Automic Workload Automation

​Hello,
   We plan to run our next AE server on 2 hosts, having each of them an AWI based on Apache/Tomcat. Where could  I find some documentation on how to implement a load balancer for the 2 AWI modules ?
Thank you....

Hi,
we're faced with the same Problem. The documentation for this scenario is very poor. We allready build up a testenvironment. We use 2 Tomcatserver. To create a scaleable architecture we define 3 tomcat instances (test,development,production). So we can control each deployment level seperately, each instance has it's own log and configuration environment. The Second tomcat installation is a mirror of this system. We use a Netscaler to define 3 Services and connect ist to the tomcat services.
So far so good and when no SSL configuration is needed a good working concept.
At the moment we try to use SSL for system communication (JCP). At this part the manual is very poor.
I have a tomcat as failover on each AE Server and it works fine. But now i don't find any useful information about certificate and ssl handling with more than one system. The configuration is a game of trial and error, that makes the work frustrating.

------------------------------
Senior Administrator and Consultant Business Automation
SID-LRZS
------------------------------

Original Message:
Sent: 08-13-2020 06:10 AM
From: Collard
Subject: AWI load balancer

​Hello,
   We plan to run our next AE server on 2 hosts, having each of them an AWI based on Apache/Tomcat. Where could  I find some documentation on how to implement a load balancer for the 2 AWI modules ?
Thank you....

Hi @Andrzej Golaszewski,

We have one AWI/Tomcat installation per AE node, 4 in Preproduction and 4 in Production and we also have a LB setup in place for failover purposes.
I also use SSL certificates.

If you are not already familiar with setting up SSL/TLS, you may find this link useful: https://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html

Best regards
Keld Møllnitz
Nordea.
Original Message:
Sent: 08-13-2020 09:16 AM
From: Andrzej Golaszewski
Subject: AWI load balancer

Hi,
we're faced with the same Problem. The documentation for this scenario is very poor. We allready build up a testenvironment. We use 2 Tomcatserver. To create a scaleable architecture we define 3 tomcat instances (test,development,production). So we can control each deployment level seperately, each instance has it's own log and configuration environment. The Second tomcat installation is a mirror of this system. We use a Netscaler to define 3 Services and connect ist to the tomcat services.
So far so good and when no SSL configuration is needed a good working concept.
At the moment we try to use SSL for system communication (JCP). At this part the manual is very poor.
I have a tomcat as failover on each AE Server and it works fine. But now i don't find any useful information about certificate and ssl handling with more than one system. The configuration is a game of trial and error, that makes the work frustrating.

------------------------------
Senior Administrator and Consultant Business Automation
SID-LRZS

Original Message:
Sent: 08-13-2020 06:10 AM
From: Collard
Subject: AWI load balancer

​Hello,
   We plan to run our next AE server on 2 hosts, having each of them an AWI based on Apache/Tomcat. Where could  I find some documentation on how to implement a load balancer for the 2 AWI modules ?
Thank you....

Hi Keld Mollnitz,
using SSL certificates with tomcat ist no the Problem. Using the SSL certificates with the JCP is more difficult. You can configure in config file ucsrv.ini section [REST] Key sslEnabled=1. In the documentation JCP Installation there is a short description. Than comes the incomplete part of documentation. In chapter Adding the certificates is only one sentence about how to do.

"JCP uses keystore as defined in the Automation Engine configuration file. For additional information as well as information on adding certificates, see https://www.eclipse.org/jetty/documentation/current/configuring-ssl.html"

For the AE serversystem i found my solution with more or less trial and error time. But thats not what i expect from a good documentation. I'm no expert in using certificates and in my opinon there are some gaps in the docs that make the use of it unnecessarily complicated.
Now i with V12 of AE the JAVA UI is gone and it was time to rebuild the architecture of the AWI, as i described. At the moment i'm stucking again at the part Adding the certificates.

I create certificate for my AWI Servers, self signed it and try to load it into the truststore of the Java Envorinment. I can't load the new certificate inte keystore using the same alias. OK that make sense, so i try to use another alias something like jetty2. It does not work.
In previous lessons i learned that you're forced to use the jetty alias.

Following the description is hardly to manage because not everyone of us is a certificate expert. 

To unterstand the certificate construct i need much more background information, how the communication with certificates work in detail, and how to easily setup my environment with the recommended AWI architecture.

------------------------------
Senior Administrator and Consultant Business Automation
SID-LRZS
------------------------------

Original Message:
Sent: 08-14-2020 01:44 AM
From: Keld Mollnitz
Subject: AWI load balancer

Hi @Andrzej Golaszewski,

We have one AWI/Tomcat installation per AE node, 4 in Preproduction and 4 in Production and we also have a LB setup in place for failover purposes.
I also use SSL certificates.

If you are not already familiar with setting up SSL/TLS, you may find this link useful: https://tomcat.apache.org/tomcat-9.0-doc/ssl-howto.html

Best regards
Keld Møllnitz
Nordea.
Original Message:
Sent: 08-13-2020 09:16 AM
From: Andrzej Golaszewski
Subject: AWI load balancer

Hi,
we're faced with the same Problem. The documentation for this scenario is very poor. We allready build up a testenvironment. We use 2 Tomcatserver. To create a scaleable architecture we define 3 tomcat instances (test,development,production). So we can control each deployment level seperately, each instance has it's own log and configuration environment. The Second tomcat installation is a mirror of this system. We use a Netscaler to define 3 Services and connect ist to the tomcat services.
So far so good and when no SSL configuration is needed a good working concept.
At the moment we try to use SSL for system communication (JCP). At this part the manual is very poor.
I have a tomcat as failover on each AE Server and it works fine. But now i don't find any useful information about certificate and ssl handling with more than one system. The configuration is a game of trial and error, that makes the work frustrating.

------------------------------
Senior Administrator and Consultant Business Automation
SID-LRZS

Original Message:
Sent: 08-13-2020 06:10 AM
From: Collard
Subject: AWI load balancer

​Hello,
   We plan to run our next AE server on 2 hosts, having each of them an AWI based on Apache/Tomcat. Where could  I find some documentation on how to implement a load balancer for the 2 AWI modules ?
Thank you....

Hey there,

I don't believe that you will be able to find such info anywhere.

Broadcom are still keen that their documentation does not deal with HA setups (for the requirements also).

However as this is a simple WebServer, it is prety straightforward. 

For one of our customers we have the following :

2x separate dedicated servers for the Tomcat (single instance)
On a different server, which we are using for multiple things (LDAP Sync, DB Utilities UI, interal scripts), we installed the LB (apache / httpd)

In that case if any of the Tomcat servers is down - the AWI adress will still work.

On another customer we have similar setup, but the LB (httpd) is installed on one of the Tomcat servers.

In that case if that particular server is down - you will need to dial the other (the adress must be known to all)


It is entirely up to you if you want to run several tomcat instances on the same server or a single.

And if the same AWI will be used for both Prod/Dev or you will separete them.

Cheers,

Krum

Original Message:
Sent: 08-13-2020 06:10 AM
From: Collard
Subject: AWI load balancer

​Hello,
   We plan to run our next AE server on 2 hosts, having each of them an AWI based on Apache/Tomcat. Where could  I find some documentation on how to implement a load balancer for the 2 AWI modules ?
Thank you....