Disable file locking

If we use Network File System V3 (NFSv3) for storing transaction recovery logs, and you want to use automated peer recovery, first disable file locking.

If we choose to perform this task configure the system to prevent system overloading and network partitioning. These situations can lead to the initiation of a peer recovery process for an active server.

If we do not take this precautionary step, data corruption can occur.

The following list contains some actions that we can take to prevent system overloading and network partitioning:

• Modify the core group heartbeat settings to change the amount of time after which WAS considers a server failed.

  See High availability manager.

• Verify the network is safe from network partitioning by, for example, installing backup network adapters.

• Modify the workload management throttling so that the server cannot be overloaded.

WAS obtains an exclusive lock on the physical recovery log files whenever it is instructed to perform recovery processing, and releases this lock when it is instructed to pass ownership of the logs to another server. Access to a recovery log is performed only when the exclusive lock is held.

NFSv3 supports exclusive file locks, but holds them on behalf of a failed host until that host can restart. In this context, the host is the physical machine running the appserver that requests the lock and it is the restart of the host, not the appserver, that eventually triggers the locks to release. See How to choose between automated and manual transaction peer recovery for more information.

To provide a more appropriate failover behavior, we can either use manual failover, or we can disable the use of exclusive file locking.

 

1. In the admin console ...

   Servers > Server Types > WebSphere application servers > server_name > [Container Settings] Container Services > Transaction Service.

2. Clear the Enable file locking check box.

3. Click Apply or OK.

4. Save the change to the master configuration.

5. Repeat the previous steps for every server in the cluster.

6. Restart the servers in the cluster for the changes to take effect.

 

Results

Exclusive file locking is disabled for all the servers in the cluster.

 

Next steps

Having taken steps to mitigate the risk to recovery log integrity when locking is disabled, we can tune the heartbeating parameters of the WAS high availability (HA) framework to change the conditions under which a server is considered failed. By considering the characteristics of applications, network, and peak workloads, determine an acceptable period of time after which the likelihood of an incorrectly diagnosed server failure is acceptably small.

A trade-off exists between reducing the risk of an incorrect diagnosis of server failure and increasing the time for automated failover and peer recovery to occur. By default, a server is considered failed after 20 heartbeats, with a 10-second frequency, are missed. These defaults are custom properties of the core group that we can modify.

 

Related concepts

Transactional high availability
High availability manager

 

Related tasks

Set manual peer recovery for the transaction service
Set automated peer recovery for the transaction service

 

Related information

How to choose between automated and manual transaction peer recovery