Rob,
I know it can be done, but like you said, we may have to change the way we do somethings and some of our apps would need changes/reconfiguration.
1) IBM Edge server part of WebSphere, correct?
Do you run EDGE on the I or another box in front of the I
We used to run WebSphere years ago, we dropped it.
https://en.wikipedia.org/wiki/IBM_Websphere_Edge_Components
Edge Server comprises 4 basic components:
Load Balancer: Used to direct incoming requests to an appropriate server based on a set of rules which may include load balancing requests across several servers. Server selection is based upon health checks which includes the ability for the user to write specialized health check requests. The current level supports IPv4 and IPv6 traffic.
Caching Proxy: The caching proxy system can be configured as either a forward- or reverse-proxy server. Requested content is cached by Edge before being sent to the requestor and subsequent requests can, based on its internal algorithm that can be customized, be served from the cache instead of forwarding them to application server for reprocessing. This improves response time and minimizes network bandwidth use. A primary use of Edge server is therefore to increase the performance and scalabity of J2EE applications.
Content Distribution: This feature is used in conjunction with the load balancer, where multiple Edge server components are used, to distribute HTTP requests based on URL or other administrator configured characteristics, eliminating the need to store identical content on all Edge servers.
Application Service at the Edge: Ability to build a dynamic web page from fragments generated by multiple application servers
Edge can be configured for high availability with a backup Edge failover server that takes over sessions if the primary Edge server fails.
2) How do you handle SSH keys which our generated based on IP, Host Name, or both?
The remote sites would need a 2nd key from the HA box, correct.
I've added to the list - HA/DR items for consideration.
LPAR system name
TCP/IP interfaces
TCP/IP routes
TCP/IP host table entries
TCP/IP domain information
HTTP instance listening IP
SSH Keys
PC iSeries Access for Windows configurations with IP (200)
HTTPS URL which translate to an IP via network DNS entries
Remote systems with IP in host tables
BRMS
Volumes ownership
Other BRMS settings.
WRKRDBDIRE
Configuring RDB Names for High Availability and External System Access
http://www-01.ibm.com/support/docview.wss?uid=nas8N1014936
AJS scheduled jobs with the below
Remote Location Name - SAVRSTLIB, SAVRSTOBJ
DDM file on SBMRMTCMD
Paul
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Rob Berendt
Sent: Friday, May 04, 2018 7:55 AM
To: Midrange Systems Technical Discussion
Subject: RE: Initiating a Windows DNS change from IBM i
Not a single one. You need to change your applications to be more
flexible. Sure some of the newer routers will allow the same subnet to be
in multiple cities but we don't do that. For a number of reasons.
Propagation delays for one and the fact that our network guy would have a
complete meltdown is probably the biggest reason.
For http, we use IBM's Edge server. You go into that and it does
intelligent routing to multiple http endpoints. Not just pinging but,
much like httpapi, it reads the endpoint for a particular string on a
sample page. For example if I go to site.corp.dekko.com Edge may route it
to site01.corp.dekko.com, site02.corp.dekko.com, etc. And it will check a
url, like site01.corp.dekko.com/CheckIfUp to see if a string site01 is in
it.
For database across HA systems you set up aliases. For example,
WRKRDBDIRE will show GDISYS as the *LOCAL entry on both GDISYS1 and
GDISYS2.
GDISYS1 will be an alias for GDISYS on GDISYS1.
GDISYS2 will just be a normal remote entry on GDISYS1.
GDISYS2 will be an alias for GDISYS on GDISYS2.
GDISYS1 will just be a normal remote entry on GDISYS2.
Anyone going directly to GDISYS1 or GDISYS2 had better have a darn good
reason. I'm about the only one who does and that is for querying both
systems for stuff. Also BRMS needs to go to the individual systems so it
needs these setup. IBM has a technote or two on this. Nine years ago
someone from IBM emailed me this: "416466888: Configuring RDB Names for
High Availability and External System Access".
Interfaces:
One for GDISYS1 or GDISYS2 (depending on which machine you're on)
One for acting as GDISYS
One for HA software replication traffic
One for local loopback
Most http is done via Domino on different lpars and they have a LOT of
interfaces. But again, Edge to the rescue.
HA Backup system
Internet Line Interface Text
Address Description Status description
10.27.6.128 LANLINSYS Active GDISYS2
10.27.6.129 LANLINSYS Inactive GDISYS during a switch
10.27.252.193 LANLINMX Active SYS2HA
127.0.0.1 *LOOPBACK Active *BLANK
Primary system
Internet Line Interface Text
Address Description Status description
10.10.6.128 LANLINSYS Active GDISYS1
10.10.6.129 LANLINSYS Active GDISYS
10.10.252.191 LANLINMX Active SYS1HA
127.0.0.1 *LOOPBACK Active *BLANK
Now, you do have to be careful to not replicate certain files between
systems. For example anything listed at
https://wiki.midrange.com/index.php/Change_IP_Address So if you have a
http config file which lists the IP address to bind to you don't want to
replicate that. Instead you'd have to manually make changes on the target
machine to that config file. Omitting individual files like this is what
concerns me about HA solutions like Power HA. However, I'm sure there are
people who actually use that product and manage to get this working.
That's the attitude you need to proceed.
You need to tell yourself to stop concentrating on why it cannot be done
and instead to concentrate on getting it done. Yes, you may have to
change some operations.
Again, from the 30,000' level, people actually do use HA solutions. Some,
like us, switch on a regular basis and run their stuff on the other
machine. It actually works.
Rob Berendt
midrange.com
