Weblogic Node Manager Configuration

 

At the end of this chapter you will be able to:

• Overview of Node Manager Configuration
• General Configuration Steps
  • Step 1: Configure Your Computer to Run Node Manager
  • Step 2: Specify Node Manager Username and Password
  • Step 3: Configure a Machine to Use Node Manager
  • Step 4: Configuring node manager.domains File
  • Step 5: Configuring Remote Startup Arguments
  • Step 6: Setting Server Startup Properties
  • Step 7: Define the Administration Server Address
  • Step 8: Set the Node Manager Environment Variables

Overview of Node Manager Configuration

• This section describes the general Node Manager configuration that applies to the Java and script version of Node Manager. You should ensure that you have performed all of the items outlined in the following sections.
• After you have performed general Node Manager configuration, you should perform the configuration procedures outlined in Configuring Java Node Manager or Configuring Script Node Manager depending on which version of the Node Manager you are using.

General Configuration Steps:

The following sections describe general procedures that are applicable to both the Java and scripted version of Node Manager:

• Step 1: Configure Your Computer to Run Node Manager
• Step 2: Specify Node Manager Username and Password
• Step 3: Configure a Machine to Use Node Manager
• Step 4: Configuring node manager.domains File
• Step 5: Configuring Remote Startup Arguments
• Step 6: Setting Server Startup Properties
• Step 7: Define the Administration Server Address
• Step 8: Set the Node Manager Environment Variables

Step 1: Configure Your Computer to Run Node Manager

Node Manager must run on each computer that hosts a WebLogic Server instance. Configure each computer as a machine resource in WebLogic Server, and assign each server instance that you will control with Node Manager to the machine upon which it runs.

Ideally, Node Manager should run as an operating system service or daemon, so that it is automatically restarted in the event of system failure or reboot.

Node Manager is ready-to-run after WebLogic Server installation if you run Node Manager and the Administration Server on the same machine and use the demonstration SSL configuration.

By default, the following behaviors are configured:

• You can start a Managed Server using Node Manager through the Administration Console.

• Node Manager monitors the Managed Servers that it has started.

• The automatic restart of Managed Servers is enabled. Node Manager restarts server instances that it killed or was killed by another method.

However, by default, the nmConnect command cannot be used in a production environment. You must first perform the following procedures to use nmConnect in a production environment.

1. Start the Administration Server.

2. Using the Administration Console update the Node Manager credentials from the Advanced options under domain_name→Security→General.

3. Invoke WLST and connect to an Administration Server using the connect command.

4. Run nmEnroll using the following syntax: nmEnroll([domainDir], [nmHome])

For example,

nmEnroll('C:/bea/user_projects/domains/prod_domain',

'C:/bea/wlserver_10.0/common/nodemanager')

Running nmEnroll() ensures that the correct Node Manager user and password token are supplied to each Managed Server. Once these are available for each Managed Server, you can use nmConnect() in a production environment.

Note: You must run nmEnroll() on each machine that is running a Managed Server. Additionally, you should run nmEnroll() for each domain directory on each machine.

Step 2: Specify Node Manager Username and Password

The nm_password.properties file contains the Node Manager username and password. These are used to authenticate the connection between a client (for example, the Administration Server) and Node Manager.

Note: This username and password are only used to authenticate connections between Node Manager and clients. They are independent of the server admin ID and password.

Administration Console NM Security

Domain_Name -> Security -> Advanced Options

Step 3: Configure a Machine to Use Node Manager

Configure a machine definition for each machine that runs a Node Manager process using the Environment→Machines→<machine_name>→Node Manager page in the Administration Console. Enter the DNS name or IP address upon which Node Manager listens in the Listen Address field.

Step 4: Configuring nodemanager.domains File

• The nodemanager.domains file specifies the domains that a Node Manager instance controls. Thus stand-alone clients do not need to specify the domain directory explicitly.
• This file must contain an entry specifying the domain directory for each domain the Node Manager instance controls, in this form:
• <domain-name>=<domain-directory>
• When a user issues a command for a domain, the Node Manager looks up the domain directory from nodemanager.domains.

Step 5: Configuring Remote Startup Arguments

In the Administration Console, on the Server→Configuration→Server Start page for the Managed Server, specify the startup arguments that Node Manager will use to start a Managed Server. If you do not specify startup arguments for a Managed Server, Node Manager uses its own properties as defaults to start the Managed Server.

Step 6: Setting Server Startup Properties

You can use the Node Manager to set the startup properties for a server. These properties can be defined in startup.properties or passed as an object using administrative utilities such as WLST. This file is defined for each server instance and is located in:

domain_home/servers/server_name/data/nodemanager/startup.properties

Step 7: Define the Administration Server Address

• Ensuring Administration Server Address is defined A Listen Address must be defined for each Administration Server that will connect to the Node Manager process.
• Set the Listen Address using the Servers→Configuration→General page in the Administration Console.

Step 8: Set the Node Manager Environment Variables

Node Manager requires you to set several environment variables before you start it. You can set these variables manually on the command line, or you can create a start script that sets them automatically. The sample start scripts provided with WebLogic Server, startNodeManager.cmd, and startNodeManager.sh, set the required variables.

Configuring Java & Script-Based Node Manager

Configuring Java-Based Node Manager

• BEA recommends configuring NM to run as an operating system service or a Windows service on Windows systems. By default, the operating system service starts up Node Manager to listen on localhost: 5556.

• Configuration tasks for Java-based Node Manager include:

• Reconfiguring Startup Service for Windows Installation
• Configuring Java-based Node Manager Security
• Reviewing nodemanager.properties
• Configuring Node Manager on Multiple Machines
• Configuring Node Manager as an xinetd Service

Reconfigure Startup Service for Windows Installations

The directory WL_HOMEserverbin (where WL_HOME is the top-level directory for the WebLogic Server installation) contains uninstallNodeMgrSvc.cmd, a script for uninstalling the Node Manager service, and installNodeMgrSvc.cmd, a script for installing Node Manager as a service.

1. Delete the service using uninstallNodeMgrSvc.cmd.

2. Edit installNodeMgrSvc.cmd to specify Node Manager’s Listen Address and Listen Port. Make the same edits to uninstallNodeMgrSvc.cmd as you make to installNodeMgrSvc.cmd so that you can successfully uninstall the service in the future, as desired.

3. Run installNodeMgrSvc.cmd to re-install Node Manager as a service, listening to the updated address and port.

Configuring Java-Based Node Manager Security

• NM Security relies on a one-way SSL connection between client and server

• WLST uses the nmConnect command to establish a connection to the Java Node Manager.

• The nmConnect command requires a username and password, which is verified against the nm_password.properties file.

Node Manager credentials are located on the domain_name→Security→General→Advanced Options page in the Administration Console.

Administration Console users do not need to provide credentials to connect to Node Manager explicitly—the Node Manager username and password are available in the domain configuration and are provided automatically.

Remote Server Start Security for Java-Based Node Manager

Credentials for Managed Servers and Administration Servers are handled differently:

• Managed Servers – When you invoke NM to start a Managed Server it gets its remote username and password from the Administration Server

• Administration Servers – When you invoke NM to start an Administration Server, the remote start username come from either the command-line or the boot.properties file

Reviewing nodemanager.properties

Node Manager properties define a variety of configuration settings for a Java-based Node Manager process. You can specify Node Manager properties on the command line or define them in the nodemanager.properties file, which is created in the directory where you start Node Manager the first time it starts up after installation of WebLogic Server. Values supplied on the command line override the values in nodemanager.properties.

nodemanager.properties is created in the directory specified in NodeManagerHome, where NodeManagerHome is WL_HOME/common/nodemanager. If NodeManagerHome is not defined, nodemanager.properties is created in the current directory.

Each time you start Node Manager, it looks for nodemanager.properties on the current directory and creates the file if it does not exist in that directory. You cannot access the file until Node Manager has started up once.

• Properties for a Java-based Node Manager process can be specified either at the command line or in the nodemanager.properties file.

• Values supplied on the command line take precedence over those in the nodemanager.properties file.

• To configure the Node Manager to use a start script, in the nodemanager.properties file:

• set the StartScriptEnabled property to true.
• Set the StartScriptName property to the name of your script

Configuring Node Manager on Multiple Machines

If you have a domain that has Managed Servers on multiple physical machines, you must ensure that the Node Manager is installed and configured on each machine. You can use the WLST command nmEnroll to copy all of the required domain and configuration information from one machine to another.

Configuring Node Manager as a xinetd Service

When configuring Node Manager to run as an inetd or xinetd service, the following considerations apply:

• Ensure that NodeManagerHome and other system properties are defined.

• If xinetd is configured with libwrap, you should add the NOLIBWRAP flag.

• Ensure that the hosts.deny and hosts. allow files are configured correctly.

• Depending on your network environment, additional configuration may be necessary.

The following example shows how the Node Manager can be configured within xinetd:

# default: off

# description:nodemanager as a service

service nodemgrsvc

{

type            = UNLISTED

disable         = no

socket_type     = stream

protocol        = tcp

wait            = yes

user            = <username>

port            = 5556

flags           = NOLIBWRAP

log_on_success += DURATION HOST USERID

server          = <path-to-jave>/java

env             = CLASSPATH=<cp> LD_LIBRARY_PATH=<ldpath>

server_args     = -client -DNodeManagerHome=<NMHome> <java options> <nodemanager options> weblogic.NodeManager -v

}

Configuring Script-Based Node Manager

Overview:

• The SSH Node Manager is a shell script, wlscontrol.sh, located in WL_HOME/common/bin/. The wlscontrol.sh file must exist on each machine that hosts server instances that you want to control with Node Manager. This script can be customized to meet site-specific requirements.

• You must have an SSH client executable on each machine where the Node Manager or a Node Manager client runs. This script must also be in the path of the user-id running it. Typically, an SSH client is a standard part of a UNIX or Linux installation.

• Configuration tasks for Script-based Node Manager include:

– Using SSL With Script-based Node Manager

– Creating a Node Manager User

– Configuring Script-based Node Manager Security

Using SSL with Script-based NM

• Script-based Node Manager communicates with Administration Servers and Managed Servers using one-way SSL.

• The default WLS installation includes demonstration Identity and Trust keystores that allow SSL to be used out of the box.

• To configure SSL for the production environment, identity and trust must be obtained for the Node Manager, the Administration Server, and all Managed Servers.

Creating a Node Manager User

• Before running, Node Manager, a dedicated UNIX user account – for performing Node Manager Functions – should be created.

• This user should be added to all machines that will host the SSH Node Manager and to all machines that will host a Node Manager client, including the Administration Server.

Configuring Script-Based Node Manager Security

• The Node Manager SSH shell script relies on SSH user-based security to provide a secure trust relationship between users on different machines.
  • Authentication is not required.
  • You create a UNIX user account – typically one per domain – for running Node Manager Commands and scripts.

• A user logged in as this user can issue Node Manager Commands without providing a username and password.

Summary:

• What is the Node Manager General Configurations
• Configuring Java-Based Node Manager
• Configuring Script-Based Node Manager.

Check out our Related Courses

• Weblogic Tutorials
• Introduction to Clustering Weblogic
• Oracle Apex Training In Hyderabad
• Oracle Weblogic Server Installation