View
150
Download
2
Category
Preview:
Citation preview
Connecting to multiple UltraESB servers or nodes
for monitoring with UConsole
Overview
1. Starting Uconsole for monitoring
2. Connecting to local instances
3. UltraESB configuration for remote JMX monitoring
4. Connecting to UltraESB instances via remote JMX
5. Management Console Authentication
6. UConsole Settings
a. Servers
b. Users
c. Roles
d. Access Rules
7. Switching between Servers
1.Starting Uconsole for monitoring
Navigate to the management distribution bin directory of the selected UltraESB node and run UConsole. (Make sure you have the execution permission to the uconsole.sh file)
$ cd <path_to_ultraesb>/bin$ ./uconsole.sh
After successfully running, you can access the UConsole management console at https://localhost:8043/uconsole.
You can change the UConsole access properties (e.g. port & host) in UConsole server configuration file ULTRA_HOME/uconsole/conf/jetty.xml.
<Property name="uconsole.port" default="8043"/><Property name="uconsole.host" default="localhost"/>
For SSL configuration, you can edit the properties in file jetty.xml in management distribution uconsole conf directory.
UConsole management console start up view
2. Connecting to local instances
When one or more UltraESB instances are running locally, UConsole can easily connect to locally running UltraESB instances with ‘Local instance’ option.
Local instance option exposes all the available UltraESB instances by their node names. ( Node name of an instance is defined in ULTRA_HOME/conf/ultra-root.xml file under cluster-manager bean as shown below).<bean id="cluster-manager" … <property name="nodeName" value="node1"/>
3. Configuring UltraESB for remote monitoring
Enable JMXUncomment ‘serverConnector’ and ‘registry’ beans ULTRA_HOME/conf/ultra-root.xml
file.
Change the value of the service URL property as necessary (use unique values for JMX port and JNDI port in different UltraESB nodes) in the bean serverConnector.<bean id="serverConnector" … > <property name="serviceUrl" value="service:jmx:rmi://localhost:9994/jndi/rmi://localhost:1099/ultra"/>
Change the value of the port property as necessary (use the same JNDI port) in the bean registry.<bean id="registry" … > <property name="port" value="1099"/>
Make sure configuring ports are opened through the firewall.
User Authentication
UltraESB jmx access authentication and authorization can be done in two ways- Plain text password file based access control- JAAS (e.g. LDAP or ActiveDirectory) based access control
Plain text password file based access control Configure the access.file and the password.file paths as environment properties by
defining under ‘serverConnector’ bean , ‘environment’ property as shown below.<bean id="serverConnector" … > <property name="environment"> … <map> … <entry key="jmx.remote.x.access.file" value="conf/management/jmxremote.access"/> <entry key="jmx.remote.x.password.file" value="conf/management/jmxremote.password"/>
Add the user permissions and username - passwords of users in the above defined files as below
jmxremote.accessadmin readwrite (user admin has read & write permissions for the node)user readonly (user user has read only permissions for the node)
jmxremote.passwordadmin admin (user admin has the password admin for the node)
JAAS (e.g. LDAP or ActiveDirectory) based authentication
To enable LDAP authentication for the ultraesb node, add the environment property ‘ jmx.remote.x.login.config’ by uncommenting the following in ultra-root.xml file.<bean id="serverConnector" … > <property name="environment"> … <map> … <entry key="jmx.remote.x.login.config" value="LdapConfig"/>
Configure the ULTRA_HOME/conf/ldap.conf file to configure the ldap server properties.
If you are using JAAS authentication, make sure you uncomment and edit the following lines of ULTRA_HOME/conf/wrapper.conf as necessary.#wrapper.java.additional.<N>=-Djava.rmi.server.hostname=<your-ip-address>#wrapper.java.additional.<N>=-Djava.security.auth.login.config=conf/ldap.conf
4. Connecting to UltraESB instances via remote JMX from UConsole web-UI
You can connect to an instance using …
JMX service URL - configured under ‘serviceUrl’ property in ultra-root.xml
JMX username, and JMX password - password files based or LDAP server based
5. Management Console AuthenticationUConsole management console authentication configuration is in the file ULTRA_HOME/uconsole/WEB-INF/classes/shiro-users.properties
- Password file based
user.chamath = pass, admin, user (This interprets as user 'chamath' with password 'pass' and roles 'admin' and 'user')role.admin = * (role 'admin' has all permissions)
role.user = user:read (role 'user' is only allowed to 'read' anything with user:)
- LDAP server based
- uncommenting and configuring the relevant fields after following line in the ULTRA_HOME/uconsole/WEB-INF/classes/shiro.ini file
;---- for LDAP / Active Directory ----
5. UConsole settingsAfter logging in to UConsole management console, you can change the monitoring
server in Settings on the top menu bar
Using the Console Settings window, you can edit Servers, Users, Roles, Access Rules
Servers For easy usage later on, you can define a new instance with the JMX parameters
Adding predefined servers from the configuration file
Define nodes in ULTRA_HOME/uconsole/WEB-INF/classes/uconsole.properties file by adding JMX service URL, JMX username, JMX password of each UltraESB nodes as shown belowultra.jmx.url.node1=service:jmx:rmi://localhost:9995/jndi/rmi://localhost:1199/ultraultra.jmx.username.node1=adminultra.jmx.password.node1=admin
Next time you open the UConsole management console in the browser, you'll see the defined instances on login page and in the defined servers page
Users ● You can define management users and their roles for UConsole management
console in the Users tab in Console Settings
● User parameters can also be changed in the configuration file ULTRA_HOME/uconsole/WEB-INF/classes/shiro-users.properties as mentioned earlier
Roles You can define management roles for the users for UConsole management console in
the Roles tab in Console Settings
Role parameters can also be changed in the configuration file ULTRA_HOME/uconsole/WEB-INF/classes/shiro-users.properties as mentioned earlier
Access RulesYou can define management users with their roles for UConsole management console
in the Users tab in Console Settings
Access control rules can also be changed in the configuration file ULTRA_HOME/uconsole/WEB-INF/classes/shiro.inie.g. Access Control entry with Access URL /services/instances/** and Access Rule roles[admin] can be defined in the configuration file as follows
/services/instances/** = roles[admin]
5. Switch between multiple ultraesb servers
UConsole management console provides the facility to switch between UltraESB instances with the Switch Server link on the top menu
Here, you can switch to local instances, defined instances, an instance using Remote JMX URL, username, password
Switch between servers in the same clusterWhen the clustering is enabled for ESBs, users can switch between any other
available UltraESB instances in the same cluster by selecting nodes under ‘Detected Cluster Nodes‘
Thank you
Recommended