I'm trying to understand the topology of Worklight. Specifically how does a WL Server handles its applications.
If I understood correctly, a WL Server has a <httpEndpoint>. This means that a set of WL Applications will have their context root on that port. Right?
This means, If I want to put /worklightconsole on a custom port, I'll need a network installation instead of a standalone so that I can have a cluster of WL instances and each one will bind to a different port.
Did I understood this matter correctly? Then I can use a reverse proxy to needle my requests to the correct instance of WL Server.
Right?
Thanks in advance!
http://www-01.ibm.com/support/knowledgecenter/SSZH4A_6.1.0/com.ibm.worklight.installconfig.doc/admin/c_typical_topology_of_an_ibm_wor.html
Yes the httpEndpoint entry defines the http and https port and the WL applications have their context root on these ports.
If you have different Liberty Servers with the same WL runtime, be sure that the you share the same database and same schema.
After that you can use a Web Proxy to load balance the requests between the different Liberty servers.
Related
I researched about any plugin/module WSGI for Oracle WebLogic 12c that allows me run a python flask app, with no success.
The reason for why i need to run from WebLogic 12c, it's because i need to use the SSL certfied living there.
Researching, i found many web server (Apache, Gunicorn, etc) can act as proxy of WebLogic, here is an example, where Nginx receive all the requests with SSL and then passed them to WebLogic:
https://medium.com/#Dracontis/nginx-as-proxy-for-weblogic-with-ssl-c7e1076e2c0c
So, i wonder if there is a manner to invert this order? I mean, WebLogic receive all the requests (safely because of SSL certified) and then pass them to any web server with the WSGI standard.
Thanks in advance.
I didn't find a sort of solution that accomplished the topic above. However, in case someone needs implements this topology here is what i did:
I've installed an Oracle HTTP Server (OHS) and creating a wallet for the SSL certified, in certain way in which the OHS can receive the requests secure, then inside the OHS with specific setting achieve forward the request to the Apache running with the module WSGI.
We have an Oracle application (Agile PLM) which is deployed in a clustered environment. We have one admin node and two managed nodes supporting our application, where admin and 1 managed nodes are on the same server. We also have Load balancer which manages the traffic between the cluster.
We want to configure SSL in our application so that the application URL will be accessible over https only. We have already configured SSL at Load Balancer level(by installing security certificates in weblogic server which is the admin server) but want to know if we have to configure SSL on the managed server as well or bringing Load Balancer on https is sufficient?
All the users access the application using the Load Balancer URL only but since I am from the development team, so is only aware of the fact that we can also connect to the application with Managed server URLs, which are still running on http. Is it must to bring Managed servers also on https or it is just a good practice but not necessary?
It's not necessary, though probably a good practice.
I believe I have read in Oracle's installation guide that the recommended way is HTTP on the managed servers and terminating SSL on the load balancer. This may have changed.
For what it's worth, I leave HTTP on the managed servers.
I have a set up I would like to implement but just not sure on the details. As you can see in the image below I have a single VPS in the web which I would like to use as a gateway to a number of locally running web servers. Im using the VPN to hide the IP/location of the server farm while maintaining the ability to host locally.
What I am not sure on is the implementation as I have never used a VPN before. My understanding is that I can host the VPN server on the server farm, have the VPS connect to it which will give me another 'local' network interface which I can then use apache to proxy traffic through?
The server farm is basically a small Kubernetes cluster give or take a little.
Is my understanding correct and can you offer any advice on implementaion?
Thanks in advance!
server farm example image
The VPN server should have two network interfaces. The first is the public interface that connects to the Internet and the second is the local interface that connects to the server farm. All the servers in the farm should connect only to the local interface and have the gateway set as the VPN server.
You can use the Reverse Proxy functionality in Apache to route incoming traffic to the appropriate server. See Reverse Proxy Guide
In Weblogic, I have more than one Machines created using Node Manager. We have been told to setup SSL implementation for our Application which is deployed across created machines in a single Weblogic Admin Console.
So for the Application we had configured certificate using .jks file and configured SSL listen port by enabling it.
However we have been told to secure Node Manager machines in which application are deployed across as well. While enabling Node Manager type to SSL instead of Plain I am getting SSLException. By the fact we no need to secure Machines which were created using Node Manager, only securing Application is sufficient. Is am I right. Else is it required to Secure Machines -> Node Manager as well.
When I am turning SSL in Machines -> Node Manager, what are the things I have to consider to avoid SSLException. Is the Weblogic restart required If configure this or so. For now I do not have UNIX access, hence I couldn't do that at this moment.
Please advise on this situation. Without securing Machines -> Node Manager I am able run the application. But not able to access it using https. Only http for the Application is working.
Please advise on the situation.
SSL for node manager is optional as there's no application related sensitive data that flows in this layer.
You mention even after configuring jks you can't get the server and hence the application listening on https. Could you elaborate what steps did you follow. Note this has nothing to do with node manager
I'm on Weblogic AS 10.3.5, I have two managed servers pointed to a cluster, so I have two url, one for the first managed server, the other one for the second.
I will deploy my application on the cluster, so will I reach it on both the url? will the application deployed and running on both the servers?
How does it work? Can you give me some references, please?
Is it clear?
Thanks a lot!
First, you shouldn't be using WebLogic 10.3.5 anymore since it has reached the last stage of support called Sustained Support. Consider to upgrade at least to WebLogic 10.3.6.
Related to your question, I believe you are talking about a Web Application and how to access it. First you need to read about Load Balancing in a Cluster. For the web part (JSP and Servlets) basically you have to options: setup a Web Server (like Apache HTTP) to make use of the WebLogic Plug-in, that will then be connected to the WebLogic cluster. The other easier option is to simply use an LBR (load balance router hardware).
These are the "software" solutions you have for Load Balancing your web application in a clustered WebLogic:
WebLogic Server supports the following Web servers and associated
proxy plug-ins:
WebLogic Server with the HttpClusterServlet
Netscape Enterprise Server with the Netscape (proxy) plug-in
Apache with the Apache Server (proxy) plug-in
Microsoft Internet Information Server with the Microsoft-IIS (proxy) plug-in
You can read more about this options at the Configure Proxy Plug-ins documentation page for WebLogic 10.3.6.