[SOLVED] Duplication of jboss server

Herzel71 · 10-08-2018, 07:23 AM

Hi
Thanks in advanced for anyone who will help.

well,
Our development team asked from me to build for one of our application servers, “qa” server.

The configuration of the servers:

Production server:
Hardware : VMware vm based server
OS : CentOS release 6.3 (Final)
IP address : 192.168.20.101
Hostname jbosstik03
Application server : jboss-eap-6.3
http server : httpd-2.4.3-1.x86_64

Qa server:
Hardware : VMware vm based server
OS : CentOS release 6.3 (Final)
IP address : 192.168.24.103
Hostname jbosstik03qa
Application server : jboss-eap-6.3
http server : httpd-2.4.3-1.x86_64

the process :
We duplicated the production machine with help of the VMwware clone utility.
Replaced Hostname IP and related lan settings.
Changed Jboss and Httpd TCPIP settings.

The problem:
entering IP of the QA server in browser redirects url to following: "http://192.168.20.100/medical/ProtectionServlet?hidden=loginForm"

the above behaivor is as same as production.

I did check and looks like the following two directives in the “/etc/httpd/conf/extra/httpd-vhosts.conf” file were duplicated.
(I do believe this is the reason for that behavior.)
The two directives are as following

RewriteRule informationStation http://192.168.20.100/istation/ [L,R=301,QSA]
RewriteRule ^/$ http://192.168.20.100/medical/index.jsp [L,R=301,QSA]

The above redirection point me into login page of the application after entering the user and password,the login insert me into production environment

The desired situation is to enter the ip address of the qa in browser will insert me into qa environment(as mentioned qa was duplicated eralier)

just another importent information when i tried to check what is this ip "192.168.20.100"
the security team told me this is the F5 Load Balancer.

I will be happy for any help.

B.R
Herzel.

MensaWater · 10-08-2018, 08:40 AM

The F5 load balancer answer from your security team only tells you the incoming connection to the F5. The F5 would also have an outgoing to one or more servers. Typically more than one otherwise you don't need a load balancer but some people (including us) do use the load balance for single attach systems. The main point in a load balancer is that implied by its name - it should direct traffic to multiple hosts in such a way that no single host gets all the load. It is also used to help insure if one of the hosts goes down no traffic is directed to that host so it helps to avoid timeouts.

You need to find out what rules are setup on the F5 to point to the destination server(s).

You'd then need make sure you have a clone of at least one destination server using same setup then adjust your QA server's setup to point to the IP of that destination. You could do something like that via F5 as well but typically for QA you don't setup multiple destination servers (unless your intent to test F5/load balance setup as well).

Herzel71 · 10-09-2018, 03:22 AM

MensaWater,
Thanks for your reply.
Its so nice to have help.
For the subject.
I agree with you that the F5 is controlling and redirects the url.
But at discussion with my bosses they told me that we need to have separate host for the qa.
It means no F5 involved.
In one host based on it self.
Is it possible?
What shell be the process to do this?

Hope there is solution for that complex problem.

MensaWater · 10-10-2018, 09:30 AM

I wasn't suggesting you need an F5 for QA. I was saying you need to find out which actual Production target server(s) the F5 is sending traffic to when it comes in on the F5 IP, 192.168.20.100. You then need to make a server like one of those (or install the app that those Production servers are using on the QA jboss server itself). If the latter is feasible you could use IP 127.0.0.1 in place of 192.168.20.100. If not you'd use the IP of whatever QA target server you create like the Production target server(s).

e.g.

Production jboss (192.168.20.101) --> F5 (192.168.20.100) -->Prod target Server1 (IP?)
_________________________________________________`->Prod target Server2 (IP?)

QA jboss (192.168.24.103) --> QA target Server (IP?)

Since we don't know what your target servers are behind the F5 we can't tell you what app or database they're running nor whether a copy of that app or database could be co-resident on your QA jboss server.

To restate it the issue here isn't just jboss but rather what jboss is accessing via the F5 in Production so you can try to replicate a similar target in QA without the F5.