Tuxedo Administrator学习笔记

Tuxedo ADS

Administrative Tool:

*   Administration Console: a Web based tool used to monitor application.

*   MIB Application

*   Command-line utilities

UBBCONFIG file, INTERFACES section is for CORBA environment

 

RESOURCE section

*   IPCKEY

*   MASTER: DBBL location at which booting, shutdown, and admin task performed

*   MODEL/OPTION:  BB architecture, SHM or MP, and LAN or MIGRATE options

*   UID, GID and PERM: security access

*   MAXASSESSERVERS: maximum number of processes that can be simultaneously connected to BB

*   MAXSERVERS: maximum number of server table entries in a BB

*   MAXSERVICES: maximum number of service table entries in a BB

*   MAXINTERFACES: maximum number of CORBA interfaces

*   MAXOBJECTS: maximum number of CORBA objects

*   SECURITY, AUTHSVC: security level

*   SEC_PRINCIPAL_NAME, SEC_PRINCIPAL_LOCATION and SEC_PRINCIPAL_PASSVAR: Principal name of the process used for identification, location of private key of principal user, and the environment variable containing the password

*   NOTIFY, USIGNAL: default method for clients to detect unsolicited message

*   SYSTEM_ACCESS: protecting shared memory

*   LDBAL: whether server load balancing is enabled

*   MAXBUFTYPE, MAXBUFSTYPES: maximum number of buffer types and subtypes

*   MAXCONV: maximum number of conversations allowed on a machine

*   MAXNETGROUPS: maximum number of network groups

*   SCANUNIT, SANITYSCAN, BLOCKTIME: Sanity check frequency and amount of time allowed for blocking calls

 

The MODEL parameter specifies whether an application runs on a single processor. It is set to SHM for uni-processors and also for multiprocessors with global shared memory. A MODEL value of MP is used for multiprocessors that do not have global shared memory.

 

Default value for MAXBUFTPE is 8.

Default value for MAXBUFSTYPE is 32.

Default value for MAXSERVER is 50.

Default value for MAXACCESSERS is 50, can overwrite per-machine in MACHINE section.

Default value for MAXSERVICES is 100.

Default value for MAXNETGROUPS is 8.

 

The default for an application that has conversational servers listed in the SERVERS section is 10; otherwise, the default is 1.

 

The amount of shared memory allocated in an application is controlled by the MAXGIT and MAXCONV parameters.

BBL and tmadmin have reserved access slots to the bulletin board.

 

The system allocates one semaphore for each access slot to the bulletin board. A semaphore is a latch circuit that prevents more than one process from accessing the same shared memory in the bulletin board at the same time.

 

For Tuxedo release prior to 7.1, both the MAXACCESSERS and MAXSERVERS parameters for an application play a part in the user license checking scheme. After 7.1, only two factors are checked: the number of user licenses for an application and the number of license currently in use for the application.

 

Load balancing is not appropriate for services offered by only one server, or by servers in an MSSQ set.

 

Periodically every 120 seconds by default, the BBL checks the sanity of the servers on its machine.

 

Non-transactional blocking time values can be set on a per service, per ATMI call, and per context basis. These block time values override the system-wide default BLOCKTIME values set in the RESOURCES section of UBBCONFIG file.

 

When using tpacall, tpconnection or tpsend, the timeout applies only to the period during which the request waits to get on the queue if the queue if full. When using tpgetrply or tprecv call to receive a message, the timeout specifies how long the client may wait for the incoming message if its queue is empty.

 

The default UID and GID are the user ID and group ID of the person who runs the tmloadcf. On Windows, this value must be set to 0. (can overwrite the values per MACHINE section)

 

The PERM is an octal number that specifies permission for the IPC resources created when the application is booted. Default value is 0660, which gives read/write access to all.

 

When SECURITY is set, a client must supply a password when joining the application.

AUTHSVE sets the maximum level of security, when it is set, any client request to join the application is sent to an authentication service (may be a third-party vendor service). This level of security cannot be used unless the SECURITY parameter is set.

 

LAUTHSVR must be set in the SERVERS section of the UBBCONFIG file to enable LDAP single security administration.

 

The IPCKEY, in SHM mode, names the bulletin board, in MP mode, names the message queue of DBBL. The value must be an integer in the range 32769 to 262144.

 

You can select the default method by which clients receive unsolicited messages by setting the NOTIFY parameter, however, client can override this choice. Possible methods:

*   IGNORE

*   DIPIN: only when client call tpchkunsol or when make an ATMI call will receive message

*   SIGNAL: clients receive unsolicited messages by having the system generate a signal that has the signal handler call the function, that is, set with tpsetunsol() method

*   THREAD: unsolicited messages are handled by a separate thread managed by Tuxedo system

Note: not available on all platforms.

 

MACHINES section

*   MAXACLCACHE: the number of entries in the cache used for ACL entries when SECURITY is set to ACL or MANDATORY_ACL. (default: 10)

*   NETLOAD: the additional load to be added when computing the cost of sending a service request from this machine to another machine. (default: 0)

*   LMID: it is the logical machine name for a physical processor

*   SPINCOUNT: the number of attempts that should be made at user level to lock the bulletin board before blocking processes on a UNIX semaphore.

*   TYPE: used for grouping machines into classes

*   TUXCONFIG

*   MAXCONV

*   TLOGSIZE: the numeric size in pages of the DTP transaction log for this machine

*   TLOGNAME: the name of DTP transaction log for this machine

*   ENVFILE

*   MAXACCESSERS

*   MAXOBJECTS

*   MAXGIT: the maximum number of simultaneous global transactions in which a particular machine can be involved.

*   MAXWSCLIENTS: the number of accesser entries on this processor to be reserved for WS Client.

*   MAXPENDINGBYTES: a limit for the amount of space that can be allocated for messages waiting to be transmitted by the bridge process.

*   TLOGOFFSET: the numeric offset in pages

*   TUXOFFSET: the numeric offset in pages to the start of Tuxedo filesystem that contains the TUXCONFIG file for this machine.

*   GID: can between 0001 and 0777

*   PERM

*   UID

*   SEC_PRINCIPAL_NAME, SEC_PRINCIPAL_LOCATION, SEC_PRINCIPAL_PASSVAR

*   TUXDIR

*   CMPLIMIT: the threshold message size for messages-bound to remote process and local processes, on which automatic data compression will be performed

*   ULOGPFX

 

For some operation, such as service name lookups and transactions, the bulletin board must be locked for exclusive access: that is, it must be accessible by only one process. If a process or thread finds that the bulletin board is locked by another process or thread, it retries, or spins on the lock for SPINCOUNT number of times before giving up and going to sleep on a waiting queue.

 

A SPINCOUNT value of 1 is appropriate for uni-processors.

On multiprocessors, a good starting value is 5000, but some customers have benefited from a SPINCOUNT value as high as 100000.

 

If the two machines have the same TYPE value, data encoding/decoding is not performed when data is sent between the machines.

 

If a value not specified, the default is the null string, which matches any other entry for which a value has not been specified.

 

The system set TUXDIR and APPDIR for each process, so these parameters should not be specified in ENVFILE.

 

Use the MAXGIT parameter to indicate the maximum number of simultaneous global transactions in which a particular machine can be involved. The value must be a number greater than or equal to 0, and less than 32768.

 

The MAXWSCLIENTS takes a portion of the total accesser slots specified with MAXACCESSERS.

Use the MAXPENDINGBYTES to define a limit for amount of space that can be allocated for messages waiting to be transmitted by the BRIDGE process.

 

Every Tuxedo filesystem has a Volume Table of Contents (VTOC): a list of the files on the devices named in the Universal Device List (UDL). The UDL specifies the location of the physical storage together on the same raw disk slice or operating system filesystem file.

 

GROUPS section

*   GRPNO

*   CLOSEINFO: the RM dependent information needed when closing the RM

*   OPENINFO: the RM dependent information needed when opening the RM

*   TMSCOUNT: the number of TMS server to start for the group

*   SEC_PRINCIPAL_NAME, SEC_PRINCIPAL_LOCATION, SEC_PRINCIPAL_PASSVAR

*   ENVFILE

*   LMID

*   TMSNAME

 

The default for TMSCOUNT is 3, minimum value is 2 and the maximum value is 256, and the servers are set up in an MSSQ set automatically.

 

NETWROK section

*   BRIDGE: the device name to be used by the BRIDGE process placed on that LMID to access the network.

*   NADDR: the complete network address to be used by the BRIDGE process, that is, the listening address on the LMID

*   MINENCRYPTBITS

*   MAXENCRYPTBITS

*   NLSADDR: the network address used b the tlisten process servicing the network on the node identified by the LMID

 

If you are using TCP/IP, you do not need to specify the device name for the BRIDGE, since the default is /dev/tcp.

 

NETGROUPS section:

*   MAXNETGROUPS: allow more net groups to be defined than the default(8), specified in the RESOURCE section.

*   MAXPENDINGBYTES: the maximum size of data waiting for the network to become available. Specified in the MACHINES section.

*   NETGROUP

*   NETGRPNO

*   NETPRIO

 

SERVERS section:

*   CONV: whether the server is a conversational server.

*   SEC_PRINCIPAL_NAME, SEC_PRINCIPAL_LOCATION, SEC_PRINCIPAL_PASSVAR

*   SEQUENCE: when this server should be booted or shutdown relative to other servers

*   MIN

*   MAX

*   CLOPT: a list of servopts option to be passed to a server process at boot time.

*   ENVFILE: if migrate server, the ENVFILE must be in the same location on both machines

*   SRVGRP

*   SRVID

*   RQADDR: the symbolic name of the request queue for the process

*   RQPERM: the numeric permissions on the request queue

*   REPLYQ: whether a reply queue should be established for the process

*   RPPERM: the numeric permission on the reply queue

*   RCMD: the command should be executed when the process abnormally terminates, if the process is restartable.

*   MAXGEN: the maximum number minus one time that the process can be restarted within the period specified by GRACE, if the process is restartable.

*   GRACE: specifies that the process can have up to MAXGEN lives within the specified number of seconds, if the process is restartable.

*   RESTART

*   SYSTEM_ACCESS: the default mode used by Tuxedo system libraries within application processes to gain access to internal tables

*   MINDISPATCHTHREADS

*   MAXDISPATCHTHREADS

*   THREADSTACKSIZE: the stack size in bytes for each server thread after the initial thread, if not specified or as 0, the OS default is used.

*   LAUTHSVR: the WebLogic Server embedded LDAP-based authentication server. It is a System /T provided server that offers the authentication service while the user security information is located in WLS.

 

A server with a smaller SEQUENCE value is booted before a server with a larger value.

If RQADDR is specified and MIN>1, an MSSQ set is created.

 

CLOPT option:

*   -o filename: Redirect standard output to file filename

*   -e filename: Redirect standard error to file filename

*   -s services: Advertise services.

*   -r: Specify that server should log the service performed

*   -v: Print out the list of the service name/function name to standard output. Can only used when manually invoking the server.

 

SYSTEM_ACCESS option:

*   PROTECTED indicates that the server may not attach to shared memory outside of system code

*   FASTPATH indicates that the server will attach to shared memory at all times.

*   NO_OVERRIDE is specified in the RESOURCES, this parameter is ignored.

 

Note: Tuxedo system runs more slowly when a value of PROTECTED is set.

 

SERVICES section:

*   AUTOTRAN

*   BUFTYPE: a list of types and subtypes of data buffers accepted by this service

*   LOAD: a load factor to be imposed on the system by SVCNAM

*   ROUTING

*   SRVGRP: the name of the server group from which SVCNAM gets all group parameter settings

*   PRIO: the dequeue priority of SVCNM

*   BLOCKTIME: non-transactional blocking time

*   SVCTIMEOUT: the amount of time, that is allowed for processing service

*   TRANTIME

 

With the BUFTYPE parameter, you can tune a service to check buffer types independently of the service code. Format: type [:subtype[, subtype]]

 

The SVCTIMEOUT parameter allows you to designate an amount of time in which a service should be able to process a request. By default, Tuxedo system does not terminate any service process. You can assign a value to the SVCTIMEOUT parameter in the UBBCONFIG file or by dynamically changing the TA_SVCTIMEOUT attribute in TM_MIB.

 

Higher priority services are dequeued before lower priority services, but the system dequeues every tenth request in FIFO order to prevent a message from waiting indefinitely on the queue.

 

ROUTING section:

*   RANGES

*   criterion_name: must be string with a maximum length of 15.

*   TYPE

*   FIELD: name of routing field

*   BUFTYPE: a list of types and subtypes of data buffers for which this routing entry is valid.

 

FIELDTYPE is used only for routing XML buffers. It indicates the type of the routing field specified in FIELD.

 

CMTRET: indicate the initial setting of the TP_COMMIT_CONTROL characteristic as one of the following: LOGGED; COMPLETE. If any RM in the application use the late commit implementation of the XA standard, the setting should be COMPLETE.

 

The Universal Device List(UDL) is a map of Tuxedo filesystem. The UDL gets loaded into shared memory when an application is booted. The TLOG refers to a log in which information about transaction is kept until the transaction is completed.

 

To create UDL, enter the command:     tmadmin –c crdl –z config –b blocks

Note: if the value of blocks is less than the value of TLOGSIZE, you risk a performance degradation.

 

Before starting a Domain gateway group, you must create a Domains transaction log with the following command: dmadmin crdmlog crdlog –d local_domain_name

 

The Tuxedo system provides a null transaction manager server called TMS, which is used by groups that participate in transactions, but do not use an RM. This TMS server does not communicate with any resource manager, it simply manages transactions without communicating with an RM.

 

Domain Transaction Option (DM_LOCAL)):

*   DMTLOGDEV: contains the Domains transaction log for this machine. The DMTLOG is stored as a Tuxedo VTOC table on the TLOGDEVICE. If this parameter is not specified, the Domains gateway group is not allowed to process requests in transaction mode. Local domains running on the same machine can share the same DMTLOGDEV filesystem, but a separate log table in the DMTLOGDEV.

*   DMTLOGNAME: name of Domain transaction log. Default value is DMTLOG.

*   DMTLOGSIZE: The size, in pages, of the Domain transaction log for this machine. Default is 100 pages. The number of domains in a transaction determines the number of pages you must specify in the DMTLOGSIZE parameter. There is no one-to-one mapping between transactions and log pages.

*   MAXRAPTRAN: maximum number of domains that can be involved in a transaction.

*   MAXTRAN: maximum number of simultaneous global transactions allowed in this local domain.

 

Tuxedo 10.0 provides Transaction Monitor support for Oracle RAC by allowing an administrator to specify lists of groups associated with different RAC instances. This allows Tuxedo to ensure that groups associated with different instance of the same RAC database do not participate in the same transaction.

 

Tuxedo 10.0 supports Oracle RAC only when using Oracle 10g, and does not support Oracle RAC when using Oracle 9i. For Oracle 10R1, patch set 10.1.0.3 or above is required, and for Oracle 10gR2, patch set 10.2.0.2 or above is required.

 

Three environment variables:

*   TUXRACGROUPS

*   XARETRYDURATIONSECONDS

*   XARETRYINTERVAL

 

One Command: TMS_rac_refresh

 

Oracle 10gR1 does not allow the same database to be accessed from multiple RAC instances within the same XA transaction. In addition, Oracle 10gR1 requires Transaction Monitor involvement when prepared transactions failover from one RAC instance to another.

 

 

你可能感兴趣的:(server,Security,service,application,System,transactions)