Welcome!

Websphere Authors: Pat Romanski, Carmen Gonzalez, Elizabeth White, Liz McMillan, Yeshim Deniz

Related Topics: Websphere, Java

Websphere: Article

Scalable HTTP Session Management with WebSphere Extreme Scale (WXS)

Cross datacenter HTTP session replication

HTTP session management is a function offered by Java Enterprise Edition (JEE) application servers. It allows JEE applications to store state information about a given user across many HTTP requests. The JEE specification provides an API to store and retrieve information specific to the given user. WebSphere application servers and other competing products, provide session replication functionality. This is normally done either by writing to a database or through memory-to-memory replication technology.  These approaches while extensively used today, have operational challenges and cost implications. HTTP session replication enables for seamless session recovery, in event of an application failure, but we currently do not have a reliable, predictable and cost effective solution to handle session recovery in event of a data center failure. Until now we have discouraged the session replication across cells and data centers primarily due to cost and performance impact. With introduction of WXS' Zone support technology, it is now possible to achieve session recovery in event of a data center failure.

This paper will attempt to discuss the usage scenario and demonstrate the use of WXS as a separate in memory data grid to store http sessions. This paper will discuss history and existing technology and introduces WXS as a technology that differentiates itself, by addressing existing scalability challenges in a cost effective manner. We will also discuss the simplification of technical implementation of WXS grid, which makes WXS a compelling yet simple solution to store HTTP session.

Challenges of storing HTTP sessions?
Many enterprise applications today require HTTP session persistence. This requirement stems primarily from end user expectations, regulatory constraints and/or SLA (service level agreements) commitments. The session persistence provides the application with features such as, handling session state information, high availability of end user sessions and application performance enhancements. WebSphere Application server provides an application infrastructure to ensure efficient session persistence management and configuration. For instance WebSphere Application server provides two distinct mechanisms to persist sessions, they are a. memory-to-memory replication and b. store session object in shared database. While these two mechanisms provide persistence mechanism, there is a need to ensure the validity of session state across clustered application servers. The suggested and accepted approach includes (Brown et al)

Use of Shared database to store sessions

  • Session affinity - mechanism to ensure pinning of user session to a particular server.
  • Invalidation of session across all session persistent storage entities (JVMs or databases).
  • While these options exist to store HTTP session and state beyond the life of an application server or JVM, facilitating high availability, these approaches have challenges of their own. The growth and changing dynamic of the e-business applications, have forced application infrastructure to rethink the session persistence strategies.  Some of these growing challenges include:

    a.       Use of runtime real-estate i.e. application server JVM heap to store session, seems inefficient use of resources.

    b.      Higher administrative and maintenance costs due to increase in user base and subsequent linear growth in application hosting infrastructure.

    c.       Performance consideration of storing, replicating and managing state of session objects.

    d.      Performance consideration due to large session objects in some specific use cases.

    The challenges around session storage revolve around performance costs due to serialization of the session object to a database or to other Application servers/JVMs across the network. This performance costs coupled with the management of session state such as replication, updates and invalidation as add significant performance bottlenecks to the application hosting platforms.

    Figure 1: memory to memory session replication.

    Figure 2: Database session replication.

    1. Why use WXS?

    Websphere eXtreme Scale (WXS) attempts to address these performance considerations by introducing a new technological platform that purports improvised management and replication, thus addressing the challenges imposed by conventional HTTP session persistent mechanism. It is to be noted that while WXS also employs the memory to memory replication of http sessions, it significantly differs from the same mechanism employed by the WebSphere Network Deployment. WXS provides features such as QoS, replication reliability and linear scalability, which is non existent in Websphere ND. WXS distinguishes itself from traditional approaches in the following ways:

      1. Enabling a grid of JVMs with a sole purpose of storing Http session (or any java) objects.
      2. Isolating the application runtime from grid runtime, thereby, freeing up the JVM heap for application use.
      3. Provide linear scalability to accommodate growth, with growth in sessions or size of session objects.
      4. Providing an implicit replication and management of session objects within the grid.
      5. <*NEW*> With Zone support enabling storing of session objects across geographically disperse datacenters (and cells), overcoming the traditional limitation of single cell replication.
      6. QoS  and replication reliability: Replication in WebSphere ND is best effort, which implies that consistency and changes cannot be guaranteed. WXS offers a reliable replication mechanism.

    Figure 3A: WXS enabled grid for session persistence. Here WXS Grid JVMs are Isolated from Application JVMs

    Figure 3B: WXS co-located HTTP session persistence. Here Application and Grid are co-located in the same JVM.

    WebSphere eXtreme Scale provides non-invasive integration for HTTP session management, so that the application does not have to be changed. It does this in 2 ways:

    a. HTTP servlet filter, a standard part of the servlet specification.

    As shown in Figure , the HTTP servlet filter intercepts every request, prior to forwarding the request to servlet or JSP. The servlet filter wraps the HTTPServletRequest and HTTPServletResponse objects that the application developer uses to access the request's session state. The eXtreme Scale HTTPSession object overrides the object normally provided by the default session manager. There is therefore no data duplication between the two session managers, and eXtreme scale provided session manager overrides the WebSphere session manager. The filter ensures that the session data is synchronized with the grid. On each request, if HTTP session attributes have changed, they will be written back into the grid. The WXS enabled HTTP filter presents a choice of storing the sessions in the same JVMs as the servlet containers (collocated) or in a separate grid tier of remote JVMs. Each of these options have their merits and demerits, and should one of the infrastructure design considerations.

    The synchronous interaction of the filter and the grid, is also an important design consideration. The synchronous interaction between filter and grid ensures that any change to the http session is immediately replicated to the grid. While this may be a desirable option in some cases, it does have a performance impact. WXS allows a configuration (in splicer.properties file)  for this interaction to be asynchronous, where the changes are buffered and flushed to the grid, at defined intervals. It is to be noted that this Syncronous/Asynchronos replication between the filter and the grid, while similar in concept, is entirely different from the replication mechanism configured between the grid servers.

    The following steps need to be performed in order to use HTTP servlet filer with WXS:

    1.                Create the following files and Package it with WAR (Web) Module in the META-INF directory.

    -          objectGrid.xml :This contains the definition of the grid itself; the maps, locking behavior, plug-ins, etc.

    -          objectGridDeployment.xml : This contains a description of the grid's deployment; how many partitions, zones, replication strategy etc.

    -          splicer.properties: This file provides the values used by the addObjectGridFilter script to splice the web module. This is one of the required input parameters for the script that splices the web module with filter declarations. This file contains servlet context initialization parameters such as catalog server host and port, affinity, persistence mechanism, replication type & interval etc. It is to be noted that while this file is not required artifact in the WAR (Web) Module, and only the above mentioned xml files are required, including this file is more for information only.

    2.                Run the addObjectGridFilter script on the WAR to add the filter to the web.xml file. The addObjectGridFilter script is usually located :

    <WXS_HOME>/session/bin/addObjectGridFilter.bat/.sh

    Usage : addSessionObjectGridFilter <location of  war/ear file> <location of properties file>

    Example: addSessionObjectGridFilter MyWebModule.war splicer.properties

    3.                When using WXS in a WebSphere ND managed environment, the managed nodes would need to be augmented with WXS (a.k.a XD-DG), and perform step 1 and 2, and deploy the Web Module or WAR to WXS augmented cluster.

    b. Use of  ObjectGrid client server Topology for embedded applications

    This is a  variation of the above techniques, in which the application  is the client to the WXS grid.

    I.      Collocating the application with the grid (i.e. same ‘runtime' JVM): This is when the ObjectGrid servers are collocated in the same processes where the servlets run. The WXS session manager can communicate directly to the local ObjectGrid instance, since it is collocated with in the same server process.

    When WebSphere Application Server as runtime and grid container, simply place the supplied objectGrid.xml and objectGridDeployment.xml files into the META-INF directories of your WAR files. ObjectGrid will automatically detect the presence of these files when the application starts and will then automatically launch the ObjectGrid containers in the same process as the session manager. You can modify the objectGridDeployment.xml depending on which type of replication (synchronous or asynchronous) and how many replicas you want configured. This step assumes that your have augmented the application server profile/instance with WXS.

    II. Isolating the application from the grid (i.e. application and grid in separate JVMs): Unlike the topology discussed above the server process hosting the application is different from the server process hosting the JVMs. This is beneficial for the application with either voluminous HTTP session traffic or relatively larger http session objects.  In this case the WXS session manager, which resides on the application server process, communicates to a remote ObjectGrid server processes. In effect the WXS session manager becomes the client, to the Object grid servers, which are the hosts to grid containers.

    To use a remote, ObjectGrid, the WXS session manager must be configured to communicate with the catalog servers and grid servers. The session manager will then use an ObjectGrid client connection to communicate to the catalog server and the ObjectGrid servers, wherever they reside. If the ObjectGrid servers are to be started in independent, standalone J2SE processes, then it is advisable to launch the ObjectGrid containers using the objectGridStandAlone.xml and objectGridDeploymentStandAlone.xml files supplied in the session manager samples directory.  This differentiation is to indicate that the HTTP session store is standalone and isolated. The core functionality of the file remains, i.e. like objectGrid.xml, objectGridStandalone.xml  defines the grid for sessions, and objectGridDeploymentStandalone.xml  defines the mechanics of grid deployment.

    1. Zone support

    With WXS Zone based replication, WXS allows for rules-based data placement, enabling high availability of the grid due to redundant placement of data across physical locations. This notion is particularly appealing to enterprise environments that need data replication and availability across geographically dispersed data centers.

    WebSphere eXtreme Scale introduced zone-based support introduced in V6.1.0.3. Zone support provides much needed control of shard placement in the grid. Zone support allows for rules-based shard placement, enabling high availability of the grid due to redundant placement of shards across physical locations. This notion is particularly appealing to enterprise environments that need data replication and availability across geographically dispersed data centers. In the past these enterprise computing environments were limited due to the performance constraints imposed by networks and real time data replication requirements. With the inclusion of Zone support, WebSphere eXtreme Scale offers better scalability by decoupling the grid environment. With Zone support, only the metadata shared by the catalog servers is synchronously replicated,

    While the data objects are copied asynchronously across networks. This not only enables better location awareness and access of objects, but also imposes fewer burdens on enterprise networks, by eliminating the requirement of real time replication.

    As long as catalog servers see zones being registered (as the zoned grid server come alive), the primary and replica shards are striped across zones. Further, the zone rules described in the objectGridDeployment.xml file, will dictate placement of sync or async replica shards in respective zones.

    As a general practice, it is recommended that you place only sync replicas in same zone and async replicas in a different zone for optimal replication performance. This placement also would be optimal for scaling across geographies or data centers.

    Since core groups do not span zones, the catalog server(s) are placed one or two per data center or zones, and the catalog servers synchronize their object/shard routing information. A catalog service must be clustered for high availability in every zone. The catalog servers retain topology information of all of the containers in the ObjectGrid and controls balancing and routing for all clients. Since catalog servers play a vital role in maintaining the catalog service and client routing, it is important to understand the concept of a catalog service quorum. A catalog service quorum is the minimum number of active catalog server members required for the grid system to operate correctly (i.e to accept membership registrations and changes to membership to ensure proper routing and shard placement).

     

    <zoneMetadata>
            <shardMapping shard="P" zoneRuleRef="stripeZone"/>
            <shardMapping shard="S" zoneRuleRef="stripeZone"/>
            <zoneRule name ="stripeZone" exclusivePlacement="true" >
              <zone name="ZoneA" />
              <zone name="ZoneB" />
              <zone name="ZoneC" />
            </zoneRule>
          </zoneMetadata>

     

    Figure 4: Zone meta data from ObjectGridDeployment.xml file, showing single ZoneRule ‘StripeZone' i.e if primary is placed in Zone A, the secondary will be placed in either ZoneB or ZoneC, but not both.

    This approach of ensuring the registration and consistency of grid servers is achieved only when a quorum is established between catalog servers. Writes to

    the catalog service state are committed only when the majority of the catalog

    servers participate in the transaction. Containers that are changing states cannot

    receive any commands, unless the catalog service transaction commits first. If

    the catalog service is hosted in a minority partition, i.e no quorum established, it

    then accepts liveness messages. The catalog servers cannot, however, accept

    server registrations or membership changes, because the state is essentially frozen, until the catalog service quorum is re-established.

    Figure 5: Two geographically disperse Zones to store HTTP sessions across 2 data centers. Please note that the Catalog Servers are hosted in separate JVMs from Grid containers, and ONLY the Catalog severs are grouped in separate core group. This is done as Zones do not span core groups.

    1. Conclusion

    One of the main design concerns of an application and application infrastructure is the session persistence and handling of session state beyond the life of application servers/JVMs. The traditional persistence mechanisms have imposed performance and scalability concerns with growth in business and subsequent requirements. Growth in business usually results in increase traffic, user session and proportional storage requirements.  Historically IT organizations have attempted to battle this problem with innovative and complex solutions such as employing various caching layers at the edge for static content, and a separate cache for dynamic content, or by selectively preserving some HTTP Session data and recreating the others. Such strategies while effective in some application environment, have reached maturity level of its growth spectrum. Increasingly complex and de-fragmented application frameworks have compelled the introduction on ‘in-memory data grid' to provide a scalable solution to address the growth of session storage - both in terms of size and volume. The introduction of an in memory grid relieves the constant battle with scalability and provides an isolated layer, whose sole purpose is to store HTTP Session (or any java) objects.

    WXS technology enables ‘in-memory data grid' which is essentially a grid of interconnect JVMs, acting as a single cohesive unit, much like a database, without the management and performance overheads. Using WXS for HTTP session persistence is a very non-invasive change to application architecture, as seen in Figure 3, a servlet filer is introduced in the application intercepting requests and connecting to the grid, without any significant change to the application architecture. The WXS enabled grid is policy driven; self managed and can easily absorb growth by inclusion of additional JVMs to the existing grid. WXS thus makes a compelling consideration for HTTP session persistence in the environments that is plagued with performance and scalability woes due to growth in business application traffic. WXS not only addresses the fundamental session storage concerns, but add to the capability of storing session across geographically disperse data centers, independent of WebSphere infrastructure's cell  based management boundaries. This capability alone, arms organization with the ability to persist and handle session state across data centers. Such a capability was neither recommended nor technically feasible with existing technologies and solutions.  WXS' Zone support thus becomes a distinguishing feature, which sets WXS apart from many competing caching technologies.

    References:

    1.      User's Guide to WebSphere eXtreme Scale - http://www.redbooks.ibm.com/abstracts/sg247683.html

    2.      Brown et al - Improving HTTP session performance with smart serialization http://www.ibm.com/developerworks/websphere/library/bestpractices/httpsession_performance_serialization.html

    3.      WebSphere Extreme Scale WiKi - http://www.ibm.com/developerworks/wikis/display/objectgrid/Getting+started

    4.      Billy Newport's Blog -

    http://www.devwebsphere.com/

    5.      http://www.ibm.com/developerworks/websphere/library/techarticles/0905_gaur/0905_gaur.html

    Acknowledgements:

    I want to thank Joshua T Dettinger and Billy Newport for his help in technical content and editing of this paper.

    More Stories By Nitin Gaur

    Nitin Gaur, is currently working in capacity of Senior WebSphere Consulting IT Specialist with IBMs S&D Organization. Prior to teaming with IBM S&D organization, Nitin spend several years with WebSphere OEM team, a SWG entity and AIX support – ITS/IGS entity. In his 11 years with IBM he has achieved various industry recognized certifications and enriched his career by doing more than required by the defined job responsibilities. Prior to beginning his career with IBM, he was graduate student at University of Maryland University College. Apart from excelling in his normal job responsibilities, Nitin has been involved with many on going projects at IBM Austin. To name a few, Nitin has been an active member of Austin TVC – Technical Vitality Council, an IBM Academy affiliate since 2002.

    As a technical leader Nitin has been involved in various technical paper presentations in various conferences at IBM and outside. The range of the topics presented by him span from software architectures to improvement of management processes. Nitin, has been focused on staying close to customer and always attuned to their needs and problems. One of his primary job responsibilities includes positioning WebSphere infrastructure products and providing technical solution and support to field sales teams. He is relentless in researching skills and presenting the industry best practices of IT Infrastructure. Performing advance technical research and providing IBM clients with strategic solutions on WebSphere offerings is one his forte.

    @ThingsExpo Stories
    The Internet of Things will greatly expand the opportunities for data collection and new business models driven off of that data. In her session at @ThingsExpo, Esmeralda Swartz, CMO of MetraTech, discussed how for this to be effective you not only need to have infrastructure and operational models capable of utilizing this new phenomenon, but increasingly service providers will need to convince a skeptical public to participate. Get ready to show them the money!
    The Industrial Internet revolution is now underway, enabled by connected machines and billions of devices that communicate and collaborate. The massive amounts of Big Data requiring real-time analysis is flooding legacy IT systems and giving way to cloud environments that can handle the unpredictable workloads. Yet many barriers remain until we can fully realize the opportunities and benefits from the convergence of machines and devices with Big Data and the cloud, including interoperability, data security and privacy.
    The 3rd International Internet of @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that its Call for Papers is now open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
    Cloud Expo 2014 TV commercials will feature @ThingsExpo, which was launched in June, 2014 at New York City's Javits Center as the largest 'Internet of Things' event in the world.
    "People are a lot more knowledgeable about APIs now. There are two types of people who work with APIs - IT people who want to use APIs for something internal and the product managers who want to do something outside APIs for people to connect to them," explained Roberto Medrano, Executive Vice President at SOA Software, in this SYS-CON.tv interview at Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
    SYS-CON Media announced that Splunk, a provider of the leading software platform for real-time Operational Intelligence, has launched an ad campaign on Big Data Journal. Splunk software and cloud services enable organizations to search, monitor, analyze and visualize machine-generated big data coming from websites, applications, servers, networks, sensors and mobile devices. The ads focus on delivering ROI - how improved uptime delivered $6M in annual ROI, improving customer operations by mining large volumes of unstructured data, and how data tracking delivers uptime when it matters most.
    DevOps Summit 2015 New York, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete at launch. DevOps may be disruptive, but it is essential.
    Wearable devices have come of age. The primary applications of wearables so far have been "the Quantified Self" or the tracking of one's fitness and health status. We propose the evolution of wearables into social and emotional communication devices. Our BE(tm) sensor uses light to visualize the skin conductance response. Our sensors are very inexpensive and can be massively distributed to audiences or groups of any size, in order to gauge reactions to performances, video, or any kind of presentation. In her session at @ThingsExpo, Jocelyn Scheirer, CEO & Founder of Bionolux, will discuss ho...
    “With easy-to-use SDKs for Atmel’s platforms, IoT developers can now reap the benefits of realtime communication, and bypass the security pitfalls and configuration complexities that put IoT deployments at risk,” said Todd Greene, founder & CEO of PubNub. PubNub will team with Atmel at CES 2015 to launch full SDK support for Atmel’s MCU, MPU, and Wireless SoC platforms. Atmel developers now have access to PubNub’s secure Publish/Subscribe messaging with guaranteed ¼ second latencies across PubNub’s 14 global points-of-presence. PubNub delivers secure communication through firewalls, proxy ser...
    We’re no longer looking to the future for the IoT wave. It’s no longer a distant dream but a reality that has arrived. It’s now time to make sure the industry is in alignment to meet the IoT growing pains – cooperate and collaborate as well as innovate. In his session at @ThingsExpo, Jim Hunter, Chief Scientist & Technology Evangelist at Greenwave Systems, will examine the key ingredients to IoT success and identify solutions to challenges the industry is facing. The deep industry expertise behind this presentation will provide attendees with a leading edge view of rapidly emerging IoT oppor...
    The 3rd International Internet of @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that its Call for Papers is now open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
    Connected devices and the Internet of Things are getting significant momentum in 2014. In his session at Internet of @ThingsExpo, Jim Hunter, Chief Scientist & Technology Evangelist at Greenwave Systems, examined three key elements that together will drive mass adoption of the IoT before the end of 2015. The first element is the recent advent of robust open source protocols (like AllJoyn and WebRTC) that facilitate M2M communication. The second is broad availability of flexible, cost-effective storage designed to handle the massive surge in back-end data in a world where timely analytics is e...
    "There is a natural synchronization between the business models, the IoT is there to support ,” explained Brendan O'Brien, Co-founder and Chief Architect of Aria Systems, in this SYS-CON.tv interview at the 15th International Cloud Expo®, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
    The Internet of Things will put IT to its ultimate test by creating infinite new opportunities to digitize products and services, generate and analyze new data to improve customer satisfaction, and discover new ways to gain a competitive advantage across nearly every industry. In order to help corporate business units to capitalize on the rapidly evolving IoT opportunities, IT must stand up to a new set of challenges. In his session at @ThingsExpo, Jeff Kaplan, Managing Director of THINKstrategies, will examine why IT must finally fulfill its role in support of its SBUs or face a new round of...
    The BPM world is going through some evolution or changes where traditional business process management solutions really have nowhere to go in terms of development of the road map. In this demo at 15th Cloud Expo, Kyle Hansen, Director of Professional Services at AgilePoint, shows AgilePoint’s unique approach to dealing with this market circumstance by developing a rapid application composition or development framework.

    ARMONK, N.Y., Nov. 20, 2014 /PRNewswire/ --  IBM (NYSE: IBM) today announced that it is bringing a greater level of control, security and flexibility to cloud-based application development and delivery with a single-tenant version of Bluemix, IBM's platform-as-a-service. The new platform enables developers to build ap...

    Building low-cost wearable devices can enhance the quality of our lives. In his session at Internet of @ThingsExpo, Sai Yamanoor, Embedded Software Engineer at Altschool, provided an example of putting together a small keychain within a $50 budget that educates the user about the air quality in their surroundings. He also provided examples such as building a wearable device that provides transit or recreational information. He then reviewed the resources available to build wearable devices at home including open source hardware, the raw materials required and the options available to power s...
    An entirely new security model is needed for the Internet of Things, or is it? Can we save some old and tested controls for this new and different environment? In his session at @ThingsExpo, New York's at the Javits Center, Davi Ottenheimer, EMC Senior Director of Trust, reviewed hands-on lessons with IoT devices and reveal a new risk balance you might not expect. Davi Ottenheimer, EMC Senior Director of Trust, has more than nineteen years' experience managing global security operations and assessments, including a decade of leading incident response and digital forensics. He is co-author of t...
    The Internet of Things promises to transform businesses (and lives), but navigating the business and technical path to success can be difficult to understand. In his session at @ThingsExpo, Sean Lorenz, Technical Product Manager for Xively at LogMeIn, demonstrated how to approach creating broadly successful connected customer solutions using real world business transformation studies including New England BioLabs and more.
    The Internet of Things is not new. Historically, smart businesses have used its basic concept of leveraging data to drive better decision making and have capitalized on those insights to realize additional revenue opportunities. So, what has changed to make the Internet of Things one of the hottest topics in tech? In his session at @ThingsExpo, Chris Gray, Director, Embedded and Internet of Things, discussed the underlying factors that are driving the economics of intelligent systems. Discover how hardware commoditization, the ubiquitous nature of connectivity, and the emergence of Big Data a...