Server maintenance is an administrative function and is not available to standard users.
For each server instance that is deployed, you must create a server definition entry in the administration console so that it is visible to the users. The following shows an example of the information required to create a server:
The server name and description are arbitrary and can be anything you like. The license key should be a valid key provided by your supplier (refer Server Licensing section).
The host name and port number are given during the installation of the server instance into the application server. See the “Installation and Configuration” section for more information.
The server encryption key is optional. If you specify a key, it must match the EncryptionKey defined in the magic.properties
file on the target server. It is important to note that you will always see a value in this field, even if you have chosen to make the field blank. This is to avoid accidentally exposing whether a console connection is encrypted or not. To disable encryption, simply blank out the field.
The actual server type is designated here. There are 6 options as described below:
From an installation perspective, there is no difference between a test server and a production server. They run the same code. However, by defining here which type a server is, you can limit which type of execution it can undertake.
If you designate the server as a database server, it will not show up in the tree of Composable Architecture Platform servers, but you can select it during configuration of databases (configuration, flight recorders and case managers).
A template server is defined only to allow advanced settings to be inherited from a nominated server. Like a database server, it also does not show up in the tree of Composable Architecture Platform servers. See Advanced Server Configuration below for more information.
The optional Amazon Instance ID is used to automatically manage proxy instances that are located behind one or more Amazon Web Services (AWS) Elastic Load Balancers. If the ID is provided and Amazon credentials are set in the advanced settings (or inherited), then the server will automatically be deregistered and re-registered with the load balancers during deployment.
Number of CPUs is used to control the load on the target hardware. While running, the X Engine will never attempt to use more than the CPU limit specified here for actual processing. This does not mean that other load cannot occur on additional installed processors (such as communications and other maintenance tasks). However, the core execution will never run on more CPUs than specified. You can put a number exceeding the physical number of CPUs, if so the server will start as many threads as you have specified CPUs and perform the execution that way. On hyper-threading CPUs, this may provide some performance benefits.
The console depth is used to control the memory set aside on the server for the console. The depth refers to the number of lines of text kept before they are discarded.
If you nominate a server to inherit advanced settings from, then the "Advanced" tab will disappear, and all of the settings will be derived from the nominated parent/template server.
In addition to the basics of setting up a server, there are some advanced settings that determine how the server operates. The following shows the advanced settings:
The advanced settings determine parameters such as the Web Proxy the X Engine must traverse to obtain internet access, the name of an SMTP server the X Engine can use to send emails and the details of the email message to send, and the recipients of the notification email message sent when the X Engine fails. It is also possible to modify the server encryption algorithm. Please do not enter anything in this field unless specifically instructed to do so by our support team.
To avoid keying these parameters repeatedly for many servers, you can set up a Template server and inherit the settings from the Template server definition.
The rules in the X Engine that use web access (such as the HTTP invocation rule) will obtain the proxy settings from the server definition. Please see the section on server definitions for more details. It is important to note that some rules using web access may still require direct access to the internet. This is typically dependent upon how the vendor API for the particular function is implemented.
The console supports the ability to dynamically add and remove a selected server from one or more AWS Elastic Load Balancers during deployment. This approach serves to reduce the load contention on a very busy server if deploying whilst live. To make this work, you will need to specify an Amazon Instance ID in the basic settings, and either directly specify the region, load balancer name and credentials in the advanced settings or on the inherited template server settings.
Logging by default will go to System out. However, some environments have configurations where it is convenient to have the X Engine log information and errors to other places.
Apache Commons Logging is an open source logging feature that allows for logging to a variety of locations.
By default, Apache Commons Logging will auto-detect the correct log mechanism to use (Log4J, Avalon LogKit, JDK). However, it is possible to provide specific log factory parameters if required.
File out logging provides the ability to log to a custom file name in a specific directory.
The configuration consists of a template file name (which may include a relative or absolute path) and optionally the number of days to retain log files.
The template file name itself will be pre-pended with a time stamp in the form "CCYY_MM_DD."
For example:
"logs\tests.log,60
" will result in files being saved in the folder logs with log files named CCYY_MM_DD.tests.log
and the files will be retained for 60 days.
IMPORTANT: If you have more than one X Engine installed on the same server, they may NOT write to the same log file.
System out logging will go to the standard System out configuration of the JDK or Application Server. No specific configuration is required.
If you nominate a server as a Production with Forwarder, then you will have one additional (Forwarding) tab to configure:
It is extremely important to take care configuring these settings as an incorrect configuration can result in the creation of an open proxy.
The protected hosts and schemes refer to a list of hosts and their access scheme. This is a definitive list of requests that will be allowed to go through the proxy. For example, it could be configured as:
http://mysite.myhost.com
https://mysecuresite.myhost.com
This will ensure that only http requests can go to the mysite.myhost.com site and that only SSL requests can go to mysecuresite.myhost.com.
The request redirection option allows you full control over where incoming requests are redirected. This replaces the host file manipulation of earlier versions and also allows for port redirection and same server co-existence. Essentially, incoming requests for any given host can be redirected to any other host and/or port. The redirection is a list of hosts and schemes, followed by the ">" and the target host and port. For example, to redirect the site mysite.myhost.com to port 8080 on the same server, you would create an entry that reads:
http://mysite.myhost.com>http://mysite.myhost.com:8080
Composable Architecture Platform can be configured to be an SSL terminator by redirecting the protocol from https to http.
The allowed client IP addresses let you to control where requests coming to the forwarding proxy are allowed to originate from. This is predominantly useful in ensuring that a Proxy Server set up for testing does not become an open proxy for the entire corporation to use to bypass internet controls. The default setting is to only allow access from the loopback address of 127.0.0.1
The browser proxy port allows you to set up a proper browser level proxy that can be configured in Internet Explorer, Firefox, Chrome or other web browser. This type of proxy correctly manages how the browser connects to the forwarding proxy for the purpose of SSL connections. It is especially useful for configuring the browser for testing new rules against sites that do not have Composable Architecture Platform installed (refer to section Zero Installation Rules Testing).
The maximum size for cached objects determines how large objects are handled by the built-in proxy's accelerator cache. It is a performance setting and should only be modified by a qualified performance professional.
The maximum total client connections sets a limit on how many client connections to the proxy are allowed at any one point in time. It is a performance setting and should only be modified by a qualified performance professional.
The maximum client connections to one host determines how many client connections the proxy is allowed to make to a single host at any point in time. It is a performance setting and should only be modified by a qualified performance professional.
Close client connections to host enforces the closure of TCP/IP connections after each request. It is a performance setting and should only be modified by a qualified performance professional.
Clean cookie path is a feature required to ensure PHP sites operate correctly behind the proxy. For most sites this setting can remain on. However, if you experience cookie path problems, you can try setting this to off.
Trace enables a detailed level trace of every transaction going through the proxy. It is a performance setting and should only be modified by a qualified performance professional.
Use web proxy allows you to force the proxy to connect to other hosts using the same web proxy as the X Engine. This is predominantly useful if you are doing a "reverse protection" (that is: using the X Engine to manage sites external to the local network, such as social networking or other data sensitive sites).
Composable Architecture Platform is a licensed product and the terms of your license is contained in a license key that you obtain from your supplier. The license key is rather long so we suggest you copy and paste it directly into the server definition when you receive it, and do not attempt to type it.
Once a valid license key is in place, the server will show the correct license terms on the server status screen as shown below:
Although an invalid license key doesn’t prevent the server from being used, it will display INVALID
if the license is invalid or missing.
If you have a license that has expired, you will see a bold red EXPIRED
notification, but the product will not stop running.
It is your responsibility as the customer to ensure that you adhere to the license terms of your purchase. You may also be asked to provide your license key when obtaining product support.
Server type
Production
This is the standard production server accepting any input
Multi-Protocol
This is the server for managing protocols other than HTTP
Test
This is a test server that takes test data as input
Database
This is a database server. This server type is used in configurations.
Template
This is a server template that other servers can inherit advanced setting from
Production with Forwarder
This is a production server with a built in forwarding proxy