I have created a cluster with 2 servers and I have developed a sample application. I can access this application from ip address of these servers(10.0.0.3:7002/sample/ and 10.0.0.4:7002/sample/) but I don't know this cluster is working or not. Can I access this web application from a single address? like myclusteraddress:7002/sample/.
You can accomplish this task in two ways...
First Way
You need to create a Load balancer(F5) to the both the servers which automatically manages the traffic and serves the user requests...
Second Way
You have to a dns cutover for that website...it's same as above task almost.
Related
A Weblogic server got hacked and the problem is now removed.
I am looking through the infected VM's now in a sandbox and want to see what if any data was accessed on the application servers.
the app servers were getting hammered with ssh requests and so we identified the infected VM's as the web logic VMS, we did not have http logging on. Is there any way to Identify if any PII was Compromised?
Looked through secure logs on weblogic as well as looked through the PIA logs
I am not sure how to identify what if any data was accessed
I would like to find out what went out of our network and info or data
what should I be looking for
is there anything I can learn from looking at the weblogic servers running on red hat?
I would want to believe that SSH was not the only service being hammered, and that was a large attempt to make eyes be on Auth logging whilst an attempt on other services is made.
Do you have a Time frame that you are working with?
Have the OS logs been checked for that time frame?
.bash_history been checked? env variables? /etc/pass* for added users? aliases? reverse shells open on the network connections? New users created on services running on that particular host?
Was WebLogic the only service running on this publicly available host?
What other services and ports were available?
Was this due to an older version of Weblogic or another service, application, plugin?
Create yourself an excel spreadsheet and start a timeline.
Look at all the OS level logging possible and start to make note of anything that looks suspicious, to then follow that breadcrumb to exhaustion.
I want to create a weblogic cluster that has two managed servers each running on a physically separated remote machine
According to weblogic docs
All Managed Servers in a cluster must reside in the same domain; you
cannot split a cluster over multiple domains.
Ref: https://docs.oracle.com/cd/E24329_01/web.1211/e24970/understand_domains.htm#DOMCF125
If this is the case then where am I suppose to create the Managed Server on the remote machine. Since the managed server can only be created in the domain, am I not suppose to create the domain on the remote machine for holding managed server?
[edit]
As per the below documentation
https://docs.oracle.com/cd/E17904_01/web.1111/e14144/tasks.htm#WLDPU136
It seems that the admin server domain is replicated on remote managed servers using pack and unpack commands.
That means a separate copy of domain must be made available on remote machines in order to operate managed servers on it.
Is it the fault with the oracle documentation-
Because then its the violation of the Domain Restrictions rule which says that there should be only one domain per cluster?
Domain is logical group for all Weblogic resources like relam, cluster, manged servers. You can create managed servers on physically separated remote machine and group them in a same Weblogic domain.
In a WebLogic Server domain there is always one administration server. This special instance of WebLogic Server is responsible for the configuration of the entire domain. Other servers in the domain are called managed servers. These are typically the servers on which you run your applications. A domain can contain any number of managed servers. You can find the detail on this link -
https://docs.oracle.com/cd/E17904_01/web.1111/e14144/tasks.htm#WLDPU136
I have two applications running on a single tomcat instance.
Both applications use some apache trickery to mask their IP to a host name
rather that
http://123.123.123.123/appOne
http://123.123.123.123/appTwo
It is
http://appone.com/appOne
http://apptwo.com/appTwo
I want to share common information between the two applications but the browser is assuming they are different.
I have set the
cookie.setDomain("123.123.123.123")
cookie.setPath("/")
both
request.getLocalName()
request.getLocalAddr()
return appone.com
Is it possible to do this?
Unfortunately, you can not share information between two applications via cookie in your deployment.
A browser sees that you have two applications in different domains: appone.com and apptwo.com.
By design it will never send a cookie from one domain to another.
You can share a data between applications via a database.
what's the best way to achieve high availability for a dynamic website? If I create a second copy on another server and do not wish to use a load balancer since it will mess up user sessions, what are the best alternatives?
You can store session data in a database instead, which gets around that problem, then you can round-robin the requests to the application servers.
(Good) Load Balancers can be configured to be "sticky" which means they send requests from the same IP to the same server each time.
Even if you have a load balancer sitting infront of two backend webservers, you just move the single point of failure onto the load balancer instead of the webserver. So your application would still not be highly available.
I highly recommend using a load balancer and at least a pair of web servers. At work, we use HA Proxy, which is fully capable of ensuring sessions are 'sticky', and are sent to the same web server unless it goes down, where it will fail over.
To make your load balancer highly available, you can set up two load balancing servers which are a mirror image of each other. Assign a single virtual IP to both of your load balancers. Write a script that will poll the other server to check if it's down; if it's down, have that script pick up that virtual IP address. The script should be running on both servers.
This link describes one way of managing a virtual IP address. Similar articles have been written for a large number of linux distros, but they are all based on the same method.
Loadbalancers. They should be configured in such a way that they can handle the sessions. Maybe by sending the same ip to the same backend every time. Or store them inside a database, or some shared memory if it needs to be really fast for some reason i haven't thought of.
We use BigIP to load balance between our two IIS servers. We recently deployed a WCF service hosted on by IIS 6 onto these two Windows Server 2003R2 servers.
Each server is configured with two host headers: one for the load balancer address, and then a second host header that points only to that server. That way we can reference a specific server in the load balanced group for debugging.
So when we run We immediately got the error:
This collection already contains an address with scheme http. There can be at most one address per scheme in this collection.
Parameter name: item
I did some research and we can implement a filter to tell it to ignore the one of the hosts, but then we cannot access the server from that address.
<serviceHostingEnvironment>
<baseAddressPrefixFilters>
<add prefix="http://domain.com:80"/>
</baseAddressPrefixFilters>
</serviceHostingEnvironment>
What is the best solution in this scenario which would allow us to hit a WCF service via http://domain.com/service.svc and http://server1.domain.com/service.svc?
If we should create our own ServiceFactory as some sites suggest, does anyone have any sample code on this?
Any help is much appreciated.
EDIT: We will need to be able to access the WCF service from either of the two addresses, if at all possible.
Thank you.
On your bigIP Create 2 new virtual servers
http://server1.domain.com/
http://server2.domain.com/
create a pool for each VS with only the specific server in it - so there will be no actual load balancing and access it that way. If you are short on external IP'S you can still use the same IP as your production domain name and just use an irule to direct traffic to the appropriate pool
Hope this helps
The URL it uses is based on the bindings in IIS. Does the website have more than one binding? If it does, or is the WCF service used by multiple sites? If it is, then you are SOL AFAIK. We ran into this issue. Basically, there can be only one IIS binding for HTTP, otherwise it bombs.
Also, here's info on implementing a ServiceHostFactory. That WILL work if it's possible that your WCF service only be accessible through 1 address (unfortunately for us, this was not possible).
When you need to test a specific machine, you could "bypass" the load balancing and ensure the correct host-header is sent to keeep WCF happy by editing the "hosts" file on the machine you're testing from so, for example:
10.0.0.11 through 10.0.0.16 are the six hosts that are in the cluster "cluster.mycompany.local", with a load balanced IP address of 10.0.0.10. When testing you could add a line to the machines hosts file that says "10.0.0.13 cluster.mycompany.local" to be able to hit the third machine in the cluster directly.