Routers
Defined routers are listed. Host routers are not visible by default.
| Field | Description |
|---|---|
| Edit | Edits this router. |
| Delete | Removes this router. Note that you cannot remove Host Routers. |
| Host/ Host Groups |
The hosts or host groups that the router is configured to run on. It is possible to configure a router so that it automatically runs on all current and future hosts in the Grid by choosing All. This can be useful if configuring a load balancer to distribute the load of client connections amongst all the hosts in the Grid for either resilience or load balancing. |
| External Address | Optional external address (FQDN or IP Address). If undefined, the router listens on the same address as the grid agent is using on this host. If the host has several network interfaces, it is possible to select a different one here. |
| Proxy Port | The port the router is listening on for non-HTTP traffic such as legacy socket connections (connection dispatchers) and the Grid client protocol. |
| Encryption & Ciphers | It is possible to enable SSL encryption for the proxy port. For more information on what these settings mean, see "To configure SSL for Grid proxy clients" in the Infor ION Grid Security Administration Guide. |
| HTTPS Port | The HTTPS port of the router if defined. The HTTPS port serves web applications and web services. |
| HTTPS Authentication Type | It is possible to configure the authentication type for the HTTPS connections on this port. See the Infor ION Grid Security Administration Guide. |
| HTTPS Encryption & Ciphers | It is possible to enable SSL encryption for this port. For more information on what these settings mean, see "To configure SSL for Grid HTTP clients" in the Infor ION Grid Security Administration Guide. |
| HTTPS WWW AuthenticationMethods | The router configuration dialog has settings for WWW authentication methods. For more information on what these settings mean, see "Configuring Router WWW Authentication Methods" in the Infor ION Grid Security Administration Guide. |
| HTTPS Identity | Configure the HTTPS identity to use for this router. For more information about HTTPS identities, see "HTTPS Identities" in the Infor ION Grid Security Administration Guide. |
| Token Authentication | It is possible to enable token authentication for this router. See "Token Authentication" in the Infor ION Grid Security Administration Guide. |
| Impersonation | It is possible to enable impersonation on this router. For more information about impersonation, see "Impersonation" in the Infor ION Grid Security Administration Guide. |
| HTTP Strict Transport Security | HTTP Strict Transport Security (HSTS) is a security enhancement activated by a web application through a HTTP response header. This enhancement enforces the browsers to only use HTTPS when accessing the web site domain. It also prevents browsers from accessing the web server if it does not have an SSL certificates signed by a CA trusted by the browser. |
| Published Applications |
Configure which applications are accessible on this router. Note: Disabling SYSTEM
disables access to the Grid Management Pages
using this router.
|
Editing and adding routers
Routers may be added or existing routers may be reconfigured. Client applications may connect to any router as long as it is exposing the right type of port, HTTPS or proxy, and that port is exposed on a network interface that is accessible from the client.
One reason for adding a new router is that you want to bind it to another network interface compared to the existing routers, or you wish to add an additional router to distribute the load or scale-out to an additional host for resilience. The external address property of the router is used for this (see above). Another reason for adding a router is to achieve high availability. By having two routers that serve the same types of ports but on different hosts, you still have a way for clients to connect to the Grid even if one of the routers fails. To make this fully transparent to the clients, some form of network load balancer in front of the routers may be needed.
To add a router, click the Add Router link. Edit a router by clicking on the router name link in the list, then . In both cases you will be presented with a dialog that lets you configure the router.
Application publishing and restrictions
Routers can be configured to publish different applications, depending on the intended role of that router and the sensitivity of the published content. An application intended for a specific audience, e.g. intranet users, may be published on a router that is only accessible on the intranet. By limiting where an application is published, the access to that application is restricted. In this context, access to an application means access to all its services: web services, REST services, and web applications. Access to specific components cannot be configured.
SYSTEM is listed as a publishable application in the routers. By not publishing SYSTEM via a given router, the Management UI will not be accessible via that router. SYSTEM is always published by the Host Routers.
To view the applications published by a router
- Access the Web UI and select .
- Select the router to view.
- Scroll down to Published Applications.
To modify the application components published by a router
- Access the Web UI and select .
- Select the router to configure and click .
- Under Published Applications, select the applications you want to have published using that router.
- Click .