Junction throttling concepts
Regular maintenance on equipment in a computer network environment is a crucial and necessary task. In a WebSEAL environment, data storage and application programs typically reside on junctioned back-end host machines protected by WebSEAL. High demand WebSEAL environments usually rely on server clusters made up of multiple machines hosting replicated content and applications.
A replica server environment allows us to take individual servers offline to perform regular maintenance. The network load is redistributed across the remaining replicas allowing the user experience to proceed without disruption.
Junction throttling allows us to gradually take a junctioned back-end Web server offline without interrupting the transactions of users with existing sessions. The throttling action on a junction is particularly useful for allowing stateful sessions, such as shopping cart transactions, to continue until completed.
Junction throttling accomplishes the following actions:
- The throttled server continues to process current and subsequent requests from users with sessions created before the throttle action was taken.
- The throttled server blocks all requests from unauthenticated users and new authenticated users and directs these requests to other available replica servers on the same junction.
- As the current users finish their sessions, the throttled server eventually becomes idle and can be taken offline.
- Junction throttling does not require us to stop WebSEAL and does not interrupt user access to other junctioned Web servers.
The pdadmin utility provides commands to place junctioned servers in one of three operational states:
- Throttle
- Offline
- Online
These operational states are different from the run states of a junctioned server: running, not running, unknown, not an http server. The server run states is reported in the "Server State" field of the pdadmin server task show and pdadmin server task virtualhost show commands.
The commands allow us to individually or collectively control the servers on a junction. Collective control might be required, for example, in the case of a security breach.
The junction throttling feature is supported on standard WebSEAL junctions and virtual host junctions. Junction throttling is not available for standard local junctions or virtual host local junctions.
Parent topic: Junction throttling