High Availability Java Enterprise Operations

February 18, 2017October 17, 2017
by Matthias Lohr

High Availability Java Enterprise Operations

Java is still one of the most widely used programming languages. Especially in the enterprise environment, the use of Java for the development of web applications is often without alternatives. Accordingly, we had to set up an infrastructure for JavaEE operations for one of our customers in which a Java application can run fail-safe. The application uses a MySQL database as data storage.

The functionality of the application depends on the availability of the database, so it was necessary to run the database with appropriate replication and redundancy. For this purpose we use MariaDB with the replication layer Galera with a multi-master replication.

The application servers use a current Tomcat version with the corresponding application and an upstream HTTP load balancer (from Amazon AWS). However, the database access of the Java apps does not run directly to the DB servers, but via an intermediate instance of HAProxy. This makes it possible for us to detect database errors more quickly and to switch to intact nodes without the application itself having to know the status of the database.

Benchmarking Results

With this architecture, we achieve a performance of more than 1500 possible HTTP requests per second, with an average load of approx. 60 requests/s in normal operation.

Project

SwitchDB

March 3, 2010October 17, 2017
by Matthias Lohr

The SwitchDB – a web based network management tool

My first project at the university, or rather the project for which I was originally hired, was the SwitchDB.

Requirements

The university’s network consists of over 200 switches, together with over 6,000 Ethernet ports. Each of these ports must be configured according to location and usage. Since there are different departments, each of which should have different authorizations. E. g. the representative of the IT department should only be able to configure the switches located there, but only with the VLANs belonging to the IT department – and not those of e. g. mathematics. There were also roles that should only enable/disable ports without changing any other settings, and also roles that should have global (or limited) read-only access. In short: The rights model was very extensive and complex and no known solution had the necessary functions at the start of the project to map this appropriately.

The idea: Developing the SwitchDB

Therefore the development of the SwitchDB was decided: A web-based tool written in PHP for managing the entire university network. A MySQL database served as data storage, the connection to the switches was implemented via SNMPv2 protocol.

How it works

Changes are transmitted directly to switches via SNMP, so that the success or possible errors in the configuration can be directly controlled. Extensive cronjobs scan the entire network at regular intervals in order to map the current state of the database. Later, time-based changes (for scheduled business events, for example) were implemented. The Neighbour Discovery Protocol also enabled newly connected switches to be automatically detected and integrated. A service for receiving SNMP traps even made it possible to react directly to events that have just occurred (e. g.”end device plugged in”,”switch rebooted”, etc.). The implemented rights management was able to control valid values for each property to be set per role as well as accesses that were exact down to the port.