WebSphere eXtreme Scale Administration Guide > Configure WebSphere eXtreme Scale > Properties file reference



Server properties file


The server properties file contains several properties that define different settings for the server, such as trace settings, logging, and security configuration. The server properties file is used by the catalog service and container servers.


Sample server properties file

You can use the sampleServer.properties file that is in the wxs_home/properties directory to create the properties file.


Specify a server properties file

You can specify the server properties file in one of the following ways. Specifying a setting by using one of the items later in the list overrides the previous setting. For example, if you specify a system property value for the server properties file, the properties in that file override the values in the objectGridServer.properties file that is in the classpath.

  1. As a well-named file in the classpath. If you put this well-named file in the current directory, the file is not found unless the current directory is in the classpath. The name that is used follows:

    objectGridServer.properties
    

  2. As a system property in either a stand-alone or WebSphere Application Server configuration that specifies a file in the system current directory. In WebSphere Application Server, put the file in the <was_root>/properties directory. The file cannot be in the classpath:

    -Dobjectgrid.server.props=file_name
    

  3. As a parameter when you run the startOgServer command. You can override these properties manually to specify a file in the system current directory:

    -serverProps file_name
    

  4. As a programmatic override using the ServerFactory.getServerProperties and ServerFactory.getCatalogServerProperties methods. The data in the object is populated with the data from the properties files.


Server properties

General properties

workingDirectory

Location to where the container server output is written. When this value is not specified, the output is written to a log directory within the current directory. This property applies to both the container server and the catalog service.

Default: no value

[v7 iFix 2+] minThreads

Minimum number of threads used by the internal thread pool in the run time for built-in evictors and DataGrid operations.

Default: 10

[v7 iFix 2+] maxThreads

Maximum number of threads used by the internal thread pool in the run time for built-in evictors and DataGrid operations.

Default: 50

traceSpec

Enables trace and the trace specification string for the container server. Trace is disabled by default. This property applies to both the container server and the catalog service.

Default: *=all=disabled

traceFile

File name to write trace information. This property applies to both the container server and the catalog service.

systemStreamToFileEnabled

Enables the container to write the SystemOut, SystemErr, and trace output to a file. If this property is set to false, output is not written to a file and is instead written to the console.

Default: true

enableMBeans

Enables ObjectGrid container Managed Beans (MBean). This property applies to both the container server and the catalog service.

Default: true

serverName

Sets the server name that is used to identify the server. This property applies to both the container server and the catalog service.

zoneName

Set the name of the zone to which the server belongs. This property applies to both the container server and the catalog service.

haManagerPort

Synonymous with peer port. Specifies the port number the high availability manager uses. If this property is not set, the catalog service generates an available port automatically. This property applies to both the container server and the catalog service.

listenerHost

Host name to which the ORB should bind. This property applies to both the container server and the catalog service.

listenerPort

Port number to which the ORB should bind. This property applies to both the container server and the catalog service.

JMXServicePort

Port number on which the MBean server should listen. This property applies to both the container server and the catalog service.

Container server properties

statsSpec

Stats specification for the container server.


Example:

all=disabled

memoryThresholdPercentage

Sets the memory threshold for memory-based eviction. The percentage specifies the maximum heap that should be used in the Java™ virtual machine (JVM) before eviction occurs. The default value is -1, which indicates that the memory threshold is not set. If the memoryThresholdPercentage property is set, the MemoryPoolMXBean value is set with the provided value. See MemoryPoolMXBean interface in the Java API specification for more information. However, eviction occurs only if eviction is enabled on an evictor. To enable memory based eviction, see Evictors. This property only applies to a container server.

catalogServiceEndPoints

End points to connect to the catalog service cluster. This value should be in the form host:port<,host:port> where the host value is the listenerHost value and the port value is the listenerPort value of the catalog server. This property only applies to a container server.

Catalog service properties

domainName

Domain name that is used to uniquely identify this catalog service grid to clients when routing to multiple domains. This property only applies to the catalog service.

enableQuorum

Enables quorum for the catalog service. Quorum is used to ensure that a majority of the catalog service grid is available before allowing modification to the placement of partitions on available container servers.

To enable quorum, set the value to true or enabled. The default value is disabled. This property only applies to the catalog service.

catalogClusterEndpoints

Specifies the catalog service grid end points for the catalog service. This property specifies the catalog service end points to start the catalog service grid. Use the following format:

serverName:hostName:clientPort:peerPort<serverName:hostName:clientPort:peerPort>

This property only applies to the catalog service.

heartBeatFrequencyLevel

Specifies how often heartbeats occur. The heartbeat frequency level is a trade-off between use of resources and failure discovery time. The more frequently heartbeats occur, more resources are used, but failures are discovered more quickly. This property applies only to the catalog service. Use one of the following values:

  • 0: Specifies a heartbeat level at a typical rate. With this value, failover detection occurs at a reasonable rate without overusing resources. (Default)

  • -1: Specifies an aggressive heartbeat level. With this value, failures are detected more quickly, but also uses additional processor and network resources. This level is more sensitive to missing heartbeats when the server is busy.

  • 1: Specifies a relaxed heartbeat level. With this value, a decreased heartbeat frequency increases the time to detect failures, but also decreases processor and network use.


Security server properties

The server properties file is also used to configure eXtreme Scale server security. You use a single server property file to specify both basic the properties and security properties.

General security properties

securityEnabled

Enables the container server security when set to true. The default value is false. This property should match the securityEnabled property that is specified in the objectGridSecurity.xml file that is provided to the catalog server.

credentialAuthentication

Indicates whether this server supports credential authentication. Chose one of the following values:

  • Never: The server does not support credential authentication.

  • Supported: The server supports the credential authentication if the client also supports credential authentication.

  • Required: The client requires credential authentication.

See Application client authentication for details about credential authentication.

Transport layer security settings

transportType

Server transport type. Use one of the following values:

  • TCP/IP: Indicates that the server only supports TCP/IP connections.

  • SSL-Supported: Indicates that the server supports both TCP/IP and Secure Sockets Layer (SSL) connections. (Default)

  • SSL-Required: Indicates that the server requires SSL connections.

SSL configuration properties

alias

Alias name in the key store. This property is used if the key store has multiple key pair certificates and to select one of the certificates.


Default: no value

contextProvider

Specifies the name of the context provider for the trust service. If you indicate a value that is not valid, a security exception results that indicates that the context provider type is incorrect.

Valid values: IBMJSSE2, IBMJSSE, IBMJSSEFIPS, and so on.

protocol

Indicates the type of security protocol to use for the client. Set this protocol value based on which Java Secure Socket Extension (JSSE) provider you use. If you indicate a value that is not valid, a security exception results that indicates that the protocol value is incorrect.

Valid values: SSL, SSLv2, SSLv3, TLS, TLSv1, and so on.

keyStoreType

Indicates the type of key store. If you indicate a value that is not valid, a runtime security exception results.

Valid values: JKS, JCEK, PKCS12, and so on.

trustStoreType

Indicates the type of trust store. If you indicate a value that is not valid, a runtime security exception results.

Valid values: JKS, JCEK, PKCS12, and so on.

keyStore

Fully qualified path to the key store file.


Example:

etc/test/security/client.private

trustStore

Fully qualified path to the trust store file.


Example:

etc/test/security/server.public

keyStorePassword

String password to the key store. You can encode this value or use the actual value.

trustStorePassword

String password to the trust store. You can encode this value or use the actual value.

clientAuthentication

If the property is set to true, the SSL client must be authenticated. Authenticating the SSL client is different from the client certificate authentication. Client certificate authentication means authenticating a client to a user registry based on the certificate chain. This property ensures that the server connects to the right client.

SecureTokenManager setting

The SecureTokenManager setting is used for protecting the secret string for server mutual authentications and for protecting the single sign-on token.Grid security

secureTokenManagerType

Type of SecureTokenManager setting. You can use one of the following settings:

  • none: Indicates that no secure token manager is used.

  • default: Indicates that the token manager that is supplied with the WebSphere eXtreme Scale product is used. You must provide a SecureToken key store configuration.

  • custom: Indicates that you have the own token manager that you specified with the SecureTokenManager implementation class.

customTokenManagerClass

Specifies the name of the SecureTokenManager implementation class, if you have specified the SecureTokenManagerType property value as custom. The implementation class must have a default constructor to be instantiated.

customSecureTokenManagerProps

Custom SecureTokenManager implementation class properties. This property is used only if the secureTokenManagerType value is custom. The value is set to the SecureTokenManager Object with the setProperties(String) method.

Secure token key store configuration

secureTokenKeyStore

File path name for the keystore that stores the public-private key pair and the secret key.

secureTokenKeyStoreType

Keystore type, for example, JCKES. You can set this value based on the Java Secure Socket Extension (JSSE) provider that you use. However, this keystore must support secret keys.

secureTokenKeyPairAlias

Alias of the public-private key pair that is used for signing and verifying.

secureTokenKeyPairPassword

Password to protect the key pair alias that is used for signing and verifying.

secureTokenSecretKeyAlias

Secret key alias that is used for ciphering.

secureTokenSecretKeyPassword

Password to protect the secret key.

secureTokenCipherAlgorithm

Algorithm that is used for providing a cipher. You can set this value based on the Java Secure Socket Extension (JSSE) provider that you use.

secureTokenSignAlgorithm

Algorithm that is used for signing the object. You can set this value based on the JSSE provider that you use.

Authentication string

authenticationSecret

Secret string to challenge the server. When a server starts, it must present this string to the president server or catalog server. If the secret string matches what is in the president server, this server is allowed to join in.



Parent topic

Properties file reference


Related concepts

Transport layer security and secure sockets layer


Related tasks

Start stand-alone WebSphere eXtreme Scale servers

Administer WebSphere eXtreme Scale with WebSphere Application Server

Related reference

Client properties file

Properties file reference


+

Search Tips   |   Advanced Search