Configure a web server and an application server on separate machines (remote)

Overview

WebSphere Application Server provides web server binary plug-ins for web servers such as...

The purpose of the binary plug-in is to provide the communication protocol between the web server and the application server.

  1. Create a new profile.
  2. Install a new web server for the new profile.
  3. Install the Web Server Plug-ins.
  4. Use the Plug-ins Configuration (PCT) tool to configure the web server with application servers.

If the web server is not already installed, we can still install the Web Server Plug-ins for future use.

Installing the Web Server Plug-ins installs the plug-in module. The PCT...

  1. Configures the web server for communicating with the application server
  2. Creates a web server configuration definition in the application server

We can use the PCT GUI tool or the pct command-line tool. This document describes using the GUI.

This procedure configures the default application server profile. A one-to-one relationship exists between a web server and the application server.

If we are planning to federate an application server node into a deployment manager cell, before configuring the plug-in, federate the node. We cannot federate an application server with a web server definition into a deployment manager cell.

The following topology is considered a remote topology because the web server is on a separate machine.

This article describes the installation of a web server on one machine and the application server on a separate machine. In this situation, the PCT on one machine cannot create the web server definition in the application server configuration on the other machine.

In such a case, the PCT creates a script on the web server machine that we can copy to the application server machine. Run the script on the application server machine to create the web server configuration definition within the application server configuration.

When multiple profiles exist, we can select the profile configured by Web Server Plug-ins Configuration Tool (PCT).


Install the plug-in and configure both the web server and the application server

  1. Install Installation Manager on Machine A and Machine B.

  2. Use Installation Manager to install WebSphere Application Server Network Deployment on Machine A.

  3. Create a standalone application server on Machine A.

  4. Optional: Create a new host alias for the default virtual host.

    If we configured the web server to use a port other than port 80, then add a new host alias for that port for the default host. For example, when running as nonroot, IBM HTTP Server is configured with a default port value of 8080.

  5. Use Installation Manager to install the following on Machine B.

    • Web Server Plug-ins for WebSphere Application Server
    • Websphere Customization Toolbox

  6. Use Installation Manager to install the IBM HTTP Server on Machine B, or install another supported web server on Machine B.

  7. Open the WebSphere Customization Toolbox, and launch the PCT on the machine with the web server.

  8. Select a web server plug-in runtime location.

    If the location of a previously installed web server to use is not in the list, perform the following actions to add the location to the working set:

    1. Click Add.

    2. Enter a name for the web server plug-in location.

    3. Perform one of the following actions:

      • Enter the location.
      • Click Browse, find the location, and click OK.

  9. Click Create.

  10. Select the type of web server that you are configuring, and click Next.

  11. Select the architecture of the installed target web server (64 bit or 32 bit) and click Next if you are asked.

  12. Click Browse to select the configuration file or files for the web server, verify that the web server port is correct, and then click Next when we are finished.

    Select the file and not just the directory of the file. Some web servers have two configuration files and require you to browse for each file.

    The following list shows configuration files for supported web servers:

    Apache HTTP Server

    apache_root/config/httpd.conf

    Domino Web Server

    names.nsf and Notes.jar

    The wizard prompts for the notes.jar file. The actual name is Notes.jar.

    The PCT verifies that the files exist but the tool does not validate either file.

    IBM HTTP Server

    IHS_root/conf/httpd.conf

    (iseries) IHS_profile_root/conf/httpd.conf

    Microsoft Internet Information Services (IIS)

    The PCT can determine the correct files to edit.

    Sun Java System Web Server (formerly Sun ONE Web Server and iPlanet Web Server) Version 6.0 and later

    obj.conf and magnus.conf

  13. If we are configuring an IBM HTTP web server plug-in, perform the following actions.

    1. Optionally, set up the administration server configuration to administer the web server. : When using the PCT to configure the IBM HTTP Server Administration Server, the Websphere Customization Toolbox must be run as a "local" account with administrator/root privileges.

      1. Select Setup IBM HTTP Server Administration Server.

      2. Specify a port number on which the IBM HTTP administration server will communicate.

      3. Optionally, select Create a user ID for IBM Server Administration Server authentication and enter a user ID and password to authenticate to the IBM HTTP Server administrative server from the console.

    2. Click Next.

    3. Specify the system user ID and group to have write permission to IBM HTTP Server, the IBM HTTP Server administrative server, and the web server plug-in configuration files.

      Select Create a new unique system user ID and group using the credentials if necessary.

      Restriction: The configuration might fail if specified a new user ID or group name that exceeds the platform limit, which is commonly 8 characters and is sometimes configurable.

    4. Optionally, set up the IBM HTTP Server Administration Server to run as a Window service.

      1. Select Run IBM HTTP Server Administration Server as a Windows Service.

      2. Perform one of the following actions:

        • Select Log on as a local system account.

        • Select Log on as a specified user account, and enter the user ID and password for that account.

          The user ID requires the following advanced user rights:

          • Act as part of the operating system

          • Log on as a service

      3. Choose whether the startup type will be automatic or manual.

    5. Click Next.

  14. Specify a unique name for the web server definition, and click Next.

  15. Select the configuration scenario.

    1. Choose the remote scenario.

    2. Identify the host name or IP address of Machine A, which is the application server machine.

    3. Click Next.

  16. Select the profile to configure with the current web server plug-in, and click Next.

    This panel does not display if you selected the remote scenario in the previous step.

  17. Examine the summary panel, and click Configure to begin configuring.

    The panel notifies you that you have manual steps to perform to complete the installation and configuration.

    The PCT creates the configureweb_server_name script in the plugins_root/bin/ directory on Machine B (the machine with the web server).

    The PCT also creates the plugin-cfg.xml file in the plugins_root/config/web_server_name directory.

    The web server reads the plugin-cfg.xml file to determine the applications that the application server on Machine A can serve to the web server on Machine B. Whenever the configuration changes, the application server regenerates the file. When regeneration occurs, propagate, or copy the actual plugin-cfg.xml file from the application server machine to the web server machine. We can automatically propagate the file to the IBM HTTP Server product.

  18. Verify the success of the installation on the summary panel, and click Finish.

    If a problem occurs and the installation is unsuccessful, examine the logs in the plugins_root/logs directory. Correct any problems and re-configure.

  19. Copy the configureweb_server_name script from Machine B (the machine with the web server) to the app_server_root /bin directory on Machine A (the application server machine).

    web_server_name is the nickname of the web server that specified. web_server_name is not a vendor name, such as IIS or Apache.

    On an operating system such as AIX or Linux, the file is configureweb_server_name.sh. On a Windows system, the file is configureweb_server_name.bat. For example, on a Linux system with an IBM HTTP Server named web_server_1 in the default location, copy plugins_root/bin/configureweb_server_1.sh from Machine B (the machine with the web server) to the app_server_root/bin directory on Machine A (the application server machine).

    (iseries) For example, on an IBM i system with an IBM HTTP Server named web_server_1 in the default location, copy plugins_root/bin/configureweb_server_1 from Machine B (the machine with the web server) to the app_server_root/bin directory on Machine A (the application server machine).

    If one platform is a system such as AIX or Linux and the other is a Windows platform, copy the script from the crossPlatformScripts directory. For example:

    • plugins_root/bin/configureweb_server_name.sh

    • plugins_root/bin/crossPlatformScripts/windows/configureweb_server_name.bat

    • (iseries) plugins_root/bin/configureweb_server_name

  20. Compensate for file encoding differences to prevent script failure.

    The content of the configureweb_server_name.bat script or the configureweb_server_name.sh script can be corrupt if the default file encoding of the two machines differs. This scenario is possible when one machine is set up for a double-byte character set (DBCS) locale and the other machine is not.

    (iseries) The content of the configureweb_server_name script can be corrupt if the default file encoding of the two machines differs. This scenario is possible when one machine is set up for a double-byte character set (DBCS) locale and the other machine is not.

    Determine the file encoding and use one of the following procedures to circumvent the failure. To determine the default file encoding, run the appropriate command. (dist)

    • Run the locale charmap command on a system such as AIX or Linux.

    • Run the CHCP command on a Windows machine.

    Use the result of the command on each machine as the value for the web_server_machine_encoding variable and the application_server_machine_encoding variable in one of the following procedures.

    Procedures for compensating for encoding differences

    • Web server running on a system such as AIX or Linux

      Suppose that the web server is running on a Linux machine and the application server is running on a Windows machine. Before you FTP the web server definition configuration script to the Windows machine in binary mode, run the following command on the system to encode the file:

      iconv -f web_server_machine_encoding \
         -t application_server_machine_encoding \
         configureweb_server_name.bat 

      Important: The name of the web server (nick name) is used in the name of the script file. The name cannot contain characters from a double-byte character set (DBCS) if you intend to set up IBM HTTP Server for automatic propagation.

    • Web server running on a Windows system

      Suppose that the web server is running on a Windows machine and the application server is running on a machine with a system such as AIX or Linux. We must first download the iconv utility from a third party because the command is not included by default on Windows systems. Before you FTP the web server definition configuration script in binary mode to a system such as AIX or Linux, run the following command on the machine to encode the file:

      iconv -f web_server_machine_encoding \
         -t application_server_machine_encoding \
         configureweb_server_name.sh 
      For example, if the target machine is z/OS , you might use this command to convert the file from ASCII to EBCDIC, handling the end-of-line characters correctly:

        iconv -f ISO8859-1 -t IBM-1047 configureweb_server_name.sh > new_script_name.sh

    Omit the continuation characters (\) if you enter the command on one line.

    If the conversion mapping is not supported by the iconv command on the system, copy the contents of the web server configuration script to a clip board and paste it onto the machine where the application server is running.

    If we copy over a .sh file onto a UNIX-based operating system after remote configuration on a Windows operating system, perform chmod 755.

  21. Start the application server on Machine A.

    Use the startServer command, for example:

    • profile_root/bin/startServer.sh server1

    • profile_root\bin\startServer server1

    • (iseries) profile_root/bin/startServer server1

  22. Open a command window and change to the profile directory where the web server should be assigned. Run the script that you copied to Machine A (the application server machine). You need the following parameters:

    • Profile Name

    • Optional. Admin user ID

    • Optional. Admin user password

    For example, you could enter the following:

      configurewebserver1.sh AppSrv01 my_user_ID my_Password

    The web server will be configured via wsadmin.

    The contents of the configurewebserver1.sh script will be similar to this:

    wsadmin.bat -profileName AppSrv01 -user my_user_ID -password my_Password
       -f "%WAS_HOME%\bin\configureWebserverDefinition.jacl" webserver1 IHS..

  23. From the console of the deployment manager, click System administration > Save Changes to Master Repository > Synchronize changes with Nodes > Save.

  24. Domino Web Server only: Set the WAS_PLUGIN_CONFIG_FILE environment variable.

    On platforms such as AIX or Linux, sourcing a script to the parent shell allows child processes to inherit the exported variables. On Windows systems, run the script as you would run any other command. Sourcing is automatic on Windows systems.

    1. Open a command window.

    2. Change directories to the plug-ins installation root directory.

    3. Issue the appropriate command for the plugins_root/bin/setupPluginCfg.sh script:

      • . plugins_root/bin/setupPluginCfg.sh (Notice the space between the period and the installation root directory.)

      • source plugins_root/bin/setupPluginCfg.sh

    The script is also in the lotus_root/notesdata directory on operating systems such as AIX or Linux.

    Issue the appropriate command for the script before starting the Domino Web Server.

  25. Regenerate the plugin-cfg.xml file on Machine A (the application server machine) using the console. Click Servers > Server Types > Web servers. Select the web server, then click Generate Plug-in.

    During the installation of the plug-ins, the default plugin-cfg.xml file is installed on Machine B (the machine with the web server) in the plugins_root/config/web_server_name directory. The web server plug-in configuration service regenerates the plugin-cfg.xml file automatically. To use the current plugin-cfg.xml file from the application server, propagate the plugin-cfg.xml file as described in the next step.

    This step shows you how to regenerate the plugin-cfg.xml file. WebSphere Application Server products are configured to automatically regenerate the file each time a significant event occurs. Such events include installing applications on the application server and the web server, for example. Creating a new virtual host is another such event.

  26. Propagate the plugin-cfg.xml file from the application server to the web server using the console. Click Servers > Web server. Select the web server, then click Propagate Plug-in. Web servers other than IHS require manual propagation.

    The web server plug-in configuration service propagates the plugin-cfg.xml file automatically for IBM HTTP Server 8.5 only. For all other web servers, propagate the plug-in configuration file by manually copying the plugin-cfg.xml file from the profile_root/config/cells/cell_name/nodes/node/servers/web_server_name directory on Machine A (the application server machine) to the plugins_root/config/web_server_name directory on Machine B (the machine with the web server).

  27. Start the Snoop servlet to verify the ability of the web server to retrieve an application from the application server.

    Test the environment by starting the application server, the web server, and using the Snoop servlet with an IP address.

    1. Start the application server. In a Network Deployment environment, the Snoop servlet is available in the cell only if you included the DefaultApplication when adding the application server to the cell. The -includeapps option for the addNode command migrates the DefaultApplication to the cell. If the application is not present, skip this step.

      Change directories to the profile_root/bin directory and run the startServer command:

    2. Start the IBM HTTP Server or the web server that you are using.

      (iseries) Use either the 2001 page or use the STRTCPSVR SERVER(*HTTP) HTTPSVR(instance_name ) command to start the IBM HTTP Server.

      Use a command window to change the directory to the IBM HTTP Server installed image, or to the installed image of the web server. Issue the appropriate command to start the web server, such as these commands for IBM HTTP Server:

      To start the IBM HTTP Server from the command line:

      Access the apache and apachectl commands in the IBMHttpServer/bin directory.

      • ./apachectl start

      • apache

    3. Point the browser to http://localhost:9080/snoop to test the internal HTTP transport provided by the application server. Point the browser to http://Host_name_of_Web_server_machine/snoop to test the web server plug-in.

      The HTTP Transport port is 9080 by default and must be unique for every profile. The port is associated with a virtual host named default_host, which is configured to host the installed DefaultApplication. The Snoop servlet is part of the DefaultApplication. Change the port to match the actual HTTP Transport port.

    4. Verify that Snoop is running.

      Either Web address should display the Snoop Servlet - Request/Client Information page.

    5. Remote IBM HTTP Server only:

      Verify that the automatic propagation function can work on a remote IBM HTTP Server using the following steps. This procedure is not necessary for local web servers.

      1. Create a user=adminUser, password=adminPassword in the IHS_root /conf/admin.passwd file. For example: c:\ws\ihs85\bin\htpasswd -cb c:\ws\ihs85\conf\admin.passwd adminUser adminPassword

      2. Use the console of the deployment manager or the application server to enter the User ID and password information created for the administrative user of IBM HTTP Server. Go to Servers > Web server > web_server_definition > Remote Web server administration. Set the following values: admin Port=8008, User Id=adminUser, Password=adminPassword.

      3. Set the correct read/write permissions for the httpd.conf file and the plugin-cfg.xml file. See the IHS_root /logs/admin_ERROR. LOG file for more information.

      Automatic propagation of the plug-in configuration file requires the IBM HTTP administrative server to be up and running. If we are managing an IBM HTTP Server using the WAS console, the following error might display:

        "Could not connect to IHS Administration server error"

      Perform the following procedure to correct the error:

      1. Verify that the IBM HTTP Server administration server is running.

      2. Verify that the web server host name and the port defined in the WAS console matches the IBM HTTP Server administration host name and port.

      3. Verify that the fire wall is not preventing you from accessing the IBM HTTP Server administration server from the WAS console.

      4. Verify that the user ID and password specified in the WAS console under remote managed, is created in the admin.passwd file, using the htpasswd command.

      5. If we are trying to connect securely, verify that you export the IBM HTTP Server administration server keydb personal certificate into the WAS key database as a signer certificate. This key database is specified by the com.ibm.ssl.trustStore directive in the sas.client.props file in the profile where the console is running. This consideration is primarily for self-signed certificates.

      6. If we still have problems, check the IBM HTTP Server admin_ERROR. LOG file and the WAS logs (trace.log file) to determine the cause of the problem.


Results

This procedure results in the installation of the Web Server Plug-ins for WAS on a web server machine. The PCT also configures the web server to support an application server on a separate machine.

The installation of the Web Server Plug-ins results in the creation of the Plugins directory and several subdirectories. The following directories are among those created on a Linux system, for example:


What to do next

See Select a web server topology diagram and roadmap for an overview of the installation procedure.

See Web server configuration for more information about the files involved in configuring a web server.

See Plug-ins configuration for information about the location of the plug-in configuration file.

See Edit web server configuration files for information about how the PCT configures supported web servers.


Related tasks

  • Configure web server plug-ins

    Configure a web server plug-in using the pct tool