Welcome!

Websphere Authors: Yeshim Deniz, Carmen Gonzalez, Elizabeth White, Sanjeev Sharma, Liz McMillan

Related Topics: Websphere, Java

Websphere: Article

Scalable HTTP Session Management with WebSphere Extreme Scale (WXS)

Cross datacenter HTTP session replication

HTTP session management is a function offered by Java Enterprise Edition (JEE) application servers. It allows JEE applications to store state information about a given user across many HTTP requests. The JEE specification provides an API to store and retrieve information specific to the given user. WebSphere application servers and other competing products, provide session replication functionality. This is normally done either by writing to a database or through memory-to-memory replication technology.  These approaches while extensively used today, have operational challenges and cost implications. HTTP session replication enables for seamless session recovery, in event of an application failure, but we currently do not have a reliable, predictable and cost effective solution to handle session recovery in event of a data center failure. Until now we have discouraged the session replication across cells and data centers primarily due to cost and performance impact. With introduction of WXS' Zone support technology, it is now possible to achieve session recovery in event of a data center failure.

This paper will attempt to discuss the usage scenario and demonstrate the use of WXS as a separate in memory data grid to store http sessions. This paper will discuss history and existing technology and introduces WXS as a technology that differentiates itself, by addressing existing scalability challenges in a cost effective manner. We will also discuss the simplification of technical implementation of WXS grid, which makes WXS a compelling yet simple solution to store HTTP session.

Challenges of storing HTTP sessions?
Many enterprise applications today require HTTP session persistence. This requirement stems primarily from end user expectations, regulatory constraints and/or SLA (service level agreements) commitments. The session persistence provides the application with features such as, handling session state information, high availability of end user sessions and application performance enhancements. WebSphere Application server provides an application infrastructure to ensure efficient session persistence management and configuration. For instance WebSphere Application server provides two distinct mechanisms to persist sessions, they are a. memory-to-memory replication and b. store session object in shared database. While these two mechanisms provide persistence mechanism, there is a need to ensure the validity of session state across clustered application servers. The suggested and accepted approach includes (Brown et al)

Use of Shared database to store sessions

  • Session affinity - mechanism to ensure pinning of user session to a particular server.
  • Invalidation of session across all session persistent storage entities (JVMs or databases).
  • While these options exist to store HTTP session and state beyond the life of an application server or JVM, facilitating high availability, these approaches have challenges of their own. The growth and changing dynamic of the e-business applications, have forced application infrastructure to rethink the session persistence strategies.  Some of these growing challenges include:

    a.       Use of runtime real-estate i.e. application server JVM heap to store session, seems inefficient use of resources.

    b.      Higher administrative and maintenance costs due to increase in user base and subsequent linear growth in application hosting infrastructure.

    c.       Performance consideration of storing, replicating and managing state of session objects.

    d.      Performance consideration due to large session objects in some specific use cases.

    The challenges around session storage revolve around performance costs due to serialization of the session object to a database or to other Application servers/JVMs across the network. This performance costs coupled with the management of session state such as replication, updates and invalidation as add significant performance bottlenecks to the application hosting platforms.

    Figure 1: memory to memory session replication.

    Figure 2: Database session replication.

    1. Why use WXS?

    Websphere eXtreme Scale (WXS) attempts to address these performance considerations by introducing a new technological platform that purports improvised management and replication, thus addressing the challenges imposed by conventional HTTP session persistent mechanism. It is to be noted that while WXS also employs the memory to memory replication of http sessions, it significantly differs from the same mechanism employed by the WebSphere Network Deployment. WXS provides features such as QoS, replication reliability and linear scalability, which is non existent in Websphere ND. WXS distinguishes itself from traditional approaches in the following ways:

      1. Enabling a grid of JVMs with a sole purpose of storing Http session (or any java) objects.
      2. Isolating the application runtime from grid runtime, thereby, freeing up the JVM heap for application use.
      3. Provide linear scalability to accommodate growth, with growth in sessions or size of session objects.
      4. Providing an implicit replication and management of session objects within the grid.
      5. <*NEW*> With Zone support enabling storing of session objects across geographically disperse datacenters (and cells), overcoming the traditional limitation of single cell replication.
      6. QoS  and replication reliability: Replication in WebSphere ND is best effort, which implies that consistency and changes cannot be guaranteed. WXS offers a reliable replication mechanism.

    Figure 3A: WXS enabled grid for session persistence. Here WXS Grid JVMs are Isolated from Application JVMs

    Figure 3B: WXS co-located HTTP session persistence. Here Application and Grid are co-located in the same JVM.

    WebSphere eXtreme Scale provides non-invasive integration for HTTP session management, so that the application does not have to be changed. It does this in 2 ways:

    a. HTTP servlet filter, a standard part of the servlet specification.

    As shown in Figure , the HTTP servlet filter intercepts every request, prior to forwarding the request to servlet or JSP. The servlet filter wraps the HTTPServletRequest and HTTPServletResponse objects that the application developer uses to access the request's session state. The eXtreme Scale HTTPSession object overrides the object normally provided by the default session manager. There is therefore no data duplication between the two session managers, and eXtreme scale provided session manager overrides the WebSphere session manager. The filter ensures that the session data is synchronized with the grid. On each request, if HTTP session attributes have changed, they will be written back into the grid. The WXS enabled HTTP filter presents a choice of storing the sessions in the same JVMs as the servlet containers (collocated) or in a separate grid tier of remote JVMs. Each of these options have their merits and demerits, and should one of the infrastructure design considerations.

    The synchronous interaction of the filter and the grid, is also an important design consideration. The synchronous interaction between filter and grid ensures that any change to the http session is immediately replicated to the grid. While this may be a desirable option in some cases, it does have a performance impact. WXS allows a configuration (in splicer.properties file)  for this interaction to be asynchronous, where the changes are buffered and flushed to the grid, at defined intervals. It is to be noted that this Syncronous/Asynchronos replication between the filter and the grid, while similar in concept, is entirely different from the replication mechanism configured between the grid servers.

    The following steps need to be performed in order to use HTTP servlet filer with WXS:

    1.                Create the following files and Package it with WAR (Web) Module in the META-INF directory.

    -          objectGrid.xml :This contains the definition of the grid itself; the maps, locking behavior, plug-ins, etc.

    -          objectGridDeployment.xml : This contains a description of the grid's deployment; how many partitions, zones, replication strategy etc.

    -          splicer.properties: This file provides the values used by the addObjectGridFilter script to splice the web module. This is one of the required input parameters for the script that splices the web module with filter declarations. This file contains servlet context initialization parameters such as catalog server host and port, affinity, persistence mechanism, replication type & interval etc. It is to be noted that while this file is not required artifact in the WAR (Web) Module, and only the above mentioned xml files are required, including this file is more for information only.

    2.                Run the addObjectGridFilter script on the WAR to add the filter to the web.xml file. The addObjectGridFilter script is usually located :

    <WXS_HOME>/session/bin/addObjectGridFilter.bat/.sh

    Usage : addSessionObjectGridFilter <location of  war/ear file> <location of properties file>

    Example: addSessionObjectGridFilter MyWebModule.war splicer.properties

    3.                When using WXS in a WebSphere ND managed environment, the managed nodes would need to be augmented with WXS (a.k.a XD-DG), and perform step 1 and 2, and deploy the Web Module or WAR to WXS augmented cluster.

    b. Use of  ObjectGrid client server Topology for embedded applications

    This is a  variation of the above techniques, in which the application  is the client to the WXS grid.

    I.      Collocating the application with the grid (i.e. same ‘runtime' JVM): This is when the ObjectGrid servers are collocated in the same processes where the servlets run. The WXS session manager can communicate directly to the local ObjectGrid instance, since it is collocated with in the same server process.

    When WebSphere Application Server as runtime and grid container, simply place the supplied objectGrid.xml and objectGridDeployment.xml files into the META-INF directories of your WAR files. ObjectGrid will automatically detect the presence of these files when the application starts and will then automatically launch the ObjectGrid containers in the same process as the session manager. You can modify the objectGridDeployment.xml depending on which type of replication (synchronous or asynchronous) and how many replicas you want configured. This step assumes that your have augmented the application server profile/instance with WXS.

    II. Isolating the application from the grid (i.e. application and grid in separate JVMs): Unlike the topology discussed above the server process hosting the application is different from the server process hosting the JVMs. This is beneficial for the application with either voluminous HTTP session traffic or relatively larger http session objects.  In this case the WXS session manager, which resides on the application server process, communicates to a remote ObjectGrid server processes. In effect the WXS session manager becomes the client, to the Object grid servers, which are the hosts to grid containers.

    To use a remote, ObjectGrid, the WXS session manager must be configured to communicate with the catalog servers and grid servers. The session manager will then use an ObjectGrid client connection to communicate to the catalog server and the ObjectGrid servers, wherever they reside. If the ObjectGrid servers are to be started in independent, standalone J2SE processes, then it is advisable to launch the ObjectGrid containers using the objectGridStandAlone.xml and objectGridDeploymentStandAlone.xml files supplied in the session manager samples directory.  This differentiation is to indicate that the HTTP session store is standalone and isolated. The core functionality of the file remains, i.e. like objectGrid.xml, objectGridStandalone.xml  defines the grid for sessions, and objectGridDeploymentStandalone.xml  defines the mechanics of grid deployment.

    1. Zone support

    With WXS Zone based replication, WXS allows for rules-based data placement, enabling high availability of the grid due to redundant placement of data across physical locations. This notion is particularly appealing to enterprise environments that need data replication and availability across geographically dispersed data centers.

    WebSphere eXtreme Scale introduced zone-based support introduced in V6.1.0.3. Zone support provides much needed control of shard placement in the grid. Zone support allows for rules-based shard placement, enabling high availability of the grid due to redundant placement of shards across physical locations. This notion is particularly appealing to enterprise environments that need data replication and availability across geographically dispersed data centers. In the past these enterprise computing environments were limited due to the performance constraints imposed by networks and real time data replication requirements. With the inclusion of Zone support, WebSphere eXtreme Scale offers better scalability by decoupling the grid environment. With Zone support, only the metadata shared by the catalog servers is synchronously replicated,

    While the data objects are copied asynchronously across networks. This not only enables better location awareness and access of objects, but also imposes fewer burdens on enterprise networks, by eliminating the requirement of real time replication.

    As long as catalog servers see zones being registered (as the zoned grid server come alive), the primary and replica shards are striped across zones. Further, the zone rules described in the objectGridDeployment.xml file, will dictate placement of sync or async replica shards in respective zones.

    As a general practice, it is recommended that you place only sync replicas in same zone and async replicas in a different zone for optimal replication performance. This placement also would be optimal for scaling across geographies or data centers.

    Since core groups do not span zones, the catalog server(s) are placed one or two per data center or zones, and the catalog servers synchronize their object/shard routing information. A catalog service must be clustered for high availability in every zone. The catalog servers retain topology information of all of the containers in the ObjectGrid and controls balancing and routing for all clients. Since catalog servers play a vital role in maintaining the catalog service and client routing, it is important to understand the concept of a catalog service quorum. A catalog service quorum is the minimum number of active catalog server members required for the grid system to operate correctly (i.e to accept membership registrations and changes to membership to ensure proper routing and shard placement).

     

    <zoneMetadata>
            <shardMapping shard="P" zoneRuleRef="stripeZone"/>
            <shardMapping shard="S" zoneRuleRef="stripeZone"/>
            <zoneRule name ="stripeZone" exclusivePlacement="true" >
              <zone name="ZoneA" />
              <zone name="ZoneB" />
              <zone name="ZoneC" />
            </zoneRule>
          </zoneMetadata>

     

    Figure 4: Zone meta data from ObjectGridDeployment.xml file, showing single ZoneRule ‘StripeZone' i.e if primary is placed in Zone A, the secondary will be placed in either ZoneB or ZoneC, but not both.

    This approach of ensuring the registration and consistency of grid servers is achieved only when a quorum is established between catalog servers. Writes to

    the catalog service state are committed only when the majority of the catalog

    servers participate in the transaction. Containers that are changing states cannot

    receive any commands, unless the catalog service transaction commits first. If

    the catalog service is hosted in a minority partition, i.e no quorum established, it

    then accepts liveness messages. The catalog servers cannot, however, accept

    server registrations or membership changes, because the state is essentially frozen, until the catalog service quorum is re-established.

    Figure 5: Two geographically disperse Zones to store HTTP sessions across 2 data centers. Please note that the Catalog Servers are hosted in separate JVMs from Grid containers, and ONLY the Catalog severs are grouped in separate core group. This is done as Zones do not span core groups.

    1. Conclusion

    One of the main design concerns of an application and application infrastructure is the session persistence and handling of session state beyond the life of application servers/JVMs. The traditional persistence mechanisms have imposed performance and scalability concerns with growth in business and subsequent requirements. Growth in business usually results in increase traffic, user session and proportional storage requirements.  Historically IT organizations have attempted to battle this problem with innovative and complex solutions such as employing various caching layers at the edge for static content, and a separate cache for dynamic content, or by selectively preserving some HTTP Session data and recreating the others. Such strategies while effective in some application environment, have reached maturity level of its growth spectrum. Increasingly complex and de-fragmented application frameworks have compelled the introduction on ‘in-memory data grid' to provide a scalable solution to address the growth of session storage - both in terms of size and volume. The introduction of an in memory grid relieves the constant battle with scalability and provides an isolated layer, whose sole purpose is to store HTTP Session (or any java) objects.

    WXS technology enables ‘in-memory data grid' which is essentially a grid of interconnect JVMs, acting as a single cohesive unit, much like a database, without the management and performance overheads. Using WXS for HTTP session persistence is a very non-invasive change to application architecture, as seen in Figure 3, a servlet filer is introduced in the application intercepting requests and connecting to the grid, without any significant change to the application architecture. The WXS enabled grid is policy driven; self managed and can easily absorb growth by inclusion of additional JVMs to the existing grid. WXS thus makes a compelling consideration for HTTP session persistence in the environments that is plagued with performance and scalability woes due to growth in business application traffic. WXS not only addresses the fundamental session storage concerns, but add to the capability of storing session across geographically disperse data centers, independent of WebSphere infrastructure's cell  based management boundaries. This capability alone, arms organization with the ability to persist and handle session state across data centers. Such a capability was neither recommended nor technically feasible with existing technologies and solutions.  WXS' Zone support thus becomes a distinguishing feature, which sets WXS apart from many competing caching technologies.

    References:

    1.      User's Guide to WebSphere eXtreme Scale - http://www.redbooks.ibm.com/abstracts/sg247683.html

    2.      Brown et al - Improving HTTP session performance with smart serialization http://www.ibm.com/developerworks/websphere/library/bestpractices/httpsession_performance_serialization.html

    3.      WebSphere Extreme Scale WiKi - http://www.ibm.com/developerworks/wikis/display/objectgrid/Getting+started

    4.      Billy Newport's Blog -

    http://www.devwebsphere.com/

    5.      http://www.ibm.com/developerworks/websphere/library/techarticles/0905_gaur/0905_gaur.html

    Acknowledgements:

    I want to thank Joshua T Dettinger and Billy Newport for his help in technical content and editing of this paper.

    More Stories By Nitin Gaur

    Nitin Gaur, is currently working in capacity of Senior WebSphere Consulting IT Specialist with IBMs S&D Organization. Prior to teaming with IBM S&D organization, Nitin spend several years with WebSphere OEM team, a SWG entity and AIX support – ITS/IGS entity. In his 11 years with IBM he has achieved various industry recognized certifications and enriched his career by doing more than required by the defined job responsibilities. Prior to beginning his career with IBM, he was graduate student at University of Maryland University College. Apart from excelling in his normal job responsibilities, Nitin has been involved with many on going projects at IBM Austin. To name a few, Nitin has been an active member of Austin TVC – Technical Vitality Council, an IBM Academy affiliate since 2002.

    As a technical leader Nitin has been involved in various technical paper presentations in various conferences at IBM and outside. The range of the topics presented by him span from software architectures to improvement of management processes. Nitin, has been focused on staying close to customer and always attuned to their needs and problems. One of his primary job responsibilities includes positioning WebSphere infrastructure products and providing technical solution and support to field sales teams. He is relentless in researching skills and presenting the industry best practices of IT Infrastructure. Performing advance technical research and providing IBM clients with strategic solutions on WebSphere offerings is one his forte.

    @ThingsExpo Stories
    The definition of IoT is not new, in fact it’s been around for over a decade. What has changed is the public's awareness that the technology we use on a daily basis has caught up on the vision of an always on, always connected world. If you look into the details of what comprises the IoT, you’ll see that it includes everything from cloud computing, Big Data analytics, “Things,” Web communication, applications, network, storage, etc. It is essentially including everything connected online from hardware to software, or as we like to say, it’s an Internet of many different things. The difference ...

    ARMONK, N.Y., Nov. 20, 2014 /PRNewswire/ --  IBM (NYSE: IBM) today announced that it is bringing a greater level of control, security and flexibility to cloud-based application development and delivery with a single-tenant version of Bluemix, IBM's platform-as-a-service. The new platform enables developers to build ap...

    Cloud Expo 2014 TV commercials will feature @ThingsExpo, which was launched in June, 2014 at New York City's Javits Center as the largest 'Internet of Things' event in the world.
    An entirely new security model is needed for the Internet of Things, or is it? Can we save some old and tested controls for this new and different environment? In his session at @ThingsExpo, New York's at the Javits Center, Davi Ottenheimer, EMC Senior Director of Trust, reviewed hands-on lessons with IoT devices and reveal a new risk balance you might not expect. Davi Ottenheimer, EMC Senior Director of Trust, has more than nineteen years' experience managing global security operations and assessments, including a decade of leading incident response and digital forensics. He is co-author of t...
    The major cloud platforms defy a simple, side-by-side analysis. Each of the major IaaS public-cloud platforms offers their own unique strengths and functionality. Options for on-site private cloud are diverse as well, and must be designed and deployed while taking existing legacy architecture and infrastructure into account. Then the reality is that most enterprises are embarking on a hybrid cloud strategy and programs. In this Power Panel at 15th Cloud Expo (http://www.CloudComputingExpo.com), moderated by Ashar Baig, Research Director, Cloud, at Gigaom Research, Nate Gordon, Director of T...
    Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Architect for the Internet of Things and Intelligent Systems at Red Hat, described how to revolutioniz...
    Technology is enabling a new approach to collecting and using data. This approach, commonly referred to as the "Internet of Things" (IoT), enables businesses to use real-time data from all sorts of things including machines, devices and sensors to make better decisions, improve customer service, and lower the risk in the creation of new revenue opportunities. In his General Session at Internet of @ThingsExpo, Dave Wagstaff, Vice President and Chief Architect at BSQUARE Corporation, discuss the real benefits to focus on, how to understand the requirements of a successful solution, the flow of ...
    The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, and physical persons. In the IoT vision, every new "thing" - sensor, actuator, data source, data con...
    "BSQUARE is in the business of selling software solutions for smart connected devices. It's obvious that IoT has moved from being a technology to being a fundamental part of business, and in the last 18 months people have said let's figure out how to do it and let's put some focus on it, " explained Dave Wagstaff, VP & Chief Architect, at BSQUARE Corporation, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
    Focused on this fast-growing market’s needs, Vitesse Semiconductor Corporation (Nasdaq: VTSS), a leading provider of IC solutions to advance "Ethernet Everywhere" in Carrier, Enterprise and Internet of Things (IoT) networks, introduced its IStaX™ software (VSC6815SDK), a robust protocol stack to simplify deployment and management of Industrial-IoT network applications such as Industrial Ethernet switching, surveillance, video distribution, LCD signage, intelligent sensors, and metering equipment. Leveraging technologies proven in the Carrier and Enterprise markets, IStaX is designed to work ac...
    "There is a natural synchronization between the business models, the IoT is there to support ,” explained Brendan O'Brien, Co-founder and Chief Architect of Aria Systems, in this SYS-CON.tv interview at the 15th International Cloud Expo®, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
    C-Labs LLC, a leading provider of remote and mobile access for the Internet of Things (IoT), announced the appointment of John Traynor to the position of chief operating officer. Previously a strategic advisor to the firm, Mr. Traynor will now oversee sales, marketing, finance, and operations. Mr. Traynor is based out of the C-Labs office in Redmond, Washington. He reports to Chris Muench, Chief Executive Officer. Mr. Traynor brings valuable business leadership and technology industry expertise to C-Labs. With over 30 years' experience in the high-tech sector, John Traynor has held numerous...
    Bit6 today issued a challenge to the technology community implementing Web Real Time Communication (WebRTC). To leap beyond WebRTC’s significant limitations and fully leverage its underlying value to accelerate innovation, application developers need to consider the entire communications ecosystem.
    The 3rd International @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades.
    The Internet of Things is not new. Historically, smart businesses have used its basic concept of leveraging data to drive better decision making and have capitalized on those insights to realize additional revenue opportunities. So, what has changed to make the Internet of Things one of the hottest topics in tech? In his session at @ThingsExpo, Chris Gray, Director, Embedded and Internet of Things, discussed the underlying factors that are driving the economics of intelligent systems. Discover how hardware commoditization, the ubiquitous nature of connectivity, and the emergence of Big Data a...
    Almost everyone sees the potential of Internet of Things but how can businesses truly unlock that potential. The key will be in the ability to discover business insight in the midst of an ocean of Big Data generated from billions of embedded devices via Systems of Discover. Businesses will also need to ensure that they can sustain that insight by leveraging the cloud for global reach, scale and elasticity.
    SYS-CON Events announced today that Windstream, a leading provider of advanced network and cloud communications, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Windstream (Nasdaq: WIN), a FORTUNE 500 and S&P 500 company, is a leading provider of advanced network communications, including cloud computing and managed services, to businesses nationwide. The company also offers broadband, phone and digital TV services to consumers primarily in rural areas.
    SYS-CON Events announced today that IDenticard will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. IDenticard™ is the security division of Brady Corp (NYSE: BRC), a $1.5 billion manufacturer of identification products. We have small-company values with the strength and stability of a major corporation. IDenticard offers local sales, support and service to our customers across the United States and Canada. Our partner network encompasses some 300 of the world's leading systems integrators and security s...
    IoT is still a vague buzzword for many people. In his session at @ThingsExpo, Mike Kavis, Vice President & Principal Cloud Architect at Cloud Technology Partners, discussed the business value of IoT that goes far beyond the general public's perception that IoT is all about wearables and home consumer services. He also discussed how IoT is perceived by investors and how venture capitalist access this space. Other topics discussed were barriers to success, what is new, what is old, and what the future may hold. Mike Kavis is Vice President & Principal Cloud Architect at Cloud Technology Pa...
    Cloud Expo 2014 TV commercials will feature @ThingsExpo, which was launched in June, 2014 at New York City's Javits Center as the largest 'Internet of Things' event in the world. The next @ThingsExpo will take place November 4-6, 2014, at the Santa Clara Convention Center, in Santa Clara, California. Since its launch in 2008, Cloud Expo TV commercials have been aired and CNBC, Fox News Network, and Bloomberg TV. Please enjoy our 2014 commercial.