|By Nitin Gaur||
|February 26, 2010 01:00 PM EST||
HTTP session management is a function offered by Java Enterprise Edition (JEE) application servers. It allows JEE applications to store state information about a given user across many HTTP requests. The JEE specification provides an API to store and retrieve information specific to the given user. WebSphere application servers and other competing products, provide session replication functionality. This is normally done either by writing to a database or through memory-to-memory replication technology. These approaches while extensively used today, have operational challenges and cost implications. HTTP session replication enables for seamless session recovery, in event of an application failure, but we currently do not have a reliable, predictable and cost effective solution to handle session recovery in event of a data center failure. Until now we have discouraged the session replication across cells and data centers primarily due to cost and performance impact. With introduction of WXS' Zone support technology, it is now possible to achieve session recovery in event of a data center failure.
This paper will attempt to discuss the usage scenario and demonstrate the use of WXS as a separate in memory data grid to store http sessions. This paper will discuss history and existing technology and introduces WXS as a technology that differentiates itself, by addressing existing scalability challenges in a cost effective manner. We will also discuss the simplification of technical implementation of WXS grid, which makes WXS a compelling yet simple solution to store HTTP session.
Challenges of storing HTTP sessions?
Many enterprise applications today require HTTP session persistence. This requirement stems primarily from end user expectations, regulatory constraints and/or SLA (service level agreements) commitments. The session persistence provides the application with features such as, handling session state information, high availability of end user sessions and application performance enhancements. WebSphere Application server provides an application infrastructure to ensure efficient session persistence management and configuration. For instance WebSphere Application server provides two distinct mechanisms to persist sessions, they are a. memory-to-memory replication and b. store session object in shared database. While these two mechanisms provide persistence mechanism, there is a need to ensure the validity of session state across clustered application servers. The suggested and accepted approach includes (Brown et al)
Use of Shared database to store sessions
While these options exist to store HTTP session and state beyond the life of an application server or JVM, facilitating high availability, these approaches have challenges of their own. The growth and changing dynamic of the e-business applications, have forced application infrastructure to rethink the session persistence strategies. Some of these growing challenges include:
a. Use of runtime real-estate i.e. application server JVM heap to store session, seems inefficient use of resources.
b. Higher administrative and maintenance costs due to increase in user base and subsequent linear growth in application hosting infrastructure.
c. Performance consideration of storing, replicating and managing state of session objects.
d. Performance consideration due to large session objects in some specific use cases.
The challenges around session storage revolve around performance costs due to serialization of the session object to a database or to other Application servers/JVMs across the network. This performance costs coupled with the management of session state such as replication, updates and invalidation as add significant performance bottlenecks to the application hosting platforms.
Figure 1: memory to memory session replication.
Figure 2: Database session replication.
- Why use WXS?
Websphere eXtreme Scale (WXS) attempts to address these performance considerations by introducing a new technological platform that purports improvised management and replication, thus addressing the challenges imposed by conventional HTTP session persistent mechanism. It is to be noted that while WXS also employs the memory to memory replication of http sessions, it significantly differs from the same mechanism employed by the WebSphere Network Deployment. WXS provides features such as QoS, replication reliability and linear scalability, which is non existent in Websphere ND. WXS distinguishes itself from traditional approaches in the following ways:
- Enabling a grid of JVMs with a sole purpose of storing Http session (or any java) objects.
- Isolating the application runtime from grid runtime, thereby, freeing up the JVM heap for application use.
- Provide linear scalability to accommodate growth, with growth in sessions or size of session objects.
- Providing an implicit replication and management of session objects within the grid.
- <*NEW*> With Zone support enabling storing of session objects across geographically disperse datacenters (and cells), overcoming the traditional limitation of single cell replication.
- QoS and replication reliability: Replication in WebSphere ND is best effort, which implies that consistency and changes cannot be guaranteed. WXS offers a reliable replication mechanism.
Figure 3A: WXS enabled grid for session persistence. Here WXS Grid JVMs are Isolated from Application JVMs
Figure 3B: WXS co-located HTTP session persistence. Here Application and Grid are co-located in the same JVM.
WebSphere eXtreme Scale provides non-invasive integration for HTTP session management, so that the application does not have to be changed. It does this in 2 ways:
a. HTTP servlet filter, a standard part of the servlet specification.
As shown in Figure , the HTTP servlet filter intercepts every request, prior to forwarding the request to servlet or JSP. The servlet filter wraps the HTTPServletRequest and HTTPServletResponse objects that the application developer uses to access the request's session state. The eXtreme Scale HTTPSession object overrides the object normally provided by the default session manager. There is therefore no data duplication between the two session managers, and eXtreme scale provided session manager overrides the WebSphere session manager. The filter ensures that the session data is synchronized with the grid. On each request, if HTTP session attributes have changed, they will be written back into the grid. The WXS enabled HTTP filter presents a choice of storing the sessions in the same JVMs as the servlet containers (collocated) or in a separate grid tier of remote JVMs. Each of these options have their merits and demerits, and should one of the infrastructure design considerations.
The synchronous interaction of the filter and the grid, is also an important design consideration. The synchronous interaction between filter and grid ensures that any change to the http session is immediately replicated to the grid. While this may be a desirable option in some cases, it does have a performance impact. WXS allows a configuration (in splicer.properties file) for this interaction to be asynchronous, where the changes are buffered and flushed to the grid, at defined intervals. It is to be noted that this Syncronous/Asynchronos replication between the filter and the grid, while similar in concept, is entirely different from the replication mechanism configured between the grid servers.
The following steps need to be performed in order to use HTTP servlet filer with WXS:
1. Create the following files and Package it with WAR (Web) Module in the META-INF directory.
- objectGrid.xml :This contains the definition of the grid itself; the maps, locking behavior, plug-ins, etc.
- objectGridDeployment.xml : This contains a description of the grid's deployment; how many partitions, zones, replication strategy etc.
- splicer.properties: This file provides the values used by the addObjectGridFilter script to splice the web module. This is one of the required input parameters for the script that splices the web module with filter declarations. This file contains servlet context initialization parameters such as catalog server host and port, affinity, persistence mechanism, replication type & interval etc. It is to be noted that while this file is not required artifact in the WAR (Web) Module, and only the above mentioned xml files are required, including this file is more for information only.
2. Run the addObjectGridFilter script on the WAR to add the filter to the web.xml file. The addObjectGridFilter script is usually located :
Usage : addSessionObjectGridFilter <location of war/ear file> <location of properties file>
Example: addSessionObjectGridFilter MyWebModule.war splicer.properties
3. When using WXS in a WebSphere ND managed environment, the managed nodes would need to be augmented with WXS (a.k.a XD-DG), and perform step 1 and 2, and deploy the Web Module or WAR to WXS augmented cluster.
b. Use of ObjectGrid client server Topology for embedded applications
This is a variation of the above techniques, in which the application is the client to the WXS grid.
I. Collocating the application with the grid (i.e. same ‘runtime' JVM): This is when the ObjectGrid servers are collocated in the same processes where the servlets run. The WXS session manager can communicate directly to the local ObjectGrid instance, since it is collocated with in the same server process.
When WebSphere Application Server as runtime and grid container, simply place the supplied objectGrid.xml and objectGridDeployment.xml files into the META-INF directories of your WAR files. ObjectGrid will automatically detect the presence of these files when the application starts and will then automatically launch the ObjectGrid containers in the same process as the session manager. You can modify the objectGridDeployment.xml depending on which type of replication (synchronous or asynchronous) and how many replicas you want configured. This step assumes that your have augmented the application server profile/instance with WXS.
II. Isolating the application from the grid (i.e. application and grid in separate JVMs): Unlike the topology discussed above the server process hosting the application is different from the server process hosting the JVMs. This is beneficial for the application with either voluminous HTTP session traffic or relatively larger http session objects. In this case the WXS session manager, which resides on the application server process, communicates to a remote ObjectGrid server processes. In effect the WXS session manager becomes the client, to the Object grid servers, which are the hosts to grid containers.
To use a remote, ObjectGrid, the WXS session manager must be configured to communicate with the catalog servers and grid servers. The session manager will then use an ObjectGrid client connection to communicate to the catalog server and the ObjectGrid servers, wherever they reside. If the ObjectGrid servers are to be started in independent, standalone J2SE processes, then it is advisable to launch the ObjectGrid containers using the objectGridStandAlone.xml and objectGridDeploymentStandAlone.xml files supplied in the session manager samples directory. This differentiation is to indicate that the HTTP session store is standalone and isolated. The core functionality of the file remains, i.e. like objectGrid.xml, objectGridStandalone.xml defines the grid for sessions, and objectGridDeploymentStandalone.xml defines the mechanics of grid deployment.
- Zone support
With WXS Zone based replication, WXS allows for rules-based data placement, enabling high availability of the grid due to redundant placement of data across physical locations. This notion is particularly appealing to enterprise environments that need data replication and availability across geographically dispersed data centers.
WebSphere eXtreme Scale introduced zone-based support introduced in V220.127.116.11. Zone support provides much needed control of shard placement in the grid. Zone support allows for rules-based shard placement, enabling high availability of the grid due to redundant placement of shards across physical locations. This notion is particularly appealing to enterprise environments that need data replication and availability across geographically dispersed data centers. In the past these enterprise computing environments were limited due to the performance constraints imposed by networks and real time data replication requirements. With the inclusion of Zone support, WebSphere eXtreme Scale offers better scalability by decoupling the grid environment. With Zone support, only the metadata shared by the catalog servers is synchronously replicated,
While the data objects are copied asynchronously across networks. This not only enables better location awareness and access of objects, but also imposes fewer burdens on enterprise networks, by eliminating the requirement of real time replication.
As long as catalog servers see zones being registered (as the zoned grid server come alive), the primary and replica shards are striped across zones. Further, the zone rules described in the objectGridDeployment.xml file, will dictate placement of sync or async replica shards in respective zones.
As a general practice, it is recommended that you place only sync replicas in same zone and async replicas in a different zone for optimal replication performance. This placement also would be optimal for scaling across geographies or data centers.
Since core groups do not span zones, the catalog server(s) are placed one or two per data center or zones, and the catalog servers synchronize their object/shard routing information. A catalog service must be clustered for high availability in every zone. The catalog servers retain topology information of all of the containers in the ObjectGrid and controls balancing and routing for all clients. Since catalog servers play a vital role in maintaining the catalog service and client routing, it is important to understand the concept of a catalog service quorum. A catalog service quorum is the minimum number of active catalog server members required for the grid system to operate correctly (i.e to accept membership registrations and changes to membership to ensure proper routing and shard placement).
<shardMapping shard="P" zoneRuleRef="stripeZone"/>
<shardMapping shard="S" zoneRuleRef="stripeZone"/>
<zoneRule name ="stripeZone" exclusivePlacement="true" >
<zone name="ZoneA" />
<zone name="ZoneB" />
<zone name="ZoneC" />
Figure 4: Zone meta data from ObjectGridDeployment.xml file, showing single ZoneRule ‘StripeZone' i.e if primary is placed in Zone A, the secondary will be placed in either ZoneB or ZoneC, but not both.
This approach of ensuring the registration and consistency of grid servers is achieved only when a quorum is established between catalog servers. Writes to
the catalog service state are committed only when the majority of the catalog
servers participate in the transaction. Containers that are changing states cannot
receive any commands, unless the catalog service transaction commits first. If
the catalog service is hosted in a minority partition, i.e no quorum established, it
then accepts liveness messages. The catalog servers cannot, however, accept
server registrations or membership changes, because the state is essentially frozen, until the catalog service quorum is re-established.
Figure 5: Two geographically disperse Zones to store HTTP sessions across 2 data centers. Please note that the Catalog Servers are hosted in separate JVMs from Grid containers, and ONLY the Catalog severs are grouped in separate core group. This is done as Zones do not span core groups.
One of the main design concerns of an application and application infrastructure is the session persistence and handling of session state beyond the life of application servers/JVMs. The traditional persistence mechanisms have imposed performance and scalability concerns with growth in business and subsequent requirements. Growth in business usually results in increase traffic, user session and proportional storage requirements. Historically IT organizations have attempted to battle this problem with innovative and complex solutions such as employing various caching layers at the edge for static content, and a separate cache for dynamic content, or by selectively preserving some HTTP Session data and recreating the others. Such strategies while effective in some application environment, have reached maturity level of its growth spectrum. Increasingly complex and de-fragmented application frameworks have compelled the introduction on ‘in-memory data grid' to provide a scalable solution to address the growth of session storage - both in terms of size and volume. The introduction of an in memory grid relieves the constant battle with scalability and provides an isolated layer, whose sole purpose is to store HTTP Session (or any java) objects.
WXS technology enables ‘in-memory data grid' which is essentially a grid of interconnect JVMs, acting as a single cohesive unit, much like a database, without the management and performance overheads. Using WXS for HTTP session persistence is a very non-invasive change to application architecture, as seen in Figure 3, a servlet filer is introduced in the application intercepting requests and connecting to the grid, without any significant change to the application architecture. The WXS enabled grid is policy driven; self managed and can easily absorb growth by inclusion of additional JVMs to the existing grid. WXS thus makes a compelling consideration for HTTP session persistence in the environments that is plagued with performance and scalability woes due to growth in business application traffic. WXS not only addresses the fundamental session storage concerns, but add to the capability of storing session across geographically disperse data centers, independent of WebSphere infrastructure's cell based management boundaries. This capability alone, arms organization with the ability to persist and handle session state across data centers. Such a capability was neither recommended nor technically feasible with existing technologies and solutions. WXS' Zone support thus becomes a distinguishing feature, which sets WXS apart from many competing caching technologies.
1. User's Guide to WebSphere eXtreme Scale - http://www.redbooks.ibm.com/abstracts/sg247683.html
2. Brown et al - Improving HTTP session performance with smart serialization http://www.ibm.com/developerworks/websphere/library/bestpractices/httpsession_performance_serialization.html
3. WebSphere Extreme Scale WiKi - http://www.ibm.com/developerworks/wikis/display/objectgrid/Getting+started
4. Billy Newport's Blog -
I want to thank Joshua T Dettinger and Billy Newport for his help in technical content and editing of this paper.
Connected devices and the Internet of Things are getting significant momentum in 2014. In his session at Internet of @ThingsExpo, Jim Hunter, Chief Scientist & Technology Evangelist at Greenwave Systems, examined three key elements that together will drive mass adoption of the IoT before the end of 2015. The first element is the recent advent of robust open source protocols (like AllJoyn and WebRTC) that facilitate M2M communication. The second is broad availability of flexible, cost-effective storage designed to handle the massive surge in back-end data in a world where timely analytics is e...
May. 30, 2015 02:00 AM EDT Reads: 6,523
Collecting data in the field and configuring multitudes of unique devices is a time-consuming, labor-intensive process that can stretch IT resources. Horan & Bird [H&B], Australia’s fifth-largest Solar Panel Installer, wanted to automate sensor data collection and monitoring from its solar panels and integrate the data with its business and marketing systems. After data was collected and structured, two major areas needed to be addressed: improving developer workflows and extending access to a business application to multiple users (multi-tenancy). Docker, a container technology, was used to ...
May. 30, 2015 01:00 AM EDT Reads: 2,798
SYS-CON Events announced today that BMC will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. BMC delivers software solutions that help IT transform digital enterprises for the ultimate competitive business advantage. BMC has worked with thousands of leading companies to create and deliver powerful IT management services. From mainframe to cloud to mobile, BMC pairs high-speed digital innovation with robust IT industrialization – allowing customers to provide amazing user experiences with optimized IT per...
May. 29, 2015 11:15 PM EDT Reads: 1,750
The true value of the Internet of Things (IoT) lies not just in the data, but through the services that protect the data, perform the analysis and present findings in a usable way. With many IoT elements rooted in traditional IT components, Big Data and IoT isn’t just a play for enterprise. In fact, the IoT presents SMBs with the prospect of launching entirely new activities and exploring innovative areas. CompTIA research identifies several areas where IoT is expected to have the greatest impact.
May. 29, 2015 09:00 PM EDT Reads: 5,541
2015 predictions circa 1970: houses anticipate our needs and adapt, city infrastructure is citizen and situation aware, office buildings identify and preprocess you. Today smart buildings have no such collective conscience, no shared set of fundamental services to identify, predict and synchronize around us. LiveSpace and M2Mi are changing that. LiveSpace Smart Environment devices deliver over the M2Mi IoT Platform real time presence, awareness and intent analytics as a service to local connected devices. In her session at @ThingsExpo, Sarah Cooper, VP Business of Development at M2Mi, will d...
May. 29, 2015 04:27 PM EDT Reads: 863
The Industrial Internet revolution is now underway, enabled by connected machines and billions of devices that communicate and collaborate. The massive amounts of Big Data requiring real-time analysis is flooding legacy IT systems and giving way to cloud environments that can handle the unpredictable workloads. Yet many barriers remain until we can fully realize the opportunities and benefits from the convergence of machines and devices with Big Data and the cloud, including interoperability, data security and privacy.
May. 29, 2015 03:45 PM EDT Reads: 5,120
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In this session, James Kirkland, Red Hat's Chief Architect for the Internet of Things and Intelligent Systems, will describe how to revolutionize your architecture and...
May. 29, 2015 02:33 PM EDT Reads: 858
We’re entering a new era of computing technology that many are calling the Internet of Things (IoT). Machine to machine, machine to infrastructure, machine to environment, the Internet of Everything, the Internet of Intelligent Things, intelligent systems – call it what you want, but it’s happening, and its potential is huge. IoT is comprised of smart machines interacting and communicating with other machines, objects, environments and infrastructures. As a result, huge volumes of data are being generated, and that data is being processed into useful actions that can “command and control” thi...
May. 29, 2015 02:00 PM EDT Reads: 1,387
The Internet of Things is tied together with a thin strand that is known as time. Coincidentally, at the core of nearly all data analytics is a timestamp. When working with time series data there are a few core principles that everyone should consider, especially across datasets where time is the common boundary. In his session at Internet of @ThingsExpo, Jim Scott, Director of Enterprise Strategy & Architecture at MapR Technologies, discussed single-value, geo-spatial, and log time series data. By focusing on enterprise applications and the data center, he will use OpenTSDB as an example t...
May. 29, 2015 02:00 PM EDT Reads: 6,897
All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades. With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo, June 9-11, 2015, at the Javits Center in New York City. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be
May. 29, 2015 01:15 PM EDT Reads: 3,100
SYS-CON Events announced today that MetraTech, now part of Ericsson, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Ericsson is the driving force behind the Networked Society- a world leader in communications infrastructure, software and services. Some 40% of the world’s mobile traffic runs through networks Ericsson has supplied, serving more than 2.5 billion subscribers.
May. 29, 2015 01:00 PM EDT Reads: 2,497
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using the URL as a basic building block, we open this up and get the same resilience that the web enjoys.
May. 29, 2015 01:00 PM EDT Reads: 7,542
We are reaching the end of the beginning with WebRTC, and real systems using this technology have begun to appear. One challenge that faces every WebRTC deployment (in some form or another) is identity management. For example, if you have an existing service – possibly built on a variety of different PaaS/SaaS offerings – and you want to add real-time communications you are faced with a challenge relating to user management, authentication, authorization, and validation. Service providers will want to use their existing identities, but these will have credentials already that are (hopefully) i...
May. 29, 2015 01:00 PM EDT Reads: 4,802
Thanks to widespread Internet adoption and more than 10 billion connected devices around the world, companies became more excited than ever about the Internet of Things in 2014. Add in the hype around Google Glass and the Nest Thermostat, and nearly every business, including those from traditionally low-tech industries, wanted in. But despite the buzz, some very real business questions emerged – mainly, not if a device can be connected, or even when, but why? Why does connecting to the cloud create greater value for the user? Why do connected features improve the overall experience? And why do...
May. 29, 2015 12:42 PM EDT Reads: 990
SYS-CON Events announced today that O'Reilly Media has been named “Media Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York City, NY. O'Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O'Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurring their adoption by amplifying "faint signals" from the alpha geeks who are creating the future. An active participa...
May. 29, 2015 12:30 PM EDT Reads: 1,394
Imagine a world where targeting, attribution, and analytics are just as intrinsic to the physical world as they currently are to display advertising. Advances in technologies and changes in consumer behavior have opened the door to a whole new category of personalized marketing experience based on direct interactions with products. The products themselves now have a voice. What will they say? Who will control it? And what does it take for brands to win in this new world? In his session at @ThingsExpo, Zack Bennett, Vice President of Customer Success at EVRYTHNG, will answer these questions a...
May. 29, 2015 12:13 PM EDT Reads: 889
The 4th International Internet of @ThingsExpo, co-located with the 17th International Cloud Expo - to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA - announces that its Call for Papers is open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
May. 29, 2015 12:00 PM EDT Reads: 2,702
An entirely new security model is needed for the Internet of Things, or is it? Can we save some old and tested controls for this new and different environment? In his session at @ThingsExpo, New York's at the Javits Center, Davi Ottenheimer, EMC Senior Director of Trust, reviewed hands-on lessons with IoT devices and reveal a new risk balance you might not expect. Davi Ottenheimer, EMC Senior Director of Trust, has more than nineteen years' experience managing global security operations and assessments, including a decade of leading incident response and digital forensics. He is co-author of t...
May. 29, 2015 11:00 AM EDT Reads: 6,200
The Internet of Things is a misnomer. That implies that everything is on the Internet, and that simply should not be - especially for things that are blurring the line between medical devices that stimulate like a pacemaker and quantified self-sensors like a pedometer or pulse tracker. The mesh of things that we manage must be segmented into zones of trust for sensing data, transmitting data, receiving command and control administrative changes, and peer-to-peer mesh messaging. In his session at @ThingsExpo, Ryan Bagnulo, Solution Architect / Software Engineer at SOA Software, focused on desi...
May. 29, 2015 11:00 AM EDT Reads: 4,506
The multi-trillion economic opportunity around the "Internet of Things" (IoT) is emerging as the hottest topic for investors in 2015. As we connect the physical world with information technology, data from actions, processes and the environment can increase sales, improve efficiencies, automate daily activities and minimize risk. In his session at @ThingsExpo, Ed Maguire, Senior Analyst at CLSA Americas, will describe what is new and different about IoT, explore financial, technological and real-world impact across consumer and business use cases. Why now? Significant corporate and venture...
May. 29, 2015 10:50 AM EDT Reads: 961