You can monitor all of the components hosted by a server and quickly isolate and correct server issues. The system displays statuses (green, yellow, white, or red) for the Access Manager components. Health information can be accessed at the following places:
>
The Dashboard page shows the heath status at the component-level.
>
The Device Health page shows the health status for all devices in one list.
>
The Servers page for each component provides a health status for each device.
This section discusses the following topics:
The Health page displays the current status of the server. The following states are possible:
To view detailed health status information of an Access Gateway:
In the Administration Console, click
> > > .The status icon is followed by a description that explains the significance of the current state.
To ensure that the information is current, select one of the following:
Click
to refresh the page with the latest health available from the Administration Console.Click
to send a request to the Access Gateway to update its status information. If you have made changes that affect the health of the Access Gateway, select this option. Otherwise, it can take up to five minutes for the health status to change.Examine the
section that displays the status of each service.
Service Category |
If not healthy |
---|---|
Time: Indicates the type of time configuration. Time must be configured so that it remains synchronized with the other servers in the configuration (the Identity Server, SSL VPN server, J2EE agents, Web servers, etc.). |
|
Gateway: Specifies the type of routing that is configured for the gateway. |
|
DNS: Specifies whether a domain name server has been configured and is active. |
Displays the IP address of the each configured DNS server and when the server last responded. |
Services: Indicates the general health of all configured services. |
Displays messages about the health of the reverse proxy, the back-end Web servers, and internal services (the SOAP back channel and the communication module). |
Address: Indicates whether an IP address has been configured for the reverse proxy to listen on. This is required for the Access Gateway to function. |
See Section 1.1, Creating a Reverse Proxy and Proxy Service. |
Embedded Service Provider Communication: Indicates whether the Embedded Service Provider can communicate with the Identity Server. At least one Identity Server must be configured and set up as a trusted authentication source for the Access Gateway. A green status indicates that a configuration has been applied; it does not indicate that it is a functioning configuration. |
Restart the Embedded Service Provider. If restarting the Embedded Service Provider fails, try restarting Tomcat. |
L4 and Cache: The L4 status indicates whether the Access Gateway is responding to health checks from the L4 switch. The number increments with each health check for which the Access Gateway does not send a response.
If the Access Gateway recovers and starts responding, the health turns green after 20 seconds and the unresponsive count is reset to 0. To fix the problem if it does not resolve itself, restart the Access Gateway Appliance. The cache status indicates the current number of delayed cache requests and whether enough memory is available to process new requests.
|
Restart the Access Gateway Appliance by entering the following commands: /etc/init.d/novell-vmc stop /etc/init.d/novell-vmc start |
Embedded Service Provider Configuration: Specifies whether the Access Gateway has been configured to trust an Identity Server and whether that configuration has been applied. At least one Identity Server must be configured and set up as a trusted authentication source for the Access Gateway. A green status indicates that a configuration has been applied; it does not indicate that it is a functioning configuration. |
See See Section 1.1, Creating a Reverse Proxy and Proxy Service for information on assigning an Identity Server configuration to the Access Gateway. |
Configuration Datastore: Indicates whether the configuration data store is functioning correctly. |
See |
Clustering: Indicates whether all the cluster members are active and processing requests. |
Restart the cluster members that are not active or remove them from the cluster. |
Signing and Encryption Keys: Indicates whether the Signing keystore contains a key. |
Click > > > and replace signing key in this keystore. |
System Incoming and Outgoing HTTP Requests: Appears when throughput is slow. This health check monitors incoming HTTP requests, outgoing HTTP requests on the SOAP back channel, and HTTP proxy requests to cluster members. If one or more requests remain in the queue for over 2 minutes, this health check appears. |
Verify that all members of the cluster have sufficient bandwidth to handle requests. If a cluster member is going down, the problem resolves itself as other members of the cluster are informed that the member is down. If a cluster member is slow because it doesn’t have enough physical resources (speed or memory) to handle the load, upgrade the hardware. |
TCP Listener(s): Indicates whether the Access Gateway and the Embedded Service Provider are communicating. |
Restart the Access Gateway. See Section 3.3.5, Restarting the Access Gateway Appliance. |
Embedded Service Provider’s Trusted Identity Provider: Indicates whether the configuration that the Access Gateway trusts has been configured to contain at least one Identity Server. |
Modify the Identity Server configuration and add an Identity Server. See Reconfigure the Access Gateway to trust a different Identity Server configuration. See Section 1.1, Creating a Reverse Proxy and Proxy Service. |
Click
.The
icon on the cluster row displays the status of the least healthy member of the cluster. To view details about the status of the cluster:In the Administration Console, click
> .On the cluster row, click the
icon.To ensure that the information is current, click
.To view specific information about the status of an Access Gateway, click the Health icon in the Access Gateway row.