Oracle Traffic Director 11g Release 1 is a software solution designed for load balancing, content switching, and web acceleration. It helps distribute traffic across multiple servers, ensuring high availability and optimal performance for your web applications. With advanced features like origin server health checking and dynamic discovery, Oracle Traffic Director automatically manages server pools and ensures that user requests are directed to the most suitable server.
advertisement
Part I
Getting Started
Part I contains the following chapters:
•
Getting Started with Oracle Traffic Director provides an overview of Oracle Traffic
Director and its features, explains the related terminology, describes the administrative framework of the product.
•
Managing the Administration Server describes how to create, start, access, and
manage the Oracle Traffic Director administration server.
•
describes how to create, start, and manage administration nodes on which you can deploy Oracle Traffic Director instances.
1
Getting Started with Oracle Traffic Director
Oracle Traffic Director is a fast, reliable, and scalable layer-7 software load balancer.
You can set up Oracle Traffic Director to serve as the reliable entry point for all HTTP,
HTTPS and TCP traffic to application servers and web servers in the back end. Oracle
Traffic Director distributes the requests that it receives from clients to servers in the back end based on the specified load-balancing method, routes the requests based on specified rules, caches frequently accessed data, prioritizes traffic, and controls the quality of service.
The architecture of Oracle Traffic Director enables it to handle large volumes of application traffic with low latency. The product is optimized for use in Oracle
Exalogic Elastic Cloud and Oracle SuperCluster. It can communicate with servers in the back end over Exalogic's InfiniBand fabric. For more information about Exalogic, see the Oracle Exalogic Elastic Cloud documentation, http://docs.oracle.com/cd/
E18476_01/index.htm
. Oracle Traffic Director is also certified with various Fusion
Middleware products.
Oracle Traffic Director is easy to install, configure, and use. It includes a simple, wizard-driven graphical interface as well as a robust command-line interface to help you administer Oracle Traffic Director instances.
For high availability, you can set up pairs of Oracle Traffic Director instances for either active-passive or active-active failover. As the volume of traffic to your network grows, you can easily scale the environment by reconfiguring Oracle Traffic Director with additional back-end servers to which it can route requests.
Depending on the needs of your IT environment, you can configure Oracle Traffic
Director to apply multiple, complex rules when distributing requests to the back-end servers and when forwarding responses to clients.
This chapter provides information to help you understand and get started with Oracle
Traffic Director. It contains the following sections:
•
•
Features of Oracle Traffic Director
•
•
Oracle Traffic Director Terminology
•
Oracle Traffic Director Deployment Scenarios
•
Administration Framework of Oracle Traffic Director
•
Overview of Administration Tasks
•
Setting Up a Simple Load Balancer Using Oracle Traffic Director
Getting Started with Oracle Traffic Director 1-1
What's New in this Release?
What's New in this Release?
The following are the new features in Oracle Traffic Director 11.1.1.7.0:
• WebSocket protocol
This version of Oracle Traffic Director supports the WebSocket protocol. This feature enables Oracle Traffic Director to load balance applications built with
WebSocket support.
• Content-based routing
The previous version of Oracle Traffic Director enabled administrators to configure routing rules to route incoming HTTP/S traffic based on either HTTP/S headers or request URI/query information. Oracle Traffic Director now enables administrators to configure rules to route requests based on content in the body of a request.
• Support for LDAP/T3 Load Balancing
Oracle Traffic Director now supports basic LDAP/T3 load balancing at layer 7, where requests are handled as generic TCP connections for traffic tunneling.
• Web Logic Server keep-alive synchronization
To improve performance, HTTP keep-alive connections are maintained between
Oracle Traffic Director and the origin servers. However, if an origin server closes a connection while Oracle Traffic Director has started sending a request to the server through the connection, it could result in a 503 server error. To prevent this, the connections should always be closed by Oracle Traffic Director, and not by the origin server. Oracle Traffic Director now takes advantage of Web Logic Serverspecific HTTP/S headers, whereby Oracle Traffic Director obtains Web Logic
Server's keep-alive timeout value and uses it to adjust its own timeout value. This feature is called Keep-Alive Timeout Synchronization.
• Least response time algorithm
Oracle Traffic Director introduces a new load-balancing method called least response time. This method enables Oracle Traffic Director to generate more load on those origin servers that are responding faster than others.
• Condition builder
Condition builder enables you to easily build conditions using an interactive GUI.
Condition builder is available for use when configuring routes, caching rules, compression rules and request limits.
• Web Application Firewalls
Oracle Traffic Director now supports web application firewalls. You can create web application firewalls that enable you to apply a set of rules to HTTP requests, for identifying and blocking attacks. For more information, see
For information about how web application firewall rules are used for preventing attacks, and for some examples and use cases, see
• Oracle Traffic Director on Solaris 11.1
1-2 Oracle Traffic Director Administrator's Guide
Features of Oracle Traffic Director
Oracle Traffic Director can now be installed on Solaris 11.1 on Exalogic and Oracle
SuperCluster.
Features of Oracle Traffic Director
Oracle Traffic Director provides the following features:
• Advanced methods for load distribution
You can configure Oracle Traffic Director to distribute client requests to servers in the back end by using one of the following methods:
– Round robin
– Least connection count
– Least response time
– Weighted round robin
– Weighted least connection count
• Flexible routing and load control on back-end servers
– Request-based routing
Oracle Traffic Director can be configured to route HTTP/S requests to specific servers in the back end based on information in the request URI: pattern, query string, domain, source and destination IP addresses, and so on.
– Content-based routing
Oracle Traffic Director can be configured to route HTTP/S requests to specific servers in the back end based on contents within a request. This way, web service requests such as XML or JSON can be easily routed to specific origin servers based on specific elements within the body content. Content-based routing is enabled by default.
– Request rate acceleration
Administrators can configure the rate at which Oracle Traffic Director increases the load (number of requests) for specific servers in the back end. By using this feature, administrators can allow a server that has just been added to the pool, or has restarted, to perform startup tasks such as loading data and allocating system resources.
– Connection limiting
Oracle Traffic Director can be configured to limit the number of concurrent connections to a server in the back end. When the configured connection limit for a server is reached, further requests that require new connections are not sent to that server.
• Controlling the request load and quality of service
– Request rate limiting
Oracle Traffic Director can be set up to limit the rate of incoming requests from specific clients and for specific types of requests. This feature enables administrators to optimize the utilization of the available bandwidth, guarantee a certain level of quality of service, and prevent denial-of-service (DoS) attacks.
Getting Started with Oracle Traffic Director 1-3
Features of Oracle Traffic Director
– Quality of service tuning
To ensure equitable utilization of the available network resources for incoming requests, you can configure Oracle Traffic Director virtual servers to limit the maximum number of concurrent connections to clients and the maximum speed at which data can be transferred to clients.
• Support for WebSocket connections
Oracle Traffic Director handles WebSocket connections by default. WebSocket connections are long-lived and allow support for live content, games in real-time, video chatting, and so on. In addition, Oracle Traffic Director can be configured to ensure that only those clients that strictly adhere to R FC 6455 are allowed. For
more information, see the section Configuring Routes
and the Oracle Traffic Director
Command-Line Reference
.
• Integration with Oracle Fusion Middleware
– Oracle Traffic Director is designed to recognize and handle headers that are part of requests to, and responses from, Oracle WebLogic Server managed servers in the back end.
– When an Oracle Traffic Director instance is configured to distribute client requests to clustered Oracle WebLogic Server managed servers, Oracle Traffic
Director automatically detects changes in the cluster—such as the removal or addition of managed servers, and considers such changes while routing requests.
– Patches that Oracle delivers for the Oracle Traffic Director software can be applied by using OPatch, a Java-based utility, which is the standard method for applying patches to Oracle Fusion Middleware products.
• Easy-to-use administration interfaces
Administrators can use either a graphical user interface or a command-line interface to administer Oracle Traffic Director instances.
Administrators can also use Fusion Middleware Control, a browser-based graphical user interface, to monitor statistics and perform lifecycle tasks for Oracle
Traffic Director instances.
• Security
Oracle Traffic Director enables and enhances security for your IT infrastructure in the following ways:
– Reverse proxy
By serving as an intermediary between clients outside the network and servers in the back end, Oracle Traffic Director masks the names of servers in the back end and provides a single point at which you can track access to critical data and applications hosted by multiple servers in the back end.
– Intrusion detection
You can prevent malicious traffic from passing through Oracle Traffic Director to the origin servers and clients by configuring Oracle Traffic Director to filter data received from clients and origin servers based on specified rules.
– Support for SSL 3.0 and TLS 1.0
1-4 Oracle Traffic Director Administrator's Guide
Features of Oracle Traffic Director
To secure data during transmission and to ensure that only authorized users access the servers in the back end, you can configure SSL/TLS-enabled HTTP and TCP listeners for Oracle Traffic Director instances.
You can either use digital certificates issued by commercial CAs such as
VeriSign or generate RSA- and Elliptic Curve Cryptography (ECC)-type selfsigned certificates with key sizes of up to 4096 bits by using the administration console or the CLI.
– Web Application Firewalls
Web application firewalls enable you to apply a set of rules to an HTTP request, which are useful for preventing common attacks such as Cross-site Scripting
(XSS) and SQL Injection. The Web Application Firewall module for Oracle
Traffic Director supports open source ModSecurity 2.6.
• High availability
Oracle Traffic Director provides high availability for your enterprise applications and services through the following mechanisms:
– Health checks for the back end
If a server in the back end is no longer available or is fully loaded, Oracle Traffic
Director detects this situation automatically through periodic health checks and stops sending client requests to that server. When the failed server becomes available again, Oracle Traffic Director detects this automatically and resumes sending requests to the server.
– Backup servers in the back end
When setting up server pools for an Oracle Traffic Director instance, you can designate a few servers in the back end as backup servers. Oracle Traffic
Director sends requests to the backup servers only when none of the primary servers is available. This feature ensures continued availability even when some servers in the back end fail.
– Failover for load balancing
Two Oracle Traffic Director instances can be deployed in an active-passive or active-active configuration. If the primary Oracle Traffic Director instance fails, the backup instance takes over.
– Dynamic reconfiguration
Most configuration changes to Oracle Traffic Director instances can be deployed dynamically, without restarting the instances and without affecting requests that are being processed.
• Monitoring statistics
Administrators can monitor a wide range of statistics pertaining to the performance of Oracle Traffic Director instances through several methods: the administration console, the command-line interface, and a report in XML format.
• High performance
– SSL/TLS offloading
Oracle Traffic Director can be configured as the SSL/TLS termination point for
HTTP/S and TCP requests. This reduces the processing of overhead on the servers in the back end.
Getting Started with Oracle Traffic Director 1-5
Typical Network Topology
– Content caching
Oracle Traffic Director can be configured to cache (in its process memory) content that it receives from origin servers. By caching content, Oracle Traffic
Director helps reduce the load on servers in the back end and helps improve performance for clients.
– HTTP compression
Administrators can configure Oracle Traffic Director instances to compress the data received from servers in the back end and forward the compressed content to the requesting clients. This feature improves the response time for clients connected on slow connections.
• Virtualization-enabled solution
Oracle Traffic Director can be deployed as a virtual appliance on cloud and virtual platforms.
After deploying Oracle Traffic Director as a physical application, you can create a virtual appliance from an Oracle Traffic Director instance or create an assembly containing multiple such appliances. You can then deploy the appliance or assembly on the Oracle Virtual Machine hypervisor. To enable such a deployment,
Oracle provides an Oracle Traffic Director plug-in as part of Oracle Virtual
Assembly Builder, a tool that you can use to build virtual appliances and assemblies from physical applications.
For more information about creating and deploying virtual assemblies containing
Oracle Traffic Director instances, see the Oracle Virtual Assembly Builder User's
Guide
.
• TCP load balancing
With TCP load balancing, Oracle Traffic Director accepts client connections and routes the requests to a pool of servers running TCP-based protocols.
Typical Network Topology
In an Oracle Java Cloud Service instance with a load balancer, Oracle Java Cloud
Service configures a single Oracle Traffic Director instance running on a dedicated compute node distributing client requests to a pool of servers in the back end.
Oracle Traffic Director Terminology
An Oracle Traffic Director configuration is a collection of elements that define the runtime behavior of an Oracle Traffic Director instance. An Oracle Traffic Director configuration contains information about various elements of an Oracle Traffic
Director instance such as listeners, origin servers, failover groups, and logs.
For more information about the features of Oracle Traffic Director, see the
Oracle
Traffic Director Administrator's Guide
.
The following table describes the terms used in this document when describing administrative tasks for Oracle Traffic Director.
1-6 Oracle Traffic Director Administrator's Guide
Oracle Traffic Director Terminology
Term
Configuration
Instance
Administration server
Description
A collection of configurable elements (metadata) that determine the run-time behavior of an Oracle Traffic Director instance.
A typical configuration contains definitions for the listeners (IP address and port combinations) on which Oracle Traffic Director should listen for requests and information about the servers in the back end to which the requests should be sent. Oracle Traffic Director reads the configuration when an Oracle Traffic Director instance starts and while processing client requests.
An Oracle Traffic Director server that is instantiated from a configuration and deployed on an administration node.
A specially configured Oracle Traffic Director instance that hosts the administration console and command-line interfaces, using which you can create and manage Oracle Traffic Director configurations, deploy instances on administration nodes, and manage the lifecycle of these instances. Note that you can deploy instances of Oracle
Traffic Director configuration on the administration server. In this sense, the administration server can function as an administration node as well.
Administration node A specially configured Oracle Traffic director instance that is registered with the remote administration server. The administration node running on a host acts as the agent of the remote administration server and assists the administration server in managing the instances running on the host.
Note that, on a given node, you can deploy only one instance of a configuration.
INSTANCE_HOME A directory of your choice, on the administration server or an administration node, in which the configuration data and binary files pertaining to Oracle Traffic Director instances are stored.
ORACLE_HOME A directory of your choice in which you install the Oracle Traffic
Director binaries.
Administration console
Client
A web-based graphical interface on the administration server that you can use to create, deploy, and manage Oracle Traffic Director instances.
Any agent—a browser or an application, for example—that sends
HTTP, HTTPS and TCP requests to Oracle Traffic Director instances.
Origin server
Origin-server pool
A server in the back end, to which Oracle Traffic Director forwards the HTTP, HTTPS and TCP requests that it receives from clients, and from which it receives responses to client requests.
Origin servers can be application servers like Oracle WebLogic Server managed servers, web servers, and so on.
A collection of origin servers that host the same application or service that you can load-balance by using Oracle Traffic Director.
Oracle Traffic Director distributes client requests to servers in the origin-server pool based on the load-distribution method that is specified for the pool.
Getting Started with Oracle Traffic Director 1-7
Oracle Traffic Director Deployment Scenarios
Term
Virtual server
Description
A virtual entity within an Oracle Traffic Director server instance that provides a unique IP address (or host name) and port combination through which Oracle Traffic Director can serve requests for one or more domains.
An Oracle Traffic Director instance on a node can contain multiple virtual servers. Administrators can configure settings such as the maximum number of incoming connections specifically for each virtual server. They can also customize how each virtual server handles requests.
Oracle Traffic Director Deployment Scenarios
Oracle Traffic Director can be used either as a physical application or as a virtual appliance.
• Physical application
You can install Oracle Traffic Director on an Oracle Linux 5.6 system and run one or more instances of the product to distribute client requests to servers in the back end.
For information about installing Oracle Traffic Director as a physical application, see the Oracle Traffic Director Installation Guide.
• Appliance running on a virtual platform
After deploying Oracle Traffic Director as a physical application, you can create a virtual appliance from an Oracle Traffic Director instance or create an assembly containing multiple such appliances. You can then deploy the appliance or assembly on the Oracle Virtual Machine hypervisor. To enable such a deployment,
Oracle provides an Oracle Traffic Director plug-in as part of Oracle Virtual
Assembly Builder, a tool that you can use to build virtual appliances and assemblies from physical applications.
For more information about creating and deploying virtual assemblies containing
Oracle Traffic Director instances, see the Oracle Virtual Assembly Builder User's
Guide
.
Administration Framework of Oracle Traffic Director
You can perform various administrative tasks—enabling a feature of Oracle Traffic
Director, adjusting how the feature works, and instructing Oracle Traffic Director to handle requests and responses in specific ways—by using the administration interfaces provided by the administration server.
The following subsections describe the administration framework in detail:
•
Overview of the Administration Framework
•
•
•
•
1-8 Oracle Traffic Director Administrator's Guide
Administration Framework of Oracle Traffic Director
•
Overview of the Administration Framework
The settings that you define for Oracle Traffic Director instances are stored as configurations in a configuration store on the administration server. You can instantiate a configuration by deploying it as instances on one or more administration nodes.
Figure 1-1 depicts the administration framework of Oracle Traffic Director.
Getting Started with Oracle Traffic Director 1-9
Administration Framework of Oracle Traffic Director
Figure 1-1 Administration Framework of Oracle Traffic Director
Figure 1-1 shows an administration server running on one machine, hosting the
command-line interface and administration console applications. The administration interfaces are used to create three configurations— pub.example.com
, app.example.com
, and adm.example.com
, which are stored in the configuration store of the administration server.
1-10 Oracle Traffic Director Administrator's Guide
Administration Framework of Oracle Traffic Director
• The adm.example.com
configuration is deployed as an instance on one administration node.
• The app.example.com
configuration is deployed as an instance on two administration nodes.
• The pub.example.com
configuration is deployed as an instance on two administration nodes, with a high-availability heartbeat between the two nodes.
Administration Server
You can perform all of the administrative tasks for Oracle Traffic Director through the administration server, which is a specially configured Oracle Traffic Director instance.
The Oracle Traffic Director administration server is created automatically when you create an Oracle Java Cloud Service instance with a load balancer or add a load balancer to an Oracle Java Cloud Service instance.
Administration Node
An administration node is a physical host on which you can create Oracle Traffic
Director instances.
To make a host an administration node, you should do the following:
1.
Install Oracle Traffic Director on the host, or mount a remote installation of Oracle
Traffic Director on a local directory on the host.
2.
Register the host with the administration server by running the configureserver
command. This command designates the host as an Oracle Traffic
Director administration node and registers the administration node with a remote administration server.
You can now create instances of Oracle Traffic Director configurations on the administration node. Note that on an administration node, you can create only one instance of a particular configuration.
For more information about creating administration nodes and managing them, see
Managing Administration Nodes .
Administration Interfaces
The administration server of Oracle Traffic Director provides the following interfaces through which you can create, modify, and manage Oracle Traffic Director instances:
• Command-line interface
Oracle Traffic Director provides a command-line interface (CLI) that supports a wide range of administrative operations. The syntax of the command-line interface is easy to understand and use. While you use the interface, you can look up help for specific commands and options. For information about accessing the CLI, see
Accessing the Command-Line Interface .
• Administration console
The administration console is an web-based graphical interface consisting of a set of screens and wizards that you can use to create, monitor, and manage Oracle
Traffic Director instances. For information about accessing the administration console, see
Accessing the Administration Console
.
Getting Started with Oracle Traffic Director 1-11
Overview of Administration Tasks
Configuration Store
All of the configurable elements of an Oracle Traffic Director instance are stored as a configuration, which is a set of files created in a configuration store in the following directory:
INSTANCE_HOME/admin-server/config-store/config_name/config config_name
is the name that you specified for the configuration while creating it.
The files in the configuration store are meant for internal use by Oracle Traffic
Director. They can be created, updated, and deleted only through the administration interfaces—administration console and command-line interface.
Caution:
The files in the configuration store are updated automatically when you edit a configuration by using either the administration console or the CLI.
DO NOT edit the files in the configuration store manually.
Instance Configuration Files
When you create instances of an Oracle Traffic Director configuration, the configuration files that represent the configuration are copied from the administration server to the
INSTANCE_HOME/net-config_name/config
directory on each of the administration nodes.
Oracle Traffic Director uses the configuration files in the
INSTANCE_HOME/net-
config_name/config
directory when the instance starts and while it processes requests from clients.
For information about the content and structure of the configuration files, see the
Oracle Traffic Director Configuration Files Reference
.
Overview of Administration Tasks
Figure 1-2 shows the typical order of tasks that you should perform to create and
manage Oracle Traffic Director instances.
1-12 Oracle Traffic Director Administrator's Guide
Figure 1-2 Oracle Traffic Director Administration Workflow
Overview of Administration Tasks
Note:
As the administrator of Oracle Traffic Director, you might perform several additional tasks such as managing security, tuning for performance, and troubleshooting problems. These tasks are not shown in the flowchart because they are not necessarily performed at definite points in a fixed sequence. All of these additional tasks are described in other chapters of this document.
• Install the product
You can install Oracle Traffic Director on Oracle Linux 5.6+ on an x86_64 system, by using an interactive graphical wizard or in silent mode.
For more information, see the Oracle Traffic Director Installation Guide.
• Create the administration server
Getting Started with Oracle Traffic Director 1-13
Overview of Administration Tasks
After installing the product, you should create an administration server instance of
Oracle Traffic Director. The administration server is a specially configured Oracle
Traffic Director virtual server that you can use to administer Oracle Traffic Director instances.
For more information, see "Creating the Administration Server Instance" in the
Oracle Traffic Director Installation Guide
.
• Manage the administration server
At times, you might want to stop the administration server and restart it, or change settings such as the administrator user name and password.
For more information, see
Managing the Administration Server .
• Access the administration console and command-line interface
You can use the administration console and command-line interface of Oracle
Traffic Director to create, modify, and monitor Oracle Traffic Director instances.
For information about accessing the administration console and command-line interface, see
Accessing the Administration Interfaces .
• Create and manage administration nodes
Administration nodes are physical hosts on which you can create Oracle Traffic
Director instances.
For information about managing administration nodes, see Managing
• Create and manage configurations
After creating the administration nodes, create configurations that define your
Oracle Traffic Director instances. A configuration is a collection of metadata that you can use to instantiate Oracle Traffic Director. Oracle Traffic Director reads the configuration when a server instance starts and while processing client requests.
For information about managing configurations, see
.
• Create and manage instances
After creating a configuration, you can create Oracle Traffic Director server instances by deploying the configuration on one or more hosts. You can view the current state of each instance, start or stop it, reconfigure it to reflect configuration changes, and so on.
For information about managing instances, see Managing Instances
.
• Define and manage origin-server pools
For an Oracle Traffic Director instance to distribute client requests, you should define one or more origin-server pools or in the back end. For each origin-server pool, you can define the load-distribution method that Oracle Traffic Director should use to distribute requests. In addition, for each origin server in a pool, you can define how Oracle Traffic Director should control the request load.
For more information, see
.
• Create and manage virtual servers and listeners
An Oracle Traffic Director instance running on a node contains one or more virtual servers. Each virtual server provides one or more listeners for receiving requests
1-14 Oracle Traffic Director Administrator's Guide
Overview of Administration Tasks from clients. For each virtual server, you can configure parameters such as the origin-server pool to which the virtual server should route requests, the quality of service settings, request limits, caching rules, and log preferences.
For more information, see
.
• Manage security
Oracle Traffic Director, by virtue of its external-facing position in a typical network, plays a critical role in protecting data and applications in the back end against attacks and unauthorized access from outside the network. In addition, the security and integrity of data traversing through Oracle Traffic Director to the rest of the network needs to be guaranteed.
For more information, see
• Manage Logs
Oracle Traffic Director records data about server events such as configuration changes, instances being started and stopped, errors while processing requests, and so on in log files. You can use the logs to troubleshoot errors and to tune the system for improved performance.
For more information, see
.
• Monitor statistics
The state and performance of Oracle Traffic Director instances are influenced by several factors: configuration settings, volume of incoming requests, health of origin servers, nature of data passing through the instances, and so on. As the administrator, you can view metrics for all of these factors through the commandline interface and administration console, and extract the statistics in the form of
XML files for detailed analysis. You can also adjust the granularity at which Oracle
Traffic Director collects statistics.
For more information, see
Monitoring Oracle Traffic Director Instances
.
• Tune for performance
Based on your analysis of performance statistics and to respond to changes in the request load profile, you might want to adjust the request processing parameters of
Oracle Traffic Director to maintain or improve the performance. Oracle Traffic
Director provides a range of performance-tuning controls and knobs that you can use to limit the size and volume of individual requests, control timeout settings, configure thread pool settings, SSL/TLS caching behavior, and so on.
For more information, see
Tuning Oracle Traffic Director for Performance .
• Diagnose and troubleshoot problems
Despite the best possible precautions, you might occasionally run into problems when installing, configuring, and monitoring Oracle Traffic Director instances. You can diagnose and solve some of these problems based on the information available in error messages and logs. For complex problems, you would need to gather certain data that Oracle support personnel can use to understand, reproduce, and diagnose the problem.
For more information, see
Diagnosing and Troubleshooting Problems .
Getting Started with Oracle Traffic Director 1-15
Setting Up a Simple Load Balancer Using Oracle Traffic Director
Setting Up a Simple Load Balancer Using Oracle Traffic Director
This section describes how you can set up a load-balanced service using Oracle Traffic
Director with the minimum necessary configuration. The purpose of this section is to reinforce and illustrate the concepts discussed earlier in this chapter and to prepare you for the configuration tasks described in the remaining chapters.
This section contains the following topics:
•
•
Creating the Load Balancer for the Example Topology
•
Verifying the Load-Balancing Behavior of the Oracle Traffic Director Instance
Example Topology
In this example, we will create a single instance of Oracle Traffic Director that will receive HTTP requests and distribute them to two origin servers in the back end, both serving identical content.
Figure 1-3 shows the example topology.
Figure 1-3 Oracle Traffic Director Deployment Example
The example topology is based on the following configuration:
• Administration server host and port: bin.example.com:8989
• Administration node host and port: apps.example.com:8900
1-16 Oracle Traffic Director Administrator's Guide
Setting Up a Simple Load Balancer Using Oracle Traffic Director
• Virtual server host and port to receive requests from clients: hrapps.example.com:1905
• Host and port of origin servers (web servers in this example):
– hr-1.example.com:80
– hr-2.example.com:80
In the real world, both origin servers would serve identical content. But for this example, to be able to see load balancing in action, we will set up the index.html
page to which the
DocumentRoot
directive of the web servers points, to show slightly different content, as follows:
– For hr-1.example.com:80
: "Page served from origin-server 1"
– For hr-2.example.com:80
: "Page served from origin-server 2"
• Load-balancing method: Round robin
Creating the Load Balancer for the Example Topology
This section describes how to set up the topology described in
.
1.
Install Oracle Traffic Director on the hosts bin.example.com
and apps.example.com
, as described in the Oracle Traffic Director Installation Guide.
2.
On bin.example.com
create the administration server instance by using the configure-server
CLI command.
> $ORACLE_HOME/bin/tadm configure-server --port=8989 --user=admin
--instance-home=/production/otd/
This command will create an Administration Server. The password that is
provided will be required to access the Administration Server.
Enter admin-user-password>
Enter admin-user-password again>
OTD-70214 The Administration Server has been configured successfully.
The server can be started by executing: /production/otd/admin-server/bin/startserv
The Administration Console can be accessed at https://bin.example.com:8989 using user name 'admin'.
3.
Start the administration server.
> /production/otd/admin-server/bin/startserv
Oracle Traffic Director 11.1.1.7.0 B01/14/2013 09:08
[NOTIFICATION:1] [OTD-80118] Using [Java HotSpot(TM) 64-Bit Server VM, Version
1.6.0_29] from [Sun Microsystems Inc.]
[NOTIFICATION:1] [OTD-80000] Loading web module in virtual server [admin-server] at [/admin]
[NOTIFICATION:1] [OTD-80000] Loading web module in virtual server [admin-server] at [/jmxconnector]
[NOTIFICATION:1] [OTD-10358] admin-ssl-port: https://bin.example.com:8989 ready to accept requests
[NOTIFICATION:1] [OTD-10487] successful server startup
4.
On the apps.example.com
host, run the configure-server
command to register the host with the remote administration server as an administration node.
Getting Started with Oracle Traffic Director 1-17
Setting Up a Simple Load Balancer Using Oracle Traffic Director
> $ORACLE_HOME/bin/tadm configure-server --user=admin --port=8989
--host=bin.example.com --admin-node --node-port=8900
--instance-home=/home/otd-instances
This command will create an Administration Node and register it with the remote
Administration Server: https://bin.example.com:8989.
Enter admin-user-password>
OTD-70215 The Administration Node has been configured successfully.
The node can be started by executing: /home/otd-instances/admin-server/bin/ startserv
5.
Start the administration node.
> /home/otd-instances/admin-server/bin/startserv
Oracle Traffic Director 11.1.1.7.0 B01/14/2013 09:08
[NOTIFICATION:1] [OTD-80118] Using [Java HotSpot(TM) 64-Bit Server VM, Version
1.6.0_29] from [Sun Microsystems Inc.]
[NOTIFICATION:1] [OTD-80000] Loading web module in virtual server [admin-server] at [/jmxconnector]
[NOTIFICATION:1] [OTD-10358] admin-ssl-port: https://apps.example.com:8900 ready to accept requests
[NOTIFICATION:1] [OTD-10487] successful server startup
6.
On the administration server ( bin.example.com
), create a configuration named hr-config
, by using the create-config
CLI command.
> $ORACLE_HOME/bin/tadm create-config --user=admin --port=8989
--listener-port=1905 --server-name=hr-apps.example.com
--origin-server=hr-1.example.com:80,hr-2.example.com:80 hr-config
Enter admin-user-password>
OTD-70201 Command 'create-config' ran successfully.
7.
Create an instance of the configuration hr-config
on the administration node apps.example.com
, by running the create-instance
CLI command from the administration server.
> $ORACLE_HOME/bin/tadm create-instance --user=admin --port=8989
--config=hr-config apps.example.com
Enter admin-user-password>
OTD-70201 Command 'create-instance' ran successfully.
8.
Start the Oracle Traffic Director instance that you just created on apps.example.com
, by running the start-instance
CLI command from the administration server.
> $ORACLE_HOME/bin/tadm start-instance --config=hr-config
CLI204 Successfully started the server instance.
Note:
The steps in this procedure use only the CLI, but you can perform step 6
onward by using the administration console as well.
We have now successfully created an Oracle Traffic Director configuration, instantiated it on an administration node, and started the instance.
1-18 Oracle Traffic Director Administrator's Guide
Setting Up a Simple Load Balancer Using Oracle Traffic Director
Verifying the Load-Balancing Behavior of the Oracle Traffic Director Instance
The Oracle Traffic Director instance that we created and started earlier is now listening for HTTP requests at the URL http://hr-apps.example.com:1905
.
This section describes how you can verify the load-balancing behavior of the Oracle
Traffic Director instance by using your browser.
Note:
• Make sure that the web servers hr-1.example.com:80
and hr-2.example.com:80
are running.
• If necessary, update the
/etc/hosts
file on the host from which you are going to access the Oracle Traffic Director virtual server, to make sure that the browser can resolve hr-apps.example.com
to the correct IP address.
1.
Enter the URL http://hr-apps.example.com:1905
in your browser.
A page with the following text is displayed:
"Page served from origin-server 1"
This indicates that the Oracle Traffic Director instance running on the apps.example.com
administration node received the HTTP request that you sent from the browser, and forwarded it to the origin server hr-1.example.com:80
.
2.
Send another HTTP request to http://hr-apps.example.com:1905
by refreshing the browser window.
A page with the following text is displayed:
"Page served from origin-server 2"
This indicates that Oracle Traffic Director sent the second request to the origin server hr-2.example.com:80
3.
Send a third HTTP request to http://hr-apps.example.com:1905
by refreshing the browser window again.
A page with the following text is displayed:
"Page served from origin-server 1"
This indicates that Oracle Traffic Director used the simple round-robin loaddistribution method to send the third HTTP request to the origin server hr-1.example.com:80
.
Getting Started with Oracle Traffic Director 1-19
Setting Up a Simple Load Balancer Using Oracle Traffic Director
1-20 Oracle Traffic Director Administrator's Guide
2
Managing the Administration Server
The administration server is a specially configured Oracle Traffic Director virtual server that you can use to create, monitor, and manage Oracle Traffic Director instances.
For information about the role of the administration server in the administrative framework of Oracle Traffic Director, see
Administration Framework of Oracle Traffic
This chapter describes how to create, remove, start, stop, and restart the administration server; and how to configure its settings. It also describes how to access the administration interfaces of Oracle Traffic Director—the administration console and the command-line interface.
This chapter contains the following sections:
•
Starting the Administration Server
•
Accessing the Administration Interfaces
•
Stopping and Restarting the Administration Server
•
Viewing Administration Server Settings
•
Changing Administration Server Settings
Starting the Administration Server
To be able to use the administration interfaces—administration console and command-line interface, the administration server should be running.
Note:
Oracle Java Cloud Service starts the administration server when you create an Oracle Java Cloud Service instance with a load balancer or add a load balancer to an Oracle Java Cloud Service instance. You need to start the administration server only if it has been stopped outside the control of Oracle
Java Cloud Service, for example, by using Oracle Traffic Director administration interfaces.
To start the administration server, run the following command:
> $INSTANCE_HOME/admin-server/bin/startserv
INSTANCE_HOME
is the directory that contains all the Oracle Traffic Director instances, including the administration server instance. This is the directory that you specified with the instance-home
option while creating the administration server by using the configure-server
command.
Managing the Administration Server 2-1
Accessing the Administration Interfaces
The startserv
command starts the administration server using the port that you specified while creating the administration server.
Wait for the successful server startup
message to be displayed, as shown in the following example:
Oracle Traffic Director 11.1.1.7.0 B01/14/2013 09:08
[NOTIFICATION:1] [OTD-80118] Using [Java HotSpot(TM) 64-Bit Server VM, Version
1.6.0_29] from [Sun Microsystems Inc.]
[NOTIFICATION:1] [OTD-80000] Loading web module in virtual server [admin-server] at
[/admin]
[NOTIFICATION:1] [OTD-80000] Loading web module in virtual server [admin-server] at
[/jmxconnector]
[NOTIFICATION:1] [OTD-10358] admin-ssl-port: https://bin.example.com:8989 ready to accept requests
[NOTIFICATION:1] [OTD-10487] successful server startup
You can now use the administration interfaces of Oracle Traffic Director— administration console and command-line interface—to configure and manage Oracle
Traffic Director instances.
To use the administration console and the command-line interface, you should log in by using the user name and password that you specified while creating the
administration server. For more information, see Accessing the Administration
.
Accessing the Administration Interfaces
This section contains the following topics:
•
Accessing the Command-Line Interface
•
Accessing the Administration Console
Note:
To be able to use the administration interfaces, the administration server should be running. For information about starting the administration server,
see Starting the Administration Server
.
Accessing the Command-Line Interface
Before accessing the command-line interface of Oracle Traffic Director, you must log in to the VM where the load balancer is running as explained in Accessing a VM or
Load Balancer in Using Oracle Java Cloud Service.
You can access the command-line interface (CLI) of Oracle Traffic Director by running the
tadm
command from the
ORACLE_HOME/bin
directory, as follows:
./tadm [subcommand] --user=admin_user --host=adminserver_host [--passwordfile=path_to_file] --port=adminserver_port
The CLI uses password-based authentication to allow access to the administration server. If you do not specify the
--password-file
option, a prompt to enter the administrator user password is displayed. After you enter the password, the specified subcommand is executed.
2-2 Oracle Traffic Director Administrator's Guide
Accessing the Administration Interfaces
The tadm
command supports a comprehensive set of subcommands that you can use to create, view, update, and manage settings for all of the features of Oracle Traffic
Director. If you run the tadm
command without specifying the subcommand, you enter the shell mode of the CLI. In the shell mode, the options to connect to the administration server— user
, host
, port
, and password
—have already been specified; so you can run individual subcommands without specifying the connection options each time.
You can view help for a subcommand by running the subcommand with the
--help option.
For more information about using the CLI, including the usage modes (standalone, shell, and file), the subcommands that the tadm
command supports, and the options for each subcommand, see the Oracle Traffic Director Command-Line Reference.
Accessing the Administration Console
The administration console is a browser-based graphical interface that enables you create, configure, and monitor Oracle Traffic Director instances.
To access the Oracle Traffic Director administration console for an Oracle Java Cloud
Service instance, follow the instructions to open the load balancer console in Accessing an Administration Console for Software that a Service Instance Is Running in Using
Oracle Java Cloud Service
.
When you complete this task, the home page of the administration-console is displayed.
Figure 2-1 Oracle Traffic Director Administration-Console Home Page
You can now administer the Oracle Traffic Director software for your Oracle Java
Cloud Service instance.
Note:
Managing the Administration Server 2-3
Stopping and Restarting the Administration Server
If the administration-console browser session remains idle for 30 minutes, you will be logged out and the log-in page will be displayed.
Stopping and Restarting the Administration Server
At times, you might want to create the administration server instance afresh with new settings. Before attempting to re-create the administration server, you should stop the running administration server as described in this section. In some situations, such as when you change the administrator password or the administrator server port, for the changes to take effect, you should restart the administration server as described in this section.
You can stop and restart the administration server by using either the administration console or the CLI.
Note:
If you stop the administration server, the administration console will not be available again until you restart the administration server.
Stopping and Restarting the Administration Server Using the Administration
Console
To stop or restart the administration server by using the administration console, do the following:
1.
Log in to the administration console, as described in
2.
Click the Nodes button near the upper left corner of the page.
A list of available nodes is displayed.
3.
From the list of nodes, select Administration Server.
4.
In the Common Tasks pane, click Restart or Stop.
A dialog box is displayed prompting you to confirm restarting or stopping the administration server. Click OK.
If you clicked Restart, then, after the administration server restarts, the log-in page of the administration console is displayed.
If you clicked Stop, then, after the administration server stops, a dialog box is displayed indicating that the browser is unable to communicate with the
administration server. Start the administration server as described in Starting the
Administration Server . Then, click the Reload button in the dialog box to bring up the
log-in page of the administration console.
Stopping the Administration Server Using the CLI
To stop the administration server, run the stop-admin
command:
> $ORACLE_HOME/bin/tadm stop-admin --user=admin_server_user --port=admin_server_port
node_host
2-4 Oracle Traffic Director Administrator's Guide
Viewing Administration Server Settings node_host
is the name or IP address of the host on which the administration server instance is deployed.
At the prompt, enter the administration user password.
After the administration server shuts down, the following message is displayed:
OTD-70201 Command 'stop-admin' ran successfully.
Note:
Stopping the administration server has no effect on the state of Oracle Traffic
Director instances.
Restarting the Administration Server Using the CLI
To restart the administration server by using the CLI, run the following command:
> $ORACLE_HOME/bin/tadm restart-admin --user=admin_server_user -port=admin_server_port node_host node_host
is the name or IP address of the host on which the administration server instance is deployed.
At the prompt, enter the administration user password.
After the administration server restarts, the following message is displayed:
OTD-70201 Command 'restart-admin' ran successfully.
Note:
Alternatively, you can use the following commands to stop and restart the administration server:
> $INSTANCE_HOME/admin-server/bin/stopserv
> $INSTANCE_HOME/admin-server/bin/restart
Viewing Administration Server Settings
You can view the settings of the administration server by using either the administration console or the CLI.
Note:
The CLI examples in this section are shown in shell mode ( tadm>
). For information about invoking the CLI shell, see
.
Viewing the Administration Server Settings Using the Administration Console
To view the current properties of the administration server by using the administration console, do the following:
Managing the Administration Server 2-5
Changing Administration Server Settings
1.
Log in to the administration console, as described in
2.
Click the Nodes button that is situated near the upper left corner of the page.
A list of available nodes is displayed.
Note:
The Nodes button is available only after you have created at least one new configuration.
3.
From the list of nodes, select Administration Server.
The General Settings page is displayed. You can view the authentication settings by clicking Authentication in the navigation pane.
Viewing the Administration Server Settings Using the CLI
To view the current properties of the administration server by using the CLI, run the following command: tadm> get-admin-prop
The current properties of the administration server are displayed as shown in the following example: instance-home=/production/otd java-home=/production/otd/jdk admin-node=false server-version=Oracle Traffic Director 11.1.1.7.0 B01/14/2013 09:08 admin-user=admin server-user=joe ssl-port=8989 log-file=../logs/server.log
log-level=NOTIFICATION:1 access-log-file=../logs/access.log
host=adm.example.com
description=This is the Administration Server node
These are the properties that you specified, or were set by default, when you created the administration server by using the configure-server
CLI command.
Changing Administration Server Settings
You can change the administration server settings by using either the administration console or the CLI.
Note:
The CLI examples in this section are shown in shell mode ( tadm>
). For information about invoking the CLI shell, see
.
2-6 Oracle Traffic Director Administrator's Guide
Changing Administration Server Settings
Changing the Administration Server Settings Using the Administration Console
To change the properties of the administration server by using the administration console, do the following:
1.
Log in to the administration console, as described in
2.
Click the Nodes button that is situated near the upper left corner of the page.
A list of available nodes is displayed.
3.
From the list of nodes, select Administration Server.
The General Settings page is displayed. On this page you can do the following:
• Change the SSL port number on which the administration server communicates.
• Change the path to the JDK that the administration server process should use.
• Change the locations of the access and server logs, and the server log level.
• Change the user ID with which the administration server runs. Note that you can change the user ID only when the administration server is running as the root
user and if there are no instances running on the administration server.
You can also set and configure a pin for the internal
token for the administration server's certificates database, and change and configure the authentication mode for the administration server. For more information, see
4.
Specify the parameters that you want to change, and then click Save.
A message is displayed in the Console Messages pane indicating that the updated settings are saved.
5.
Restart the administration server by clicking Restart in the Common Tasks pane.
Changing the Administration Server Settings Using the CLI
To change the settings of the administrator server by using the CLI, run the following command: tadm> set-admin-prop (property=value)+
You can specify one or more property=value
pairs separated by spaces, as shown in the following example: tadm> set-admin-prop ssl-port=8900 log-level=WARNING:1
For information about the properties that you can set by using the set-admin-prop command, see the Oracle Traffic Director Command-Line Reference or run the command with the
--help
option.
Note:
For the changes to take effect, you must restart the administration server.
Managing the Administration Server 2-7
Changing Administration Server Settings
2-8 Oracle Traffic Director Administrator's Guide
3
Managing Administration Nodes
After installing Oracle Traffic Director and creating the administration server on a particular host, you can create Oracle Traffic Director server instances on the same host. However, typically, you might want to deploy Oracle Traffic Director server instances on other hosts that are remote from the host on which the administration server runs. For example, to ensure high availability of the Oracle Traffic Director service, you can deploy instances of a configuration on two distinct hosts.
When you want to create Oracle Traffic Director server instances on hosts other than that on which you created the administration server, you must first designate those other hosts as administration nodes and register them with the administration server.
This chapter describes the procedure to create administration nodes and to start, stop, restart, and remove them.
This chapter contains the following sections:
•
Viewing a List of Administration Nodes
•
Starting an Administration Node
•
Changing the Properties of an Administration Node
•
Stopping and Restarting an Administration Node
Viewing a List of Administration Nodes
You can view a list of the administration nodes by using either the administration console or the CLI.
Note:
The CLI examples in this section are shown in shell mode ( tadm>
). For information about invoking the CLI shell, see
.
Viewing a List of Administration Nodes Using the Administration Console
To view a list of the available administration nodes by using the administration console, do the following:
1.
Log in to the administration console, as described in
2.
Click the Nodes button near the upper left corner of the page.
Managing Administration Nodes 3-1
Starting an Administration Node
The administration server and the administration nodes that are registered with it are displayed as shown in
. For each node, the names of the configurations that have been instantiated on the node are also displayed.
Figure 3-1 List of Administration Nodes
To view the settings of an administration node in detail, click on the node.
Viewing a List of Administration Nodes Using the CLI
To view a list of the administration nodes, run the list-nodes
command, as shown in the following example: tadm> list-nodes --verbose --all node-name node-port node-online node-description
---------------------------------------------------------------adm.example.com 8989 true "This is the Administration Server node" an.example.com 8900 false -
Starting an Administration Node
For the administration server to communicate with a remote administration node, the node must be running.
Note:
Oracle Java Cloud Service starts administration nodes when you create an Oracle Java Cloud Service instance with a load balancer or add a load balancer to an Oracle Java Cloud Service instance. You need to start an administration node only if it has been stopped outside the control of Oracle
Java Cloud Service, for example, by using Oracle Traffic Director administration interfaces.
To start an administration node, run the following command on the node host:
$INSTANCE_HOME/admin-server/bin/startserv
The following messages are displayed:
Oracle Traffic Director 11.1.1.7.0 B01/14/2013 09:08
[NOTIFICATION:1] [OTD-80118] Using [Java HotSpot(TM) 64-Bit Server VM, Version
1.6.0_29] from [Sun Microsystems Inc.]
[NOTIFICATION:1] [OTD-80000] Loading web module in virtual server [admin-server] at
[/jmxconnector]
[NOTIFICATION:1] [OTD-10358] admin-ssl-port: https://an.example.com:8900 ready to accept requests
[NOTIFICATION:1] [OTD-10487] successful server startup
3-2 Oracle Traffic Director Administrator's Guide
Changing the Properties of an Administration Node
Changing the Properties of an Administration Node
You can change the properties of an administration node by using either the administration console or the CLI.
Note:
The CLI examples in this section are shown in shell mode ( tadm>
). For information about invoking the CLI shell, see
.
Changing the Properties of an Administration Node Using the Administration
Console
To change the properties of an administration node by using the administration console, do the following:
1.
Log in to the administration console, as described in
2.
Click the Nodes button that is situated near the upper left corner of the page.
A list of available nodes is displayed.
3.
From the list of nodes, select the node for which you want to change properties.
The General Settings page is displayed.
4.
Specify the parameters that you want to change, and then click Save.
A message is displayed in the Console Messages pane indicating that the updated settings are saved.
5.
Restart the administration server by clicking Restart in the Common Tasks pane.
Changing the Properties of an Administration Node Using the CLI
To change the properties of an administration node by using the CLI, run the following command: tadm> set-admin-prop --node=node_name (property=value)+
You can specify one or more property=value
pairs separated by spaces, as shown in the following example: tadm> set-admin-prop --node=apps.example.com ssl-port=8900 log-level=warning
For information about the properties that you can set by using the set-admin-prop command, see the Oracle Traffic Director Command-Line Reference or run the command with the
--help
option.
Note:
For the changes to take effect, you should restart the administration node as described in
Stopping and Restarting an Administration Node
.
Managing Administration Nodes 3-3
Stopping and Restarting an Administration Node
Stopping and Restarting an Administration Node
You can stop and restart administration nodes by using either the administration console, CLI commands, or shell commands.
Note:
For information about stopping and restarting the administration server, see
Stopping and Restarting the Administration Server .
Stopping and Restarting an Administration Node Using the Administration
Console
To stop or restart an administration node by using the administration console, do the following:
1.
Log in to the administration console, as described in
2.
Click the Nodes button near the upper left corner of the page.
The administration server and all of the administration nodes that are registered with it are displayed.
3.
From the list of nodes, select the node that you want to stop or restart.
4.
In the Common Tasks pane, select Restart or Stop, as required.
Stopping and Restarting an Administration Node Using the CLI
• To stop an administration node, run the following command: tadm> stop-admin node_host
The following message is displayed:
OTD-70201 Command 'stop-admin' ran successfully.
• To restart an administration node, run the following command: tadm> restart-admin node_host
The following message is displayed:
OTD-70201 Command 'restart-admin' ran successfully.
For more information about the stop-admin
and restart-admin
commands, see the Oracle Traffic Director Command-Line Reference or run the commands with the
-help
option.
Stopping and Restarting an Administration Node Using Shell Commands
• To stop an administration node from the shell, run the following command:
$INSTANCE_HOME/admin-server/bin/stopserv
The following message is displayed: server has been shutdown
3-4 Oracle Traffic Director Administrator's Guide
Stopping and Restarting an Administration Node
• To restart an administration node from the shell, run the following command:
$INSTANCE_HOME/admin-server/bin/restart
Managing Administration Nodes 3-5
Stopping and Restarting an Administration Node
3-6 Oracle Traffic Director Administrator's Guide
advertisement
Key Features
- Load balancing
- Content switching
- Web acceleration
- Origin server health checking
- Dynamic discovery
- SSL/TLS termination
- Web application firewall
- High availability
- Performance optimization
- Flexible deployment options
Related manuals
Frequently Answers and Questions
How do I reset the password for the administration server user?
What is a "configuration"?
How do I access the administration console?
Why am I unable to select TCP as the health-check protocol when dynamic discovery is enabled?
After I changed the origin servers in a pool to Oracle WebLogic Servers, they are not discovered automatically, though dynamic discovery is enabled. Why?
How do I view the request and response headers sent and received by Oracle Traffic Director?
advertisement
Table of contents
- 3 Contents
- 11 List of Tables
- 13 Preface
- 13 Audience
- 13 Documentation Accessibility
- 13 Related Documents
- 14 Conventions
- 15 Part I Getting Started
- 17 1 Getting Started with Oracle Traffic Director
- 18 What's New in this Release?
- 19 Features of Oracle Traffic Director
- 22 Typical Network Topology
- 22 Oracle Traffic Director Terminology
- 24 Oracle Traffic Director Deployment Scenarios
- 24 Administration Framework of Oracle Traffic Director
- 25 Overview of the Administration Framework
- 27 Administration Server
- 27 Administration Node
- 27 Administration Interfaces
- 28 Configuration Store
- 28 Instance Configuration Files
- 28 Overview of Administration Tasks
- 32 Setting Up a Simple Load Balancer Using Oracle Traffic Director
- 32 Example Topology
- 33 Creating the Load Balancer for the Example Topology
- 35 Verifying the Load-Balancing Behavior of the Oracle Traffic Director Instance
- 37 2 Managing the Administration Server
- 37 Starting the Administration Server
- 38 Accessing the Administration Interfaces
- 38 Accessing the Command-Line Interface
- 39 Accessing the Administration Console
- 40 Stopping and Restarting the Administration Server
- 40 Stopping the Administration Server Using the CLI
- 41 Restarting the Administration Server Using the CLI
- 41 Viewing Administration Server Settings
- 42 Viewing the Administration Server Settings Using the CLI
- 42 Changing Administration Server Settings
- 43 Changing the Administration Server Settings Using the CLI
- 45 3 Managing Administration Nodes
- 45 Viewing a List of Administration Nodes
- 46 Viewing a List of Administration Nodes Using the CLI
- 46 Starting an Administration Node
- 47 Changing the Properties of an Administration Node
- 47 Changing the Properties of an Administration Node Using the CLI
- 48 Stopping and Restarting an Administration Node
- 48 Stopping and Restarting an Administration Node Using the CLI
- 48 Stopping and Restarting an Administration Node Using Shell Commands
- 51 Part II Basic Administration
- 53 4 Managing Configurations
- 53 Creating a Configuration
- 55 Creating a Configuration Using the CLI
- 56 Viewing a List of Configurations
- 56 Viewing a List of Configurations Using the CLI
- 56 Deployment Statuses
- 57 Deploying a Configuration
- 58 Modifying a Configuration
- 60 Modifying a Configuration Using the CLI
- 62 Synchronizing Configurations Between the Administration Server and Nodes
- 64 Synchronizing Configurations on the Administration Server and Administration Nodes Using the CLI
- 64 Copying a Configuration
- 65 Copying a Configuration Using the CLI
- 65 Deleting a Configuration
- 66 Viewing a List of Configuration Backups
- 67 Restoring a Configuration from a Backup
- 68 Restoring a Configuration from a Backup Using the CLI
- 69 5 Managing Instances
- 69 Creating Oracle Traffic Director Instances
- 70 Creating an Oracle Traffic Director Instance Using the CLI
- 70 Viewing a List of Oracle Traffic Director Instances
- 71 Viewing a List of Oracle Traffic Director Instances Using the CLI
- 71 Starting, Stopping, and Restarting Oracle Traffic Director Instances
- 72 Starting, Stopping, and Restarting Oracle Traffic Director Instances Using the CLI
- 73 Updating Oracle Traffic Director Instances Without Restarting
- 74 Reconfiguring Oracle Traffic Director Instances Using the CLI
- 74 Deleting Oracle Traffic Director Instances
- 74 Deleting Oracle Traffic Director Instances Using the CLI
- 75 Controlling Oracle Traffic Director Instances Through Scheduled Events
- 76 Managing Events Using the CLI
- 79 6 Managing Origin-Server Pools
- 79 Creating an Origin-Server Pool
- 81 Creating an Origin-Server Pool Using the CLI
- 82 Viewing a List of Origin-Server Pools
- 82 Viewing a List of Origin-Server Pools Using the CLI
- 82 Modifying an Origin-Server Pool
- 85 Changing the Properties of an Origin-Server Pool Using the CLI
- 85 Deleting an Origin-Server Pool
- 86 Deleting an Origin-Server Pool Using the CLI
- 86 Configuring an Oracle WebLogic Server Cluster as an Origin-Server Pool
- 87 How Dynamic Discovery Works
- 88 Enabling Dynamic Discovery
- 89 Enabling Dynamic Discovery Using the CLI
- 89 Configuring Health-Check Settings for Origin-Server Pools
- 92 Configuring Health-Check Settings for Origin Servers Using the CLI
- 93 7 Managing Origin Servers
- 93 Adding an Origin Server to a Pool
- 95 Adding an Origin Server to a Pool Using the CLI
- 96 Viewing a List of Origin Servers
- 96 Viewing a List of Origin Servers Using the CLI
- 96 Modifying an Origin Server
- 98 Changing the Properties of an Origin Server Using the CLI
- 98 Removing an Origin Server from a Pool
- 99 Removing an Origin Server from a Pool Using the CLI
- 101 8 Managing Virtual Servers
- 101 Creating a Virtual Server
- 103 Creating a Virtual Server Using the CLI
- 104 Viewing a List of Virtual Servers
- 104 Viewing a List of Virtual Servers Using the CLI
- 105 Modifying a Virtual Server
- 107 Modifying a Virtual Server Using the CLI
- 108 Configuring Routes
- 112 Copying a Virtual Server
- 113 Copying a Virtual Server Using the CLI
- 113 Deleting a Virtual Server
- 114 Deleting a Virtual Server Using the CLI
- 115 9 Managing TCP Proxies
- 115 Creating a TCP Proxy
- 117 Creating a TCP Proxy Using the CLI
- 117 Viewing a List of TCP Proxies
- 118 Viewing a List of TCP Proxies Using the CLI
- 118 Modifying a TCP Proxy
- 119 Modifying a TCP Proxy Using the CLI
- 119 Deleting a TCP Proxy
- 120 Deleting a TCP Proxy Using the CLI
- 121 10 Managing Listeners
- 121 Creating a Listener
- 124 Creating a Listener Using the CLI
- 125 Viewing a List of Listeners
- 126 Viewing a List of Listeners Using the CLI
- 126 Modifying a Listener
- 128 Modifying a Listener Using the CLI
- 128 Deleting a Listener
- 129 Deleting a Listener Using the CLI
- 131 Part III Advanced Administration
- 133 11 Managing Security
- 133 Securing Access to the Administration Server
- 134 Changing the Administrator User Name and Password
- 135 Configuring LDAP Authentication for the Administration Server
- 137 Configuring LDAP Authentication for the Administration Server Using the CLI
- 137 Enabling the Pin for the Administration Server's PKCS#11 Token
- 139 Renewing Administration Server Certificates
- 139 Configuring SSL/TLS Between Oracle Traffic Director and Clients
- 140 Overview of the SSL/TLS Configuration Process
- 140 Configuring SSL/TLS for a Listener
- 142 Configuring SSL/TLS for a Listener Using the CLI
- 143 Associating Certificates with Virtual Servers
- 144 Associating Certificates with Virtual Servers Using the CLI
- 144 Configuring SSL/TLS Ciphers for a Listener
- 145 Configuring Ciphers for a Listener Using the CLI
- 146 Cipher Suites Supported by Oracle Traffic Director
- 148 Certificate-Selection Logic
- 149 About Strict SNI Host Matching
- 150 SSL/TLS Concepts
- 151 Configuring SSL/TLS Between Oracle Traffic Director and Origin Servers
- 152 About One-Way and Two-Way SSL/TLS
- 152 Configuring One-Way SSL/TLS Between Oracle Traffic Director and Origin Servers
- 155 Configuring Two-Way SSL/TLS Between Oracle Traffic Director and Origin Servers
- 157 Managing Certificates
- 158 Creating a Self-Signed Certificate
- 160 Obtaining a CA-Signed Certificate
- 163 Installing a Certificate
- 166 Viewing a List of Certificates
- 167 Renewing a Server Certificate
- 168 Deleting a Certificate
- 169 Configuring Oracle Traffic Director to Trust Certificates
- 171 Managing PKCS#11 Tokens
- 174 Managing Certificate Revocation Lists
- 175 Installing and Deleting CRLs Manually
- 175 Installing and Deleting CRLs Manually Using the CLI
- 176 Installing CRLs Automatically
- 177 Managing Web Application Firewalls
- 178 Overview of Web Application Firewalls
- 178 Configuring Web Application Firewalls
- 179 Enabling and Installing Web Application Firewall Rule Sets
- 182 Listing the Rule Set Files
- 182 Viewing the List of Rule Set Files Using the CLI
- 183 Removing Rule Set Files
- 183 Removing Rule Set Files Using the CLI
- 184 Supported Web Application Firewall Directives, Variables, Operators, Actions, Functions, Persistent Storages and Phases
- 191 Configuring Client Authentication
- 192 Configuring Client Authentication Using the CLI
- 192 Preventing Denial-of-Service Attacks
- 193 Request Limiting Parameters
- 194 Configuring Request Limits for a Virtual Server
- 199 12 Managing Logs
- 199 About the Oracle Traffic Director Logs
- 199 Access Log
- 200 Server Log
- 200 Viewing Logs
- 201 Viewing Logs Using the CLI
- 202 Configuring Log Preferences
- 203 Configuring Log Preferences Using the CLI
- 205 About Log Rotation
- 205 Rotating Logs Manually
- 207 Configuring Oracle Traffic Director to Rotate Logs Automatically
- 208 Creating Log-Rotation Events Using the CLI
- 211 13 Monitoring Oracle Traffic Director Instances
- 211 Methods for Monitoring Oracle Traffic Director Instances
- 212 Configuring Statistics-Collection Settings
- 213 Configuring Statistics-Collection Settings Using the CLI
- 214 Configuring URI Access to Statistics Reports
- 215 Configuring URI Access to Statistics in XML Format Using the CLI
- 215 Configuring URI Access to Statistics in Plain-Text Format Using the CLI
- 216 Viewing Statistics Using the CLI
- 218 Viewing stats-xml and perfdump Reports Through a Browser
- 219 Monitoring Using SNMP
- 220 Configuring Oracle Traffic Director Instances for SNMP Support
- 221 Configuring SNMP Support Using the CLI
- 221 Configuring the SNMP Subagent
- 222 Starting and Stopping the SNMP Subagent
- 223 Viewing Statistics Using snmpwalk
- 225 Enabling the snmpwalk Command to Show MIB Object Names Instead of Numeric OIDs
- 226 Sample XML (stats-xml) Report
- 229 Sample Plain-Text (perfdump) Report
- 231 14 Tuning Oracle Traffic Director for Performance
- 232 General Tuning Guidelines
- 232 Tuning the File Descriptor Limit
- 234 Tuning the Thread Pool and Connection Queue
- 235 About Threads and Connections
- 235 Reviewing Thread Pool Metrics for an Instance
- 236 Reviewing Connection Queue Metrics for an Instance
- 237 Tuning the Thread Pool and Connection Queue Settings
- 237 Changing the Thread Pool and Connection Queue Settings Using the CLI
- 238 Tuning HTTP Listener Settings
- 239 Tuning Keep-Alive Settings
- 239 About Keep-Alive Connections
- 240 Reviewing Keep-Alive Connection Settings and Metrics
- 241 Tuning Keep-Alive Settings
- 242 Changing Keep-Alive Settings Using the CLI
- 243 Tuning HTTP Request and Response Limits
- 243 Viewing and Changing HTTP Request/Response Limits Using the CLI
- 244 Tuning Caching Settings
- 244 Caching in Oracle Traffic Director
- 245 Reviewing Caching Settings and Metrics for an Instance
- 246 Tunable Caching Parameters
- 248 Configuring Caching Parameters
- 251 Tuning DNS Caching Settings
- 251 Viewing DNS Cache Settings and Metrics
- 252 Configuring DNS Cache Settings
- 253 Configuring DNS Cache Settings Using the CLI
- 253 Tuning SSL/TLS-Related Settings
- 253 SSL/TLS Session Caching
- 254 Configuring SSL/TLS Session Caching Settings Using the CLI
- 255 Ciphers and Certificate Keys
- 255 Configuring Access-Log Buffer Settings
- 256 Configuring Access-Log Buffer Settings Using the CLI
- 257 Enabling and Configuring Content Compression
- 260 Common Performance Problems
- 260 Low-Memory Situations
- 260 Too Few Threads
- 261 Large Memory Footprint
- 261 Log File Modes
- 261 Using nostat
- 262 Tuning Connections to Origin Servers
- 264 Solaris-specific Tuning
- 264 Files Open in a Single Process (File Descriptor Limits)
- 265 Failure to Connect to HTTP Server
- 265 Tuning TCP Buffering
- 265 Reduce File System Maintenance
- 266 Long Service Times on Busy Volumes or Disks
- 266 Short-Term System Monitoring
- 266 Long-Term System Monitoring
- 267 Tuning for Performance Benchmarking
- 269 15 Diagnosing and Troubleshooting Problems
- 269 Roadmap for Troubleshooting Oracle Traffic Director
- 270 Solutions to Common Errors
- 270 Startup failure: could not bind to port
- 271 Unable to start server with HTTP listener port 80
- 271 Unable to restart SSL/TLS-enabled server after changing the PKCS#11 token pin
- 272 Unable to start the SNMP subagent
- 272 Unable to communicate with the administration server: connection refused
- 272 Oracle Traffic Director consumes excessive memory at startup
- 273 Operating system error: Too many open files in system
- 273 Unable to stop instance after changing the temporary directory
- 274 Unable to restart the administration server
- 274 Oracle Traffic Director does not maintain session stickiness
- 275 Frequently Asked Questions
- 276 How do I reset the password for the administration server user?
- 276 What is a "configuration"?
- 276 How do I access the administration console?
- 276 Why do I see a certificate warning when I access the administration console for the first time?
- 276 Can I manually edit configuration files?
- 276 In the administration console, what is the difference between saving a configuration and deploying it?
- 277 Why is the "Deployment Pending" message displayed in the administration console?
- 277 Why is the "Instance Configuration Deployed" message is displayed in the administration console?
- 277 Why does the administration console session end abruptly?
- 277 How do I access the CLI?
- 277 Why does "tadm --user=admin --host=myhost subcommand" take me into a command shell instead of executing the specified subcommand?
- 277 Why is a certificate warning message displayed when I tried to access the CLI for the first time?
- 277 How do I find out the short names for the options of a CLI command?
- 278 Can I configure the CLI to not prompt for a password every time I access it?
- 278 Why am I unable to select TCP as the health-check protocol when dynamic discovery is enabled?
- 278 After I changed the origin servers in a pool to Oracle WebLogic Servers, they are not discovered automatically, though dynamic discovery is enabled. Why?
- 278 How do I view the request and response headers sent and received by Oracle Traffic Director?
- 280 How do I enable SSL/TLS for an Oracle Traffic Director instance?
- 280 How do I find out which SSL/TLS cipher suites are supported and enabled?
- 280 How do I view a list of installed certificates?
- 280 How do I issue test requests to an SSL/TLS-enabled Oracle Traffic Director instance?
- 280 How do I analyze SSL/TLS connections?
- 283 How do I run the administration server on a privileged port (<1024) as a non-root user?
- 283 How do I view details of SSL/TLS communication between Oracle Traffic Director instances and Oracle WebLogic Server origin servers?
- 283 Why are certain SSL/TLS-enabled origin servers marked offline after health checks, even though the servers are up?
- 284 Does Oracle Traffic Director rewrite the source IP address of clients before forwarding requests to the origin servers?
- 284 Why does Oracle Traffic Director return a 405 status code?
- 285 Contacting Oracle for Support
- 287 A Metrics Tracked by Oracle Traffic Director
- 287 Instance Metrics
- 290 Process Metrics
- 291 Thread Pool Metrics
- 291 Connection Queue Metrics
- 292 Compression and Decompression Metrics
- 293 Virtual Server Metrics
- 295 CPU Metrics
- 296 Origin Server Metrics
- 298 Proxy Cache Metrics
- 298 DNS Cache Metrics
- 299 B Web Application Firewall Examples and Use Cases
- 299 Basics of Rules
- 300 Rules Against Major Attacks
- 300 Brute Force Attacks
- 302 SQL Injection
- 303 XSS Attacks
- 305 C Securing Oracle Traffic Director Deployment
- 305 Securing Oracle Traffic Director
- 307 Index