You can create a web server definition in the administrative
console when the web server and the web server plug-in for WebSphere® Application Server are on the
same machine and the application server is on a different machine.
This allows you to run an application server on one platform and a
web server on another platform.
Before you begin
With a remote web server installation, WebSphere Application Server can facilitate plug-in administration functions
and generation and propagation of the plugin-cfg.xml file for IBM® HTTP Server for WebSphere Application Server, but not for other web servers.
Web servers that are not IBM HTTP
Server for WebSphere Application Server must reside
on the same machine as the WebSphere Application Server
(as a managed node) to facilitate plug-in administration functions
and generation and propagation of the plugin-cfg.xml file.
About this task
You can choose a remote web server installation if you
want the web server on the outside of a firewall and WebSphere Application Server on the inside of a firewall. You can create a
remote web server on an unmanaged node. Unmanaged nodes are nodes
without node agents. Because there is no WebSphere Application Server or node agent on the machine that the node represents,
there is no way to administer a web server on that unmanaged node
unless the web server is IBM HTTP Server for WebSphere Application Server. With IBM HTTP Server, there is an administration
server that will facilitate administrative requests such as start
and stop, view logs, and view and edit the
httpd.conf file.
Important: The administration server is not provided
with IBM HTTP Server for WebSphere Application Server which runs on z/OS® platforms.
So, administration using the administrative console is not supported
for IBM HTTP Server for z/OS on
an unmanaged node.
The following steps will create a
web server definition in the default profile. This procedure does
not apply when setting up a remote web server for an i5/OS web server. For information about setting up an i5/OS web server, see the topic entitled Selecting a web server
topology diagram and roadmap.
Procedure
- Install IBM Installation Manager.
- Install your WebSphere Application Server
product.
- Install IBM HTTP Server or another supported
web server.
- Install the web server plug-ins.
- Install the WebSphere Customization Toolbox.
- Configure the web server plug-in using
the Web Server Plug-ins Configuration Tool.
- Configure the web server plug-in.
- Complete the setup by creating the web server definition.
You can use the WebSphere Application Server
administrative console or run the plug-in configuration script:
- Using the administrative console:
- Click System Administration > Nodes
> Add Node to create an unmanaged node in which to define
a web server in the topology.
- Click Servers > Server Types > Web servers > New to launch the Create new web server definition tool. You will create
the new web server definition using this tool. The values are as follows:
- Select appropriate node
- Enter web server properties:
- Type: The web server vendor type.
- Port: The existing web server port. The
default is 80.
- Installation Path: The web server installation
path. This field is required field for IBM HTTP
Server only.
- WINDOWS Service Name: The Windows operating system
service name of the web server. The default is IBMHTTPServer7.0.
- Use secure protocol: Use the HTTPS protocol
to communicate with the web server. The default is HTTP.
- Plug-in installation location: The directory
path where the plug-in is installed.
- Application mapping to the web server:
Whether you want to create a mapping to existing applications that
are currently deployed to the web server. Select ALL if you want the mapping created; select None if you do not want the mapping created.
CAUTION:
If you
have enterprise applications in different security domains when you
create a web server, the Key Database (KDB) files for your security
configuration might not be created if you have Application
mapping to the web server set to All. To resolve this problem, create the web server with Application mapping to the web server set to None. Then map the applications to the web server. All
the KDB files for the web server are then created.
- Enter the remote web server properties. The properties for the IBM HTTP Server administration server follow:
- Port: The administration server port. The
default is 8008.
- User ID: The user ID that is created using
the htpasswd script.
- Password: The password that corresponds
to the user ID created with the htpasswd script.
- Use secure protocol: Use the HTTPS protocol
to communicate with the administration server. The default is HTTP.
- Select a web server template. Select a system template or a user-defined
template for the web server you want to create.
- Confirmation of web server creation.
- Run the plug-in configuration script.
- On the remote web server, run the
setupadm script.
The administration server requires read and write
access to configuration files and authentication files to perform web server configuration data
administration. You can find the
setupadm script in the
<IHS_install_root>/bin directory. The administration
server has to launch
adminctl restart as root to perform successful restarts of
IBM HTTP Server. In
addition to the web server files, you must manually change the permissions to the targeted plug-in
configuration files.
The
setupadm script prompts you for the following input:
- User ID - The user ID that you use to log on to the administration server. The script creates
this user ID.
- Group name - The administration server accesses the configuration files and authentication files
through group file permissions. The script creates the specified group through this script.
- Directory - The directory where you can find configuration files and authentication files.
- File name - The following file groups and file permissions change:
- Single file name
- File name with wildcard
- All (default) - All of the files in the specific directory
- Processing - The setupadm script changes the group and file permissions of
the configuration files and authentication files.
In addition to the web server files, you must change the permissions to the targeted plug-in
configuration files. See the topic on setting permissions manually for
instructions.
- On the remote web server, run the htpasswd script.
The administration server is installed with authentication enabled and a blank
admin.passwd password file . The administration server will not accept a
connection without a valid user ID and password. This is done to protect the IBM HTTP Server configuration file from
unauthorized access.
Launch the htpasswd utility that is shipped with the administration server.
This utility creates and updates the files used to store user names and password for basic
authentication. Locate
htpasswd in the
bin directory.
- htpasswd -cm <install_dir>\conf\admin.passwd
[login name]
- ./htpasswd -cm
<install_dir>/conf/admin.passwd [login
name]
where
<install_dir> is the IBM HTTP Server installation directory
and
[login name] is the user ID that you use to log into the administration
server. The [login name] is the user ID that you entered in the user ID field for the remote web
server properties in the administrative console.
- Start IBM HTTP Server.
Refer to the topic
on starting and stopping the IBM HTTP Server Administration server
for instructions.
What to do next
For a non-IBM HTTP Server web server on an unmanaged node,
you can generate a plug-in configuration, based on WebSphere Application server repository changes. However, the following functions
are not supported on an unmanaged node for a non-IBM HTTP Server web
server:
- Starting and stopping the web server.
- Viewing and editing the web server configuration file.
- Viewing the web server logs.
- Propagation of the web server plugin-cfg.xml file.
You can configure non-IBM HTTP Server
web servers as a local web server on a managed node. For a non-IBM
HTTP Server web server on a managed node, the following functions
are supported:
- Generation of the plug-in configuration, based on WebSphere Application Server repository changes.
- Propagation of the plugin-cfg.xml file, based
on using node synchronization with the WebSphere Application Server node. Node synchronization is necessary in order
to propagate configuration changes to the affected node or nodes.
Note: When WebSphere Application Server is installed
using a stand-alone profile on one machine and IBM HTTP
Server is installed on a different machine as root user using the
administrative server, to ensure that propagation functions correctly,
the root user must manually change the permissions of the plugin-cfg.xml
file to the nonroot user running IBM HTTP
Server from the administrative server. The username and group needed
to start the administrative server are located in the HTTPServer/config/admin.conf
file.
The
plugin-cfg.xml file is propagated
to the application server node repository tree from the deployment
manager repository.
Important: The plugin-cfg.xml file is propagated to the application server node repository tree.
This is not the default plugin-cfg.xml file
installation location. Changes may have to be made to non-IBM HTTP
Server web server configuration files to update the location of the plugin-cfg.xml file that is read by the plug-in module.
For example, Internet Information Services (IIS) has a file name
called
plugin-cfg.loc, which is read by the IIS
plug-in modules to determine the location of the
plugin-cfg.xml file. The
plugin-cfg.loc file has to be updated
to reflect the
plugin-cfg.xml file location in the application
server node repository.
Other non-IBM HTTP Server web servers
have different methods to specify the location of the plugin-cfg.xml file for the plug-in module. However, in order for propagation to
work, update the location to reflect the location in the application
server node repository.
For a non-IBM HTTP Server Web server that
is configured as a local web server on a managed node, the following
functions are not supported:
- Starting and stopping the web server.
- Viewing and editing the configuration file.
- Viewing the web server logs.