authenticaapachetomcat

apachetomcat  时间:2021-01-11  阅读:()
Remoteapplicationaccessisincreasinglyimportantintoday"sbusinessenvironment.
Solutionsthatprovideremoteaccesstoapplicationsanddatacaneliminategeographicalandnetworkboundaries,improveuserproductivity,enhanceprotectionofintellectualproperties,andhelpstreamlineIToperationswhilereducingcosts.
OpenTextExceedTurboXisanadvancedsolutionfordesktopvirtualizationandremoteaccesstoenterpriseapplicationsanddata,addressingtheneedsofmodernenterprises,especiallythosewithmixedUNIX/MicrosoftWindowshostingenvironments.
Thiswhitepaperdescribestheprinciplesofitsdesign,thearchitectureandkeycomponentsofthesolution,andtheirfunctionsandinteractions.
OpenTextExceedTurboXAnArchitectureOverviewTableofContents1.
0Introduction32.
0TheArchitectureDiagram43.
0TheBuildingBlocks44.
0Connectivity75.
0ThinXProtocol76.
0ClientandProxyRuntime87.
0Authentication98.
0Clustering109.
0Licensing1110.
0Fail-OverScenarios1211.
0Platforms13Closing1331.
0IntroductionRemoteapplicationaccesshasbeenasolutioncategorysincecomputerswerefirstlinkedintoanetwork.
Businesseshavealwayssoughtasolutionthatwouldallowuserstoaccessapplicationsrunningonaremotehost.
Alongcameglobalization,followedbyallformsofvirtualization,whichpushedapplicationsfurtherawayfromusers,whileincreasingtheneedforuserstobeproductivewhileaccessingapplicationsanddatafromagreatdistance.
OpenTexthasbeeninthebusinessofprovidingremoteapplicationaccesssolutionsformorethan20years.
BeginningwithOpenTextExceedinthe1990sandincludingOpenTextExceedonDemandinthe2000s,OpenTexthaspushedtheperformanceenvelope,bringingcomplex2Dand3Dapplicationstoenterpriseusersallovertheworld.
ExceedTurboXisthefutureofremoteapplicationaccesssolutions,madeavailabletoday.
ItisaculminationofyearsofexperiencewithXWindowandnetworkprogramming,andtheunderstandingofhundredsofrealworldcasesusingbusiness-criticalUNIXandWindowsapplications.
SixprimarygoalsguidedtheconceptionanddevelopmentofExceedTurboX:ProvideasingleplatformforITanduserstomanageandaccessalloftheirremoteinfrastructure,regardlessofplatformProvidethefastestremoteaccesssolutiononthemarketforaccessingUNIXandWindowshostsProvideaconsistentuserexperienceacrossallsupportedclientplatformsSimplifythedistributionandmanagementofclientsoftware,profile,andsettingstosupportlargedeploymentscenariosOfferfullyauditableeventsforbettervisibility,accountability,andproblemresolutionWorkintandemwithanyexistinginfrastructureandvendor,includingmixedphysical/virtualdesktopenvironmentsExceedTurboXdeliversresultsonallfronts.
Itsarchitectureisadeparturefrommanytraditionalremoteapplication-accesssolutionsonthemarket,includingourownExceedonDemand.
Itreliesonahybridoftechnologiestodeliverhighperformanceaccesswithagreatuserexperienceandsimplifiedadministration.
2.
0TheArchitectureDiagramThefollowingdiagramdepictstheoveralllayoutofallmajorExceedTurboXcomponentsandtheirrelationships.
Firstly,youwillnoticethatETXreliesonaWebApplicationServertoprovideaweb-basedgraphicalfrontend.
Secondly,ETXusesadatabasetostoreapplicationdata.
InadditiontotheETXserver,whichprovidestheuserinterface,configurationandloadbalancing,ETXConnectionNodesareresponsibleformanagingclientsessionsandcompressingtheremotedisplayfortransmissiontousers.
AgroupofconnectionnodesalongwiththeETXserveriscalledtheETXSite.
43.
0TheBuildingBlocksThefollowingcomponentsformthefoundationofExceedTurboX.
3.
1ETXServerThisisthebrainofthesolution,functioningasconcierge,gatekeeper,andtrafficcontrol-ler.
ItisawebapplicationthatrunsonanApacheTomcatwebapplicationserverandispresentedtouserswhentheyfirstconnecttotheETXwebportal.
ETXServerdisplayseitheraDashboardtousersoraServerManagertoadministrators.
UserscanusetheWebDashboardtolaunchnewsessions,createprofiles,ormanagetheirexistingsessions.
AdministratorsusetheServerManagertomonitorandmanageeveryaspectofthesolution,fromuserenrollmenttogeneratinglicenseandresourceusagereports.
3.
2ETXConnectionNodesTheETXConnectionNodeisresponsibleforstartingsessionproxies(anapplicationwhichmanagesandcompressesremotesessions),aswellasinteractingwiththeETXserver.
Withmultiplenodespresentintheinfrastructure,ETXservercanselectfrommultipleconnectionnodesforloadbalancingandnodefailover.
ETXConnectionNodesincludeseveralsub-components,whicheachhandleadifferenttask.
InadditiontotheProxyManager(whichstartsthesessionproxies),otherimportantcomponentsincludetheETXAuthenticator,XstartLauncher,andApplicationScanner,whichareexplainedinmoredetailbelow.
3.
2.
1ETXProxyManagerThemainfunctionoftheETXProxyManageristocreateremotesessionproxies.
Proxiesactasanintermediarybetweentheclientandapplicationordesktophost,providingencryptionandcompressionofthesessiondisplayovertheWAN.
Theproxyalsohandlespassinguserinputtothehost,aswellasotherdatasuchasfilesanddevices.
TheProxyManagermonitorsthewell-beingofthesesessionproxiesandcommunicatesthestatusofeachsessionproxytotheETXServer.
TheProxyManageralsohandlesuser5commands,suchassessionsuspendandresume,sessionsharing(multicasting),filetransfer,andothersession-relatedfeatures.
AProxyisafullyfunctionalXserver/RDPclient,andcanthereforeoperateasastand-aloneserver,handlingdisplayprotocolfromdefaultinstallationsofWindowsorUNIXhostswithoutanylocalsoftwarebeinginstalled.
TheproxyincludesanXserveraswellasanRDPclientforrenderingandcompressingthedisplayovertheWAN.
InthecaseofWindowsDirectdesktopconnections,theproxymustbeinstalleddirectlyontheWindowsdesktophostforlocalrenderingandcompression.
AcompresseddatastreamissentfromtheProxytotheClient,whichisinstalledontheuser"sdevice.
Theclienthandlesscreendrawingandkeyboardandmouseinputs.
Moreinformationonthefunc-tionsofProxiesandClientsisavailableinSection6.
0.
3.
2.
2ETXAuthenticatorAsthenameimplies,thiscomponenthandlesauthenticationofusersandadministratorswhentheylogintotheETXwebportal.
TheauthenticatorisrequiredtosupportPAMorNativeauthenticationinUNIXenvironments.
LDAP-basedenvironments(e.
g.
MicrosoftWindows)donotrequireanauthenticatorbecauseLDAPauthenticationishandledbyETXServer.
TheETXAuthenticatorprovidesseamlessintegrationofETXintoUNIXenvironmentsthatuseadedicatedPAMorNativeauthenticationserver.
ThisrequiresyoutoinstallanETXConnectionNodeonthePAM/NativeauthenticationserverandregistertheNodeasanAuthenticatorduringinstallation.
ETXsupportsmultipleauthenticationnodesforloadbalancing,buteachnodemustbeconfiguredwiththesamePAMorNativeauthentica-tionsettings.
3.
2.
3XstartLauncherXstartLauncheristhemoduleresponsibleforlaunchingindividualXWindoworWindowsapplicationswhenauserlaunchesanETXprofile.
ETXprofilesincludeallconfigurationsettingsfortheremotesession,includingwhichhosttoselectandwhichapplicationstorun.
3.
2.
4ApplicationScannerTheapplicationscannerisanoptionalutilitythatscanstheConnectionNodeforinstalledapplications,makingthemavailableforpublishingviatheETXServerManager.
Onceanapplicationispublishedtousers,userscanlaunchtheapplicationbycreatingaprofileandselectingtheapplicationtolaunch.
TheapplicationscannerworksonallETXplatforms,soyoucanpublishapplicationsrunningonbothUNIXandWindows.
IfyouhavemultipleConnectionNodeswiththesameapplicationinstalled,ETXServerdetectstheoverlapandgroupsapplicationsintoasingleitem.
Thisprovidesloadbalancingofapplicationsacrossmultiplehosts.
3.
2.
4LocalSessionDatabaseThelocalsessiondatabasekeepstrackofsessionstatusandreportsthisbacktoETXServeronaregularbasis.
IftheconnectionbetweenETXServerandtheProxymanagerfails,thelocalsessiondatabaseenablestheConnectionNodetocontinueoperatingnormally,includingsuspendingorterminatingsessions.
WhentheconnectiontoETXServerisre-established,thelocalsessiondatabaseissyncedwithETXServer.
Thismakeseachnodefault-tolerantincaseofanetworkfailure.
3.
3DatabaseTheRDBMSisthebookkeeperofthesolution.
Itisusedtostoreallnon-transientinforma-tion,includingserversettings,usersettings,profiles,eventlogs,licenseusagestatistics,etc.
ETXsupportsIBMDB2,MicrosoftSQLServer,andApacheDerby,andcomesbundledwithApacheDerbyforquickandeasyinstallation.
Forload-balancing,fail-over,andhigh-availabilitycapabilities,pleaserefertotheETXHighAvailabilityWhitePaper,aswellasvendordocumentationforsettingupdatabasereplication.
63.
4ETXLicenseServerMultipleETXsitescanshareasinglepooloflicensesandhavelicensesdynamicallyorstaticallydistributedtoeachsitebasedonrulesdefinedbyadministrators.
TheETXLicenseServerfunctionalityisembeddedineveryETXServerandcanbeenabledduringsetup.
Onceenabled,otherETXsitescanconnecttotheLicenseServeranduselicensesfromthepool,ratherthanusinglocallyinstalledlicensekeys.
SpecialcarehasbeengiventothedesignofthissolutiontoensurethatiftheLicenseServerisoutofserviceoroutofreach,administratorswillbenotifiedviaemail,andsiteswillremainoperationalfor72hourssothattheproblemcanberesolved.
3.
5ETXClientRuntimeETXreliesonanativeclientRuntimetohandleremotecommunicationsandinteractions.
ItisthecounterparttotheETXProxyandcommunicateswiththeproxycontinuouslywheneverasessionisestablished.
LikeaProxy,theclientRuntimeisanativeapplication,whichtakesadvantageofthebestpossibleperformance,reliability,andcompatibility.
DeploymentoftheETXclientRuntimeisautomatic;thecorrectRuntimeisdownloadedsilentlyinthebackgroundwheneverauserlaunchesanapplication.
ClientRuntimesareavailableforWindows,LinuxandMacusers.
3.
6JavaRuntimeEnvironment(JRE)Whileitisnotnecessarilyabuildingblockonitsown,JREisasystemrequirementfortheETXServer.
Naturally,JREisrequiredonthemachinerunningtheETXServerandApacheTomcat.
JavacanalsobeusedtolaunchETXremotesessionsfromabrowser,althoughthisisnotthedefaultoption.
Bydefault,launchingETXsessionsrequirestheNativeClientLaunchercomponenttobeinstalledontheuser"sdevice(seesection3.
7below).
3.
7NativeClientLauncherTheNativeClientLaunchermustbeinstalledontheuser"smachinebeforetheusercanlaunchaprofileinExceedTurboX(unlesstheyhaveselectedtheJavaclientlauncher;seesection3.
6above).
TheNativeClientLauncherwilldownloadandexecutetheNativeClientRuntimeinthebackgroundwhentheuserlaunchesaprofile.
TheLauncherdoesnotrequireadministratorprivilegestoinstall,anditisprovidedforWindows,Linux,andMacclients.
74.
0NetworkConfigurationCommunicationbetweenETXcomponentsoccursonseveraldifferentports.
Itisimpor-tanttoensurethatyourfirewallisconfiguredproperlytoensureproperoperationoftheETXSite.
Thetablebelowsummarizestherequirednetworkchannels,includingthepurposeofthechannel,thecomponentsinvolved,theprotocolsused,andwhetherthechannelissecured.
DESCRIPTIONFIRSTCOMPONENTSECONDCOMPONENTPROTOCOL(S)DEFAULTPORT(S)SECURITYAccessingETXDashboardandServerManagerinabrowserWebbrowserETXServer(Tomcat)HTTP/HTTPS8080/8443None/SSLETXServercontactsIBMDB2databaseETXServerIBMDB2DatabaseJDBC50000None(SSLoptional)ETXServercontactsMicrosoftSQLdatabaseETXServerMicrosoftSQLDatabaseJDBC1433None(SSLoptional)ETXServercontactsApacheDerbyDBdatabaseETXServerApacheDerbyDatabaseJDBC1527None(SSLoptional)ETXServersendsamessagetotheConnectionNodeETXServerETXConnectionNodeTXPM5510SSLETXClientlaunchesanyprofileETXClientETXConnectionNodeThinX5510None(SSLoptional)UserlaunchesanXapplicationETXConnectionNodeUNIXHostX116000+SSHUserlaunchesaWindowsapplicationorRDPdesktopETXConnectionNodeWindowsHostRDP3389SSLETXServercontactsthelicenseserverETXServerETXLicenseServerHTTP/HTTPS8080/8443None/SSLAccessingETXServerRESTAPIsAnyapplicationorscriptETXServerHTTP/HTTPS8080/8443None/SSL5.
0ThinXProtocolThinXProtocolisthedigitalbloodcoursingthroughtheveinsofETX,anditiswhatmakesETXworksowell,sofast.
ThinXProtocol,orTXP,providesexceptionalperformanceoverawiderangeofnetworkbandwidthsandlatencies.
Resultsofin-houseanalysishaveshownthattheamountofnetworktrafficgeneratedbyTXPisbetweenoneand10percentofthetraditionalXprotocol.
Itisalsomoreefficientthancompetitiveremoteaccesssolutions.
TXPisdesignedtoaccomplishthefollowing:1Reducebandwidthrequirementsforremoteusers2Adapttochangingnetworkconditions3Reduceround-triprequestsforX11traffic4StrengthensecurityNote:TXPisalsousedbetweentheClientandProxyforconnectionstoWindowshosts.
InthecaseofRDPconnections,theETXProxyconvertstheRDPprotocoltoThinXforfasttransmissionovertheWAN.
85.
1ReduceBandwidthRequirementsTXPhasasuperiorabilitytocompress,cache,andoptimizerequests.
ThegoalistominimizetheamountofdatathathastotravelacrossthenetworkbetweenProxyandClient,whichischaracteristicallyhighinnetworklatencyandlowinnetworkbandwidth.
Naturally,theworkrequiredtooptimizeandreducenetworktrafficcomesattheexpenseofmoreCPUcyclesandcomputingresourcesonbothend-pointsoftheconnection.
However,theabundantcomputingpowerthatPCsandserversnowharnesscaneasilyhandletheincreasedworkloadwithoutslowingdowntheremoteserver,enablingExceedTurboXtoachievebandwidthreductionwithoutsacrificingoverallperformance.
5.
2AdapttoChangingNetworkConditionsThelevelofcompressionandoptimizationontheTXPdatastreamcanchangeauto-maticallyanddynamicallydependingonreal-timechangestobandwidthavailability,networklatency,andeventhecontentsoftheremotedisplay.
ExceedTurboXwilladjustandchoosetherighttypeofcompression,datatype,andupdatefrequencytomaintainmaximumperformanceandusability.
Theseadjustmentshappenontheflywithoutanyneedtocustomizeprotocolsettings.
ETXtendstoconsumeavailablebandwidthinordertoimprovedisplayqualityandresponsiveness,butusersandadministratorscanalsolimitthebandwidthusageofaparticularsessionbyadjustingETXprofilesettings.
5.
3ReduceRound-TripRequests(X11)TheXWindowprotocolwasdesignedforcommunicationinaLANenvironmentwherenetworkbandwidthisabundant.
ConnectingtoXapplicationsovertheWANwithoutacompressionlayerwillresultinveryslowperformanceoftheremoteXapplicationsordesk-tops.
TheETXProxycanbeinstalledeitherontheXapplicationhostitself–thuseliminatingXWindowprotocolfromtheLANentirely–oronaseparatemachineonthesameLANastheXapplicationhost.
TheProxywilleitherrenderontheserverandsendpicturesovertheWAN,orwillcompress,batchandsenddrawinginstructionsusingTXP(ThinXProtocol)basedonscreencontents.
WiththeintelligencebuiltintotheProxy,fewerround-triprequestswillneedtoreachtheClient,eliminatinginefficiencyanddelaysintheremotecommunication.
Thereductioninthenumberofround-triprequestsovertheWANorinternetconnectionissignificant,givingExceedTurboXanunparalleledperformanceadvantage.
5.
4StrengthenSecurityTXPissecureindesign.
ItcanbeeasilyencryptedusingthelatestTLS1.
2protocolforheightenedsecurity.
Infact,TLSencryptionisusedbydefaultbetweenETXservercomponentstoensurebusinesscriticalinformationisprotected.
ConnectionsfromusersoutsideofthecorporateLANmaybeencryptedeitherbyaVPNorbyenablingTLSencryptionintheETXServerManager.
6.
0AutomaticUpdatesETXisdesignedtoautomaticallyapplyupdatestoboththeclientandservercomponents,eliminatingtheneedtomanuallyrolloutupdatestothesystem.
ETXalsosupportstheabilitytodeploymultipleversionsoftheclientandserverruntimessothatyoucanapplypatchesanddifferentversionstodifferentgroupsofusers,allfromacentralmanagementinterfacebuiltintoETXServer.
6.
1NoClientInstallationWhenuserslaunchaprofileforthefirsttime,ETXwillautomaticallydetectthepresenceoftheclient-sidelauncherandpromptuserstodownloadandinstallthelauncherifitisnotfound.
Thiseliminatestheneedtomanuallyinstallthesoftwareonclientmachines.
6.
2AutomaticClientandProxyUpdatesviaRuntimePackagesThelightweightclientandproxyruntimesarepushedtotheuser"sdesktop,aswellastheETXproxy,whenauserlaunchesasession.
Theclientandproxyruntimearedevelopedinpairs,ensuringthateveryuserreceivesacompatibleversionoftheclientandservercomponentseverytimetheylaunchanewsession.
9Oncearuntimeisdownloaded,itwillbecachedonthemachineandwillnothavetobedownloadedagain.
Thisensuresthatsubsequentconnectionsarelaunchedasquicklyaspossible.
6.
3AutomaticConnectionNodeupdatesStartinginETX11.
5,patchingtheETXServerwillautomaticallyandsilentlypushallnecessaryupdatestotheETXConnectionNodesthatareregisteredwiththeserver.
InVDIrolloutswiththousandsofvirtualmachines,thiseliminatestheneedtomanuallyupdatethesoftwareonthousandsofnodes.
Note:theConnectionNodesoftwareisusedtomanagethesessionproxiesonthenodeandisseparatefromtheproxyruntime.
6.
4ManagemultipleruntimeversionsconcurrentlyETXServerallowsyoutoinstallandusemultipleruntimeversions,whichmeansthatyoucanapplypatchestospecificuserswithoutaffectingotherusers.
ThiscanbeusedtoapplyhotfixesforspecificapplicationsorperformstagingexperimentswithETXservicepacksandhotfixes.
EachETXprofilehasacustomizableruntimeversion,whichcanbesetbytheETXadministratorortheETXuser(iftheyhavepermissionstoeditprofiles).
7.
0AuthenticationETXsupportsthefollowingauthenticationmethods:LightweightDirectoryAccessProtocol(LDAP)MicrosoftActiveDirectory(AD)Kerberos-basedSingleSignOn(SSO)PluggableAuthenticationModule(PAM)NativeUserCredentials(UNIXonly)ETXwillusedifferentcomponentsinthearchitecturetoauthenticateusers,basedonyourauthenticationmethod.
AUTHENTICATIONTYPECOMPONENTTHATHANDLESAUTHENTICATIONLDAP,MICROSOFTACTIVEDIRECTORYETXServerPAM,NATIVEUSERCREDENTIALSETXConnectionNodesLDAPandMicrosoftActiveDirectoryarecentralizedidentitymanagementsystems,whichcanbeaccessedfromanycomputer.
ItisfunctionallysimplerandmoreefficienttoletETXServertakecareofthoseauthenticationtypes.
ToimplementLDAP-basedauthentication,simplyconfiguretheappropriateLDAPsettingsduringinstallationofETXServer.
ForKerberos-based,singlesign-onenvironments,refertotheExceedTurboXInstallationandAdministrationGuide,whichispartofthecoreproductdocumentation.
Additionally,forUNIXenvironments,youmayusePAM(PluggableAuthenticationModule)orNativeauthenticationmethods.
Intheseauthenticationmodes,adedicatedPAMorNativeauthenticationserverisconfiguredtohandleETXloginrequests.
PAMorNativeauthenticationserversmusthavetheETXConnectionNodesoftwareinstalled,andbeassignedthe'Authenticator"roleduringinstallation.
OncethenodeisregisteredwithETXserver,ETXserverwilldirectallloginrequeststotheAuthenticatornode.
ETXServerallowsmorethanonePAM/Nativeauthenticatornodetoberegistered,sothatuserswon"tbelockedoutiftheauthenticationservergoesoffline.
However,youmustmakesurethePAMconfigurationoruserdatabaseisidenticalacrossallAuthenticators.
Inadditiontothe'Authenticator"role,nodescanbeassignedtothe'ProxyManager"role.
TheProxyManagerrolemeansthatthenodewillacceptremotedesktopandapplica-10tionsessions,andstartalocalsessionproxytocompressandmanagetheremoteusersession.
Ifyourauthenticationserver(s)aresharedbymanyapplications,youmaywanttodisabletheproxymanagerroletoavoidtaxingthesesystemswithETXsessions.
AUTHENTICATIONTYPECOMPONENTTHATHANDLESAUTHENTICATIONAUTHENTICATORResponsibleforhandlingPAMandNativeUserCredentialsauthenticationrequestsonlyPROXYMANAGERResponsibleforcreatingandmanagingProxiesAUTHENTICATORANDPROXYMANAGERBothoftheabove7.
1MultipleAuthenticatorsFororganizationsthatchoosetousenativeauthenticationorPAM,itisalwaysagoodideatohavemorethanoneAuthenticatorinthesystemincaseoneoftheETXConnectionNodesisdisconnectedorotherwiseunavailable.
ETXServerwillchooseoneoftheavail-ableETXAuthenticatorsatrandom.
Therefore,itisofutmostimportancethatthesamesetofusersandtheircredentialsareavailableoraccessiblebyallETXAuthenticatorsinthesystem;otherwisesomeusersmaynotbeabletologintoETXatanygivenmoment.
Inmostcases,havingtwoAuthenticatorsinthesystemprovidesthenecessaryloadbalancingandprotectionagainstasinglepointoffailure.
Morethantwoauthentica-torsmayberedundantandcreateunnecessarycomplicationandworkloadinvolvedinsynchronizingnativeusercredentialsacrossmultiplemachines.
8.
0LoadBalancing8.
1WhatisLoadBalancingLoadBalancingreferstothecapabilityofETXServertodistributeremotesessionstoa"cluster"ofConnectionNodes.
Loadbalancingisakeyelementofprovidingahighlyavailableenvironmentforuserstoaccesstheirremotedesktopsandapplicationservers.
8.
2HowDoesLoadBalancingWorkWhenauserlaunchesaremoteapplicationordesktop,oneoftheETXconnectionnodescreatesaprocess(calleda"proxy")toactasintermediarybetweentheuserandtheremotehost.
Theproxyprocessisresponsibleforinteractingwiththehost(asthesessionclient)andcompressingtheremotedisplayfortransmissionovertheWANtotheenduser.
IfETXwereconfiguredwithonlyasinglenodetohandleallusersessions,failureofthatnode(duetohardware,network,orotherfailure)wouldbecrippling.
ETXwouldnotbeabletohandleanynewsessionsuntilthenodeisrestoredandreconnected.
Withtwoormorenodespresent,failureofasinglenodedoesnotcripplethesystem.
Theothernodescantakeoveruntilthefirstnodecomesbackonline.
AllETXConnectionNodesareregisteredwithETXServer,andtheirpresenceisrecordedandmonitoredsoETXServerknowstheexactnumberofETXConnectionNodesavail-able,whateachnodeisdoing,andtheresourcesavailableoneachnode.
Fromtheuser"sperspective,thereisnoobviousdifferencebetweendifferentConnectionNodes,andinmostcases,usersshouldnotcarewhichnodehandlestheuser"ssession.
JustlikewhenyouaccessAmazon.
com,youdon"tknow,nordoyoucare,whichoneofathousanddifferentwebserversisrespondingtoyourrequest.
118.
3LoadBalancingBecausetheETXServerkeepstrackofallconnectionnodesandtheavailableresourcesoneachnode,theservercanassignsessionstoconnectionnodesbyselectingthenodewiththemostavailableresources.
Thisensuresthatusersachievethefastestpossibleconnectionsfortheavailableserverhardware.
ThefollowingloadbalancingcriteriaaresupportedbyETXServer:LOADBALANCINGRULEFUNCTIONSESSIONSThenodewiththefewestactiveorsuspendedsessionsisselectedforthenextsessionlaunch.
CPUThenodewiththemostCPUresourcesisselected.
ThisdoesnotaccountforCPUspeedorarchitecture,onlypercentageofCPUconsumption.
MEMORYThenodewiththemostavailablememoryisselected.
Thistypeofloadbalancingcanbeusedwhenrunningmemory-intensiveapplications.
9.
0Licensing9.
1TypeofLicensesETXLicensesareconcurrentinnature,meaningtheyallowalargenumberofuserstoshareasmallersetoflicenses.
Forexample,ifyoupurchase50licensesforanETXsite,100usersmightsharethoselicenses,solongasnomorethan50usershaveactivesessionsatthesametime.
9.
2RulesofLicenseUsageAsingleusercanneverconsumemorethanonelicense.
Thismeansthatausercanlaunchmultiplesessionsonmultipledevicesandwillneverconsumemorethanasingleconcurrentuserlicense.
However,ifausersharestheirsessionwithmultipleusers,eachuserjoiningthesharedsessionwillconsumeonelicense(providedtheuserisn"talreadyconsumingalicense).
9.
3SharingLicensesAcrossMultipleETXSitesMultipleETXsitescanconnecttoanETXLicenseServerinordertoshareasinglepooloflicenses.
TheETXLicenseServerfunctionalityisembeddedineveryETXServer,andcanbeturnedonduringsetup.
TheLicenseServershouldbeconfiguredfirst,sothatotherETXServerscanspecifythelicenseserverduringsetup.
SpecialcarehasbeengiventothedesignofthissolutiontoensurethatiftheLicenseServerisoutofserviceoroutofreach,allsiteswillremainoperationalforupto72hours,andadministratorswillbenotifiedaslongasthelicenseserverhasbeenconfiguredtosendemailnotifications.
9.
4LicenseDistributionMethodsETXLicenseServersupportstwotypesoflicensedistribution:StaticandDynamic.
9.
4.
1StaticLicenseDistributionAsthenameimplies,licensesarestaticallydistributedtoeachETXsitesoyoucantightlycontrollicenseusageandcostsonaper-sitebasis.
Oncelicensesarestaticallydistrib-utedtoanETXSite,thesitewillmanagethelicenseusageinternallyasifthoselicenseswerelocallyinstalled.
9.
4.
2DynamicLicenseDistributionAnylicensesthathavenotbeenassignedstaticallytoanETXsiteareavailableforanyconnectedsitetoconsumeonafirst-come,firstservebasis.
DynamiclicensescanflowfreelyfromoneETXsitetoanotherseamlessly.
Note:IfauserlaunchessessionsontwoindependentETXsitesthatshareacommonlicenseserver,theuserwillconsumeonelicensefromeachETXsite.
ThisisbecauseeachETXsitemanagesitslicensesindependently.
1210.
0FailureScenariosTheETXsolutionisdesignedtoberesilienttovarioustypesoffailuresandoffercontinuousservices.
Disastersorfailurescanhappentocomputershostingdifferentcomponents,andtherearevariousdegreesoffailure.
Thetablebelowoutlineshoweachcomponenthandleseachtypeoffailure.
COMPONENTNETWORKDISCONNECTIONCOMPONENTSHUTDOWNCLIENTIfthemachinewhereETXClientisrunninglosesitsconnectiontothenetwork,theuser"ssessionwillbeautomaticallysuspended.
IfthemachinewhereETXClientisrunningcrashesorotherwiseispoweredoff,theuser"ssessionwillbeautomaticallysuspended.
CONNECTIONNODEIfthemachinehostingtheConnectionNodeisdisconnectedfromthenetwork,XWindowsessionswillbepermanentlylost.
WindowsRDPsessionswillbecomedisconnectedbutmayberesumedbylaunchinganewsessionconnectingtothesamehostonadifferentnode.
OtherETXConnectionNodeswillcontinuetoacceptnewconnections.
IfthemachinehostingtheConnectionNodecrashesorispowereddownunexpectedly,XWindowsessionswillbepermanentlylost.
WindowsRDPsessionswillbecomedisconnectedbutmayberesumedbylaunchinganewsessionconnectingtothesamehostonadifferentnode.
OtherETXConnectionNodeswillcontinuetoacceptnewconnections.
AUTHENTICATORWhenusingNativeorPAMauthenticationforUNIXenvironments,iftheAuthenticatornodeisdisconnectedfromthenetwork,ETXServerwillnotbeabletoauthenticateusers.
Inthissituation,noonewillbeallowedtologintotheETXwebsite.
However,iftheadministratorcreatedamaintenanceuser(bydefault'etxinstall"),theycanloginwiththismaintenanceusertofixconfigurationproblemswiththeauthenticationnode.
Iftheauthenticatorfails,itwillnotaffectexistingsessions,unlessthosesessionsarerunningontheauthenticationnode(requirestheauthenticatornodetobeconfiguredasaProxyManager).
APACHETOMCAT/ETXSERVERIfApacheTomcatortheETXServerwebappisunavailable–whetherduetoabrokennetworkconnectionorservercrash,userswillbeunabletologintotheETXwebinterfaceorperformbasicfunctionssuchaslaunchingorresumingsessions.
AdministratorswillbeunabletologintothewebinterfacetoadministertheETXenvironment.
However,allactivesessionswillcontinuetooperatewithoutanylimitations.
IfausersuspendsanactivesessionwhileApacheTomcatortheETXServerisdown,heorshewillhavetowaituntilthosesystemsarerevivedandonlinebeforethesessioncanberesumed.
Note:ETXsupportshighavailabilityforthewebserver.
ThismeansthatyoucanrunETXserversinparallel.
Iftheprimarywebserverfails,thesecondarywilltakeover.
Forinformationonsetup,seetheExceedTurboXHighAvailabilityConfigurationGuide.
DATABASEIfthedatabaseisunavailablebecauseofanetworkfailure,theETXWebDashboardandWebServerManagerwillbeinac-cessible.
However,allactivesessionswillcontinuetooperatewithoutlimitations.
Whenthedatabaseconnectionisrestored,allfunctionswillberesumed.
Ifthemachinerunningthedatabasecrashesorispowereddownunexpectedly,orthedatabaseiscorrupted,ETXWebDashboardandWebServerManagerwillbeinaccessible.
However,allactivesessionswillcontinuetooperatewithoutlimitations.
Whenthedatabasemachineisrestoredallfunctionswillberesumed.
LICENSESERVERSTATICLICENSEDISTRIBUTIONUpondisconnectionfromaLicenseServer,anETXServerwillcontinuetomanagetheallottedlicensesasiftheywerelocallyinstalled,forupto72hours.
ThisprovidestimeforITtofindandfixanyfailures.
ImpacttotheETXServeranditsusersisminimalunlessthisconditionisleftuntreated.
DYNAMICLICENSEDISTRIBUTIONUpondisconnectionfromaLicenseServer,eachETXServerwillassumethatanyunallocatedlicensesareavailableforlocalsessionsforupto72hoursafterthedisconnection.
WhentheconnectiontotheLicenseServerisrestored,eachETXServerwillreportitscurrentlicenseusagetotheLicenseServer,andtheLicenseServerwillrecalculatethetotalnumberoflicensesthatareinuse.
Userswhohaveactivesessionswillnotbepenalizedifthenumberoflicensesinuseisgreaterthanthenumberoflicensesinstalled.
Inthiscase,thiseventwillbeloggedandanyuseractivitiesthatrequireadditionallicenseswillnotbepermitteduntilthetotalnumberoflicensesinuseisfewerthanthenumberoflicensesinstalled.
11.
0PlatformsThesupportedplatformsforeachETXcomponentisprovidedinthetablebelow.
LOADBALANCINGRULEFUNCTIONCLIENTWINDOWSPLATFORMSWindows10Windows8.
1Windows7SP1orlaterWindowsServer2008R2SP1orlaterWindowsServer2012R2orlaterLINUXPLATFORMSRedHatEnterpriseLinux6.
5orlater,64-bitSuSELinuxEnterpriseLinux11&12,64-bitMACOSXPLATFORMSMacOS10.
12(Sierra)MacOSX10.
11(ElCapitan)IOSPLATFORMSiOS9.
0orlater,oniPad2orlater,iPadAir,iPadAir2,iPadmini2orlater,iPadProJAVACLIENTETXSERVERRedHatEnterpriseLinux6.
5orlater,64-bitOracleSolarisSPARC10&11,64-bitOracleSolarisx86-6410&11,64-bitETXCONNECTIONNODERedHatEnterpriseLinux6.
5orlater,64-bitSuSELinuxEnterprise11&12,64-bitOracleSolarisSPARC10&11,64-bitOracleSolarisx86-6410&11,64-bitIBMAIX6.
1or7.
1Windows10,64-bitWindows8.
1,64-bitWindows7SP1,64-bitWindowsServer2008R2SP1,64-bitWindowsServer2012R2DATABASEIBMDB2Express-C10.
5withRedHatEnterpriseLinux6orlater,64-bitonlyIBMDB2EnterpriseServer10.
5withRedHatEnterpriseLinux6orlater,64-bitonlyMicrosoftSQL2012SP1StandardEditionorlateronWindowsServer2012R2orlaterMicrosoftSQL2008R2SP2StandardEditionorlateronWindowsServer2008R2SP1orlaterApacheDerby10orlater,onallsupportedETXServerplatformsWEBBROWSERSGoogleChromeMozillaFirefoxMicrosoftInternetExplorer11MicrosoftEdgeAppleSafari8orlater(applicabletoMacOSXonly)ClosingThankyouforyourinterestinOpenTextExceedTurboX.
TolearnmoreaboutExceedTurboX,visitourwebsiteat:connectivity.
opentext.
com/etx.
AboutOpenTextOpenTextenablesthedigitalworld,creatingabetterwayfororganizationstoworkwithinformation,onpremisesorinthecloud.
FormoreinformationaboutOpenText(NASDAQ:OTEX,TSX:OTC)visitopentext.
com.
Connectwithus:OpenTextCEOMarkBarrenechea"sblogTwitter|LinkedIn|Facebook

piayun(pia云)240元/季起云服务器,香港限时季付活动,cn2线路,4核4G15M

pia云怎么样?pia云是一家2018的开办的国人商家,原名叫哔哔云,目前整合到了魔方云平台上,商家主要销售VPS服务,采用KVM虚拟架构 ,机房有美国洛杉矶、中国香港和深圳地区,洛杉矶为crea机房,三网回程CN2 GIA,带20G防御。目前,Pia云优惠促销,年付全场8折起,香港超极速CN2季付活动,4核4G15M云服务器仅240元/季起,香港CN2、美国三网CN2深圳BGP优质云服务器超高性...

飞讯云E5-2678V3 64GB,湖北十堰100G高防物理机330元/月

飞讯云官网“飞讯云”是湖北飞讯网络有限公司旗下的云计算服务品牌,专注为个人开发者用户、中小型、大型企业用户提供一站式核心网络云端部署服务,促使用户云端部署化简为零,轻松快捷运用云计算。飞讯云是国内为数不多具有ISP/IDC双资质的专业云计算服务商,同时持有系统软件著作权证书、CNNIC地址分配联盟成员证书,通过了ISO27001信息安全管理体系国际认证、ISO9001质量保证体系国际认证。 《中华...

Cloudxtiny:£1.5/月,KVM-512MB/100GB/英国机房

Cloudxtiny是一家来自英国的主机商,提供VPS和独立服务器租用,在英国肯特自营数据中心,自己的硬件和网络(AS207059)。商家VPS主机基于KVM架构,开设在英国肯特机房,为了庆祝2021年欧洲杯决赛英格兰对意大利,商家为全场VPS主机提供50%的折扣直到7月31日,优惠后最低套餐每月1.5英镑起。我们对这场比赛有点偏见,但希望这是一场史诗般的决赛!下面列出几款主机套餐配置信息。CPU...

apachetomcat为你推荐
免费美国主机哪里有免费不限流量的国外主机域名注册网网站域名申请,在那备案?国外空间租用好用的国外空间com域名空间域名和空间是什么意思英文域名中文域名和英文域名的区别? 越详细越好台湾主机香港,美国,台湾,韩国,日本主机到底哪个好免费网站空间有没有免费的网站空间推荐深圳网站空间深圳宝安网站设计,深圳网站空间,哪里做的最好???虚拟主机mysql我申请的虚拟主机 ,是MYSQL数据库,但是我安装好网页后,需要更改的数据库地址是我默认的还是找卖家咨询?论坛虚拟主机最近想买虚拟主机,用来做论坛。
宿迁服务器租用 谷歌域名邮箱 cn域名个人注册 php探针 tk域名 xen 最好的空间 777te 大容量存储器 网站木马检测工具 免费防火墙 国外视频网站有哪些 google台湾 腾讯总部在哪 免费邮件服务器 备案空间 什么是web服务器 中国linux lamp怎么读 实惠 更多