Sybernet / Inside Sybernet
Release 3.00
July 18, 2009
backwards forwards

INSIDE SYBERNET

The following diagram is more complicated than it looks, but does illustrate how Sybernet is configured for high availability at SRI. The Content Switch directs or redirects users to a copy of Sybernet residing on one of three hosts: applications1.sri.com, applications2.sri.com, and applications3.sri.com. Should one of these hosts be taken off line, the Content Switch redirects you to whatever resource is available.

Close inspection reveals that it's possible to connect to any instance of Oracle from any copy of Sybernet.





--------------------------------------------------------------------------------

applications.sri.com

In general, the directory structure and contents must be the same among all copies of Sybernet. Some of this information is shared in real time, some of this information is rsynched, and some of this information must be manually synched from our development server; for example, since multiple copies of Sybercron are running from different hosts, its output (if any) is written to /home/sybernet/SCRIPTS. You also can't copy a new version of Sybernet from our development server unless you first stop Sybernet on each of these hosts.

If you are running the SSL version of Sybernet, you not only need to keep the server certificates current, but also the client certificates. Client certificates reside on other hosts besides applications.sri.com. More about this below.

goto

Currently, there are three environments:


To work in one of these environments you want to use this script to initialize that environment; for example, if you want to work in the sybase environment, you want to enter

source goto sybase

In general, all compilations occur from /home/sybernet/oracle/develop. To compile the contact.cgi (for example) which is not SSL aware and resides in the cgi-bin directory for sybase (port 80), you would want to to do something like the following:

cd
source goto sybase
cd /home/sybernet/oracle/develop
compile oracle contact
cd
source goto oracle

But if you are compiling the SSL version of Sybernet or Sybercron (the default), your home environment should already be available (and if not you will be notified when you log in). To compile Sybernet (for example), all you need to enter is the appropriate compile command:

compile oracle server

In each case, no matter what you are compiling, a backup copy of the current software is created. In the case of Sybernet, this step will fail and Sybernet is not restarted if you haven't shut down Sybernet. See stop (below).

status

This script can be run to determine the active status of Sybernet and Sybercron. The information displayed, however, is determined by the size of your terminal window. This is what a typical display looks like:

status
---------------------------------------------------------------------------------------------------------------

                                               Sybercron Status

                                                      for

                                                spock1.sri.com

---------------------------------------------------------------------------------------------------------------
18741/18741 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORADEV -C 444 -T 60   |    5329|    00:07:20|  7-22:36:10|
18760/18760 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORAPROD -C 445 -T 60  |    5148|    00:07:19|  7-22:36:05|
18768/18768 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORADSSP -C 444 -T 60  |    5240|    00:07:20|  7-22:36:00|
18778/18778 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORACARDP -C 445 -T 60 |    4955|    00:07:19|  7-22:35:55|
18788/18788 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORAHRPAY -C 444 -T 60 |    5216|    00:03:50|  7-22:35:50|
18798/18798 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORATEP -C 445 -T 60   |    5358|    00:07:18|  7-22:35:45|
18808/18808 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORACONP -C 444 -T 60  |    5392|    00:07:19|  7-22:35:40|
18833/18833 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORADOCSP -C 445 -T 60 |    5392|    00:07:18|  7-22:35:35|

8 Sybercron tasks
---------------------------------------------------------------------------------------------------------------

                                                Sybernet Status

                                                      for

                                                spock1.sri.com

---------------------------------------------------------------------------------------------------------------
18590/18590 (SYBERNET)BIN/SYBERNET SPOCK1.SRI.COM 443                     |    5695|    00:01:30|  7-22:36:15|
18604/18604 (SYBERNET)BIN/SYBERNET SPOCK1.SRI.COM 444                     |    6303|    00:12:19|  7-22:36:13|
18618/18618 (SYBERNET)BIN/SYBERNET SPOCK1.SRI.COM 445                     |    6563|    00:13:19|  7-22:36:12|

3 Sybernet tasks

stop_sybercron (safe)

This script stops Sybercron if it is running. If Sybercron is busy with one or more tasks, this script will wait until all copies of Sybercron have completed. If you need to bring Sybercron down immediately, you must kill it yourself or kill the process that is running in your database.

stop_sybercron
18741/18741 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORADEV -C 444 -T 60   |    5329|    00:07:20|  7-22:36:48|
18760/18760 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORAPROD -C 445 -T 60  |    5148|    00:07:19|  7-22:36:43|
18768/18768 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORADSSP -C 444 -T 60  |    5240|    00:07:20|  7-22:36:38|
18778/18778 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORACARDP -C 445 -T 60 |    4955|    00:07:19|  7-22:36:33|
18788/18788 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORAHRPAY -C 444 -T 60 |    5216|    00:03:50|  7-22:36:28|
18798/18798 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORATEP -C 445 -T 60   |    5358|    00:07:18|  7-22:36:23|
18808/18808 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORACONP -C 444 -T 60  |    5392|    00:07:19|  7-22:36:18|
18833/18833 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORADOCSP -C 445 -T 60 |    5392|    00:07:18|  7-22:36:13|
Waiting for Sybercron to stop...

If you want to stop one copy of Sybercron, you can safely do this by passing the database name:

stop_sybercron oraprod
05732/05732 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORAPROD -C 445 -T 60  |    4994|    00:25:01| 27-01:08:17|
Waiting for Sybercron (oraprod) to stop...
Sybercron (ORAPROD) has stopped.

start_sybercron (safe)

This script will start all copies of Sybercron. Since it calls stop_sybercron which waits until all running copies have completed, you can safely call start_sybercron at anytime.

start_sybercron
Sybercron -X -I SPOCK1 -S ORADEV     -C 444 -T 60
Sybercron -X -I SPOCK1 -S ORAPROD    -C 445 -T 60
Sybercron -X -I SPOCK1 -S ORADSSP    -C 444 -T 60
Sybercron -X -I SPOCK1 -S ORACARDP   -C 445 -T 60
Sybercron -X -I SPOCK1 -S ORAHRPAY   -C 444 -T 60
Sybercron -X -I SPOCK1 -S ORATEP     -C 445 -T 60
Sybercron -X -I SPOCK1 -S ORACONP    -C 444 -T 60
Sybercron -X -I SPOCK1 -S ORADOCSP   -C 445 -T 60

If you want to start (or restart) one copy of Sybercron, you can safely do this by passing the database name:

start_sybercron oraprod
Sybercron (oraprod) is not running
Sybercron -X -I SPOCK1 -S ORAPROD    -C 444 -T 60

If you want to start another copy of Sybercron for the same database, you can safely do this by passing the database name followed by the keyword clone:

start_sybercron oraprod clone
Sybercron -X -I SPOCK1 -S ORAPROD    -C 444 -T 60

In general, there is no good reason why you would need to do this, but if want to, you can.


stop_sybernet (unsafe)

This script stops Sybernet. Since this script assumes that Sybercron is not running, invoking it manually is discouraged. stop_sybernet will issue a SIGQUIT to Sybernet which tells it to disconnect all users and exit. If you issue a SIGKILL yourself, you could end up with zombie processes as well as user connections inside of Oracle.

stop_sybernet `hostname` 445
23895/23895 (SYBERNET)BIN/SYBERNET SPOCK1.SRI.COM 445                     |    6155|    00:00:00|       07:28|
Sybernet spock1.sri.com:445 has stopped

start_sybernet (unsafe)

This script starts one copy of Sybernet. Since this script assumes that Sybernet is not running on a particular port, invoking it manually is discouraged.

start_sybernet `hostname` 445
Sybernet at spock1.sri.com:445 successfully started.

stop (safe)

It is safe to call at anytime as long as you do not mind losing user connections to Oracle while Sybernet is not running.

When executed from the home directory of Sybernet, this script stops all copies of Sybercron and Sybernet. It does this by calling goto for each environment. When executed from one of the above environments (because you said source goto <environment>), Sybernet and Sybercron are stopped in that environment only.

stop
---------------------------------------------------------------------------------------------------------------

                                              Stopping Sybercron

                                                      for

                                                spock1.sri.com

---------------------------------------------------------------------------------------------------------------
23212/23212 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORADEV -C 444 -T 60   |    5301|    00:00:00|       02:41|
23218/23218 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORAPROD -C 445 -T 60  |    5417|    00:00:00|       02:36|
23239/23239 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORADSSP -C 444 -T 60  |    5245|    00:00:00|       02:31|
23249/23249 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORACARDP -C 445 -T 60 |    5349|    00:00:00|       02:25|
23259/23259 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORAHRPAY -C 444 -T 60 |    5327|    00:00:00|       02:20|
23269/23269 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORATEP -C 445 -T 60   |    5294|    00:00:00|       02:15|
23279/23279 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORACONP -C 444 -T 60  |    5006|    00:00:00|       02:10|
23291/23291 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORADOCSP -C 445 -T 60 |    5443|    00:00:00|       02:05|
Waiting for Sybercron to stop...
#
---------------------------------------------------------------------------------------------------------------

                                               Stopping Sybernet

                                                      for

                                                spock1.sri.com

---------------------------------------------------------------------------------------------------------------
18590/18590 (SYBERNET)BIN/SYBERNET SPOCK1.SRI.COM 443                     |    5695|    00:01:30|  7-22:40:06|
18604/18604 (SYBERNET)BIN/SYBERNET SPOCK1.SRI.COM 444                     |    6303|    00:12:20|  7-22:40:04|
18618/18618 (SYBERNET)BIN/SYBERNET SPOCK1.SRI.COM 445                     |    6563|    00:13:20|  7-22:40:03|

start (safe)

This script starts Sybernet. start first call stop. start then starts Sybernet on each defined port in the configuration file. start then calls start_sybercron. If you did not call this with the purge option, your Oracle connections are restored.

When executed from the home directory of Sybernet, this script starts all copies of Sybercron and Sybernet. It does this by calling goto for each environment. When executed from one of the above environments (because you said source goto <environment>), Sybernet and Sybercron are started in that environment only. Note that start calls stop so it is safe to call start even if Sybernet or Sybercron are running.

start
---------------------------------------------------------------------------------------------------------------

                                               Starting Sybernet

                                                      for

                                                spock1.sri.com

---------------------------------------------------------------------------------------------------------------
Sybernet at spock1.sri.com:443 successfully started.
Sybernet at spock1.sri.com:444 successfully started.
Sybernet at spock1.sri.com:445 successfully started.
---------------------------------------------------------------------------------------------------------------

                                              Starting Sybercron

                                                      for

                                                spock1.sri.com

---------------------------------------------------------------------------------------------------------------
Sybercron -X -I SPOCK1 -S ORADEV     -C 444 -T 60
Sybercron -X -I SPOCK1 -S ORAPROD    -C 445 -T 60
Sybercron -X -I SPOCK1 -S ORADSSP    -C 444 -T 60
Sybercron -X -I SPOCK1 -S ORACARDP   -C 445 -T 60
Sybercron -X -I SPOCK1 -S ORAHRPAY   -C 444 -T 60
Sybercron -X -I SPOCK1 -S ORATEP     -C 445 -T 60
Sybercron -X -I SPOCK1 -S ORACONP    -C 444 -T 60
Sybercron -X -I SPOCK1 -S ORADOCSP   -C 445 -T 60

/etc/init.d/

All of the scripts above can be started without cd-ing to a particular directory and without relying on the setting of any path or environment variables:

#!/bin/sh
case "$1" in
'start')
  /home/sybernet/start
  ;;

'stop')
  /home/sybernet/stop
  ;;

*)
  echo "Usage: $0 { start | stop }"
  exit 1
  ;;
esac

Sybernet SSL

The configuration file (Sybernet.config) defines the following paths:

The RSA_CLIENT_CERT and RSA_CLIENT_KEY is used (among others) by Sybercron to establish an SSL connection to Sybernet. Currently, I am using my certificate (which expires on Sep 26 2010) for this purpose and if not updated will cause Sybercron to cease working. This certificate needs to be updated on the following hosts:

The RSA_TRUST_STORE is used both as the Trust Store and for setting the list of CAs sent to the client when requesting a client certificate.

The mis directory (/home/sybernet/mis) is used only for redirection, but its data directory contains the server certificate for mis.sri.com.

This is where you will update the certificates for Sybernet. If changed and/or redefined, a restart of Sybernet is required.


See Also

Sybercron
Sybernet
Sybernet Utility





Sybernet is a trademark of SRI International.
Copyright © 1996-2009 SRI International. All Rights Reserved.
Denis D. Workman / http://Sybernet.sri.com/