Connecting to multiple UltraESB servers or nodes

for monitoring with UConsole

Overview

1. Starting Uconsole for monitoring

2. Connecting to local instances

3. UltraESB configuration for remote JMX monitoring

4. Connecting to UltraESB instances via remote JMX

5. Management Console Authentication

6. UConsole Settings

a. Servers

b. Users

c. Roles

d. Access Rules

7. Switching between Servers

1.Starting Uconsole for monitoring

Navigate to the management distribution bin directory of the selected UltraESB node and run UConsole. (Make sure you have the execution permission to the uconsole.sh file)

$ cd <path_to_ultraesb>/bin$ ./uconsole.sh

After successfully running, you can access the UConsole management console at https://localhost:8043/uconsole.

You can change the UConsole access properties (e.g. port & host) in UConsole server configuration file ULTRA_HOME/uconsole/conf/jetty.xml.

<Property name="uconsole.port" default="8043"/><Property name="uconsole.host" default="localhost"/>

For SSL configuration, you can edit the properties in file jetty.xml in management distribution uconsole conf directory.

UConsole management console start up view

2. Connecting to local instances

When one or more UltraESB instances are running locally, UConsole can easily connect to locally running UltraESB instances with ‘Local instance’ option.

Local instance option exposes all the available UltraESB instances by their node names. ( Node name of an instance is defined in ULTRA_HOME/conf/ultra-root.xml file under cluster-manager bean as shown below).<bean id="cluster-manager" … <property name="nodeName" value="node1"/>

3. Configuring UltraESB for remote monitoring

Enable JMXUncomment ‘serverConnector’ and ‘registry’ beans ULTRA_HOME/conf/ultra-root.xml

file.

Change the value of the service URL property as necessary (use unique values for JMX port and JNDI port in different UltraESB nodes) in the bean serverConnector.<bean id="serverConnector" … > <property name="serviceUrl" value="service:jmx:rmi://localhost:9994/jndi/rmi://localhost:1099/ultra"/>

Change the value of the port property as necessary (use the same JNDI port) in the bean registry.<bean id="registry" … > <property name="port" value="1099"/>

Make sure configuring ports are opened through the firewall.

User Authentication

UltraESB jmx access authentication and authorization can be done in two ways- Plain text password file based access control- JAAS (e.g. LDAP or ActiveDirectory) based access control

Plain text password file based access control Configure the access.file and the password.file paths as environment properties by

defining under ‘serverConnector’ bean , ‘environment’ property as shown below.<bean id="serverConnector" … > <property name="environment"> … <map> … <entry key="jmx.remote.x.access.file" value="conf/management/jmxremote.access"/> <entry key="jmx.remote.x.password.file" value="conf/management/jmxremote.password"/>

Add the user permissions and username - passwords of users in the above defined files as below

jmxremote.accessadmin readwrite (user admin has read & write permissions for the node)user readonly (user user has read only permissions for the node)

jmxremote.passwordadmin admin (user admin has the password admin for the node)

JAAS (e.g. LDAP or ActiveDirectory) based authentication

To enable LDAP authentication for the ultraesb node, add the environment property ‘ jmx.remote.x.login.config’ by uncommenting the following in ultra-root.xml file.<bean id="serverConnector" … > <property name="environment"> … <map> … <entry key="jmx.remote.x.login.config" value="LdapConfig"/>

Configure the ULTRA_HOME/conf/ldap.conf file to configure the ldap server properties.

If you are using JAAS authentication, make sure you uncomment and edit the following lines of ULTRA_HOME/conf/wrapper.conf as necessary.#wrapper.java.additional.<N>=-Djava.rmi.server.hostname=<your-ip-address>#wrapper.java.additional.<N>=-Djava.security.auth.login.config=conf/ldap.conf

4. Connecting to UltraESB instances via remote JMX from UConsole web-UI

You can connect to an instance using …

JMX service URL - configured under ‘serviceUrl’ property in ultra-root.xml

JMX username, and JMX password - password files based or LDAP server based

5. Management Console AuthenticationUConsole management console authentication configuration is in the file ULTRA_HOME/uconsole/WEB-INF/classes/shiro-users.properties

- Password file based

user.chamath = pass, admin, user (This interprets as user 'chamath' with password 'pass' and roles 'admin' and 'user')role.admin = * (role 'admin' has all permissions)

role.user = user:read (role 'user' is only allowed to 'read' anything with user:)

- LDAP server based

- uncommenting and configuring the relevant fields after following line in the ULTRA_HOME/uconsole/WEB-INF/classes/shiro.ini file

;---- for LDAP / Active Directory ----

5. UConsole settingsAfter logging in to UConsole management console, you can change the monitoring

server in Settings on the top menu bar

Using the Console Settings window, you can edit Servers, Users, Roles, Access Rules

Servers For easy usage later on, you can define a new instance with the JMX parameters

Adding predefined servers from the configuration file

Define nodes in ULTRA_HOME/uconsole/WEB-INF/classes/uconsole.properties file by adding JMX service URL, JMX username, JMX password of each UltraESB nodes as shown belowultra.jmx.url.node1=service:jmx:rmi://localhost:9995/jndi/rmi://localhost:1199/ultraultra.jmx.username.node1=adminultra.jmx.password.node1=admin

Next time you open the UConsole management console in the browser, you'll see the defined instances on login page and in the defined servers page

Users ● You can define management users and their roles for UConsole management

console in the Users tab in Console Settings

● User parameters can also be changed in the configuration file ULTRA_HOME/uconsole/WEB-INF/classes/shiro-users.properties as mentioned earlier

Roles You can define management roles for the users for UConsole management console in

the Roles tab in Console Settings

Role parameters can also be changed in the configuration file ULTRA_HOME/uconsole/WEB-INF/classes/shiro-users.properties as mentioned earlier

Access RulesYou can define management users with their roles for UConsole management console

in the Users tab in Console Settings

Access control rules can also be changed in the configuration file ULTRA_HOME/uconsole/WEB-INF/classes/shiro.inie.g. Access Control entry with Access URL /services/instances/** and Access Rule roles[admin] can be defined in the configuration file as follows

/services/instances/** = roles[admin]

5. Switch between multiple ultraesb servers

UConsole management console provides the facility to switch between UltraESB instances with the Switch Server link on the top menu

Here, you can switch to local instances, defined instances, an instance using Remote JMX URL, username, password

Switch between servers in the same clusterWhen the clustering is enabled for ESBs, users can switch between any other

available UltraESB instances in the same cluster by selecting nodes under ‘Detected Cluster Nodes‘

Thank you