Top Banner

ZeroPoint Application Server Configuration

Configuring ZAppSvr

Setting up ZAppSvr is not very difficult, but there are a lot of options and features that require some explanation in order for you to get the maximum benefit from using ZAppSvr. There are many potential uses for ZAppSvr so first we will examine configurable parameters, options, features. Then we will show you specific examples for solving popular implementation problems.

As you can see, configuring ZAppSvr is not difficult and there are many useful options provided. These features are designed to be simple to implement and execute as quickly as possible. With ZAppSvr you can solve a wide range of real-world issues that can make your network scalable, secure, and easier to manage.

The main configuration panel (Options->Base Configuration) is the place to start ZAppSvr configuration.

  • Use Application Plugin - Check this if you are using ZAppSvr as an application server. You will need to have your PlugIn in a jar that is in the classpath.

  • Force No Cache Directive - is usually used when you are operating an application service to signal internet caching systems NOT to cache what is dynamic content.

  • Plugin Pool Size is where you set how many threads you want to have in memory ready for use. By monitoring your web activity you can see how many concurrent requests you see when your site is active. We suggest you use a settting equal to twice the highest number of concurrent requests your site receives.

  • Max Thrds is a limit you can set that allows threads to be created temporarily to handle unforeseen volume, but which are removed after the peak activity has passed. Depending on the memory used by your Plugin and the capacity of your server you may set this to 5-10 times the pool size.

  • Max Log Size - Depending on your needs to can set up a log for later traffic analysis.

ZAppSvr Base Cfg Screen

It is advisable to use ZAppSvrRC (The remote program) for configuration. It will always be usable on the server, but the remote program can be used anywhere that can access the server's IP address. The Remote program needs an IP address, port, and remote security string in order to access the server. You must also allow remote configuration changes before anyone can change server settings.

Remote Address and Port configure the Remote Control port of ZAppSvr. You can use this feature to remotely monitor ZAppSvr, and if the Allow Remote Configuration Changes checkbox is checked, remotely modify server parameters. A highly secure key-pair encryption system keeps the data from being intercepted, or accessed. If you set the ip address to localhost, it becomes inaccessible from the outside. The Remote Security String is part of the encryption system, and must match the key in use on the remote client.

ZAppSvr Remote Access Cfg

SSL Certificate Installation

ZAppSvr is a java server, so you'll need a jks compatible certificate. Setting up SSL is very simple. In this case al you need to do is modify ZAppSvrConfiguration.cfg

The beginning of the file is where you set up the certificate.

#ZAppSvr Configuration File
#Date Modified: 2017/11/22 13:48:07
SSLPwd=MySSLPasswordGoesHere
SSLKeyStorePwd=MyKeyStorePasswordGoesHere
SSLCertificatePath=certs/domain.keystore

The SSL Listeners are defined later in the cfg file.

[No-Cache Filter List]

[Listener List]
127.0.0.2:80

[SSL Listener List]
127.0.0.2:443

[Robot Filter List]

Restart ZAppSvr.

Remote Address and Port configure the Remote Control port of ZAppSvr. You can use this feature to remotely monitor ZAppSvr, and if the Allow Remote Configuration Changes checkbox is checked, remotely modify server parameters. A highly secure key-pair encryption system keeps the data from being intercepted, or accessed. If you set the ip address to localhost, it becomes inaccessible from the outside. The Remote Security String is part of the encryption system, and must match the key in use on the remote client.

ZAppSvr Groups and Targets Configuration

This configuration tool is used to configure load balancing for stateful and stateless server groups. There is no programmatical limit on the number of groups or targets that can be configured. There is a logical limit imposed by how many requests per second that can be serviced by ZAppSvr. This is a function of computer power and Plugin complexity (if used). On a generic 1800 MHz Athlon box we’ve seen >1250 requests per second. On a really fast box the number of requests/second that can be processed will be much higher. Using multiple listeners with multiple network cards should increase throughput as well. (This reduces latency caused by network connection setup time.)

The ZappSvrGroup.cfg file must exist in order for Groups and Targets Configuration to work properly. A sample file is included in the current distribution file.

In a mixed environment with varying load, and differing computer power, you can assign different numbers of servers per group.

CPU Speed and the number of processors are used to determine the relative computing power of members of the server groups. Requests are routed to servers that appear to offer the greatest uncommitted resources, for optimum throughput.

Intuitively you can see that if under load on server is not as busy as it should be, raising CPU speed slightly will encourage ZAppSvr to use that server more often. As a general rule the best thing to do is just configure the correct server CPU speed and number of processors and forget about ‘tweaking’. On average load balance performance will be excellent.

Group List is a list of all the currently defined server groups. The Target Server List lists all the servers assigned to that group. A server may be included in multiple groups. There must be at least one server in each group.

Load balancers need to be able to route stateful requests back to the server that they connected to originally. This is accomplished by using a Session ID Cookie Name. The incoming request identifies which server group the request should be returned to, and the proper member of the group will receive the request. The Session Timeout in Min sets the session timeout.

When you do not specify a cookie name, the server group will do stateless load balancing. The ‘-‘ just indicates that no cookie is assigned.

Target Host Name will reassign the “Host:” header to a different host name. This can be a useful feature for easy site mirroring of static content, etc.

Configuration Dialogs

Cache Configuration

Maximum Allocated Memory allows you to determine how much memory you would like to dedicate to caching static content, like images, pages, etc.

Max File Size To Cache sets the maximum file size and Cache Object Timeout sets the timeout on objects to be stored in cache.

The Set Button stores the values you have selected.

IP Address Filter Settings

This screen allows you to eliminate requests from specific IP addresses. You can also filter octet blocks with partial addresses. For example 64.187.217. will filter out addresses from 64.187.217.0 to 64.187.217.255

This has proven to be a great way to block someone who is snooping around the site looking for unprotected goodies to download. Using IPTables or firewall settings might be better, but this is a very quick way to handle emergencies.

 

Address Block
Listeners Dialog

Listener Settings

This tool allows you to easily add and remove listeners.
To add a new listener, (ServerSocket) just specify it in ipaddress:port form.
The new listener will start right up without restarting ZAppSvr. You can use as many listeners as you want.

You can choose 0.0.0.0 as the IP Address of the listener, which will cause ZAppSvr to listen on all available interfaces on the specified port.

Always specify the port.

 

Authentication Settings

This list allows you to specify what requests are going to be routed into your Plugin for processing. The request can be specified in one of four ways. Authentication implies that these requests must be processed by the plugin prior to delivery.

  • Starts With - begins without an asterisk
  • Ends With - ends without an asterisk
  • Contains - starts and ends with an asterisk
  • Exact - starts and ends without an asterisk

As you can see from the samples shown, you must specify what file types you’re going to process. Without this information, your Plugin will never execute.
When parsing this information, the HTTP/1.x is stripped from the request and can be disregarded.

For example, if you do not include .gif files in this list, all gif files will be considered cacheable. Cacheing of static objects will occur so long as cache memory is allocated and they are NOT specified in this list.

Specifying graphic file extensions here implies that authentication by the plugin is required before the file can be delivered.

Process Dialog
No Cache Dialog

Do Not Cache Filters

This is an exception list. Even though the gif extension is normally cacheable, we are choosing to make roses.gif non-cacheable.

If you are creating dynamic images on the fly, for example, you can say that 'dynamicImage.jpg' should not be cached, so that the request is not intercepted and processed by the caching system.

Request Filter Settings

Some requests are malicious, obsolete, or just a waste of resources. In these cases we can configure which requests are to be ignored outright, as quickly as possible.

Request Filters Dialog

©Copyright 2017, ZeroPoint, LLC.      Questions? Comments? Email Us.