Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment > Authenticate users > Select an authentication mechanism > Configure LTPA and working with keys > 2. Generate keys manually or automatically, and control the number of active keys. > Work with nodes - groups of managed servers
Manage nodes
- Overview
- Add a node
- Select the discovery protocol
- Define a custom property for a node
- Synchronize the node configuration
- Stop servers on a node
- Recover an existing managed node of a dmgr cell
- Remove a node
- View node capabilities
Overview
Restriction: The addNode function in the admin console might fail on non-English, single-byte Windows operating systems when there are non-ASCII characters in the profile name, cell name, or node name. This problem is caused by a code page issue on Windows operating systems.
To work around this problem, run addNode.sh from the command line rather than from the admin console on non-English, single-byte Windows operating systems if there are non-ASCII characters in the profile name, cell name, or node name.
Add a node
- Go to the Nodes page and click Add Node.
- On the Add Node page, choose whether to add a managed or unmanaged node, and click Next.
- For a managed node, complete the following actions.
- Verify that an application server is running on the remote host for the node that you are adding.
- Specify a host name, connector type, and port for the application server at the node you are adding. Perform one of the following sets of actions listed in the table:
If dmgr is on And node is on Complete Distributed platform
IBM i platformDistributed platform
IBM i platformOptionally specify a node group and a core group. Click OK. Distributed platform
IBM i platformz/OS system Specify a node group that contains nodes from the same sysplex as the node you are now adding. If no such node group exists, create a node group and then specify that node group. Optionally specify a core group. Click OK. z/OS system Distributed platform
IBM i platformSpecify a node group that contains distributed nodes. If no such node group exists, create a node group and then specify that node group. Optionally specify a core group. Click OK. For the node group option to display, a group other than the default node group must first be created. Likewise, for the core group option to display, a group other than the default core group must first be created.
We can add a node, select the discovery protocol for a node, define a custom property for a node, stop servers on a node, and remove a node.
A node is a grouping of managed or unmanaged servers. You can add both managed and unmanaged nodes to the WAS topology. If you add a new node for an existing WAS to the network deployment cell, you add a managed node. If you create a new node in the topology for managing web servers or servers other than WASs, you add an unmanaged node.
We can recover an existing managed node of a dmgr cell. One of the options to add a managed node enables you to quickly recover a damaged node. The option is similar to the -asExistingNode parameter of addNode.sh.
To view information about nodes and managed nodes, use the Nodes page.
System administration | Nodes
We can manage nodes on an application server through wsadmin.sh, through the Java APIs, or through the admin console.
To manage nodes on an application server through the admin console.
- For managed nodes, another administrative console page is displayed on a Windows operating system. Specify on the page whether to register the node agent to run as a Windows service.
If security is enabled, you can optionally enter the local operating system user name and password under which you will run the service. If you do not specify a user name and password, the service runs under the local system identity. When you run remove the node, the node agent is de-registered as a Window service.
- For an unmanaged node, on the Nodes > New page, specify a node name, a host name, and a platform for the new node. Click OK.
The node is added to the WAS environment and the name of the node is displayed in the collection on the Nodes page.
Both IPv4 and IPv6 are now supported by WAS, but restrictions do apply when using both IPv4 and IPv6 in the same cell. When you add a node to a cell, the format in which you specify the name is based on the version of IP that the node is using. For details, see IP version considerations for cells. On completing this step, you will have added one or more nodes.
When nodes are added while LDAP security is enabled, the following exception is generated in the dmgr log under certain circumstances. If this happens, restart the dmgr to resolve the problem.
0000004d ORBRas E com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl createSSLSocket ProcessDiscovery : 0 JSSL0080E: javax.net.ssl.SSLHandshakeException - The client and server could not negotiate the desired level of security. Reason?com.ibm.jsse2.util.h: No trusted certificate found
Select the discovery protocol
If the discovery protocol that a node uses is not appropriate for the node, select the appropriate protocol.
- On the Nodes page, click the node to access the node setting page.
- Select a value for Discovery protocol.
- Click OK.
User Datagram Protocol (UDP) is faster than Transmission Control Protocol (TCP). However, TCP is more reliable than UDP because UDP does not guarantee the delivery of datagrams to the destination. The default of TCP is the recommended value.
For a node agent or dmgr, use TCP or UDP.
A managed process uses multicast as its discovery protocol. The discovery protocol is fixed for a managed process. The main benefit of using multicast on managed processes is efficiency for the node agent. Suppose we have forty servers in a node. A node agent that uses multicast sends one broadcast to all forty servers. If a node agent did not use multicast, it would send discovery queries to all managed processes one at a time, totaling forty sends. Additional benefits of using multicast are that you do not have to configure the discovery port for each server or prevent port conflicts because all servers in one node listen to one port instead of to one port for each server.
On the Windows operating system, multicast requires a router. If you run the product on a Windows operating system, but the machine the Application Server is on is not connected to the network, the multicast address is not shared with the application servers.
Define a custom property for a node
Nodes page | node | node settings page | Custom Properties | Property collection | New
Synchronize the node configuration
After you add a managed node or change a managed node configuration, synchronize the node configuration. On the Node agents page, ensure that the node agent for the node is running. Then, on the Nodes page, select the check box beside the node whose configuration files to synchronize and click Synchronize or Full Resynchronize.
Clicking either option sends a request to the node agent for that node to perform a configuration synchronization immediately, instead of waiting for the periodic synchronization to occur. This action is important if automatic configuration synchronization is disabled, or if the synchronization interval is set to a long time, and a configuration change is made to the cell repository that needs to replicate to that node. Settings for automatic synchronization are on the File synchronization service page.
Synchronize requests that a node synchronization operation be performed using the normal synchronization optimization algorithm. This operation is fast, but might not fix problems from manual file edits that occur on the node. It is still possible for the node and cell configuration to be out of synchronization after this operation is performed.
Full Resynchronize clears all synchronization optimization settings and performs configuration synchronization anew, so there is no mismatch between node and cell configuration after this operation is performed. This operation can take longer than the Synchronize operation.
Unmanaged nodes cannot be synchronized.
Stop servers on a node
On the Nodes page, select the check box beside the managed node whose servers that you want to stop running, and click Stop.
Recover an existing managed node of a dmgr cell
We can recover an existing damaged node using one of the options to add a managed node. The node must be at the dmgr level.
- Ensure that the existing damaged node is not running.
Stop the node agent and any application servers residing on the node.
- Create a profile to replace the damaged node and give it the same profile and node names.
For example, suppose the node1 node that has the profile name AppSrv01 stops functioning. To replace it with a new node, create an application server profile named AppSrv01 for node node1.
- Start the new node, or application server, that you want to use to replace the damaged node.
- Use the Recover managed node page to replace the damaged node in the cell with the new node.
- In the dmgr admin console, click...
System administration | Nodes | Add Node | Recover an existing node | Next
- For Host, specify the host name or IP address of the node to add to the cell. The host value can be an IP address, a DNS name that resolves to an IP address, or the word localhost if the application server is running on the same machine as the dmgr.
- For JMX connector type, select the type of JMX connectors that communicate with the product when you run a script.
- For JMX connector port, specify the port number of the JMX connector of the new node.
We can find the port number in the console of the new application server node. Click...
Servers | Server Types | WebSphere application servers | server_name
| Ports
For example, for a SOAP connector port type, specify the SOAP_CONNECTOR_ADDRESS value for the JMX connector port number.
Also, you can find the port number in...
WAS_HOME/profiles/new_profile_name/config/cells/cell_name/nodes/node_name/serverindex.xml
For example, for a SOAP connector port type, specify the port value that is associated with...
endPointName="SOAP_CONNECTOR_ADDRESS"
- Specify values for the remaining fields as needed and click OK.
Instead of using the Recover managed node console page to recover a node, you can run...
cd $BAD_PROFILE/bin
./addNode.sh -asExistingNodeThe name of the new node must match the name of the node where you run addNode with the -asExistingNode option.
You can also use the -asExistingNode option of addNode.sh to...
- Move a node to a product installation on a different computer but at the same path
- Move a node to a product installation on a different operating system or with a different path
- Create new cells from a template cell
Remove a node
On the Nodes page, select the check box beside the node to delete and click Remove Node. If you cannot remove the node by clicking Remove Node, remove the node from the configuration by clicking Force Delete.
View node capabilities
Review the node capabilities, such as the product version through the admin console. You can also query them through the Application Server API or wsadmin.sh.
The product versions for WAS are as follows: The base edition of WAS is listed in the version column as Base. The express edition of WAS is listed in the version column as Express. The WAS ND is listed in the version column as ND.
Related
Node collection
Add managed node settings
Node installation properties
Managed and unmanaged nodes
Node groups
Managed object metadata
Recover or move nodes with the addNode -asExistingNode command
Get started with wsadmin scripting
Core group servers collection
Recover managed node settings
Custom property settings