Configuring a Liberty collective

You can organize Liberty servers into collectives to support clustering, administration, and other operations that act on multiple Liberty servers at a time in order to efficiently and accurately deliver application services to your organization.

Before you begin

The collectiveController-1.0 feature and its capabilities are available only in WebSphere® Application Server Liberty Network Deployment and WebSphere Application Server Liberty for z/OS®. The feature is not available in WebSphere Application Server Liberty, WebSphere Application Server Liberty - Express, or WebSphere Application Server Liberty Core. If you have a WebSphere Application Server Liberty Network Deployment installation, you can use its collectiveController-1.0 feature to work with collective members from WebSphere Application Server Liberty, WebSphere Application Server Liberty - Express, or WebSphere Application Server Liberty Core installations.

About this task

A Liberty collective is a set of Liberty servers that are configured as part of the same administrative and operational domain.

Configuration and state data about a Liberty collective is housed in an active operational repository.

Membership in a Liberty collective is optional. Liberty servers join a collective by registering with a collective controller to become members. Members share information about themselves through the operational repository of the controller.

The following rules apply:
  • A Liberty server can be a member of only one collective.
  • Different Liberty servers on the same host can be in different collectives.
  • Liberty servers on the same host that are members of a collective can coexist with Liberty servers that are not members of a collective.

Procedure

  1. Create and configure your controller.
    1. Create a server to act as the collective controller.
      wlp/bin/server create myController
    2. Create the collective configuration.

      This consists primarily of the administrative domain security configuration used for secure communication between controllers and members.

      wlp/bin/collective create myController --keystorePassword=controllerKSPassword
      Fix Pack 8552 By default, this collective command writes output to a console screen. In the next step, you copy the output into the server.xml file. To write the output to a file, instead of to a console screen, specify an optional --createConfigFile=outputFilePath parameter.
      wlp/bin/collective create myController --keystorePassword=controllerKSPassword --createConfigFile=outputFilePath
      Then, include the outputted file in the collective configuration by adding an include statement to the server.xml file:
      <include location=outputFilePath />
    3. Update the server.xml file.
      • Copy and paste output.
        If the command wrote output to a console screen:
        1. Copy output from the collective command and paste it into the server.xml file.
        2. Add a user registry and an administrative user (for the join operation).
        In $WLP_INSTALL_DIR/usr/servers/myController/server.xml for example:
        <server description="controller server">
        
            <!-- Enable features -->
        
            <featureManager>
                <feature>jsp-2.2</feature>
            </featureManager>
        
            <httpEndpoint id="defaultHttpEndpoint"
                          host="*"
                          httpPort="9080"
                          httpsPort="9443" />
        
            <featureManager>
                <feature>collectiveController-1.0</feature>
            </featureManager>
        
            <!-- Define the host name for use by the collective. 
            If the host name needs to be changed, the server should be
            removed from the collective and re-joined or re-replicated. -->
        
            <variable name="defaultHostName" value="controllerHostname" />
        
            <!-- TODO: Set the security configuration for Administrative access -->
        
            <quickStartSecurity userName="adminUser" userPassword="adminPassword" />
        
            <!-- clientAuthenticationSupported set to enable bidirectional trust -->
        
            <ssl id="defaultSSLConfig"
                 keyStoreRef="defaultKeyStore"
                 trustStoreRef="defaultTrustStore"
                 clientAuthenticationSupported="true" />
        
            <!-- inbound (HTTPS) keystore -->
        
            <keyStore id="defaultKeyStore" password="yourPassword"
                      location="${server.config.dir}/resources/security/key.jks" />
        
            <!-- inbound (HTTPS) truststore -->
        
            <keyStore id="defaultTrustStore" password="yourPassword"
                      location="${server.config.dir}/resources/security/trust.jks" />
        
            <!-- server identity keystore -->
        
            <keyStore id="serverIdentity" password="yourPassword"
                      location="${server.config.dir}/resources/collective/serverIdentity.jks" />
        
            <!-- collective trust keystore -->
        
            <keyStore id="collectiveTrust" password="yourPassword"
                      location="${server.config.dir}/resources/collective/collectiveTrust.jks" />
        
            <!-- collective root signers keystore -->
        
            <keyStore id="collectiveRootKeys" password="yourPassword"
                      location="${server.config.dir}/resources/collective/rootKeys.jks" />
        </server>
      • Fix Pack 8552 Add an include statement.
        If you wrote the output to a file using the --createConfigFile=outputFilePath parameter, add an include statement to $WLP_INSTALL_DIR/usr/servers/myController/server.xml to include the outputted file in the collective configuration; for example:
        <server description="controller server">
        
            <!-- Enable features -->
        
            <featureManager>
                <feature>jsp-2.2</feature>
            </featureManager>
        
            <httpEndpoint id="defaultHttpEndpoint"
                          host="*"
                          httpPort="9080"
                          httpsPort="9443" />
        
            <include location="c:/wlp/usr/servers/myServer/collective-create-include.xml" />
        
        </server>
    4. Start the server.
      wlp/bin/server start myController
      Figure 1. Collective of one
      Collective of one
  2. Create and configure a member.

    The controller and members can be on separate hosts. In this example, the controller and member are on the same host.

    1. Create a member server.
      wlp/bin/server create myMember
    2. Join the member.

      The join operation requires a network connection to the collective controller and an administrative user ID and password for performing MBean operations on the controller.

      wlp/bin/collective join myMember --host=controllerHostname --port=9443 --user=adminUser --password=adminPassword --keystorePassword=memberKSPassword
      Fix Pack 8552 To write the output of this collective command to a file, instead of to a console screen, specify an optional --createConfigFile=outputFilePath parameter. Then, include the outputted file in the collective configuration by adding an include statement to the server.xml file:
      <include location=outputFilePath />

      The --keystorePassword value can be different for each server that is joined to the collective.

      Refer to Overriding Liberty server host information for the information that you must provide so that the collective controller can establish a connection to the server.

    3. Update the server.xml file.
      • Copy and paste output.
        If the command wrote output to a console screen:
        1. Copy output from the collective command and paste it into the server.xml file.
        2. Modify the ports so that the server can open its HTTP ports.
        In $WLP_INSTALL_DIR/usr/servers/myMember/server.xml for example:
        <server description="member server">
        
            <!-- Enable features -->
        
            <featureManager>
                <feature>jsp-2.2</feature>
            </featureManager>
        
            <httpEndpoint id="defaultHttpEndpoint"
                          host="*"
                          httpPort="9081"
                          httpsPort="9444" />
        
            <featureManager>
                <feature>collectiveMember-1.0</feature>
            </featureManager>
        
            <!-- Define the host name for use by the collective.
            If the host name needs to be changed, the server should be
            removed from the collective and re-joined or re-replicated. -->
        
            <variable name="defaultHostName" value="memberHostname" />
        
            <!-- Connection to the collective controller -->
        
            <collectiveMember controllerHost="localhost"
                              controllerPort="9443" />
        
            <!-- clientAuthenticationSupported set to enable bidirectional trust -->
        
            <ssl id="defaultSSLConfig"
                 keyStoreRef="defaultKeyStore"
                 trustStoreRef="defaultTrustStore"
                 clientAuthenticationSupported="true" />
        
            <!-- inbound (HTTPS) keystore -->
        
            <keyStore id="defaultKeyStore" password="yourPassword"
                      location="${server.config.dir}/resources/security/key.jks" />
        
            <!-- inbound (HTTPS) truststore -->
        
            <keyStore id="defaultTrustStore" password="yourPassword"
                      location="${server.config.dir}/resources/security/trust.jks" />
        
            <!-- server identity keystore -->
        
            <keyStore id="serverIdentity" password="yourPassword"
                      location="${server.config.dir}/resources/collective/serverIdentity.jks" />
        
            <!-- collective truststore -->
        
            <keyStore id="collectiveTrust" password="yourPassword"
                      location="${server.config.dir}/resources/collective/collectiveTrust.jks" />
        </server>
      • Fix Pack 8552 Add an include statement.

        If you wrote the output to a file using the --createConfigFile=outputFilePath parameter, add an include statement to $WLP_INSTALL_DIR/usr/servers/myController/server.xml to include the outputted file; for example:

        <server description="controller server">
        
            <!-- Enable features -->
        
            <featureManager>
                <feature>jsp-2.2</feature>
            </featureManager>
        
            <httpEndpoint id="defaultHttpEndpoint"
                          host="*"
                          httpPort="9080"
                          httpsPort="9443" />
        
            <include location="c:/wlp/usr/servers/myServer/collective-join-include.xml" />
        
        </server>
    4. Start the member.
      wlp/bin/server start myMember
      Figure 2. Simple collective
      Simple collective

Results

The member publishes to the controller. The entry posted to the messages.log file resembles:
[1/31/13 11:17:47:699 CST] 0000002e nt.repository.member.internal.publisher.ServerPathsPublisher I CWWKX8114I: 
The server's paths have been successfully published to the management repository. 
[1/31/13 11:17:47:711 CST] 0000002f nt.repository.member.internal.publisher.ServerStatePublisher I CWWKX8116I: 
The server STARTED state has been successfully published to the management repository.
[1/31/13 11:17:47:737 CST] 00000028 pository.member.internal.publisher.ServerManagementPublisher I CWWKX8112I: 
The server's host information has been successfully published to the management repository.

Icon that indicates the type of topic Task topic

Terms and conditions for information centers | Feedback


Timestamp icon Last updated: Monday, 21 April 2014
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=phil&product=was-express-iseries&topic=tagt_wlp_configure_collective
File name: tagt_wlp_configure_collective.html