The load balancer plug-inbundled with Application Server 9.1 supports Apache Web Server 2.0.x. To useApache Web Server, you must perform certain configuration steps before andafter installing the load balancer plug-in. The load balancer plug-in installationalso makes additional modifications to the Apache Web Server. After the plug-inis installed, you must perform additional configuration steps.
Apache HTTP merely serves files, which your browser can't parse as, for example, the jsp (jspx) files are to be compiled before being served, delivering an HTML document to the client. Installing Axis and Using this Guide. See the Axis Installation Guide for instructions on installing Axis as a web application on your J2EE server. Before running the examples in this guide, you'll need to make sure that your CLASSPATH includes the following elements from the Axis binary distribution.
Using Java Servlets with Apache. Servlets are Java programs that execute in a Web server in response to requests from a Web browser. Servlets are more powerful than CGI programs commonly used as gateways between Web servers and other services such as databases. The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows. The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Apache is a remarkable piece of application software. It is the most widely used Web Server application in the world with more than 50% share in the commercial web server market. Apache is the most widely used Web Server application in Unix-like operating systems but can be used on almost all platforms such as Windows, OS X, OS/2, etc.Note –
Apache 2 has multithreaded behavior if compiled with the --with-mpm=worker option.
Requirements for Using Apache Web Server
For the Apache Web Server, your installation must meet the minimum requirements.
With Apache, the load balancer plug-in requires:
gcc-3.3-sol9-sparc-local packages (forSolaris 9 SPARC).
gcc-3.3-sol9-intel-local packages (forSolaris 9 x86)
The pre-installed gcc (for Solaris 10)
flex-2.5.4a-sol9-sparc-local packages (forSolaris 9 SPARC)
flex-2.5.4a-sol9-intel-local packages (forSolaris 9 x86)
The pre-installed flex (for Solaris 10)
The software sources are available at http://www.sunfreeware.com
In addition, before compiling Apache:
On the Linux platform, install Sun Java System Application Server onthe same machine.
On the Solaris 9 operating system, use pkgadd toinstall gcc and flex. Note that pkgadd requires root access.
On the Solaris 9 operating system, ensure that gcc version3.3 and make are in the PATH, and flex is installed.
On the Solaris 10 operating system, before running make forOpenSSL, run mkheaders, located in /usr/local/lib/gcc-lib/sparc-sun-solaris2.9/3.3/install-tools on Solaris SPARC or /usr/local/lib/gcc-lib/i386-pc-solaris2.9/3.3/install-tools on Solaris x86.
If you are using gcc on Red Hat EnterpriseLinux Advanced Server 2.1, the version must be later than gcc 3.0.
To use a C compiler other than gcc, set thepath of the C compiler and make utility in the PATH environmentvariable.
Apache Server Windows
Applying the Apache Web Server Patch
Before installing the load balancer plug-in for Apache, apply the patchfor the Apache Web Server issue 12355. More details about this issue are availableat http://issues.apache.org/bugzilla/show_bug.cgi?id=12355. This patch is required for the Auto Apply feature towork. To apply the patch, follow these steps.
Untar http-2.0.59.tar and go to the directoryhttpd-2.0.59.
Download the patch from http://issues.apache.org/bugzilla/attachment.cgi?id=16495 andsave it as a file, for example, 12355.diff.
From the directory httpd-2.0.59/modules/ssl,run the following command:
Configuring Apache before Installing the Load BalancerPlug-in
The Apache source must be compiled and built to run with SSL. This sectiondescribes the minimum requirements and high-level steps needed to successfullycompile Apache Web Server to run the load balancer plug-in. These requirementsand steps only apply to the Solaris and Linux versions of the software. Forinformation on the Windows version of Apache, see the Apache web site.Note –
The instructions included here are adapted from the instructionsat http://httpd.apache.org/docs. For detailedinstructions on installing SSL-aware Apache, please see that web site.
To Install SSL-aware Apache
Before You Begin
You must have already downloaded and uncompressed the Apache software.
Download and unpack the OpenSSL source, available at http://openssl.org.
Compile and build OpenSSL.
For full installationinstructions, see the file named INSTALL in the directorywhere you uncompressed OpenSSL. That file has information on installing OpenSSLin a user-specified location.
For more information about OpenSSL,see the http://www.openssl.org/.
Download and unpack Apache.
Apache is available from http://httpd.apache.org.
Compile and build Apache. Configure the source tree:
Run the following command:
./configure --with-ssl=OpenSSL-install-path--prefix=Apache-install-path--enable-ssl --enable-so
In the above commands, x is the Apache versionnumber, open-ssl-install-path is the absolute pathto directory where OpenSSL is installed, and Apache-install-path isthe directory in which to install Apache.
Note that you only needto use the --enable-ssl --enable-so options if your Apache2 server will be accepting HTTPS requests.
For Apache on Linux 2.1, before compiling:
Open src/MakeFile and find the end of the automaticallygenerated section.
Add the following lines after the first four lines after the automaticallygenerated section:
Note that -L/opt/sun/private/lib is only requiredif you installed Application Server as part of a Java Enterprise System installation.
Set environment variable LD_LIBRARY_PATH.
With stand–alone installations, set it to the Application Server: as-install/lib
With Java Enterprise System installations, set itto the Application Server: as-install/lib:opt/sun/private/lib.
If you are using Solaris 9, add /usr/local/lib tothe LD_LIBRARY_PATH.
Compile Apache as described in the installation instructions forthe version you are using.
For more information, see the http://httpd.apache.org/
Ingeneral, the steps are:
Make sure Apache's ssl.conf and httpd.conf files contain the correct values for your environment.
In ssl.conf, for VirtualHost default:port replacethe default hostname and port with the hostname of the local system whereApache is installed and the server's port number.
Without thischange, the load balancer will not work. On Solaris Apache may not start andon Linux, HTTPS requests may not work.
In ssl.conf, for ServerName www.example.com:443, replace www.example.com with the hostname ofthe local system where Apache is installed.
Without this change,the following warning appears when you start Apache if a security certificateis installed:
For more information on installing certificates for Apache, see To Create a Security Certificate for Apache .
In httpd.conf, for ServerNamewww.example.com:80, replace www.example.com withthe hostname of the local system where Apache is installed.
Withoutthis change, you see warnings when you start Apache that the system couldnot determine the server's fully qualified domain name, and that there areoverlapping VirtualHost entries.
Ensure that the Apache user has the required access permissionsto the apache-install-location/conf/ directoryand files in this directory.
The Apache user is the UNIX userunder which the Apache server responds to requests. This user is defined inthe file httpd.conf.
If you installed Apacheas a root user, read the note about configuring the Apache user and groupin apache-install-location/conf/httpd.conf.Note –
Ensure that your configuration of users and groups meets the securityrequirements for this directory. For example, to restrict access to this directory,add the Apache user to the same user group as the owner of the directory.
To ensure that the Auto Apply feature operates correctly, grantthe Apache user read access, write access, and execute access to the apache-install-location/conf/ directory.
If the Apache user is in the same group as the owner of this directory,change the mode to 775.
If the Apache user is in a different group than the owner of thisdirectory, change the mode to 777.
To ensure that the load balancer plug-in is initialized when Apacheis started, grant the Apache user read access and write access to the followingfiles:
Exporting and Importing the DAS Certificate
You must manually export the DAS certificate using the following command:
This certificate will be required at the time of installing the loadbalancer plug-in.
The Application Server 9.1 installation program performs the followingtasks for you.
Imports the DAS certificate by copying sjsas.crt tothe apache-install-dir/conf/ssl.crt directory.
Appends the following lines to httpd.conf.
Modifications Made by the Load Balancer Plug-in Installer
The load balancerplug-in installation program extracts the necessary files to the modules directory in the web server’s root directory:
It adds the following entries to the web server instance’s httpd.conf file:
Configuring Apache After Installing the Load BalancerPlug-In
Apache Web Server must have the correct security files to workwith the load balancer plug-in. The load balancer depends on the NSS (NetworkSecurity Service) library, which requires these security database files. Youneed to get these security database files from Application Server, so an installationof Application Server must be available in a location accessible by the Web Server.
To configure Apache security files to work with the load balancer, dothe following:
Append /usr/lib/mps to LD_LIBRARY_PATH inthe Apache-install-dir/bin/apachectl script.
To Create a Security Certificate for Apache
These steps are required to support HTTPS requests on Apache.
For detailed information on setting up a security certificate on Apache,see the instructions on http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html and http://www.modssl.org/docs/2.8/ssl_faq.html. Thefollowing procedure is adapted from those web sites.
Set up the following environment variable:
Create the server certificate and key by executing the followingcommand:
openssl req -new -x509 -keyout newreq.pem-out newreq.pem -days 365
When asked for a commonname, give the host name on which you plan to run Apache. For all other prompts,enter values that meet any specific requirements you have.
Thiscommand creates newreq.pem.
Open the newly-created newreq.pem from thelocation where the openssl command was run.
Copy the lines beginning with BEGIN CERTIFICATE and ending withEND CERTIFICATE and paste them in Apache-install-dir/conf/ssl.crt/server.crt. For example:
Copy the lines beginning with BEGIN RSA PRIVATE KEY and END RSAPRIVATE KEY and paste them in Apache-install-dir/conf/ssl.key/server.key. For example:
Make sure that the variables SSLCertificateKeyFileand SSLCertificateFile in Apache-install-dir/conf/ssl.conf have the correct values.
Ensure that the ServerName is not www.example.com. The ServerNameshould be the actual host name where Apache will run, matching the CommonName you entered when creating the server certificate and key.
Modifying httpd.conf parameters to enable stickyround robin
For the sticky round robin feature to work, in the httpd.conf file,under the section prefork MPM, ensure that the values ofthe parameters StartServers and maxclients areset to 1. Otherwise, every new session request will spawn a new Apache processand the load balancer plug-in will be initialized resulting in requests landingin the same instance.
Starting Apache on Solaris and Linux
In general, you should start Apache with the same user that installedthe Application Server. You must start Apache as root under the following circumstances:
If you are a Java Enterprise System user.
If you've used port numbers which are less than 1024.
If Apache runs as a different user from the user that startsit.
To start Apache in SSL mode, use one of the following commands:
apachetl startssl or apachetl -k start-DSSL
Apache Server Tutorial
If needed, check the Apache web site for the latest information on startingthe Apache server.
Verifying the Setup
Install the load balancer plug-in. For detailed steps to installthe plug-in, see Sun Java System Application Server 9.1 Installation Guide.During the installation, provide the path to the DAS certificate.
Log in to the Application Server Admin Console and createa new cluster. For steps to create a new cluster, refer to the Admin ConsoleOnline Help.
Create a new HTTP Load Balancer. While creating the load balancer,specify the FQDN of the web server host as the device host name, web serverSSL Port as the device port and select the cluster you created in the previousstep as the target. For detailed steps to create a new HTTP Load Balancer,refer to the Admin Console Online Help.
To verify that the communication between the DAS and the webserver is working properly, in the Admin Console, navigate to the HTTP LoadBalancers node and click the HTTP Load Balancer. In the Load Balancer DeviceSettings page that appears, press the Test Connection button.
Ifyou have not enabled the Automatically Apply Changes option while creatinga load balancer, then you must manually export the load balancer configurationby going to the Export tab and clicking Apply Changes now.
If the test connection fails, be sure to check the ApplicationServer domain logs and the web server logs to troubleshoot the problem. Alsocheck if all the configuration steps have been performed correctly.