Software development techniques behind the magic user interface

Multi-Touch Developer Journal

Subscribe to Multi-Touch Developer Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Multi-Touch Developer Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Multi-Touch Authors: Will Davis, Ben Bradley, Qamar Qrsh, Suresh Sambandam, Jayaram Krishnaswamy

Related Topics: MultiTouch Developer Journal, Java EE Journal

Multi-Touch: Article

Failover and Recovery of Enterprise Applications - Part 1

High availability - moving beyond clustering

Replication Groups Within a Cluster
If there are multiple servers spanning more than one physical machine in a single WebLogic cluster, by default WebLogic chooses primary and secondary servers for session replication on different physical machines. Administrator can, however, configure replication groups as well to have better control over the failover policy.

Availability of Critical Applications
It is not necessary for an application to be unavailable only when the application server is down. WebLogic server by default does not assign any priority to any particular request. So, if there are multiple applications deployed on a single application server, an offending application can consume most of the resources such as execute threads, database connections, and JMS resources. In such a scenario, other applications deployed on the same cluster may be impacted - and may even become unresponsive - thereby becoming unavailable. While such issues in the applications should be resolved before they are moved into production, it is a good idea to provide some degree of isolation by allocating a custom execute queue for critical applications. This would shield the critical applications from being impacted by other applications.

JDBC High Availability
JDBC provides a physical connection to the underlying DBMS. The connection holds several parameters: transactional context, prepared statement caches, and so forth. These parameters cannot be failed over to another connection and therefore, failover of JDBC connections is not supported. However, if you have replicated, synchronized database instances, you can use a JDBC multi pool to achieve high availability of database connections. In such an environment, if a client cannot obtain a connection from one connection pool in the multi pool because the pool doesn't exist or because database connectivity from the pool is down, WebLogic Server will attempt to obtain a connection from the next connection pool in the list of pools. While it is not common to see the database servers going down, the true high availability for JDBC can be achieved by using Oracle Real Application Cluster (RAC). One should, however, be aware of some of the limitations (such as failover during XA transactions) that exist in the RAC implementation.

JMS High Availability
High availability for JMS is achieved by using cluster-wide deployments of JMS connection factories and distributed destinations. Distributed destinations are virtual destinations with actual physical members on one or more managed servers that are part of the cluster. The clients perform a JNDI lookup using a distributed destination name, and the JMS server performs a routing of the requests to the underlying JMS objects. If one of the nodes that hosts the JMS physical member destination goes down, the JMS front end within the server routes additional messages to any other available member destinations. The consumers, however, can have a reconnect logic in the onException(), if ExceptionListener has been defined for the consumer session.

Zero Downtime Architecture
Several enterprises require their customer-facing sites to be up even during the application upgrade window. In this scenario, a commonly used practice is to control the traffic via the load balancers and two-cluster mode. Essentially, there is a primary cluster and a back-up cluster. A new application version is deployed on the back-up cluster and the load balancer is enabled to route all of the new requests to the back-up cluster. In the meantime, the servers in the primary cluster are issued a graceful shutdown command. With graceful shutdown, the servers continue to process the already established sessions while not accepting any requests for new sessions. After all of the sessions on this primary cluster have either been invalidated or have expired, the servers are shut down. At this time, all of the new requests are routed to the newer version of the application in the back-up cluster.

While administrators can make every attempt to design a highly available deployment solution, it is equally important to design quick and reliable recovery procedures without impacting the data integrity. Several options exist for such procedures. The recovery of some of the services is automatic and out of the box, whereas other services need to be manually migrated. In such cases an administrator can automate these via scripting and based on the specific business rules of the organization.

The second article of this series will discuss the details of recovery of a failed server and critical components such as JMS and JTA.


More Stories By Sudhir Upadhyay

Sudhir Upadhyay is currently with Architecture and Shared services at JP Morgan Chase where he is an application architect. Prior to joining JPMorgan, he was a principal consultant with BEA Professional Services where he helped customers design and implement enterprise J2EE solutions. He is a BEA Certified WebLogic Developer and a Sun Certified Java Developer.

Comments (2)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.