Platform-as-a-service environment considerations for setting up Liberty
Platform-as-a-service (PaaS) environments, such as IBM® Bluemix®, Pivotal Cloud Foundry, and OpenShift Enterprise, provide management and monitoring of application instances, but they also have some restrictions. Because of the inherent characteristics of PaaS environments, some Liberty features are redundant or behave differently, and they are therefore not supported.
Liberty server management restrictions
Features related to Liberty collectives do not apply to a PaaS environment because all Liberty server JVM instances are started, stopped, and managed by the PaaS infrastructure. The Liberty Admin Center feature is not designed to be used in a PaaS environment, where an application can be scaled to use multiple JVM instances without a collective controller. In this topology, a request to Admin Center could be directed to any of the running instances and have visibility only to the server on which the request runs.
- adminCenter-1.0
- clusterMember-1.0
- collectiveController-1.0
- collectiveMember-1.0
- dynamicRouting-1.0
- healthAnalyzer-1.0
- healthManager-1.0
- scalingController-1.0
- scalingMember-1.0
File system restrictions
Most PaaS environments do not provide a persistent local file system to their applications. For Liberty, this impacts both the applications and the components within the server that write data locally and expect it to persist across a server JVM restart.
The Liberty transaction manager writes log files to the local file system when multiple resource managers are involved in the transaction. If the logs are not available after a JVM failure and restart, then transactions cannot be automatically completed and must be manually resolved to unlock data and to make it consistent across resource managers. To avoid this scenario, the Liberty buildpack or cartridge prevents transaction log records from being written and raises an exception to the application to prevent the second resource from enlisting. As a result, although you can still use transactions with a single XA resource, a second transactional resource cannot be enlisted in a transaction. Additionally, Web Services Atomic Transactions cannot be used because they always write log records.
-Dcom.ibm.tx.jta.disable2PC=true
- wsAtomicTransaction-1.2
- Other features that use transactions, depending on the application behavior
Network restrictions
- appClientSupport-1.0
- appSecurityClient-1.0
- ejbRemote-3.2
In some situations, such as SSL termination at the router, Liberty relies on HTTP headers to describe aspects of the original client request. When you use SSL in a PaaS environment, the headers must be set by the PaaS router. On IBM Bluemix, these headers are already set, so you can use the ssl-1.0 feature and any features that depend on it without changes. To get the expected behavior in other PaaS environments, you might need to configure the router to set these headers as described in NGINX and WebSphere® Application Server.
- ssl-1.0
- Other features that depend on ssl-1.0, as listed in the Features that enable this feature section of Secure Socket Layer