Configuring load balancing for Rational DOORS Web Access by using Apache HTTP Server

You can improve performance and increase the availability of the system by using load balancing. Load balancing distributes tasks across all available processors and enhances processing capacity and scalability. You can configure load balancing for IBM® Rational® DOORS® Web Access by using Apache HTTP Server.

Before you begin

Before you configure load balancing, do these steps. For instructions, see the related topics links below.
  1. Install Rational DOORS Web Access, but do not start the Rational DOORS Web Access components or server. For more information, see Installing Rational DOORS Web Access.
  2. Configure Rational DOORS Web Access components to communicate. For more information, see Configuring Rational DOORS Web Access components to communicate.
  3. Install Apache HTTP Server. For more information, see Apache HTTP Server Project.

About this task

In this procedure, you will do these steps:
  1. Prepare the SSL keystore.
  2. Configure Rational DOORS Web Access server 1 as a load balancing server.
  3. Configure Rational DOORS Web Access servers 2 to n as a load balancing servers.
  4. Modify the httpd.conf and httpd-ssl.conf files.
  5. Start Apache HTTP Server.
  6. Start Rational DOORS Web Access components.
  7. Start Rational DOORS Web Access server 1.
  8. Start Rational DOORS Web Access servers 2 to n.

For the purposes of this procedure, assume that Apache HTTP Server is configured to expose port 8443 for public access. All requests are redirected to internal servers; for example, private_host_1 on port 7443 or private_host_2 on 6443. Depending on your environment, the port that Apache Tomcat is configured to use might be set to a different value to avoid port conflicts.

Procedure

  1. Place a valid SSL certificate key file in an accessible location on your system.
  2. Configure Rational DOORS Web Access servers 1 through n as load balancing servers:
    1. Open the festival.xml file, which is in the /server/festival/config/ directory. Set the instanceId parameter to a unique value in this format:
      48819f14-cecd-49d2-a91a-20e646b83f71
    2. Copy and increment that value on each server in the cluster; for example:

      On server 2, use 48819f14-cecd-49d2-a91a-20e646b83f72

      On server 3, use 48819f14-cecd-49d2-a91a-20e646b83f73
    3. Open the server.xml file, which is in the server/conf directory. Change all of the port settings in the file to unique values so that a unique set of values is on each server in the cluster. Modify these values:
      Server port="8005"
      Connector port="8080"
      redirectPort="8443" 
      port="8443"
      Connector port="8009" 
    4. In the server.xml file, add the jvmRoute to the engine element. Change this entry:
      <Engine name="Catalina" defaultHost="localhost">
      to:
      <Engine name="Catalina" defaultHost="localhost" jvmRoute="DWAbalance1">

      where the jvmRoute value is unique for each of the Rational DOORS Web Access server instances.

      Those values correspond to routing assignments in the Apache web server, as shown in 3.c. The load balancing server uses the routing assignments to support sticky sessions, which direct user requests to the same server during a single session.

    5. Repeat the previous step for each Rational DOORS Web Access server. Increment the jvmRoute value for each server; for example: DWAbalance3, DWAbalance4, DWAbalance5.
  3. Configure the Apache HTTP Server to process SSL requests by editing the httpd.conf file, which is in the conf directory in the Apache installation.
    1. Uncomment these modules:
      • LoadModule proxy_module modules/mod_proxy.so
      • LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
      • LoadModule proxy_http_module modules/mod_proxy_http.so
      • LoadModule status_module modules/mod_status.so
      • LoadModule ssl_module modules/mod_ssl.so
    2. Go to the SSL configuration section, which starts with #Secure (SSL/TLS) connections.
    3. Add the following entries, being sure to add unique ProxyPassReverse and BalancerMember entries for every server in the cluster.
      #
      # reverse proxy
      #
      SSLProxyEngine On
      ProxyPreserveHost On
      
      ProxyPass /balancer-manager !
      ProxyPass / balancer://mycluster/ stickysession=JSESSIONID|jsessionid nofailover=On
      
      ProxyPassReverse / https://private_host_1:7443/
      ProxyPassReverse / https://private_host_n:6443/
      <Proxy balancer://mycluster>
         BalancerMember https://private_host_1:7443 route=DWAbalance1 loadfactor=50   
         BalancerMember https://private_host_n:6443 route=DWAbalance2 loadfactor=50
         # Add an entry for each BalancerMember in your cluster.
      </Proxy>
      Change private_host_1 through private_host_n to the fully qualified host name for each server; for example, server1.example.com. Add BalancerMember entries for every host in your load balancing cluster. Be sure to use the port number that is configured for Apache Tomcat on each server.
    4. Uncomment this line:
      Include conf/extra/httpd-ssl.conf
      For more information about configuring the Apache HTTP Server for load balancing, see Apache Module mod_proxy_balancer in the Apache Software Foundation documentation.
    5. Optional: To view the load balancer status add these entries to the httpd.conf file:
      ProxyPass /balancer-manager !
      <Location /balancer-manager>
        SetHandler balancer-manager
        Order Deny,Allow
        Allow from your host.domain or another host
        Deny from all
      </Location>

      For more information about access control, see Access Control in the Apache Software Foundation documentation.

  4. Edit the httpd-ssl.conf file, which is in the /conf/extra directory in the Apache installation.
    1. Update the host name and the port that SSL is configured on.
    2. Update the settings as required, including these settings:
      • SSLCertificateFile
      • SSLCertificateKeyFile
      Note: If the SSLCertificateKeyFile key file is protected by a password, the password must be entered each time the server starts. You can remove the password, but before you do, consider the security implications of this action for your environment.
      For more information about editing HTTP SSL files, see Apache Core Features and Apache Module mod_ssl in the Apache Software Foundation documentation.
  5. Start Apache HTTP Server. Any errors are written to the error.log file, which is in the Apache installation in the /logs folder.
  6. Start Rational DOORS Web Access components on both servers.
  7. Start Rational DOORS Web Access servers 1 to n.

Feedback