You can organize Liberty servers into collectives to support
clustering, administration, and other operations that act on multiple
Liberty servers at a time in order to efficiently and accurately deliver
application services to your organization.
Before you begin
The collectiveController-1.0 feature
and its capabilities are available only in WebSphere® Application Server Liberty Network
Deployment and WebSphere Application Server Liberty for z/OS®. The feature is not available in WebSphere
Application Server Liberty, WebSphere Application Server Liberty -
Express, or WebSphere Application Server Liberty Core. If you have
a WebSphere Application Server Liberty Network Deployment installation,
you can use its collectiveController-1.0 feature
to work with collective members from WebSphere Application Server
Liberty, WebSphere Application Server Liberty - Express, or WebSphere
Application Server Liberty Core installations.
About this task
A Liberty collective is a set of Liberty servers that
are configured as part of the same administrative and operational
domain.
Configuration and state data about a Liberty collective
is housed in an active operational repository.
Membership in
a Liberty collective is optional. Liberty servers join a collective
by registering with a collective controller to become members. Members
share information about themselves through the operational repository
of the controller.
The following rules apply:
- A Liberty server can be a member of only one collective.
- Different Liberty servers on the same host can be in different
collectives.
- Liberty servers on the same host that are members of a collective
can coexist with Liberty servers that are not members of a collective.
Procedure
- Create and configure your controller.
- Create a server to act as the collective controller.
wlp/bin/server create myController
- Create the collective configuration.
This
consists primarily of the administrative domain security configuration
used for secure communication between controllers and members.
wlp/bin/collective create myController --keystorePassword=controllerKSPassword

By default, this collective command writes output to a console screen. In
the next step, you copy the output into the
server.xml file. To write the output to a
file, instead of to a console screen, specify an optional
--createConfigFile=outputFilePath
parameter.
wlp/bin/collective create myController --keystorePassword=controllerKSPassword --createConfigFile=outputFilePath
Then,
include the outputted file in the collective configuration by adding
an
include statement to the server.xml
file:
<include location=outputFilePath />
- Update the server.xml file.
- Copy and paste output.
If the command wrote output to a
console screen:
- Copy output from the collective command and paste it
into the server.xml file.
- Add a user registry and an administrative user (for
the join operation).
In
$WLP_INSTALL_DIR/usr/servers/myController/server.xml
for
example:
<server description="controller server">
<!-- Enable features -->
<featureManager>
<feature>jsp-2.2</feature>
</featureManager>
<httpEndpoint id="defaultHttpEndpoint"
host="*"
httpPort="9080"
httpsPort="9443" />
<featureManager>
<feature>collectiveController-1.0</feature>
</featureManager>
<!-- Define the host name for use by the collective.
If the host name needs to be changed, the server should be
removed from the collective and re-joined or re-replicated. -->
<variable name="defaultHostName" value="controllerHostname" />
<!-- TODO: Set the security configuration for Administrative access -->
<quickStartSecurity userName="adminUser" userPassword="adminPassword" />
<!-- clientAuthenticationSupported set to enable bidirectional trust -->
<ssl id="defaultSSLConfig"
keyStoreRef="defaultKeyStore"
trustStoreRef="defaultTrustStore"
clientAuthenticationSupported="true" />
<!-- inbound (HTTPS) keystore -->
<keyStore id="defaultKeyStore" password="yourPassword"
location="${server.config.dir}/resources/security/key.jks" />
<!-- inbound (HTTPS) truststore -->
<keyStore id="defaultTrustStore" password="yourPassword"
location="${server.config.dir}/resources/security/trust.jks" />
<!-- server identity keystore -->
<keyStore id="serverIdentity" password="yourPassword"
location="${server.config.dir}/resources/collective/serverIdentity.jks" />
<!-- collective trust keystore -->
<keyStore id="collectiveTrust" password="yourPassword"
location="${server.config.dir}/resources/collective/collectiveTrust.jks" />
<!-- collective root signers keystore -->
<keyStore id="collectiveRootKeys" password="yourPassword"
location="${server.config.dir}/resources/collective/rootKeys.jks" />
</server>
Add an include
statement.If you wrote the output to a file using the
--createConfigFile=outputFilePath
parameter, add an
include statement to
$WLP_INSTALL_DIR/usr/servers/myController/server.xml
to include the outputted file in the collective
configuration; for
example:
<server description="controller server">
<!-- Enable features -->
<featureManager>
<feature>jsp-2.2</feature>
</featureManager>
<httpEndpoint id="defaultHttpEndpoint"
host="*"
httpPort="9080"
httpsPort="9443" />
<include location="c:/wlp/usr/servers/myServer/collective-create-include.xml" />
</server>
- Start the server.
wlp/bin/server start myController
Figure 1. Collective of one
- Create and configure a member.
The controller
and members can be on separate hosts. In this example, the controller
and member are on the same host.
- Create a member server.
wlp/bin/server create myMember
- Join the member.
The join operation requires
a network connection to the collective controller and an administrative
user ID and password for performing MBean operations on the controller.
wlp/bin/collective join myMember --host=controllerHostname --port=9443 --user=adminUser --password=adminPassword --keystorePassword=memberKSPassword

To write the output of this collective command to a file, instead of to a
console screen, specify an optional
--createConfigFile=outputFilePath
parameter. Then, include the outputted file in the collective
configuration by adding an
include statement to the
server.xml
file:
<include location=outputFilePath />
The --keystorePassword value
can be different for each server that is joined to the collective.
Refer
to Overriding Liberty server host information for
the information that you must provide so that the collective controller
can establish a connection to the server.
- Update the server.xml file.
- Copy and paste output.
If the command wrote output to a
console screen:
- Copy output from the collective command and paste it
into the server.xml file.
- Modify the ports so that the server can open its
HTTP ports.
In
$WLP_INSTALL_DIR/usr/servers/myMember/server.xml
for
example:
<server description="member server">
<!-- Enable features -->
<featureManager>
<feature>jsp-2.2</feature>
</featureManager>
<httpEndpoint id="defaultHttpEndpoint"
host="*"
httpPort="9081"
httpsPort="9444" />
<featureManager>
<feature>collectiveMember-1.0</feature>
</featureManager>
<!-- Define the host name for use by the collective.
If the host name needs to be changed, the server should be
removed from the collective and re-joined or re-replicated. -->
<variable name="defaultHostName" value="memberHostname" />
<!-- Connection to the collective controller -->
<collectiveMember controllerHost="localhost"
controllerPort="9443" />
<!-- clientAuthenticationSupported set to enable bidirectional trust -->
<ssl id="defaultSSLConfig"
keyStoreRef="defaultKeyStore"
trustStoreRef="defaultTrustStore"
clientAuthenticationSupported="true" />
<!-- inbound (HTTPS) keystore -->
<keyStore id="defaultKeyStore" password="yourPassword"
location="${server.config.dir}/resources/security/key.jks" />
<!-- inbound (HTTPS) truststore -->
<keyStore id="defaultTrustStore" password="yourPassword"
location="${server.config.dir}/resources/security/trust.jks" />
<!-- server identity keystore -->
<keyStore id="serverIdentity" password="yourPassword"
location="${server.config.dir}/resources/collective/serverIdentity.jks" />
<!-- collective truststore -->
<keyStore id="collectiveTrust" password="yourPassword"
location="${server.config.dir}/resources/collective/collectiveTrust.jks" />
</server>
Add an include
statement.If you wrote the output to a file using the
--createConfigFile=outputFilePath
parameter, add an include statement to
$WLP_INSTALL_DIR/usr/servers/myController/server.xml
to include the outputted file; for
example:
<server description="controller server">
<!-- Enable features -->
<featureManager>
<feature>jsp-2.2</feature>
</featureManager>
<httpEndpoint id="defaultHttpEndpoint"
host="*"
httpPort="9080"
httpsPort="9443" />
<include location="c:/wlp/usr/servers/myServer/collective-join-include.xml" />
</server>
- Start the member.
wlp/bin/server start myMember
Figure 2. Simple collective
Results
The member publishes to the controller. The entry posted to
the
messages.log file resembles:
[1/31/13 11:17:47:699 CST] 0000002e nt.repository.member.internal.publisher.ServerPathsPublisher I CWWKX8114I:
The server's paths have been successfully published to the management repository.
[1/31/13 11:17:47:711 CST] 0000002f nt.repository.member.internal.publisher.ServerStatePublisher I CWWKX8116I:
The server STARTED state has been successfully published to the management repository.
[1/31/13 11:17:47:737 CST] 00000028 pository.member.internal.publisher.ServerManagementPublisher I CWWKX8112I:
The server's host information has been successfully published to the management repository.