Java App Server Request Form

JavaScript isn't enabled in your browser, so this file can't be opened. Enable and reload.

J2EE Hosting Standards

Purpose
Intended for development groups, deployment groups, java administrators, server administrators, 3rd party application vendors and requestors of new java app servers

References
1) Linux Server Standards and Provisioning - http://<sharepoint_host>/dept/it/InfrastructureSupport/dcteam/Shared%20Documents/Linux/Linux%20Server%20Standards%20and%20Provisioning.doc
2) Linux Provisioning Instructions - http://<sharepoint_host>/dept/it/InfrastructureSupport/dcteam/Shared%20Documents/Linux/Linux%20Provisioning%20Instructions.docx
3) J2EE Application Server Standards: http://<sharepoint_host>/dept/it/InfrastructureSupport/mwteam/Shared%20Documents/J2EE/J2EE%20Application%20Server%20Standards%20and%20Provisioning.doc
4) JBoss 5 install script: https://docs.google.com/document/pub?id=1-dOWCFugK_ZkbCbsHMq3n7a3JVFrhvsK1B6178s8s1o
5) Apache Multi-Purpose Reverse Proxy: https://docs.google.com/document/view?id=1Q5iMm16sKkVl2LKu8ae1srCh-EEK8sq1j_WE1QO5hgc&authkey=CIqoneIH
6) Reverse Proxy Diagram - Exposed J2EE Apps: https://docs.google.com/drawings/d/1jJtkb8IQjZZ9BjZt5C3kTMmdMYxxoBk0X3CEoRxowEA/view
7) PasLinuxPermissions.xls - http://<sharepoint_host>/dept/it/InfrastructureSupport/mwteam/Shared%20Documents/J2EE/PasLinuxPermissions.xls
8) Documents to support and justify standards - http://<sharepoint_host>/dept/it/InfrastructureSupport/mwteam/Shared%20Documents/J2EE/RapidsureInfrastructureRisks.pdf, http://<sharepoint_host>/dept/it/InfrastructureSupport/mwteam/Shared%20Documents/J2EE/PIC%20Migration%20Assessment.doc, and http://<sharepoint_host>/dept/it/InfrastructureSupport/mwteam/Shared%20Documents/J2EE/Philadelphia%20Insurance%20JBoss%20Recommendations.pdf

The hosting department strongly recommends utilizing the JBoss EAP standards outlined below so that J2EE applications can be hosted to the highest standards. This includes usage in any and all code, scripts, configuration files, documentation, and/or anywhere relevant in the hosting environment. These standards have been gathered from multiple independent assessments by expert consulting bodies, professional training, research and, most of all, experience. Following these standards is the only way for the hosting department to provide the best and most efficient J2EE provisioning and hosting experience for the business.

Collaborative Items:

1) Slimming
a. The hosting department will slim all unnecessary components including hypersonic, hot deploy, clustering, JMS, quartz scheduler, etc. If the customer application relies on any of these components, it is up to the customer to provide a case to keep them when the request for server provisioning is made. See below for more information regarding specific modules, what they do, and their dependencies.
b. Since the linux server provisioning process is push button and middleware installation and configuration is tightly coupled to this process, all configurations including slimming information are required before the server is built. This process creates snapshots of server build instructions serving as our documentation for the server runbook and enhancing our business continuity ability for linux servers.
2) Class loading and Shared Libraries
a. It is required that all 3rd party applications utilize isolated class loading for portability, sustainability and supportability. This also prevents logging problems. It is mechanically enforced in $JBOSS_HOME/server/$JBOSS_CONF/deployers/ear-deployer-jboss-beans.xml: <isolated>true</isolated>. As such, write access to shared libraries such as $JBOSS_HOME/lib/, $JBOSS_HOME/common/lib/, and $JBOSS_HOME/server/$JBOSS_CONF/lib/ for shared 3rd party libraries is disabled.
3) Logs
a. Application logging should always be separated from jboss or system logging (logs/ instead of log/).
b. In keeping with best practices, please use a consistent logging methodology for easier tuning and control. Please do not utilize STDERR or STDOUT for logging as it circumvents tuning and control.
c. Please use rolling file appenders and jboss log directory and jboss log level variables at all times. Example:

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/">
<appender name="FILE" class="org.apache.log4j.RollingFileAppender">
<param name="File" value="${jboss.server.log.dir}s/acme.log"/>
<param name="Append" value="true"/>
<param name="MaxFileSize" value="5000KB"/>
<param name="MaxBackupIndex" value="5"/>
<layout class="org.apache.log4j.PatternLayout">
<param name="ConversionPattern" value="%d %-5p [%c] %m%n"/>
</layout>
</appender>
<root>
<priority value="${jboss.server.log.threshold}" />
<appender-ref ref="FILE" />
</root>
</log4j:configuration>

4) Path variables and aliases
a. $JBOSS_HOME (OS variable) and ${jboss.server.home} (java variable) will always point to the current running jboss-as/ directory. Since this makes troubleshooting, support, patching, updates, and other tasks much easier for the hosting department, one must utilize this variable as opposed to hard coding the absolute path in any and all configuration files, scripts, or documentation. If one is unable to use this OS level variable, they must use the generic path of /usr/local/jboss/jboss-as/.
b. $JBOSS_CONF will always point to the working node directory. The hosting department will always copy from the "default" node to a custom node. The hosting department does not plan on utilizing JBoss clustering for high availability unless absolutely needed, so the hardcoded name will probably be "<client>-nocluster”. However, use of the variable instead of the name is standard.
c. cdj is an alias for cd $JBOSS_HOME/server/$JBOSS_CONF/ and is available to all users for the user's convenience
5) Datasources
a. All JBoss 5 servers will have generic and comprehensive datasources setup at $JBOSS_HOME/server/$JBOSS_CONF/deploy/mssql-ds.xml. Please utilize this file and only this file for all datasources. Please overwrite only the relevant settings within DefaultDS node: sql server name, sql server instance, username and password. Do not overwrite or paste your own xml node as it would overwrite tuned datasource settings. Similary, a comprehensive XA datasource is provided but commented.
b. The hosting department will be using the latest Microsoft supported SQL JDBC driver for all SQL Server connections.
c. For the most stable datasources and to avoid problems with database connection pooling, it is highly recommended to utilize the included xml nodes called <new-connection-sql> and <check-valid-connection-sql>. To perform the most accurate health check for sql connections, application developers should supply lightweight sql queries specific to their application in lieu of the generic "select 1" statements.
6) Redundancy
a. As a general rule, the hosting department plans on architecting high availability, active/active nodes in all MO and production environments. This will be achieved through hardware load balancing over port 8080*. Note that the utilization of JBoss application clustering will be avoided unless absolutely necessary for session replication reasons as it introduces an unnecessary level of complexity and load. *Note that if reverse proxy functionality is needed, then load balancing would require an additional software load balancing layer in the DMZ network using mod_jk over port 8009.
b. This requires that the applications deployed can handle multiple active nodes and are not coded in a singleton context.

Informational Items:

1) Reverse Proxies
a. If the java applications deployed need to be exposed to the internet, classic apache/mod_jk/F5 architectures will be utilized as outlined in the above references.
2) Systems Architecture - Scalability
a. Horizontal scalability will be advised in all environments, especially MO and Production (see Redundancy above). Appropriate server sizing will be advised (ex: for improved performance, it is better to build multiple small servers rather than fewer larger servers).
3) Cache
a. The contents of the work/, data/, and tmp/ directories are automatically removed on jboss shutdowns as well as any files in /tmp/ owned by jboss.
4) OS
a. Application server provisioning for JBoss has been merged into our Linux server provisioning. Therefore all JBoss servers will be hosted on the latest supported version of Red Hat Enterprise Linux.
b. The hosting department will always use 64 bit OS platforms and JDKs unless there is a reason to avoid it.
c. We run a customized service control script to ensure process shutdown, avoid duplicates, and provide troubleshooting assistance. Hard kills will be used when proper shutdown methods are unsuccessful. For the convenience of the application developer, a "dump" command is built in to automatically create dump files for developer troubleshooting.
d. All JBoss installations are done at provision time. Therefore, the hosting department will not clone JBoss servers or allow the copying of JBoss bundles from one server to the next. This ensures that the hosting department meets the goal of building customized, lean and mean J2EE servers tailored to each application as well as preserving permissions and folder naming conventions.
5) Customizations
a. The hosting department may utilize soft links wherever necessary to denote customizations at the file or directory level. For example, any third party add-ons, such as JDBC drivers will always be soft linked from custom subfolders. This ensures that the hosting department can achieve the highest level of application administration, troubleshooting and maintenance.
6) Permissions
a. In order to pass audits, guarantee service levels, and support our environments the best way possible, the hosting department will only issue the amount of permissions that are needed. Requests are subject to review by change control, architecture review boards, and the security team. See PasLinuxPermissions.xls in the middleware sharepoint site. All changes require ITSR requests and are not a guarantee for approval.
b. Permissions are configured so that group ownership of jboss will persist but user ownership will show the actual user who created the file or folder for trace-ability and audit reasons.

Deployment teams will be able to stop or start jboss using the following syntax unless otherwise noted:
sudo -u jboss service jbossas (stop|start|restart)
Additionally, value added functions have been created in the service control script to generate thread dumps and tattle tale reports (WIP):
sudo -u jboss service jbossas (dump|tattle)

Anyone with UNIX permissions will ALWAYS have read access to most JBoss files including but not limited to:
$JBOSS_CONF/server/$JBOSS_CONF/log/
$JBOSS_CONF/server/$JBOSS_CONF/logs/

Developers are typically granted the same permissions as Deployment technicians in all environments except model office and production. This is subject to change.
The standard location for deployments should be kept in /var/tmp/releases/ instead of any one user's home folder. This improves portability and supportability for deployment teams.

The hosting department reserves the right to update these standards at anytime as necessary.

BASE OPTIONS

Company *

PHLY

TMM

FICOH

Other:

JAVA OPTIONS

Java App Server Provider *

JBoss EAP

WebLogic (TBD)

WebSphere (TBD)

Tomcat (TBD)

Other:

Version of JBoss EAP *

Latest vendor supported version

5.1.x

4.3.x

Other:

Flavor of JBoss EAP *

http://www.redhat.com/f/pdf/jeap5-series-roadmap.pdf#page=16

Enterprise Application Platform

Enterprise Web Platform

I don't know. Please choose for me based on the components selected below.

JDK Provider *

Please provide the latest industry supported jdk provider that is compatible with the application

Sun - latest vendor supported version

Sun 1.7

Sun 1.6

Sun 1.5

Jrockit

OpenJDK

Other:

JBoss components that the application will utilize *

Please only choose what is required. The more components, the bigger the performance hit and security vulnerability. Please note that some are unsupported. Dependencies will automatically be retained. If unsure, use jboss-tattletale to determine which modules are used in your application.

AJP Connector (recommended for rare applications that are exposed to the internet)

Bean Shell Deployer - Services for deploying BeanShell scripting

Clustering (not recommended) - Services to support state/session replication

Database/Datasource (recommended) - Services to support a relational database

EJB2 - Enterprise Java Beans 2.x

EJB3 - Enterprise Java Beans 3.0

Hot Deployments (not supported) - Automatic deployments consume unnecessary memory and are prone to accidental deployments

Hypersonic (not supported) - Embedded database for singleton environments prone to corruption

IIOP - Services to support the Internet Inter-Orb Protocol (IIOP). IIOP is required to support Common Object Request Broker Architecture (CORBA) clients (EAP/production node only)

Invoker: HTTP - Services for invoking other services via HTTP (EAP only)

Invoker: IIOP - Supports CORBA/IIOP access to enterprise beans deployed in a JBoss Application Server, as defined by the EJB specification

Invoker: JMX (recommended) - Services for invoking Java Management Extensions (JMX) Operations

Invoker: Legacy JRMP (recommended) - Services for invoking other services via Remote Method Invocation (RMI) over the Java Remote Method Protocol (JRMP)

Invoker: Pooled - Provides a socket connection pool for remote EJB calls

JCA (recommended) - Services for supporting the J2EE Connector Architecture (JCA)

JUDDI (not recommended) - Services to support Universal Description Discovery and Integration (UDDI) (EAP/production node only)

Key Generator UUID (not recommended) - Services for generating Universally Unique Identifiers (UUIDs)

Mail - Services to support the Simple Mail Transfer Protocol (SMTP) and the Post Office Protocol (POP)

Management (not recommended) - Unnecessary when EAP is managed by JON

Messaging/JMS (not recommended, explore existing web methods offerings) (EAP only)

Profile Service - Plugin services for the core ProfileService

Properties - Services for defining and overriding properties used by other services

Remoting - Latest generation of services for remotely invoking other services

Scheduler - Services to support scheduling of JMX-based services

Seam Deployer

SNMP (not recommended) - Services for supporting the Simple Network Management Protocol (SNMP) (EAP/production node only)

Transaction (recommended) - Services to support the Java Transaction API (JTA) and Java Transaction Service (JTS)

Web (required) - Services for supporting web applications

Web Services Client - Services to support connecting to SOAP/WSDL web services

Web Services Server - Services to support hosting SOAP/WSDL web services via the JbossWebServices stack

XNIO (not recommended) - Services for supporting a simplified low-level I/O layer which can be used anywhere you are using NIO today (EAP only)

Required

PERFORMANCE OPTIONS

Memory *

Please enter the total estimated memory usage by the JVM (heap and non-heap). In keeping with horizontal scalability goals and provisioning efficiency, this is subject to review and approval.

Garbage Collection *

Please enter the preferred method of garbage collection to be used by the JVM

Serial (not recommended)

Tune for high throughput using Parallel - ex: batch jobs, long transactions. Should have more than 1 vCPU

Tune for low pause using Concurrent - ex: portal app. Should have more than 1 vCPU

Tune for low pause and high throughput using a combination of Parallelism (young generation) and Concurrency (old generation): -XX:+UserParNewGC -XX:+UseConcMarkSweepGC

JVM LargePages *

Please indicate if the JVM should take advantage of HugePages/TLB in RHEL. See https://access.redhat.com/knowledge/solutions/2592 for more information

Transparent HugePages (default in RHEL6+; recommended)

None

Manually configure HugePages

Transaction Timeout *

Please enter the maximum amount of minutes that a large transaction may take.

minute

minutes

Log Threshold *

Please select the log4j logging threshold. Note that this will override any thresholds set within $JBOSS_HOME/server/$JBOSS_CONF/conf/jboss-log4j.xml

TRACE (unsupported)

DEBUG (not recommended; unsupported in production/MO environment)

INFO (not recommended; unsupported in production/MO environment)

WARN (recommended)

ERROR

FATAL

SECURITY OPTIONS

Java Cryptography Extension (JCE) for JDK *

Please specify if the encryption provided by the JDK needs to be upgraded to Unlimited Strength Jurisdiction Policy Files

No (default)

Yes

DATASOURCE OPTIONS

Provider *

Typically, clustering at the database layer is only considered in production or model office environments

Latest supported relational database

Microsoft SQL Server 2008 R2 Clustered

Microsoft SQL Server 2008 R2

PostGreSQL 8.4.x (not supported)

Other:

JDBC Provider *

Please provide the latest industry supported sql jdbc provider that is compatible with the application that will be deployed

Latest Microsoft supported JDBC driver (default)

Microsoft SQL JDBC Provider 4.0

Microsoft SQL JDBC Provider 3.0

JTDS (unsupported)

Other:

Hostname (optional)

Please provide the sql server name if you already know where the instance will go

Instance (optional)

Please provide the instance name if you already know it

Username (optional)

Please provide the username if you already know it

ENVIRONMENT OPTIONS

Environment *

Production

Model Office

Quality Assurance

Development

Test/Temporary/Proof of concept

Training

End User Licensing Agreement

EULA *

I agree that I have filled out this form to the best of my and/or the requesting department's knowledge. I understand that changes to it can and will require rebuilding some or all of the environment. By checking this box, the requesting department and company also agrees to be bound by the J2EE hosting standards as outlined at the beginning of this form. Failure to follow these standards or selecting features that are unsupported may result in lower quality support, lower quality hosting standards, and a lack of support until the standards can be met. Written approval by the VP of Infrastructure will be required for any non-compliance with the standards.

I agree

I do not agree

SUBMIT

To submit this form, please print this and return it to javaadmin@phlyins.com

Submit

Clear form

Never submit passwords through Google Forms.

This content is neither created nor endorsed by Google. - Terms of Service - Privacy Policy

Does this form look suspicious? Report

Forms