vFabric Web Server Installation and Configuration VMware vFabric Web Server 5.3 VMware vFabric Suite 5.3 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
You can find the most up-to-date technical documentation on the VMware Web site at: https://www.vmware.com/ support/. The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com Copyright © 2013 VMware, Inc. All rights reserved. This product is protected by copyright and intellectual property laws in the United States and other countries as well as by international treaties.
Table of Contents 1. About vFabric Web Server Installation and Configuration .............................................................................. 1 Intended Audience ......................................................................................................................... 1 2. Overview of vFabric Web Server ............................................................................................................ 3 Information for International Customers ...........................
iv vFabric Web Server
About vFabric Web Server Installation and Configuration 1 1. About vFabric Web Server Installation and Configuration Revised May 6, 2013. VMware vFabric Web Server Installation and Configuration describes product concepts and product-specific configuration tasks for VMware® vFabric™ Web Server.
2 vFabric Web Server 2 About vFabric Web Server Installation and Configuration
Overview of vFabric Web Server 3 2. Overview of vFabric Web Server vFabric Web Server is the Web server and load-balancing component of VMware vFabric Suite. vFabric Web Server 5.3 is based on Apache HTTP Server version 2.2. In addition to the standard features of Apache HTTP Server, vFabric Web Server provides the following benefits: • Ability to easily install multiple instances of vFabric Web Server running on a single computer.
4 vFabric Web Server • Apache mod_fcgid 2.3.7 • Apache mod_jk 1.2.37 • Apache APR Library 1.4.6 • Apache APR-util Library 1.3.12 • Apache tcnative connector • cURL 7.29 • Expat 2.1.0 • GNU libiconv 1.11 • mod_bmx 0.9.4 (Hyperic plug-in for monitoring support) • OpenSSL 1.0.1e • OpenSSL/FIPS 2.0 • OpenLDAP 2.3.43 • PCRE 8.32 • zlib 1.2.7 You typically install vFabric Web Server from the vfabric-web-server-version-platform package, which contains all the preceding compiled modules.
Overview of vFabric Web Server vFabric Web Server 5 vFabric ERS Customer Action Runs on current, vendor-supported 32and 64-bit releases of RHEL, Microsoft Windows, Solaris, and AIX. See Supported Configurations and System Requirements for the exact versions. Runs on now-unsupported, or "twilighted", versions of RHEL, Windows, Solaris, AIX, and HPUX. See ERS Supported Platforms for the exact versions.
6 vFabric Web Server 6 Overview of vFabric Web Server
Installing vFabric Web Server 7 3. Installing vFabric Web Server vFabric Web Server has several options for installation and setup. Installation options vary according to whether you install Web Server standalone or as part of vFabric Suite installation and whether your operating system is Unix, Windows, or another supported platform.
8 vFabric Web Server • Install the vFabric repository RPM, which makes it easier for you to browse the vFabric RPMs, including the vFabric Web Server RPM. The vFabric repository contains all RPMs that are certified with this release of vFabric Suite. You install the vFabric repository RPM on each RHEL computer on which you want to install one or more vFabric components, such as vFabric Web Server. 1. On the RHEL computer, start a terminal as the root user. 2.
Installing vFabric Web Server 3. 9 Enter y at the prompt to begin the actual installation. If the installation is successful, you see a Complete! message at the end. What the yum install command does The yum install command: • Installs vFabric Web Server into the /opt/vmware/vfabric-web-server directory. • Sets the owner of installation directory, along with all child directories and files, to root:root.
10 vFabric Web Server Prerequisites • Verify that your system meets the supported configurations and installation requirements. See Supported Configurations and System Requirements. • If you want to use unzip so you can specify additional options, but your platform does not support unzip, obtain an unzip command. • If your operating system is configured to support only 64-bit operation, an external unzip utility is required.
Installing vFabric Web Server 11 • Read Description of the vFabric Web Server Installation for a brief tour of what was installed. • Create and start using a vFabric Web Server as described in Creating and Using vFabric Web Server Instances. Windows: Install vFabric Web Server from a ZIP File You install vFabric Web Server on Windows computers using a self-extracting ZIP file (*.zip.exe) that you download from the VMware Web site.
12 5. vFabric Web Server Execute the downloaded *.zip.exe file to self-extract the files into the directory you created. You can do this, for example, by opening Window Explorer, navigating to the directory, and double-clicking on the *.zip.exe file. When the extraction completes, the vFabric Web Server files are located in the vfabric-web-server subdirectory. 6. From your command window, change to the main vFabric Web Server directory: PS prompt> cd c:\opt\vmware\vfabric-web-server 7.
Installing vFabric Web Server 13 Description of the vFabric Web Server Installation The main vFabric Web Server directory structure, although similar in many ways to the standard Apache HTTP directory layout, differs from it in a very fundamental way: vFabric Web Server separates the runtime binaries from the configuration data. To implement this separation, you use the newserver command to create a vFabric Web Server instance that lives in a subdirectory of the main vFabric Web Server home directory.
14 vFabric Web Server 14 Installing vFabric Web Server
Upgrading vFabric Web Server 15 4. Upgrading vFabric Web Server The instructions for upgrading vFabric Web Server differ slightly depending on your operating system and how you installed the original version. See: • RHEL: Upgrade Using the VMware RPM Repository • Unix: Upgrade Using a Self-Extracting ZIP • Windows: Upgrade Using a Self-Extracting ZIP RHEL: Upgrade Using the VMware RPM Repository You use yum upgrade to upgrade an existing RHEL installation of vFabric Web Server to the latest version.
16 vFabric Web Server Procedure 1. Download the appropriate vFabric Web Server self-extracting ZIP from the VMware Download Web site and place it in the parent directory of the main Web Server installation directory (vfabric-web-server.) For example, if you originally installed Web Server in /opt/vmware/vfabric-web-server, which in turn means that the HTTPD binaries are located in /opt/vmware/vfabric-web-server/httpd-2.2.version, then place the downloaded ZIP file in /opt/vmware.
Upgrading vFabric Web Server 17 2. Start PowerShell from the Start Menu as an Administrator by opening Start > All Programs > Accessories > Windows PowerShell, then right-clicking on Windows PowerShell and selecting Run as Administrator. A PowerShell window starts. 3. Download the appropriate vFabric Web Server self-extracting ZIP from the VMware Download Web site and place it in the parent directory of the main Web Server installation directory (vfabric-web-server.
18 vFabric Web Server 18 Upgrading vFabric Web Server
Migrating Enterprise Ready Server to vFabric Web Server 19 5. Migrating Enterprise Ready Server to vFabric Web Server This section has information about migrating Enterprise Ready Server (ERS) to to vFabric Web Server. For information about migrating ERS to vFabric tc Server, see Migrate an ERS Tomcat Instance to tc Server.
20 vFabric Web Server The default httpd.conf file that is created when you create a new vFabric Web Server instance contains examples of including external configuration files. The external files are located in the /conf/extra directory) and are referenced with Include directives in the main httpd.conf file. For more information, see the Apache HTTPD documentation.
Migrating Enterprise Ready Server to vFabric Web Server 21 Purpose Enterprise Ready Server vFabric Web Server 5.3 Configuration file /conf/ httpsd.conf /conf/ httpd.conf Additional configuration files for various Apache modules are located in the /conf/extras subdirectory. Script for creating new Apache HTTPD server instances Linux Perl script: /ersserver.
22 Module vFabric Web Server Changes in vFabric Web Server You can disable this functionality by commenting out the LoadModule directives for the BMX modules in the httpd.conf file. For more information, see Configure BMX for Monitoring vFabric Web Server Instances. mod_bmx (vFabric Web Server) mod_bmx is a module in vFabric Web Server. For a sample configuration, see the following directory in a newly created vFabric Web Server instance: /conf/extras/conf/extra/httpd-info.
Migrating Enterprise Ready Server to vFabric Web Server Item 23 Enterprise Ready Server vFabric Web Server 5.3 • graceful • graceful • configtest • status • configtestssl • install • uninstall • configtest See httpdctl Reference. Startup script command with SSL enabled To use SSL in an ERS instance you configure and load an SSL module in the httpsd.conf file, and you use the startssl option when you run the apache_startup script.
24 vFabric Web Server • Apache modules—modify the appropriate LoadModule directives. • DocumentRoot property. • statements. • Include directives. • Paths to any scripts referenced in the configuration. • Paths to any log files referenced in the configuration. 6. If your vFabric Web server instance uses any of the Apache modules that have changed, change the LoadModule directives to point to the new modules.
Creating and Using vFabric Web Server Instances 25 6. Creating and Using vFabric Web Server Instances To start using vFabric Web Server, you explicitly create a new instance after you install it. An instance is not created for you by default.
26 vFabric Web Server Prerequisites • Complete the appropriate procedure in Installing vFabric Web Server. • As of version 5.2 of vFabric Web Server, you must use Windows PowerShell to execute vFabric Web Server scripts on Windows computers. See the prerequisites section of Windows: Install vFabric Web Server from a ZIP File for information on installing PowerShell (if it is not already installed on your Windows computer) and enabling it for script processing. Procedure 1.
Creating and Using vFabric Web Server Instances 27 Table 6.1. Options of the newserver Command Option Description Required? --server=servername Name of the new vFabric Web Server instance. The value of this option becomes the name of the directory that contains the instance configuration files, and by default is the name of the host. Yes. The value of servername must be a valid DNS value and consist only of ASCII letters, digits or the dash character.
28 Option vFabric Web Server Description Required? unique name and directory location for the new instance. --quiet Specifies that the newserver command should use default values for all prompts. No. If you do not specify this option, newserver interactively prompts for all answers. --rootdir=rootdir Directory that contains the httpd-2.2.version directory, which in turn contains the Apache HTTP binaries. No. The default value is the current directory.
Creating and Using vFabric Web Server Instances Option 29 Description Required? The following example shows how to specify that the new vFabric Web Server instance run as the newhttpd user in the newhttpd group: prompt# ./newserver --server=myserver --set User=newhttpd --set Group=newhttpd --sourcedir=sourcedir Name of the directory that contains the template that newserver uses to create the new vFabric Web Server instance. No. The default value is httpdir/_instance. Table 6.2.
30 vFabric Web Server Unix: Start and Stop vFabric Web Server Instances You interactively start, stop, or restart a vFabric Web Server instance on Unix with the httpdctl shell script in the bin directory of the instance. Warning: You always use the start script in the bin of the instance directory, such as /opt/vwmare/vfabric-webserver/myserver/bin. Do not use the start script in the httpd-2.2/bin sub-directory of the main installation directory.
Creating and Using vFabric Web Server Instances 31 What to do next • Complete the procedure in Serve a Sample HTML File from your vFabric Web Server Instance. • Configure your instance as described in Configuring vFabric Web Server. Installing vFabric Web Server Instances as Unix Services You can install a vFabric Web Server instance as a system service on Unix, Linux, so it automatically starts and stops when the operating system itself starts and stops.
32 vFabric Web Server Procedure 1. Log in to your Windows computer as the Administrator user and start a PowerShell window by going to Start > All Programs > Accessories > Windows PowerShell, then right-clicking on Windows PowerShell and selecting Run as Administrator. 2. Change to the bin subdirectory of the root directory for the vFabric Web Server instance. For example, if you created an instance called myserver that lives in the installation directory c:\opt\vmware \vfabric-web-server: PS prompt> c
Creating and Using vFabric Web Server Instances 33 • httpdctl.ps1: PowerShell script for Windows. See Windows: Start and Stop vFabric Web Server Instances for usage examples. Script commands are the same for both. Commands are described in the following table. Table 6.3. httpdctl Script Commands Command Description start Starts the vFabric Web Server instance. If the instance is already running, the command returns an error. stop Forcibly stops the vFabric Web Server instance.
34 vFabric Web Server Procedure 1. Open the configuration file for your vFabric Web Server instance and make note of the value of the DocumentRoot directive, which is the directory out of which the instance serves your documents. By default, vFabric Web Server takes all requests from this directory. The configuration file is called httpd.conf and is located in the INSTANCE-DIR/conf, such as /opt/vmware/ vfabric-web-server/myserver/conf/httpd.conf.
Configuring vFabric Web Server Instances 35 7. Configuring vFabric Web Server Instances The default configuration of a newly created vFabric Web Server instance is fairly simple. Although the configuration is likely adequate for your needs, sometimes you might need to further configure the instance to enable one of its many useful features, such as load-balancing between two or more tc Runtime instances. This chapter provides some information to get you started.
36 vFabric Web Server Configure Load Balancing Between Two or More tc Runtime Instances You can configure a vFabric Web Server instance to perform simple load balancing between two or more tc Server instances. tc Runtime is the runtime component of vFabric tc Server.
Configuring vFabric Web Server Instances 37 • Install vFabric tc Server on the same or different computer as vFabric Web Server, and create two more instances. Make note of the host and port numbers of the two instances. See the vFabric tc Server documentation for details. • Deploy the same application to the two tc Runtime instances. Procedure To configure load balancing for the scenario described in the introduction to this section, follow these steps: 1.
38 vFabric Web Server • The loadfactor parameter specifies how much load a particular member carries. If you want each member to carry the same load, set the numbers equal to each other (as in the example above). If, however, you want one member to work three times harder than the other, set the load factors to 3 and 1. • Use the lbmethod parameter of the ProxySet directive to specify the load balancing algorithm. The possible values are as follows: • byrequests: performs weighted request counting.
Configuring vFabric Web Server Instances 39 prompt# cd /opt/vmware/vfabric-web-server/lb-server prompt# bin/httpdctl start 7. Start (or restart) the two tc Runtime instances for the configuration changes to take effect. Following our example: prompt$ cd /var/opt/vmware/vfabric-tc-server-standard prompt$ ./tcruntime-ctl.sh instanceOne restart prompt$ ./tcruntime-ctl.sh instanceTwo restart You have now configured load balancing for the two tc Runtime instance using the front-end vFabric Web Server.
40 vFabric Web Server 4. Restrict Communication With tc Runtime Instances to Known Clients 5. Configure vFabric Web Server to Authenticate Using a Specific Client Certificate Important. It is assumed that you have already installed vFabric Web Server and vFabric tc Server, created instances, and set up unsecured load balancing between them. If you have not already done this, see Configure Load Balancing Between vFabric Web Server and vFabric tc Server.
Configuring vFabric Web Server Instances 41 maxKeepAliveRequests="15" port="8443" protocol="org.apache.coyote.http11.Http11Protocol" redirectPort="8443" scheme="https" secure="true"/> Configure the vFabric Web Server Instance to Use SSL The easiest way to do configure SSL for a Web Server instance is to use the newserver interactive command to create a new instance and specify that you want to enable SSL for the instance. The command performs configuration tasks and creates a private key.
42 vFabric Web Server prompt$ ./tcruntime-ctl.sh restart 7. Test that you have configured each tc Runtime instance correctly by navigating to an application deployed on the instance using your browser. The tc Runtime instance should deny you access because your browser does not have the required client certificate configured.
Configuring vFabric Web Server Instances 43 SSLProxyMachineCertificateFile "ssl/client.crtkey" SSLProxyEngine on 5. Restart the vFabric Web Server instance for the configuration changes to take effect. For example: prompt# cd /opt/vmware/vfabric-web-server/lb-server prompt# bin/httpdctl restart 6. Test that everything is working correctly by accessing your application through the vFabric Web Server host or IP address and HTTPS port. For example, if the Web Server IP address is 192.11.22.
44 vFabric Web Server SetHandler bmx-handler Order Deny,Allow Deny from all Allow from 127.0.0.1 myhost.com 3. To restrict BMX access to a particular virtual host, put the directive inside the appropriate directive. For example: DocumentRoot "/opt/vmware/vfabric-web-server/myserver/myhost.com/htdocs" ServerName status.myhost.com ... SetHandler bmx-handler Order Deny,Allow Deny from all Allow from 127.0.0.1 myhost.
Configuring vFabric Web Server Instances 45 Metric Alias Units Category Parent Server Generation ParentServerGeneration none Throughput Default Default Interval On vFabric Web Server Virtual Host Metrics This section lists the metrics available for a virtual host. Table 7.2.
46 vFabric Web Server Metric Alias Units Category Default Default Interval On Out Bytes 302 per Minute OutBytes3021m none Throughput true 10 min Out Bytes 403 OutBytes403 none Throughput false 10 min Out Bytes 403 per Minute OutBytes4031m none Throughput true 10 min Out Bytes 404 OutBytes404 none Throughput false 10 min Out Bytes 404 per Minute OutBytes4041m none Throughput true 10 min Out Bytes 500 OutBytes500 none Throughput false 10 min Out Bytes 500 per Minute
Security Information 47 8. Security Information VMware is committed to providing products and solutions that allow you to assess the security of your information, secure your information infrastructure, protect your sensitive information, and manage security information and events to assure effectiveness and regulatory compliance.
48 vFabric Web Server • access_log: Contains information about all Web Server requests. • ssl_request_log: Applies only if you enabled SSL. Contains information about requests that came over HTTPS. These log files are specific to a Web Server instance and are stored by default in the INSTANCE-DIR/logs directory, where INSTANCE-DIR refers to the directory in which the Web Server instance is located, such as /opt/vmware/vfabric-webserver/myserver.
Managing Planned and Unplanned Outages 49 9. Managing Planned and Unplanned Outages This chapter describes how to manage both planned and unplanned outages of vFabric Web Server. Subtopics Managing Planned Outages Managing Unplanned Outages Backing Up vFabric Web Server Managing Planned Outages In a planned outage, you schedule a time when vFabric Web Server instances will be briefly unavailable so that you can perform maintenance on the instance, create cold backups, and so on. 1.
50 vFabric Web Server Procedure 1. Ensure that you have a recent cold backup of the Web Server instance that contains the last known good configuration and deployed content. 2. If necessary, log in as the root (Unix) or Administrator (Windows) user and stop all Web Server instances. For example, on Unix: prompt# cd /opt/vmware/vfabric-web-server/myserver/bin prompt# .
Managing Planned and Unplanned Outages 51 VMware recommends that you always take cold backups of your instances, which means you ZIP or TAR up the instance directory after stopping the instance. A hot backup refers to creating a ZIP or TAR file of the instance directory without first stopping the instance. On Unix this method might be possible, and you likely can fully restore the instance from the hot backup.
52 vFabric Web Server 52 Managing Planned and Unplanned Outages
Additional Documentation 53 10. Additional Documentation The documentation in this guide provides information about what vFabric Web Server contains; how to install it; and how to create, start, and stop instances. The vFabric Web Server documentation does not, however, provide details about configuring and using the core Apache HTTP component; for that you must go elsewhere, such as the Apache documentation. • Apache HTTP Server 2.2 http://httpd.apache.org/docs/2.2/ • OpenSSL http://www.openssl.
54 vFabric Web Server 54 Additional Documentation
