Release 3.00
July 18, 2009
|
Sybernet / Inside Sybernet
Release 3.00 July 18, 2009 |
|
The following diagram is more complicated than it looks, but does illustrate how Sybernet is configured for high availability at SRI. The Content Switch directs or redirects users to a copy of Sybernet residing on one of three hosts: applications1.sri.com, applications2.sri.com, and applications3.sri.com. Should one of these hosts be taken off line, the Content Switch redirects you to whatever resource is available.
Close inspection reveals that it's possible to connect to any instance of Oracle from any copy of Sybernet.
In general, the directory structure and contents must be the same among all copies of Sybernet. Some of this information is shared in real time, some of this information is rsynched, and some of this information must be manually synched from our development server; for example, since multiple copies of Sybercron are running from different hosts, its output (if any) is written to /home/sybernet/SCRIPTS. You also can't copy a new version of Sybernet from our development server unless you first stop Sybernet on each of these hosts.
If you are running the SSL version of Sybernet, you not only need to keep the server certificates current, but also the client certificates. Client certificates reside on other hosts besides applications.sri.com. More about this below.
Currently, there are three environments:
To work in one of these environments you want to use this script to initialize that environment; for example, if you want to work in the sybase environment, you want to enter
source goto sybase
In general, all compilations occur from /home/sybernet/oracle/develop. To compile the contact.cgi (for example) which is not SSL aware and resides in the cgi-bin directory for sybase (port 80), you would want to to do something like the following:
cd source goto sybase cd /home/sybernet/oracle/develop compile oracle contact cd source goto oracle
But if you are compiling the SSL version of Sybernet or Sybercron (the default), your home environment should already be available (and if not you will be notified when you log in). To compile Sybernet (for example), all you need to enter is the appropriate compile command:
compile oracle server
In each case, no matter what you are compiling, a backup copy of the current software is created. In the case of Sybernet, this step will fail and Sybernet is not restarted if you haven't shut down Sybernet. See stop (below).
This script can be run to determine the active status of Sybernet and Sybercron. The information displayed, however, is determined by the size of your terminal window. This is what a typical display looks like:
status
---------------------------------------------------------------------------------------------------------------
Sybercron Status
for
spock1.sri.com
---------------------------------------------------------------------------------------------------------------
18741/18741 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORADEV -C 444 -T 60 | 5329| 00:07:20| 7-22:36:10|
18760/18760 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORAPROD -C 445 -T 60 | 5148| 00:07:19| 7-22:36:05|
18768/18768 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORADSSP -C 444 -T 60 | 5240| 00:07:20| 7-22:36:00|
18778/18778 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORACARDP -C 445 -T 60 | 4955| 00:07:19| 7-22:35:55|
18788/18788 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORAHRPAY -C 444 -T 60 | 5216| 00:03:50| 7-22:35:50|
18798/18798 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORATEP -C 445 -T 60 | 5358| 00:07:18| 7-22:35:45|
18808/18808 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORACONP -C 444 -T 60 | 5392| 00:07:19| 7-22:35:40|
18833/18833 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORADOCSP -C 445 -T 60 | 5392| 00:07:18| 7-22:35:35|
8 Sybercron tasks
---------------------------------------------------------------------------------------------------------------
Sybernet Status
for
spock1.sri.com
---------------------------------------------------------------------------------------------------------------
18590/18590 (SYBERNET)BIN/SYBERNET SPOCK1.SRI.COM 443 | 5695| 00:01:30| 7-22:36:15|
18604/18604 (SYBERNET)BIN/SYBERNET SPOCK1.SRI.COM 444 | 6303| 00:12:19| 7-22:36:13|
18618/18618 (SYBERNET)BIN/SYBERNET SPOCK1.SRI.COM 445 | 6563| 00:13:19| 7-22:36:12|
3 Sybernet tasks
This script stops Sybercron if it is running. If Sybercron is busy with one or more tasks, this script will wait until all copies of Sybercron have completed. If you need to bring Sybercron down immediately, you must kill it yourself or kill the process that is running in your database.
stop_sybercron 18741/18741 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORADEV -C 444 -T 60 | 5329| 00:07:20| 7-22:36:48| 18760/18760 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORAPROD -C 445 -T 60 | 5148| 00:07:19| 7-22:36:43| 18768/18768 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORADSSP -C 444 -T 60 | 5240| 00:07:20| 7-22:36:38| 18778/18778 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORACARDP -C 445 -T 60 | 4955| 00:07:19| 7-22:36:33| 18788/18788 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORAHRPAY -C 444 -T 60 | 5216| 00:03:50| 7-22:36:28| 18798/18798 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORATEP -C 445 -T 60 | 5358| 00:07:18| 7-22:36:23| 18808/18808 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORACONP -C 444 -T 60 | 5392| 00:07:19| 7-22:36:18| 18833/18833 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORADOCSP -C 445 -T 60 | 5392| 00:07:18| 7-22:36:13| Waiting for Sybercron to stop...
If you want to stop one copy of Sybercron, you can safely do this by passing the database name:
stop_sybercron oraprod 05732/05732 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORAPROD -C 445 -T 60 | 4994| 00:25:01| 27-01:08:17| Waiting for Sybercron (oraprod) to stop... Sybercron (ORAPROD) has stopped.
This script will start all copies of Sybercron. Since it calls stop_sybercron which waits until all running copies have completed, you can safely call start_sybercron at anytime.
start_sybercron Sybercron -X -I SPOCK1 -S ORADEV -C 444 -T 60 Sybercron -X -I SPOCK1 -S ORAPROD -C 445 -T 60 Sybercron -X -I SPOCK1 -S ORADSSP -C 444 -T 60 Sybercron -X -I SPOCK1 -S ORACARDP -C 445 -T 60 Sybercron -X -I SPOCK1 -S ORAHRPAY -C 444 -T 60 Sybercron -X -I SPOCK1 -S ORATEP -C 445 -T 60 Sybercron -X -I SPOCK1 -S ORACONP -C 444 -T 60 Sybercron -X -I SPOCK1 -S ORADOCSP -C 445 -T 60
If you want to start (or restart) one copy of Sybercron, you can safely do this by passing the database name:
start_sybercron oraprod Sybercron (oraprod) is not running Sybercron -X -I SPOCK1 -S ORAPROD -C 444 -T 60
If you want to start another copy of Sybercron for the same database, you can safely do this by passing the database name followed by the keyword clone:
start_sybercron oraprod clone Sybercron -X -I SPOCK1 -S ORAPROD -C 444 -T 60
In general, there is no good reason why you would need to do this, but if want to, you can.
This script stops Sybernet. Since this script assumes that Sybercron is not running, invoking it manually is discouraged. stop_sybernet will issue a SIGQUIT to Sybernet which tells it to disconnect all users and exit. If you issue a SIGKILL yourself, you could end up with zombie processes as well as user connections inside of Oracle.
stop_sybernet `hostname` 445 23895/23895 (SYBERNET)BIN/SYBERNET SPOCK1.SRI.COM 445 | 6155| 00:00:00| 07:28| Sybernet spock1.sri.com:445 has stopped
This script starts one copy of Sybernet. Since this script assumes that Sybernet is not running on a particular port, invoking it manually is discouraged.
start_sybernet `hostname` 445 Sybernet at spock1.sri.com:445 successfully started.
It is safe to call at anytime as long as you do not mind losing user connections to Oracle while Sybernet is not running.
When executed from the home directory of Sybernet, this script stops all copies of Sybercron and Sybernet. It does this by calling goto for each environment. When executed from one of the above environments (because you said source goto <environment>), Sybernet and Sybercron are stopped in that environment only.
stop
---------------------------------------------------------------------------------------------------------------
Stopping Sybercron
for
spock1.sri.com
---------------------------------------------------------------------------------------------------------------
23212/23212 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORADEV -C 444 -T 60 | 5301| 00:00:00| 02:41|
23218/23218 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORAPROD -C 445 -T 60 | 5417| 00:00:00| 02:36|
23239/23239 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORADSSP -C 444 -T 60 | 5245| 00:00:00| 02:31|
23249/23249 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORACARDP -C 445 -T 60 | 5349| 00:00:00| 02:25|
23259/23259 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORAHRPAY -C 444 -T 60 | 5327| 00:00:00| 02:20|
23269/23269 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORATEP -C 445 -T 60 | 5294| 00:00:00| 02:15|
23279/23279 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORACONP -C 444 -T 60 | 5006| 00:00:00| 02:10|
23291/23291 (SYBERNET)BIN/SYBERCRON -X -I SPOCK1 -S ORADOCSP -C 445 -T 60 | 5443| 00:00:00| 02:05|
Waiting for Sybercron to stop...
#
---------------------------------------------------------------------------------------------------------------
Stopping Sybernet
for
spock1.sri.com
---------------------------------------------------------------------------------------------------------------
18590/18590 (SYBERNET)BIN/SYBERNET SPOCK1.SRI.COM 443 | 5695| 00:01:30| 7-22:40:06|
18604/18604 (SYBERNET)BIN/SYBERNET SPOCK1.SRI.COM 444 | 6303| 00:12:20| 7-22:40:04|
18618/18618 (SYBERNET)BIN/SYBERNET SPOCK1.SRI.COM 445 | 6563| 00:13:20| 7-22:40:03|
This script starts Sybernet. start first call stop. start then starts Sybernet on each defined port in the configuration file. start then calls start_sybercron. If you did not call this with the purge option, your Oracle connections are restored.
When executed from the home directory of Sybernet, this script starts all copies of Sybercron and Sybernet. It does this by calling goto for each environment. When executed from one of the above environments (because you said source goto <environment>), Sybernet and Sybercron are started in that environment only. Note that start calls stop so it is safe to call start even if Sybernet or Sybercron are running.
start
---------------------------------------------------------------------------------------------------------------
Starting Sybernet
for
spock1.sri.com
---------------------------------------------------------------------------------------------------------------
Sybernet at spock1.sri.com:443 successfully started.
Sybernet at spock1.sri.com:444 successfully started.
Sybernet at spock1.sri.com:445 successfully started.
---------------------------------------------------------------------------------------------------------------
Starting Sybercron
for
spock1.sri.com
---------------------------------------------------------------------------------------------------------------
Sybercron -X -I SPOCK1 -S ORADEV -C 444 -T 60
Sybercron -X -I SPOCK1 -S ORAPROD -C 445 -T 60
Sybercron -X -I SPOCK1 -S ORADSSP -C 444 -T 60
Sybercron -X -I SPOCK1 -S ORACARDP -C 445 -T 60
Sybercron -X -I SPOCK1 -S ORAHRPAY -C 444 -T 60
Sybercron -X -I SPOCK1 -S ORATEP -C 445 -T 60
Sybercron -X -I SPOCK1 -S ORACONP -C 444 -T 60
Sybercron -X -I SPOCK1 -S ORADOCSP -C 445 -T 60
All of the scripts above can be started without cd-ing to a particular directory and without relying on the setting of any path or environment variables:
#!/bin/sh
case "$1" in
'start')
/home/sybernet/start
;;
'stop')
/home/sybernet/stop
;;
*)
echo "Usage: $0 { start | stop }"
exit 1
;;
esac
The configuration file (Sybernet.config) defines the following paths:
The RSA_CLIENT_CERT and RSA_CLIENT_KEY is used (among others) by Sybercron to establish an SSL connection to Sybernet. Currently, I am using my certificate (which expires on Sep 26 2010) for this purpose and if not updated will cause Sybercron to cease working. This certificate needs to be updated on the following hosts:
The RSA_TRUST_STORE is used both as the Trust Store and for setting the list of CAs sent to the client when requesting a client certificate.
The mis directory (/home/sybernet/mis) is used only for redirection, but its data directory contains the server certificate for mis.sri.com.
This is where you will update the certificates for Sybernet. If changed and/or redefined, a restart of Sybernet is required.