Server properties file

The server properties file contains several properties that define different settings for your server, such as trace settings, logging, and security configuration. The server properties file is used by the catalog service and container servers.

Sample server properties file

You can use the sampleServer.properties file that is in the extremescale_root/properties directory to create your properties file.

Specifying a server properties file

You can specify the server properties file in one of the following ways. Specifying a setting by using one of the items later in the list overrides the previous setting. For example, if you specify a system property value for the server properties file, the properties in that file override the values in the objectGridServer.properties file that is in the classpath.
  1. As a well-named file in the classpath. If you put this well-named file in the current directory, the file is not found unless the current directory is in the classpath. The name that is used follows:
    objectGridServer.properties
  2. As a system property in either a stand-alone or WebSphere® Application Server configuration that specifies a file in the system current directory. The file cannot be in the classpath:
    -Dobjectgrid.server.props=file_name
  3. As a parameter when you run the startOgServer command. You can override these properties manually to specify a file in the system current directory:
    -serverProps file_name
  4. As a programmatic override using the ServerFactory.getServerProperties and ServerFactory.getCatalogServerProperties methods. The data in the object is populated with the data from the properties files.

Server properties

General properties
workingDirectory
Specifies the location to where the container server output is written. When this value is not specified, the output is written to a log directory within the current directory. This property applies to both the container server and the catalog service.

Default: no value

minThreads
Specifies the minimum number of threads used by the internal thread pool in the run time for built-in evictors and DataGrid operations.

Default: 10

maxThreads
Specifies the maximum number of threads used by the internal thread pool in the run time for built-in evictors and DataGrid operations.

Default: 50

traceSpec
Enables trace and the trace specification string for the container server. Trace is disabled by default. This property applies to both the container server and the catalog service.

Default: *=all=disabled

traceFile
Specifies a file name to write trace information. This property applies to both the container server and the catalog service.
systemStreamToFileEnabled
Enables the container to write the SystemOut, SystemErr, and trace output to a file. If this property is set to false, output is not written to a file and is instead written to the console.

Default: true

enableMBeans
Enables ObjectGrid container Managed Beans (MBean). This property applies to both the container server and the catalog service.

Default: true

serverName
Sets the server name that is used to identify the server. This property applies to both the container server and the catalog service.
zoneName
Set the name of the zone to which the server belongs. This property applies to both the container server and the catalog service.
haManagerPort
Synonymous with peer port. Specifies the port number the high availability manager uses. If this property is not set, the catalog service generates an available port automatically. This property applies to both the container server and the catalog service.
listenerHost
Specifies the host name to which the Object Request Broker (ORB) should bind. This property applies to both the container server and the catalog service.
listenerPort
Specifies the port number to which the Object Request Broker (ORB) should bind. This property applies to both the container server and the catalog service.
JMXServicePort
Specifies the port number on which the MBean server should listen. This property applies to both the container server and the catalog service.
Container server properties
statsSpec
Specifies the stats specification for the container server.

Example:

all=disabled

memoryThresholdPercentage
Sets the memory threshold for memory-based eviction. The percentage specifies the maximum heap that should be used in the Java™ virtual machine (JVM) before eviction occurs. The default value is -1, which indicates that the memory threshold is not set. If the memoryThresholdPercentage property is set, the MemoryPoolMXBean value is set with the provided value. See MemoryPoolMXBean interface in the Java API specification for more information. However, eviction occurs only if eviction is enabled on an evictor. To enable memory based eviction, see Evictors. This property only applies to a container server.
catalogServiceEndPoints
Specifies the end points to connect to the catalog service cluster. This value should be in the form host:port<,host:port> where the host value is the listenerHost value and the port value is the listenerPort value of the catalog server. This property only applies to a container server.
Catalog service properties
domainName
Specifies the domain name that is used to uniquely identify this catalog service grid to clients when routing to multiple domains. This property only applies to the catalog service.
enableQuorum
Enables quorum for the catalog service. Quorum is used to ensure that a majority of the catalog service grid is available before allowing modification to the placement of partitions on available container servers. To enable quorum, set the value to true or enabled. The default value is disabled. This property only applies to the catalog service.
catalogClusterEndpoints
Specifies the catalog service grid end points for the catalog service. This property specifies the catalog service end points to start the catalog service grid. Use the following format:
serverName:hostName:clientPort:peerPort<serverName:hostName:clientPort:peerPort>
This property only applies to the catalog service.
heartBeatFrequencyLevel
Specifies how often heartbeats occur. The heartbeat frequency level is a trade-off between use of resources and failure discovery time. The more frequently heartbeats occur, more resources are used, but failures are discovered more quickly. This property applies only to the catalog service. Use one of the following values:
  • 0: Specifies a heartbeat level at a typical rate. With this value, failover detection occurs at a reasonable rate without overusing resources. (Default)
  • -1: Specifies an aggressive heartbeat level. With this value, failures are detected more quickly, but also uses additional processor and network resources. This level is more sensitive to missing heartbeats when the server is busy.
  • 1: Specifies a relaxed heartbeat level. With this value, a decreased heartbeat frequency increases the time to detect failures, but also decreases processor and network use.

Security server properties

The server properties file is also used to configure eXtreme Scale server security. You use a single server property file to specify both basic the properties and security properties.
General security properties
securityEnabled
Enables the container server security when set to true. The default value is false. This property should match the securityEnabled property that is specified in the objectGridSecurity.xml file that is provided to the catalog server.
credentialAuthentication
Indicates whether this server supports credential authentication. Chose one of the following values:
  • Never: The server does not support credential authentication.
  • Supported: The server supports the credential authentication if the client also supports credential authentication.
  • Required: The client requires credential authentication.
See Application client authentication for details about credential authentication.
Transport layer security settings
transportType
Specifies the server transport type. Use one of the following values:
  • TCP/IP: Indicates that the server only supports TCP/IP connections.
  • SSL-Supported: Indicates that the server supports both TCP/IP and Secure Sockets Layer (SSL) connections. (Default)
  • SSL-Required: Indicates that the server requires SSL connections.
SSL configuration properties
alias
Specifies the alias name in the key store. This property is used if the key store has multiple key pair certificates and you want to select one of the certificates.

Default: no value

contextProvider
Specifies the name of the context provider for the trust service. If you indicate a value that is not valid, a security exception results that indicates that the context provider type is incorrect.

Valid values: IBMJSSE2, IBMJSSE, IBMJSSEFIPS, and so on.

protocol
Indicates the type of security protocol to use for the client. Set this protocol value based on which Java Secure Socket Extension (JSSE) provider you use. If you indicate a value that is not valid, a security exception results that indicates that the protocol value is incorrect.

Valid values: SSL, SSLv2, SSLv3, TLS, TLSv1, and so on.

keyStoreType
Indicates the type of key store. If you indicate a value that is not valid, a runtime security exception results.

Valid values: JKS, JCEK, PKCS12, and so on.

trustStoreType
Indicates the type of trust store. If you indicate a value that is not valid, a runtime security exception results.

Valid values: JKS, JCEK, PKCS12, and so on.

keyStore
Specifies a fully qualified path to the key store file.

Example:

etc/test/security/client.private

trustStore
Specifies a fully qualified path to the trust store file.

Example:

etc/test/security/server.public

keyStorePassword
Specifies the string password to the key store. You can encode this value or use the actual value.
trustStorePassword
Specifies a string password to the trust store. You can encode this value or use the actual value.
clientAuthentication
If the property is set to true, the SSL client must be authenticated. Authenticating the SSL client is different from the client certificate authentication. Client certificate authentication means authenticating a client to a user registry based on the certificate chain. This property ensures that the server connects to the right client.
SecureTokenManager setting
The SecureTokenManager setting is used for protecting the secret string for server mutual authentications and for protecting the single sign-on token.Grid security
secureTokenManagerType
Specifies the type of SecureTokenManager setting. You can use one of the following settings:
  • none: Indicates that no secure token manager is used.
  • default: Indicates that the token manager that is supplied with the WebSphere eXtreme Scale product is used. You must provide a SecureToken key store configuration.
  • custom: Indicates that you have your own token manager that you specified with the SecureTokenManager implementation class.
customTokenManagerClass
Specifies the name of your SecureTokenManager implementation class, if you have specified the SecureTokenManagerType property value as custom. The implementation class must have a default constructor to be instantiated.
customSecureTokenManagerProps
Specifies the custom SecureTokenManager implementation class properties. This property is used only if the secureTokenManagerType value is custom. The value is set to the SecureTokenManager Object with the setProperties(String) method.
Secure token key store configuration
secureTokenKeyStore
Specifies the file path name for the keystore that stores the public-private key pair and the secret key.
secureTokenKeyStoreType
Specifies the keystore type, for example, JCKES. You can set this value based on the Java Secure Socket Extension (JSSE) provider that you use. However, this keystore must support secret keys.
secureTokenKeyPairAlias
Specifies the alias of the public-private key pair that is used for signing and verifying.
secureTokenKeyPairPassword
Specifies the password to protect the key pair alias that is used for signing and verifying.
secureTokenSecretKeyAlias
Specifies the secret key alias that is used for ciphering.
secureTokenSecretKeyPassword
Specifies the password to protect the secret key.
secureTokenCipherAlgorithm
Specifies the algorithm that is used for providing a cipher. You can set this value based on the Java Secure Socket Extension (JSSE) provider that you use.
secureTokenSignAlgorithm
Specifies the algorithm that is used for signing the object. You can set this value based on the JSSE provider that you use.
Authentication string
authenticationSecret
Specifies the secret string to challenge the server. When a server starts, it must present this string to the president server or catalog server. If the secret string matches what is in the president server, this server is allowed to join in.