Macromedia - Integrating ColdFusion or JRun Servers with Foundry Networks ServerIronXL

Integrating ColdFusion or JRun Servers with Foundry Networks ServerIronXL

Integrating ColdFusion or JRun Servers with Foundry Networks ServerIronXL
Frank DeRienzo
Principal Support Engineer
Macromedia

Foundry Networks ServerIronXL is a popular load-balancing switch among Macromedia customers. This article describes in detail a simple layer-two configuration integrating ServerIronXL with Macromedia Enterprise server farms or clusters.

The following example-based article is divided into four parts. The first section describes an example Macromedia enterprise website; subsequent sections of the article will refer to this example to illustrate a best practice configuration.

The second section describes how to set up a ColdFusion 5.0 Enterprise server farm running the ColdFusion Application Manager Server Monitor Agent behind a ServerIronXL. The third section describes a how to set up the ServerIronXL to distribute load and provide failover and health monitoring for a Macromedia enterprise server farm or cluster.

Part four describes how best to set up a passive-mode ClusterCATS cluster of JRun or ColdFusion 4.5.1 SP2 Enterprise Servers behind ServerIronXL.

Three important notes before we proceed:

1.	While the fourth procedure (clustering behind the ServerIronXL) can be used with CF5.0 Enterprise Server, Macromedia recommends that whenever a high-end hardware load-balancing device is employed with ColdFusion 5.0, use of the Server Monitor Agent should be considered a low-overhead replacement for clustering.
2.	Both procedures outlined in this article describe a typical layer-two network configuration.
3.	In previous articles we have provided best practice configuration guidance for setting up Macromedia Enterprise server farms or clusters behind various other hardware load-balancing devices.

For more information on these notes and for more details about the layer-two web server environment compared to layer-three, see the Macromedia Knowledgebase article: http://www.allaire.com/Handlers/index.cfm?ID=21570&Method=Full ColdFusion 5 Server Monitoring & Hardware Load Balancing Devices or see: http://www.allaire.com/handlers/index.cfm?ID=21780 Choosing a Hardware Load-Balancing Device.

Section 1. Our working example

As an example of website configuration, picture the following simple model of 2 web servers running behind a ServerIronXL at layer-two. This is how the server entries might appear in your hosts file:

10.64.20.129 brunner.dev.nashua.macromedia.com brunner
10.64.20.128 pascal.dev.nashua.macromedia.com pascal

If these web server addresses had corresponding DNS Round-Robin (RR) A-record entries such as those illustrated below, those entries should be deleted prior to implementing any hardware load-balancing solution.

www.dev.nashua.macromedia.com 10.64.20.128
www.dev.nashua.macromedia.com 10.64.20.129

The site name will become the virtual server name on the ServerIronXL and will replace RR DNS.

Now picture this same website behind a ServerIronXL set up as a layer-two bridge illustrated by the following hosts file:

10.64.20.130 serveriron.dev.nashua.macromedia.com hld
10.64.20.131 www.dev.nashua.macromedia.com www
10.64.20.129 brunner.dev.nashua.macromedia.com brunner
10.64.20.128 pascal.dev.nashua.macromedia.com pascal

Section 2. Setting up the Server Monitor Agent on ColdFusion 5.0 Enterprise real servers:

Notice that instead of DNS Round-Robin, the virtual server on the layer-two bridge (www.dev.nashua.macromedia.com) will receive all session traffic bound to each of the web servers and distributes traffic to them using algorithms and means of state verification.

If you are currently running in a ColdFusion 4.5x clustered environment and you wish to upgrade to ColdFusion 5.0 to employ the Server Monitor Agent, you should close all ClusterCATS explorers and reset each web server using the ClusterCATS Server Administrator prior to upgrading.

Start - Programs - ClusterCATS Server Admin - Advanced - Reset

During the installation of ColdFusion 5.0 be sure to select the correct components. Under the Application Management heading, select Monitoring, Alarms, and Hardware Load Balancing. Do not select ClusterCATS load balancing or it will override the monitoring agent and you will only have a clustering option.

After completing the upgrade and rebooting your servers, launch the ColdFusion 5.0 Administrator on all 4 web servers:

Start - Programs - ColdFusion 5 Administrator

First, you should set up ColdFusion probes to restart a stalled application server. At the top of the left hand panel, choose Tools. This setting will display the heading System Monitoring. Under System Monitoring, choose Web Servers

Next choose System Probes and create a default probe by clicking the button New in the center screen. This setting will display probe properties. Under the heading Failed Probe Response Settings, use the down arrow to choose the server you are managing: brunner or pascal.

Check the blocks Restart the ColdFusion Server & Log that the ColdFusion Server has been Restarted. If you have a script that you would like to run upon server failure, check the box Execute Script and browse to the script you want executed.

If you were using the dfp agent with a Local Director, you would check the box to Restrict Web traffic to the selected server, but ServerIronXL is not dfp enabled and the restriction option will have to be set up on the ServerIronXL. Server restriction with ServerIronXL and other non-dfp enabled devices is not configured here; it is configured by creating a health-check monitor or probe on the actual load-balancing device, which is covered later in this article. Click Submit Changes and the status of the probe should come up green or enabled; click back on the Web Servers link and confirm the probe status as active or enabled.

Note: You may also set up custom probes to stop and restart various services. This topic is rather broad; it is a capability without walls that deserves much discussion and case studies that show various configurations. You may use your imagination with this feature and feel free to share your ideas on the forums.

Note: Make sure that the virtual directory called btauxdir is created in IIS under the IIS virtual server you are monitoring and that instead of pointing to the legacy local path c:\cfusion\brighttiger\btauxdir, it points to c:\cfusion\cfam\btauxdir or the path to which you installed ColdFusion 5.0 cfam components.

The next step is to configure alarm notification. Click on Alarms and enter the SMTP address of your mail server. Under the heading Notification Recipients, enter your e-mail address and the address of anyone who should receive alarms from the server farm.

Under the Hardware Integration tab there is currently only an interface for the ColdFusion dynamic feedback protocol (dfp) agent to integrate with Cisco's Local Director. For ServerIronXL and any other non-dfp enabled hardware solution, you would leave this blank.

Section 3. Configuring ServerIronXL to provide load balancing, failover and health-checks for your Macromedia Enterprise server farm or cluster

Step 1: Complete the basic hardware installation and configuration. Give the ServerIronXL a hostname, IP address and subnet mask. If you are using a ServerIronXL that you wish to configure from scratch, erase the current configuration:

enable
erase startup
reload

The IP address you add should correspond to a fully qualified host name (FQHN) in DNS with both forward and reverse entries. This initial IP address and name is not the one that will be visible to browsing clients; it is only a maintenance address for the ServerIronXL.

In this example, the address is 10.64.20.130, and the name is serveriron.dev.nashua.macromedia.com. From the terminal emulator attached to the ServerIronXL, type in:

enable
config t
hostname serveriron
serveriron(config)# ip address 10.64.20.130 255.255.255.0

Add the upstream default gateway and local DNS server address and domain name.

ip default-gateway 10.64.20.1
ip dns domain-name dev.nashua.allaire.com
ip dns server-address 10.64.20.20

Because these settings are foundational, write them to memory to avoid the risk of losing them:

write mem

Note: When you are setting the ServerIronXL, consider the following cable requirements:

1.	The administrative serial connection to the ServerIronXL requires a straight-through DB9 female to DB9 female connecting cable. The appropriate hyperterminal settings are 9600 - 8 - none - 1
2.	To connect the ServerIronXL to a hub use a crossover cable
3.	To connect the ServerIronXL to a switch use a crossover cable
4.	To connect the ServerIronXL to a NIC use a straight-through cable

Step 2: Enter your real servers in ServerIronXL. real servers are what Foundry (and also Cisco) calls the servers participating in the cluster or farm. On the ServerIronXL, you will eventually bind the real servers (the servers participating in the cluster) with the virtual server.

This terminology may still seem strange. Remember that when referring to ServerIronXL, the virtual server is the name on ServerIronXL that is visible to browsers hitting your website. The real servers are the ones in the cluster or server farm behind the ServerIronXL.

Following our example I am adding two real servers with http ports:

serveriron(config)#server real brunner 10.64.20.129
serveriron(config-rs-brunner)# port http
serveriron(config-rs-brunner)# exit
serveriron(config)#server real pascal 10.64.20.128
serveriron(config-rs-pascal)# port http
serveriron(config-rs-pascal)# exit

Step 3. Create a virtual server on the ServerIronXL. The virtual server is an IP address that must correspond to a FQHN with forward and reverse DNS entries; this virtual server FQHN will correspond to what may have previously been the RR name.

This name will be visible to all browsing clients; it is the name placed in the client/customer browser's URL line to get to your website. Following our example, Telnet into your CLD and add the virtual server:

serveriron(config)# server virtual serverivip 10.64.20.131
serveriron(config-vs-serverivip)# port http

Step 4. Bind the real servers to the virtual server:

serveriron(config-vs-serverivip)# bind http brunner http pascal

Step 5. Save all these setting on ServerIronXL using the write mem command then check the configuration using the show config command:

serveriron# write mem
serveriron# show config

Step 6. Configure health-check monitors to determine the status of both the web server and the JRun or ColdFusion application server. Both the CFAM Server Monitor Agent and ClusterCATS set up a virtual directory on each real server call /btauxdir; btauxdir contains management content in that that we will use as a target for the ServerIronXL health-check monitor.

ColdFusion and JRun will each provide a different target file. If you are running ColdFusion, use cfprobe.cfm, if JRun use jrunprobe.jsp.

serveriron# config t
serveriron(config)# http match-list macromedia
serveriron(config)# default down
serveriron(config)# up simple Hello
serveriron(config)# write mem
serveriron(config)# server real pascal
serveriron(config-rs-pascal)# port http
serveriron(config-rs-pascal)# port http url "GET /btauxdir/cfprobe.cfm"
serveriron(config-rs-pascal)# port http keepalive
serveriron(config-rs-pascal)# port http content-match macromedia
serveriron(config-rs-pascal)#exit
serveriron(config)# server real brunner
serveriron(config-rs-brunner)#port http
serveriron(config-rs-brunner)#port http url "GET /btauxdir/cfprobe.cfm"
serveriron(config-rs-brunner)#port http keepalive
serveriron(config-rs-brunner)# port http content-match macromedia
serveriron(config-rs-pascal)# exit
serveriron# write mem

Note: before setting up this scenario, make sure that you can browse to btauxdir/cfprobe.cfm and see the word Hello on each individual web server. If you cannot get to it from your local browser, then neither will ServerIronXL. If you cannot hit cfprobe.cfm (or jrunprobe.jsp), make sure that the virtual directory called btauxdir is created in IIS under the IIS virtual server you are monitoring.

Step 7. If you wish to secure you settings and if you wish to manage your ServerIronXL configuration using Telnet from a remote client, you will want to put in some basic security parameters.

This example provides administrative privileges to the username support with the password binoche:

serveriron# enable
serveriron# config t
serveriron(config)# username support priv 0 password binoche

You may also wish to set a password for the enable command:

serveriron(config)# enable password binoche

Section 4. ClusterCATS integration behind ServerIronXL for JRun and ColdFusion 4.5.x server clusters

In this model, ServerIronXL will actively distribute load to the web servers based on packet flow and health monitoring of the both the web servers and application servers. Simultaneously, ClusterCATS (CC) will provide web server and ColdFusion or JRun enterprise server recovery in the event of a hang or crash, automatic e-mail alerts for web server and ColdFusion or JRun application server problems and daily server status reports.

To integrate CC with ServerIronXL:

Configure the ServerIronXL as specified above or use a similar procedure recommended by the manufacturer. If you use a different procedure, be sure to remember to add a health-checking component that incorporates a ColdFusion- or JRun-generated string.

If you are using a ServerIronXL in front of a CC cluster, you should use static website IP addresses and CC failover should be turned off. During ColdFusion/JRun CC installation, select no server failover. If you are running Windows NT 4.0 or Windows 2000, do not set up your web servers with dynamic IP addresses. The ServerIronXL will be providing failover services.

Dynamic addressing is only used with CC's implementation of failover. If you are adding a ServerIronXL to a ColdFusion or JRun CC cluster that is already set up with dynamic website IP addresses on Windows NT 4.0 or Windows 2000, you must switch to static website IP addresses and disable CC failover.

To switch to static addresses you must:

a. In Windows NT4.0 right-click on Network Neighborhood or and go to properties - protocols - TCP/IP - advanced. In Windows 2000 right-click on My Network Places then right-click on Local Area Connection - TCPIP properties - advanced. Make the website IP addresses static by adding to the primary NIC the addresses that were the dynamic. Do this to every server in the cluster.
b. Reboot each server

To disable CC failover on Windows NT servers without reinstalling CC:

a. Stop the brighttiger and the ipcheck services: Start - Settings - Control-Panel - Services - > Bright Tiger Service - Stop, Bright Tiger Ipcheck - Stop
b. Go to the brighttiger/program directory
c. rename ipaliasd.exe to wsm.exe

Note: This will not work for the CFAM version of CC deployed with ColdFusion 5.0.

To disable CC failover on a Linux or Solaris web server:

a. cd /opt/coldfusion/btcats/program
b. ./btadmin disable failover

ServerIronXL integration with CC does not require the windows-based CC explorer but you can use the CC Web Explorer to drive your Solaris or Linux-based ColdFusion 4.5.x and JRun clusters. You may also use it to remotely manage your Windows-based clusters.

The Windows-based CC Explorer it is a great interface and you can download the appropriate ClusterCATS Explorer (10.7 MB) from the Macromedia FTP site. When installing this package, choose only the Explorer option. The CC explorer is an excellent GUI; it will manage your Solaris or Linux-based ColdFusion 4.5.x or JRun cluster using port 9123.

If the explorer is on the opposite side of a firewall from the web servers, you will need to open ports 9123 and 9129 on the firewall. If you choose not to download the CC Explorer, you may use the CC Web Explorer to configure your Cluster.

a. Open the CC Explorer and select a cluster - start - programs ColdFusion server 4.5 - ClusterCATS Explorer - Right-click on a cluster and select - properties - LoadBalance - LoadBalancing Product - other
b. Enter the name of the website in the Website Alias field. This Fully Qualified Host Name (FQHN) has forward and reverse DNS entries. This FQHN is the visible (to browsers, PING, etc.) name of the HLB, and it may correspond to what was the RR name prior to implementing the HLB. This name will be visible to all browsing clients; it is the name placed in the client/customer browser's URL line to get to your website.
c. Click OK to apply your changes.
d. Right-click on a server in CC explorer. Choose - Configure - State - Passive Member

The server will turn from green to white. Do this to all servers in the cluster. You may now set up the CC features: alarms, probes, etc.

To set up a CFProbe or JRunProbe:

a. Right-click on a server in CC explorer and choose - new monitor - choose OK - click on the blue arrow over the label probe-type - click in the startup parameters field and arrow to the right without deleting any text - change the word NORESTART to RESTART - click on register - close - close.

You now have a monitor (CFProbe or JRunProbe) that is looking at a web page looking for the word "Hello." If the page becomes unavailable, the probe will restart the application server. You do not need to set up the web server probe; wsprobe is set up automatically when you install CC. It monitors the health of IIS, Netscape or Apache and attempts to restart a stalled web server.

To set up alarms:

a. Right-click on the cluster in CC explorer and choose - configure - alarm notification - put in your mail server address in the SMTP host field - type in the e-mail addresses of anyone you want alerted for the various events.

To setup support mail:

a. Right-click on the cluster in CC explorer and choose - configure - support - put in your mail server address in the SMTP gateway field - type in the e-mail addresses of anyone you want to have receive daily reports.

Conclusion:

By following the example-based procedures outlined in this article, you will set up a resilient Macromedia enterprise production website employing a hardware load-balancing device. The ServerIronXL will provide load balancing and failover; it will also constantly monitor the health of your application servers and your web servers. If it senses a problem with a server, it will redirect session traffic to a healthy server.

While ServerIronXL is distributing load based on the algorithm of choice, the ColdFusion Application Manager Server Monitor Agent (or ClusterCATS) will employ probes to monitor and restart any stalled application or web server. It will also send out alarms and status reports that will let your website administrator fix issues before they become problems.