODEventsQueue”
  Two members of the distributed queue deployed on two JMS servers, which are separately deployed on each managed server .
  And the distributed queue is deployed on the cluster.
  Any help is appreciated.
  Thanks
  Sampath

  It is not clear to me how you concluded that "both the managed servers are receiving the message". Did you monitor the queues' statistics, or did you see both MDB instances received the same message?
  It looks like that you using a weighted distributed queue. Do the two physical queues that compose the distributed queue have their own JNDI names? If so, what are they?
  Have you tried to use a uniform distributed queue and see if the same behavior shows up?
  You can find more about uniform distributed destination at
  http://edocs.bea.com/wls/docs103/jms/dds.html#wp1313713
  BTW, which WebLogic Server releases are you using? Could you provide the distributed queue configuration?
  Thanks,
  Dongbo