You can use either a web server plug-in, a WebSphere® Application Server proxy server,
or a DMZ Secure Proxy Server for IBM WebSphere Application Server to provide session
affinity, failover support, and workload balancing for your WebSphere Application Server topology.
After you install the product, you can set up either a web server
plug-in, a
WebSphere Application Server proxy server, or a DMZ Secure Proxy Server for IBM
WebSphere Application Server to establish communication
between an application and a remote client.
You can also use the on demand router (ODR), that is provided with
the WebSphere eXtended Deployment product, as a reverse proxy between
an HTTP client and a clustered application, or a partitioned application.
See the WebSphere eXtended Deployment Information Center at http://publib.boulder.ibm.com/infocenter/wxsinfo/v7r0/index.jsp
for more information about using ODR.
The traditional topology, using your web server of choice and the
corresponding web server plug-in, is recommended unless:
- You want to use specific features of the ODR or a WebSphere Application Server proxy server.
- You want to use another function, such as Session Initiation Protocol
(SIP) or WS-Addressing affinity/failover, which requires a WebSphere Application Server proxy server.
The following tables compare the core application server frontend
functionality, and the non-core functionality of a web server plug-in
running in a modern web server, such as the IBM HTTP Server, based
on Apache HTTP Server, a WebSphere Application Server proxy server,
and a DMZ Secure Proxy Server for IBM WebSphere Application Server.
Table 1. Core functionality. This table compares
the functionality that a web server plug-in, a WebSphere Application Server proxy server,
and a DMZ Secure Proxy Server for IBM WebSphere Application Server provide.
Functionality |
Web server plug-in used with either
the IBM HTTP Server or the Apache Web Server |
WebSphere Application Server proxy server |
DMZ Secure Proxy Server for IBM WebSphere Application Server |
Session affinity |
Yes |
Yes1, 2 |
Yes1, 2 |
DMZ ready |
Yes |
No |
Yes |
Custom advisors are supported |
No |
Yes |
Yes |
Service Level Agreement (SLA) |
No |
No |
No |
QoS/Throttling |
No |
No |
No |
SIP proxy |
No |
Yes |
Yes |
ESI dynamic Caching |
Yes |
Yes3 |
Yes3 |
Managed from the administrative console |
Yes |
Yes |
Yes4 |
Stream caching (large response caching) |
Yes |
Yes |
Yes |
Dynamically receive management events5 |
No |
Yes |
Yes6 |
Multi cells routing |
No |
Yes7 |
Yes8 |
Performance monitoring |
Yes9 |
Yes10 |
Yes10 |
Load Balancing (weighted round-robin) |
Yes11 |
Yes11 |
Yes11 |
Routing rules are configurable |
No12 |
Yes |
Yes |
Interoperability with WLM |
Yes13 |
Yes14 |
Yes |
Web service affinity and failover |
No |
Yes15 |
No |
Rule expression and custom routing |
No |
Yes16 |
Yes15 |
Generic server cluster (GSC) affinity and failover |
No |
Yes17 |
Yes16 |
Table notes:
- Session affinity is supported for WebSphere Application Server managed resources.
However, some session management custom properties, such as HttpSessionCloneId,
are not supported.
- For generic server routing, where the resources are not WebSphere Application Server managed resources,
active session affinity and passive session affinity need to be configured
under generic server routing action.
- WebSphere Application Server proxy
servers and DMZ Secure Proxy Servers for IBM WebSphere Application Server do not support
fragment caching. Only whole page caching, and the ESI invalidation
servlet are supported.
- Secure proxy profile on a DMZ installation can only be managed
using scripting or an administrative agent. Configuration-only secure
proxy profile can be managed through scripting or the administrative
agent console. If you use an administrative agent console, you must
register a proxy profile with the administrative agent.
- As performed by ODR in a WebSphere Extended Deployment environment.
- Static routing needs to be turned off and core group bridge tunneling
needs to be enabled for both the DMZ Secure Proxy Server for IBM WebSphere Application Server, and the core
group bridge interface for the WebSphere Application Server, Network Deployment cells.
- Requires core group bridge setup between the proxy cell and other
cells.
- Static routing needs to be turned off and core group bridge tunneling
needs to be enabled for both the DMZ Secure Proxy Server for IBM WebSphere Application Server, and the core
group bridge interface for the WebSphere Application Server, Network Deployment cells.
- The web server plug-in statistics are obtained from request metrics.
- WebSphere Application Server proxy
server statistics and DMZ Secure Proxy Server for IBM WebSphere Application Server statistics can
be retrieved from Tivoli performance viewer, ARM, and performance
mBeans.
- Random Load balancing is supported in addition to weighted round
robin.
- Web server plug-in can only do static routing.
- A web server plug-in indirectly has interoperability with WLM
through the exchange of dynamic workload manager (DWLM) Partition
Tables between the web server plug-in and WebSphere Application Server. The plug-in uses
these tables for dynamic routing and failover scenarios within a cluster.
-
The proxy server uses the WebSphere Application Server WLM even if the
proxy server is running on a z/OS operating system. ![[Updated in July 2011]](../../deltaend.gif) jul2011
- The DataPower appliance manager provides faster web service affinity
and failover service than Java proxy provides.
- Rule expression and custom routing allows administrators to override
default WebSphere Application Server routing
behavior. For example, you might not want requests forwarded to server1
in a cluster between 11:00 PM and 12:00 PM because you regularly apply
maintenance to that server during that time interval.
- Proxy server supports load balancing and failover for generic
server clusters with passive and/or active affinity.
|
Table 2. Functionality provided outside of the web server plug-in. This table provides a comparison of the functionality that a
typical web server, that is hosting a web server plug-in, a WebSphere Application Server proxy server,
and a DMZ Secure Proxy Server for IBM WebSphere Application Server provide outside
of the core application server frontend functionality. See your web
server documentation for a complete description of the functionality
that your particular web server provides.
Functionality |
Web server plug-in used with either
the IBM HTTP Server or the Apache Web Server |
WebSphere Application Server proxy server |
DMZ Secure Proxy Server for IBM WebSphere Application Server |
Common Gateway Interface (CGI) |
Yes |
No |
No |
Request URI rewriting |
Yes |
No |
No |
Efficient static file serving |
Yes |
Basic1 |
Basic1 |
Compression |
Yes |
Yes |
Yes |
Response filtering |
Yes |
Yes2 |
Yes2 |
SSL termination |
Yes |
Yes |
Yes |
Cryptographic Accelerator3 |
Yes |
Yes4 |
Yes4 |
FIPS |
Yes |
Yes |
Yes |
Third-party/customer-written plug-ins |
Yes |
No |
No |
Logging |
Yes |
Yes5 |
Yes5 |
Custom Logging |
Yes |
No |
No |
Disk caching |
Yes |
Yes |
Yes |
Asynchronous request handling |
none or partial6 |
Yes7 |
|
Table notes:
- WebSphere Application Server proxy
servers support basic static file serving.
- WebSphere Application Server proxy
servers support HTML link rewriting.
- This functionality only applies to Cryptographic Accelerators
that WebSphere Application Server supports.
See the Supported hardware and software web page .
- The support is provided by IBM JDK/JCE.
- Only NCSA common format is supported.
- The connection between a web server plug-in and an application
server is synchronous and consumes a thread while reading/writing
or waiting for data. See your web server documentation for information
about how your particular web server handles client connections.
- Proxy server is optimized to handle AJAX long polling requests
under large scale deployments.
|