|
aku1 发表于 2006-4-15 8:52:32 |
The Domino Internet Cluster Manager (ICM) is a major enhancement to clustering in Domino R5. This article provides an overview of Domino clustering and introduces the ICM and discusses its failover and load-balancing features, and how to configure it.
Error - The URL name cannot be found. Server unavailable.
How many times have you been on the Web, typed in a URL and seen a message similar to this one? You know the site exists, but the server is unavailable. Maybe you mistyped the URL, so you try again and the same message appears. Frustration starts to set in. Can you go somewhere else for the information? Maybe another company's Web site has the information and is available. You try their URL and up pops the information you need.
Do you really want your customers thinking those thoughts and experiencing these same frustrations with your Web sites?! High availability of your Web servers is important to customer service. Domino clustering provides you with the failover and load balancing capabilities that will make your Web sites highly available to your customers and remove your customer's frustrations.
This article focuses on one of the major enhancements to clustering in Domino R5 -- the Domino Internet Cluster Manager (ICM). It gives you a brief overview of Domino clustering capabilities, and then introduces you to the ICM, including details on its failover and load balancing features, and how to go about configuring the ICM.
Overview of Domino R5 clustering
Domino clustering provides high availability and scalability of your Notes and Domino solutions. Domino clustering has been available and in use by customers for several years. Lotus first released Domino clustering as a "Notes for Public Networks" offering for telecommunication and Internet service providers as a part of R4. These companies used clusters to provide 7x24 availability for Notes users -- if a server went down, users were redirected (failed over) to another available server hosting the same application.
Now, in Domino R5, Domino clustering ships with the Domino R5 Enterprise Server and includes the ICM, which extends the failover and load balancing capabilities to Web browsers (for example, Microsoft Internet Explorer and Netscape Navigator). As shown below, you can now cluster together multiple Domino servers, and provide failover and dynamic load balancing for both Notes and Web clients.
Figure 1. A Domino Cluster
Domino clustering provides "content-based routing" -- that is, Domino performs intelligent failover and load balancing based on the content requested by the user. To do this, Domino uses event-driven Cluster Replication to ensure that all replicas of databases are always kept in sync. Then, the Domino Cluster Manager maintains information on the replicas and on the server availability in order to route users to the best server. For more information on load balancing in Domino clusters, see the Iris Today article, "Workload Balancing with Domino Clusters." For an in-depth look at the different cluster components and how to configure them, see the articles, "Fine Points of Configuring a Cluster" and "Notes.net Exposed: Using Domino Clusters for your Web Site."
An introduction to the Internet Cluster Manager (ICM)
As we mentioned before, Domino clustering in R5 extends failover and load balancing capabilities to Web browser (HTTP and HTTPS) clients. It's the Internet Cluster Manager (ICM), a new Domino R5 server task, that's behind these new capabilities. The ICM serves as a liaison between the HTTP clients and the HTTP servers of a Domino cluster. The HTTP clients direct requests for a database to the ICM. The ICM maintains information on the availability of the Domino servers in the Domino cluster, and also maintains information about the distribution of databases on the servers. The ICM determines the best server to receive a particular client request and directs the request to that server.
The ICM can do the following:
- Monitor back-end Domino servers for availability
- Check the Domino HTTP Web service for availability
- Disallow any new connections to servers out of service
- Provide failover (direct clients) to the best available server
- Provide load balancing by setting availability thresholds for your Domino servers
- Support "virtual IP addresses" and map ports
- Provide content routing for your clients
Why use the ICM in addition to Domino clustering? There are two main reasons. Your organization might want to provide high availability to its customers using browsers to access Domino Web applications. Therefore, you would install the ICM to provide failover support for your Domino servers. Your organization might also want to provide scalability for its Domino Web applications. Therefore, you would install the ICM and utilize load balancing of browser clients accessing your Domino Web applications.
Things you need to know when planning for your ICM installation
The characteristics of the ICM are end-to-end security and authentication. If you choose to require a name and password, and/or a SSL connection on your servers, the ICM preserves SSL encryption and decryption. The ICM supports the current Domino security model used for Web access. The HTTP requests are sent with no user ID or password to the ICM. The ICM then redirects requests at the protocol level and sends the redirection response code and target server information directly back to the HTTP client. The HTTP client then issues a request to the specified target Domino server, and the local Domino security controls take effect. This may result in authentication dialogs between the HTTP client and the target Domino server.
If the user is successfully authenticated, the user ID and password will be supplied in the HTTP headers for all subsequent requests to that Domino server. The ICM is not involved in the user identification/authentication dialog.
The ICM uses SSL for transport-level security. You can configure the ICM to require it to use SSL sessions. The ICM may use the same certificates the browser and Domino HTTP server use, and it is designed not to introduce new administrator tasks for distribution and maintenance of these certificates, beyond what is required to allow a Web client to connect to a Domino HTTP server using SSL. The ICM is not a firewall and thus, if it is necessary to protect the ICM from unauthorized access, you may choose to additionally install a firewall.
The ICM does not require any additional hardware. You can install it on your Domino server and it runs on all OS and hardware platforms supported by the Domino server. The ICM supports client connections via TCP/IP only. You can use any supported Notes protocol between the ICM and the servers in a cluster.
The ICM is responsible for managing HTTP and HTTPS requests to the Domino server. It does not manage FTP, SMTP, or UDP. There are other load balancing hardware or software products that manage these protocols.
Failover and load balancing with the ICM from the browser perspective
The ICM provides simple, but strong affinity of the browser client with the server. Since the ICM uses redirection, the browser directly connects to the server that hosts the information requested. Since the ICM redirects the connection to the server, the client is directly connected to the server during the course of a user's session that involves information on that server. Multiple requests are made to that server, maintaining the client's state information.
The browser client may experience failover when the Domino server is unreachable due to hardware, software, or network failures. Failover can also occur when the Domino server is restricted or busy, or when the database (or replica) is unavailable because it is either marked "out of service" or "pending delete." When the browser client is redirected to a server and that server subsequently fails, the client will time out and generate a "server not responding" message to the user -- the actual text of the message depends on the client. The browser then returns to the ICM to be redirected to an available server. This can happen in a variety of ways, such as clicking on the "Back" button of the browser, or simply retyping the URL. The user may be required to authenticate with the new server. (If the user had previously authenticated to the new server during the browser session, perhaps to access another database, no re-authentication is needed.) If both the browser and server support SSL3, and the user selects this option, re-authentication occurs automatically.
URLs currently supported by the Domino HTTP server that are also supported and processed by the ICM include:
- Open servers, databases, and views
- Open forms, navigators, and agents
- Open, edit, and delete documents
- Open documents by name from a view
- Open image files, attachments, and OLE objects
- Create search queries
When an HTTP client makes a request to the ICM that is not targeted at a Domino database, the ICM selects an available server in the cluster that is running a Domino HTTP server and redirects the HTTP client to that server. Files not stored in a Domino database should replicate across all servers in the cluster.
Domino HTML generation now directs HTTP clients to the ICM for databases within a cluster, if that cluster is configured with ICM support. The ICM knows the location of the databases because the ICM has access to the Cluster Database Directory (CLDBDIR.NSF), which hosts information about all the databases in the cluster and all the servers on which they reside, including database availability indicators. Failover from a browser perspective can be seen below:
Figure 2. Cluster animation
Configuring the ICM
An ICM is dedicated to a single cluster. So, if you have two clusters, you must have separate ICMs for each cluster. The ICM needs to be in the same domain as the Domino cluster because the ICM always uses the local copy of the Domino Directory (previously known as the Public Address Book).
You can configure the ICM in several ways. First, you can have the Domino server running the ICM dedicated to that purpose and configured to run outside of the cluster. The server should not contain any databases other than those necessary for server operation, and should only run the basic set of server tasks. Configuring the ICM in this way makes it more reliable because there are fewer activities performed on the server that could interfere with performance and lead to server failure.
You can improve the availability of the ICM by configuring more than one ICM to handle user requests. Then, if one ICM becomes unavailable, the other remains available so that client requests are still handled. You can run multiple ICMs on a single physical machine by using Domino partitioned servers. In addition, you can run each ICM on its own Domino server on separate physical machines. Typically, you configure the ICMs with the same hostname in the Domain Name Server (DNS). This way, if one of the ICMs fails, the other ICM takes over without affecting users.
Note: You can use an OS cluster to provide failover support for the ICM running outside of the cluster.
The following graphics illustrate how you can run a single or multiple ICM(s) outside of the cluster:
Figure 2. Single ICM outside the cluster
Figure 3. Multiple ICMs outside the cluster
Of course, you can also configure the ICM to run on one or moreof the Dominoservers in the cluster. Be sure that the servers can handle the added traffic that the ICM generates. Again, the availability of the ICM improves by running more than one ICM for the cluster.The following graphic illustrates this:
Figure 4. Multiple ICMs inside the cluster
Configuration steps
You configure the ICM by making entries in the Internet Cluster Manager section of the Server document. You can also set up a separate IP address for the ICM. You can then start the ICM.
To configure the ICM:
- In the Domino Administrator, click the Configuration tab.
- Expand Server and click All Server Documents.
- Select the Server document for the server on which you want to run the ICM; then click Edit Server.
- Click the Server Tasks - Internet Cluster Manager tab.
Figure 5. Server Tasks/Internet Cluster Manager tab
- Complete the following fields:
- Cluster name - Name of the Domino cluster the ICM will service. (This is only necessary if the ICM is run on a server outside the cluster.)
- Get Configuration from - Lets you specify a different Server document to get ICM configuration information from. This is helpful if you want to set up multiple ICMs to share the same configuration. If you select to get the configuration from "another Server document," you can enter the name of the server in the "Obtain ICM configuration from" field that appears.
- ICM hostname - The fully qualified name of the host that clients should use to communicate with the ICM. This can be the registered DNS name or the IP address. (The Domino HTTP server uses this field to create URLs that reference the ICM. If this field is blank, the HTTP server will not be able to generate URLs that refer to the ICM.)
- TCP/IP port number - The port number for the ICM to use. (If you are running the ICM on the same server as the HTTP server, you must avoid address and port conflicts. If you do not give the ICM its own IP address, be sure the port number the ICM is using is different from any of the other port numbers you use on the server.)
- TCP/IP port status - To enable HTTP communication with the ICM, choose Enabled. To disable HTTP communication with the ICM, choose Disabled.
- SSL port number - Enter the port number to use for SSL. (If you are running the ICM on the same server as the HTTP server, and you do not give the ICM its own IP address, be sure the SSL port number is different from any of the other port numbers you use on the server.)
- SSL port status - To enable HTTPS communication with the ICM, choose Enabled. To disable HTTPS communication with the ICM, choose Disabled.
You should enter the ICM configuration information for all servers in the cluster, even for servers not running the ICM server task. This is necessary because the Domino HTTP server uses the ICM configuration from its own Server document to determine how to direct HTTP clients to the ICM when appropriate.
If the ICM runs on the same system as the Domino HTTP server, you can configure either the ICM or the HTTP task to run on separate ports or to run with different IP addresses in order to avoid conflicts. The recommended approach is to assign the ICM its own IP address (using the ICM hostname field described above). You can also share IP addresses and assign different ports to the ICM and Domino HTTP server.
To start the ICM, append the ICM keyword to the ServerTasks setting in the NOTES.INI file. For example,
ServerTasks=ROUTER,REPLICA,ADMINP,CLDBDIR,CLREPL,HTTP,ICM
The ICM can direct a client request to any server in a cluster, whether it is an R5 server or a server using a prior release of Domino. Only R5 servers can exploit the ICM by generating URLs that reference the ICM. When an R5 server receives a client request, the server generates URLs that include ICM references. As the user selects URLs that contain these references, the ICM is able to workload balance and failover the user to an appropriate server.
If the ICM redirects the client request to a server running a previous release of Domino, the URLs the server generates will not contain references to the ICM. As the client moves between Web pages, the client continues to access pages on that same server only. To take advantage of the ICM at that point, the user must overtly select a URL that contains a reference to the ICM.
For more information on configuring the ICM and obtaining ICM statistics, see the Administration Help.
Conclusion
Providing your customers with high availability to your Domino Web sites is critical for competitiveness in the Internet marketplace. Domino clustering with the Internet Cluster Manager provides your browser customers with content-based routing, failover, and load balancing on the best available Domino servers. This gives them the information they need to run their business.
For more information on clusters and the ICM, please see the following:
| 
