...
- Install two or more instances of the JOC Cockpit on separate servers.
- All JOC Cockpit servers must use the same reporting database.
Add the following two lines of configuration items to the
[main]section of the Shiro configuration for one of the instances:Code Block language xml sessionDAO = com.sos.auth.shiro.SOSDistributedSessionDAO securityManager.sessionManager.sessionDAO = $sessionDAO
This can be done most easily with a User Account that has the necessary permissions and using the Enable JOC Cluster button in the Manage Accounts / Main Section tab of the JOC Cockpit interface. See the Authentication and Authorization - Configuration article for more information about the Shiro configuration.
- Connect a load balancer to all JOC Cockpit instances.
...
Cluster Testing
You can test whether the cluster is configured working correctly with the following script:
This test is not related to use of a load balancer but checks if session handover works between two JOC Cockpit instances.
An example call for the script would be:
./joc_cockpit_cluster_check.sh -ischeduler_id -uhost1imy_server_4446 -uhttp://host1:4446 -rhost2:4448 -auser:pwd -t10 rhttp://host2:4446 -aroot:root -t10
Arguments
-i: JobScheduler ID for the respective environment
-u: URL of JOC Cockpit on host1
- -r: URL of JOC Cockpit on host2
- -a: Account and Password for login separated by a colon ":"
- -t: timeout
- Explanations
- The test script can be executed on any Unix host without pre-requisites (no JobScheduler installation required) as it makes use of the JOC Cockpit REST API.
- The test script performs a login with JOC Cockpit on
host1(-u) and the specified user account (-a) for the specified JobScheduler instance (-i) and then sends a subsequent request to JOC Cockpit onhost2(-r) and performs a logout operation with JOC Cockpit onhost2. If this works well, then the session handover between JOC Cockpit onhost1and JOC Cockpit onhost2is confirmed.
- Sample Output of the Test Script
Code Block language bash title Sample output collapse true ACCESS_TOKEN=e182f136-0e4f-4103-885d-7186380a6f4d ---------------- REST Web Service call for URL http://host1:4446 with access_token e182f136-0e4f-4103-885d-7186380a6f4d ---------------- HTTP/1.1 200 OK Content-Type: application/json Cache-Control: no-cache, no-store, no-transform, must-revalidate Content-Length: 348 Server: Jetty(9.3.11.v20160721) {"deliveryDate":"2018-03-26T08:24:55.292Z","jobscheduler":{"clusterType":{"_type":"PASSIVE","precedence":0},"host":"host1","jobschedulerId":"my_server_4446","port":40444,"startedAt":"2018-03-23T13:03:28Z","state":{"_text":"RUNNING","severity":0},"surveyDate":"2018-03-26T08:24:55.288Z","url":"http://host1:40444"}} ---------------- REST Web Service call for URL http://host2:4446 with e182f136-0e4f-4103-885d-7186380a6f4d ---------------- HTTP/1.1 200 OK Content-Type: application/json Cache-Control: no-cache, no-store, no-transform, must-revalidate Content-Length: 348 Server: Jetty(9.3.11.v20160721) {"deliveryDate":"2018-03-26T08:24:55.967Z","jobscheduler":{"clusterType":{"_type":"PASSIVE","precedence":0},"host":"host1","jobschedulerId":"my_server_4446","port":40444,"startedAt":"2018-03-23T13:03:28Z","state":{"_text":"RUNNING","severity":0},"surveyDate":"2018-03-26T08:24:55.959Z","url":"http://host1:40444"}} ---------------- Executing Logout ---------------- HTTP/1.1 200 OK Content-Type: application/json Cache-Control: no-cache, no-store, no-transform, must-revalidate Content-Length: 115 Server: Jetty(9.3.11.v20160721) {"enableTouch":true,"user":"root","accessToken":"","hasRole":false,"isAuthenticated":false,"isPermitted":false}
Checks
- Check the file
./logs/JOCAuditLog.logof JOC Cockpit onhost1for an entry like this: Code Block language bash 2018-03-26 10:24:55,203 INFO REQUEST: ./login - USER: root - PARAMS: {} - COMMENT: all - TIMESPENT: - - TICKET: -This entry confirms that a login operation for the specified account has been performed with JOC Cockpit on
host1.
- Check the file
./logs/JOCAuditLog.logof JOC Cockpit onhost2for an entry like this:Code Block language bash 2018-03-26 10:24:55,983 INFO REQUEST: ./logout - USER: root - PARAMS: {} - COMMENT: - TIMESPENT: - - TICKET: -This entry confirms that a logout operation for the specified account has been performed with JOC Cockpit on
host2.
- Check the file
Redundant Installation of the JOC Cockpit
...