Akana Grid Services

Learn how to use the Akana grid services to manage shared cache and counter services on a multiple Network Director deployment across a cluster.

Table of Contents

Introduction

In the context of the Akana platform, grid services help streamline policy operations in a clustered environment by allowing nodes in the cluster to reliably share information.

There are two main grid services in the Akana platform:

Note: Clocks should always be synchronized across machines in a cluster; however, it's more important if grid services are enabled. Clocks must be synchronized for services such as the grid counter service to work correctly.

Grid counter service

The grid counter service is used by certain policies to monitor and enforce limits based on an atomic counter.

Several of the Akana policies use the grid counter service. For example:

  • Throughput Quota Policy—Allows you to monitor a policy by specifying a throughput limit (quota).

    For more information, see Using the Throughput Quota Policy.

  • Concurrency Quota Policy—Allows you to specify a limit (quota) for the number of concurrent requests allowed to an API/service or contract.

    For more information, see Using the Concurrency Quota Policy.

Grid cache service

The grid cache service is used by multiple handlers within the Akana product, including the OAuth handler and the LDAP handler, as well as for other caching services.

Several of the Akana policies use the grid caching service. For example:

  • WS-Security Policies—Using the grid cache service, you can share nonces across all NDs in a cluster. Supported WS-Security policies include WS-Security Message, WS-Security Asymmetric Binding, and WS-Security Transport policies.

    For an example of one of these policies, see WS-Security Asymmetric Binding Policy.

  • HTTP Caching Policy—Allows you to increase performance by storing responses to previous requests so that they can be served as a response to similar new requests that come in, often without requiring the overhead of a downstream server round-trip.

    For more information, see Using the HTTP Caching Policy.

    You can also optimize the default cache settings. See Configuring the default cache settings for the HTTP Caching policy below.

Configuring the Akana grid services framework

To activate Akana grid services, follow the steps below for each Network Director instance in the cluster.

To update configuration properties for the Akana grid framework

  1. Log in to the Akana Administration Console and go to the Configuration tab.
  2. In the Configuration Categories section, select com.soa.grid.
  3. Modify/verify the following settings, as shown below. This is a typical configuration:
    • Set grid.network.config.enableMulticast to false.
    • Set grid.network.config.enableTcp to true.
    • Set grid.network.config.localPort so that the value is a unique port number for the server.

      Note: It's best to always specify a unique localPort value—for example, 48500—as well as specifying the IP address.

    com.soa.grid configuration category

  4. In grid.network.config.peerAddresses, specify the peer address of each of the other Network Director instances in your deployment, but not the current Network Director instance. The peerAddress value is a comma-separated list of all the other systems within the cluster (grid).

    Important: the cluster must be local network only. All addresses must reside in the same subnet on a local network.

    Valid addresses can be:

    • Hostname. For example: machine101,machine102
    • IP address with port number. For example: 132.189.106.100:48501,132.189.106.100:48502,132.189.106.100:48503
    • IP address without port number. For example: 132.189.106.100,132.189.111.102,132.189.116.117
    • Range of IP addresses without port number. For example: 132.189.1.0-7

    Note: Do not include a comma (,) at the end of the list as the platform would interpret it as an empty member and return an exception.

  5. Click Apply Changes.

Enabling the grid counter service for the Throughput Quota policy

Certain policies use the grid counter service to maintain a shared counter for all nodes in a cluster. For example, you can specify a throughput value for the Throughput Quota policy. This policy uses the counter service to ensure that all Network Director instances are up to date on the counter and can therefore enforce the policy correctly.

The procedure below explains how to enable this service for the Throughput Quota policy. The procedure is similar for other policies. Just look for the correct configuration properties for the policy that uses the counter service. For example, for the Bandwidth Quota policy, the configuration category is com.soa.policy.handle.quota.bandwidth.

To enable the grid counter service for the Throughput Quota policy

  1. Log in to the Akana Administration Console and go to the Configuration tab.
  2. In the Configuration Categories section, select properties for the Throughput Quota Policy (com.soa.policy.handle.quota.throughput).
  3. Change use.clustered.cache to True, as shown below.

    Throughput Quota Policy (com.soa.policyhandle.quota.throughput)

  4. Click Apply Changes.
  5. Restart the Network Director instance.

To test the policy, follow the procedure in the policy documentation use case: Generate Alert When Throughput Exceeds Limit.

Configuring the default cache settings for the HTTP Caching policy

During product installation, a preconfigured cache is created, HTTPCachePolicy, as part of the com.soa.grid.cache grid cache service. This cache is used by any HTTP Caching policy that is created.

You can modify the default settings as needed to optimize for your installation.

For more information on the settings, see HTTP cache default configuration in the Akana Administration Console.