VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All
other marks and names mentioned herein may be trademarks of their respective companies.
VMware, Inc., 3401 Hillview Avenue, Palo Alto, CA 94304
www.vmware.com
Table of Contents
1. About vFabric Web Server Installation and Configuration .............................................................................. 1
About vFabric Web Server Installation
and Configuration
1. About vFabric Web Server Installation and Configuration
Revised July 17, 2012.
VMware vFabric Web Server Installation and Configuration describes product concepts and product-specific configuration
tasks for VMware® vFabric™ Web Server. Fully compatible with Apache Web Server, vFabric Web Server is a dynamic loadbalancing service that is available as a standalone product and as a part of VMware® vFabric Suite™ Standard and vFabric
Suite Advanced editions. Read this documentation for an overview of vFabric Web Server features, installation instructions, and
information on how to configure functionality that is specific to vFabric Web Server.
Intended Audience
vFabric Web Server Installation and Configuration is intended for experienced Windows and Unix developers and system
administrators who want to install a Web Server to serve static Web content, act as a proxy, or load balance between application
servers such as VMware® vFabric™ tc Server.
1
VMware vFabric Suite 5.11
2vFabric Web Server
About vFabric Web Server Installation
2
and Configuration
Overview of vFabric Web Server3
2. Overview of vFabric Web Server
vFabric Web Server is the Web server and load-balancing component of VMware vFabric Suite. vFabric Web Server 5.1 is based
on Apache HTTP Server version 2.2.
In addition to the standard features of Apache HTTP Server, vFabric Web Server provides the following mission-critical benefits:
• Ability to easily install multiple instances of vFabric Web Server running on a single computer.
• Scalable management of multiple Web sites and servers; you can run and manage hundreds of instances of vFabric Web
Server.
• Support for heterogeneous environments (32- and 64-bit architectures): Red Hat Enterprise Linux (RHEL), AIX, Solaris, and
Microsoft Windows. vFabric Web Server can be updated and patched across all servers at once. See Supported Configurations
and System Requirements for details.
Complete Packages and Modules in vFabric Web Server 5.1
This section lists the complete contents of vFabric Web Server 5.1.
This document describes features and functionality for vFabric Web Sever 5.1. For general information about new
features in Apache HTTP Server 2.2, see the Apache Web site.
• Core Apache HTTP 2.2.22 Binaries
• Apache mod_ftp 0.9.6
• Apache mod_fcgid 2.3.6 (a FastCGI invoker)
• OpenSSL 1.0.1a
• OpenLDAP 2.3.43
• mod_jk 1.2.31
• mod_bmx (Hyperic plug-in for monitoring support)
• libexpat 2.1.0
• libpcre 8.30
• libapr 1.4.5
• libaprutil 1.3.12
• libiconv 1.11
• zlib 1.2.3
• unzip 6.0
You typically install vFabric Web Server from the vfabric-web-server-version package, which contains all the
preceding compiled modules. For your convenience, VMware also makes a vfabric-web-server-devel-version
package available which you can use to build HTTPD modules. Typically, you install the -devel package only on development
computers, and not on production computers.
mod_fcgid Implementation of Connector to FastCGI
The mod_fcgid distributed with vFabric Web Server 5.1 is an implementation of the connector to FastCGI applications. This
module allows the user to provision FastCGI providers such as PHP or Ruby on Rails from third parties, running out-of-process
from the server itself.
VMware vFabric Suite 5.13
4vFabric Web Server
Many applications can be built to support FastCGI; consult your language or application documentation for details. The
application providing FastCGI services is launched by mod_fcgid on the initial request, and reused for subsequent requests to that
application or language environment.
For details on configuring an application, including the number of persistent processes created, see Apache Module mod_fcgid.
Differences Between vFabric Web Server and vFabric ERS
The vFabric Cloud Application Platform includes two HTTP server and load-balancing products: vFabric Web Server and
vFabric Enterprise Ready Server (ERS). vFabric ERS is nearing its end-of-life and VMware highly recommends that ERS
customers migrate to vFabric Web Server. The following table describes the major differences between the two products and
provides high-level actions that existing ERS customers can take as they prepare for the migration.
Table 2.1. Differences Between vFabric Web Server and vFabric ERS
vFabric Web ServervFabric ERSCustomer Action
Available as part of vFabric Suite (Standard
and Advanced) or as a standalone product.
Strictly an Apache HTTPD Server-based
product. vFabric tc Server, a separate
product, is strictly an Apache Tomcat-based
product.
Runs on current, vendor-supported 32and 64-bit releases of RHEL, Microsoft
Windows, Solaris, and AIX. See Supported
Configurations and System Requirements for
the exact versions.
Includes the current enterprise-ready release
of Apache HTTPD Server 2.2.
During installation or upgrade, the Apache
HTTPD binaries are written to a path
in the format vfabric-web-server/httpd-2.2.xx.x-32. This preserves any
existing Apache HTTPD binaries without
overwriting them.
Includes the most commonly-used modules.
See Complete Packages and Modules in
vFabric Web Server 5.1.
Closely tracks Apache Software Foundation
(ASF) naming and directory layout
conventions. In particular:
• install-dir/httpd-2.2/modules/
directory contains the loadable modules
• Binaries and configuration file names use
httpd prefix
• install-dir/newserver.pl|vbs
creates new instances
• instance-dir/bin/httpdctl controls
each deployed instance
• instance-dir/conf/extras/ offers
feature-based small config templates
Not included in vFabric Suite. Originally
designed for only physical computers.
Includes both Apache HTTPD and Apache
Tomcat packages.
Runs on now-unsupported, or "twilighted",
versions of RHEL, Windows, Solaris, AIX, and
HPUX. See ERS Supported Platforms for the
exact versions.
Includes the current release of Apache
HTTPD Server 2.2, as well as the nowdeprecated 2.0 and 1.3 versions.
During installation or upgrade, the Apache
HTTPD binaries are always written to the
same directory (ers-install-path/apache2.2-64), which means on upgrade
any existing binaries are overwritten.
Included additional modules, such as
mod_perl, mod_php, and mod_snmp.
Has a number of now-stale, legacy file and
path conventions. In particular:
• install-dir/apache2.2/modules/standard directory contains the loadable
modules
• Binaries and configuration file names use
httpsd prefix
• install-dir/ers-server.pl creates
new instances
• install-dir/servers/instance-
dir/bin/apache_startup.sh|bat
controls each deployed instance
• install-dir/servers/instance-dir/conf/httpsd.conf is one large,
monolithic configuration template.
Select licensing based on vFabric integration
or dedicated hardware.
Migrate ERS Apache HTTPD instances to
vFabric Web Server. Separately migrate ERS
Tomcat instances to vFabric tc Server.
Upgrade to a vendor-supported operating
system version for all vFabric Web Server
instances, and apply all patch releases (such
as service packs) issued by that vendor
no later than 12 months from their vendor
release.
Migrate all Apache HTTPD 2.0 and 1.3
instances to vFabric Web Server 2.2
instances. The migration requires updates to
the *.conf file.
Point all server instances to the common
symlink vfabric-web-server/httpd-2.2, modify it to revert/roll back/
change 32-64 bit modes.
Migrate PHP and Perl applications to the
supported, and more optimal, mod_fcgid
environment.
Create a new vFabric Web Server instance,
then migrate customizations from your
existing vFabric ERS instance. Alternatively,
modify a copy of the deployed vFabric
ERS instance tree to use vFabric Web
Server path and file name conventions.
Use smaller functional .conf snippets to
make the configuration more organized and
maintainable.
4Overview of vFabric Web Server
Installing vFabric Web Server5
3. Installing vFabric Web Server
vFabric Web Server has several options for installation and setup. Installation options vary according to whether you install
Web Server standalone or as part of vFabric Suite installation and whether your operating system is Unix, Windows, or another
supported platform.
Subtopics
Installation Note for vFabric Suite Customers
Available Distribution Packages
RHEL: Install vFabric Web Server from the VMware Package Repository
Unix: Install vFabric Web Server from a Self-Extracting ZIP
Windows: Install vFabric Web Server from a Self-Extracting ZIP File
Activate a local vFabric Web Server License
Description of the vFabric Web Server Installation
Upgrading vFabric Web Server
Installation Note for vFabric Suite Customers
If you will be installing vFabric Web Server as part of a vFabric Suite Standard package, complete the procedures for installing
vFabric License Server and activating vFabric Suite licenses in Getting Started with vFabric Suite. You may also want to read the
other vFabric licensing sections in that guide, to understand how licensing works with vFabric Suite.
Available Distribution Packages
vFabric Web Server is split into the following two distribution packages to simplify the installation and deployment to your
datacenter:
• vfabric-web-server: Base package entirely sufficient for all production environment.
• vfabric-web-server-devel: Supplemental package that developers can use to compile and link http modules with the
same headers and libraries as httpd itself using the httpd-2.2/bin/apxs tool. This package requires that you also install
the base package.
RHEL: Install vFabric Web Server from the VMware RPM Repository
When installing vFabric Web Server on a Red Hat Linux Enterprise (RHEL) computer , it is recommended that you use yum
from the VMware RPM repository.
Prerequisites
• Install the vFabric repository RPMs, which makes it easy for you to browse the vFabric RPMs (in particular the Web Server
RPMs) available in the VMware repositories.
There are two vFabric repositories, both located on repo.vmware.com:
• vfabric-5.1-repo-5.1: Contains the vFabric component RPMs that are certified for vFabric 5.1.
• vfabric-all-repo: Contains additional vFabric component RPMs that have released after vFabric Suite 5.1 released,
such as maintenance releases of components. These RPMs may not necessarily be certified to work with those of vFabric
VMware vFabric Suite 5.15
6vFabric Web Server
5.1. Additionally, the RPMs in vfabric-all-repo might be used by customers who have not bought a vFabric 5.1
Suite Standard or Advanced license.
In addition, each of the preceding repositories has separate URLs for RHEL 5 and RHEL 6.
If you are using only RPMs certified for vFabric 5.1 Suite Advanced or Standard, then you install only vfabric-5.1-repo-5.1. If, however, you are upgrading a vFabric component to a version that has not yet been officially certified for
vFabric 5.1, then install both repositories.
1.On the RHEL computer, start a terminal either as the root user or as an unprivileged user using sudo.
2.Install the vfabric-5.1-repo-5.1, and optionally vfabric-all-repo, RPMs using the rpm command. The
URLs of the RPMs differ depending on the version of RHEL you are using.
If necessary, use sudo to run the preceding commands if you are not logged in as the root user.
You do this step only once. You install the vFabric repository RPMs on each RHEL computer on which you want to
install one or more vFabric components, such as vFabric Web Server.
3.Use the yum search vfabric command to view the list of vFabric components that you can install from the
VMware repository. For example (with sample output):
prompt# yum search vfabric
...
======================================== Matched: vfabric =========================================
vfabric-eula.noarch : VMware vFabric 5.1 End User License Agreement
vfabric-tc-server-standard.noarch : VMware vFabric tc Server Standard
vfabric-web-server.x86_64 : VMware vFabric Web Server
...
The vFabric Web Server RPM is called vfabric-web-server.
Procedure
1.From the RHEL computer on which you will install vFabric Web Server, log in as the root user.
2.Execute the following yum command:
prompt# yum install vfabric-web-server
The yum command begins the install process, resolves dependencies, and displays the packages it plans to install.
If this is the first time that you install vFabric Web Server on the computer, the yum command also installs the vfabric-eula RPM and prompts you to accept the VMware license agreement.
The yum command automatically chooses the appropriate RPM package based on your architecture (32- or 64-bit).
To install the developer's package:
prompt# yum install vfabric-web-server-devel
6Installing vFabric Web Server
Installing vFabric Web Server7
3.Enter y at the prompt to begin the actual installation.
When the installation process finishes, you will see a Complete! message at the end. Check the output of the command to
ensure that the installation was successful.
The yum command:
• Installs vFabric Web Server into the /opt/vmware/vfabric-web-server directory.
• Sets the owner of all directories and files under /opt/vmware/vfabric-web-server to root.
What to do next
• If you installed Web Server standalone, activate a local Web Server license as described in Activate a local vFabric Web
Server License.
If you installed Web Server as part of vFabric Suite, then you should have already activated a network license using the
vSphere client, as described Installation Note for vFabric Suite Customers.
• Read Description of the vFabric Web Server Installation for a brief tour of what was installed.
• Create and start using a vFabric Web Server as described in Creating and Using vFabric Web Server Instances.
Unix: Install vFabric Web Server from a Self-Extracting ZIP
You can install vFabric Web Server on Unix computers with a self-extracting ZIP file that you download from the VMware Web
site. Self-extracting zip files expand themselves, or you can use unzip if your platform supports it. Using unzip explicitly
enables you to specify options in addition to what is executed by default when the ZIP self-extracts.
Prerequisites
• Verify that your system meets the supported configurations and installation requirements. See Supported Configurations and
System Requirements.
• If you want to use unzip so you can specify additional options, but your platform does not support unzip, obtain an unzip
command.
• If your operating system is configured to support only 64-bit operation, an external unzip utility is required. Do not use the
jar utility to unpack these zip files, because the file system permissions will not be unpacked correctly.
• Be sure you have installed Perl on your computer, and that it is at least version 5.8. Additionally, you cannot run the Perl script
(described in the procedure) in multibyte character encoding such as UTF8; this means you must unset the LANG or LC_***
variables to remove any UTF8 or other encodings.
Procedure
1.Log in as the root user on to the Unix computer on which you want to install vFabric Web Server.
2.Create the directory in which you will install vFabric Web Server. For example:
prompt# mkdir /opt/vmware
3.Download the appropriate vFabric Web Server self-extracting ZIP from the VMware Download Web site and place it in the
directory you created.
Be sure to choose the correct Unix operating system and chip architecture. For example, the file to install vFabric Web
Server on a 64-bit Linux platform is vfabric-web-server-version-x86_64-linux-glibc2.zip.sfx.
4.From your terminal window, change to the directory in which you downloaded the ZIP file:
VMware vFabric Suite 5.17
8vFabric Web Server
prompt# cd /opt/vmware
5.If necessary, change the permissions of the downloaded ZIP file to make it executable:
When it completes, the vFabric Web Server files are located in the vfabric-web-server subdirectory.
7.Change to the vfabric-web-server directory and run the fixrootpath.pl Perl script to correct the root paths. For
example:
prompt# cd vfabric-web-server
prompt# perl fixrootpath.pl
What to do next
• If you installed Web Server standalone, activate a local Web Server license as described in Activate a local vFabric Web
Server License.
If you installed Web Server as part of vFabric Suite, then you should have already activated a network license using the
vSphere client, as described Installation Note for vFabric Suite Customers.
• Read Description of the vFabric Web Server Installation for a brief tour of what was installed.
• Create and start using a vFabric Web Server as described in Creating and Using vFabric Web Server Instances.
Windows: Install vFabric Web Server from a ZIP File
You install vFabric Web Server on Windows computers using a self-extracting ZIP file (*.zip.exe) that you download from
the VMware Web site.
Prerequisites
• Verify that your system meets the supported configurations and installation requirements. See Supported Configurations and
System Requirements.
Procedure
1.From the Windows computer on which you want to install vFabric Web Server, log in as the Administrator user.
2.Start a command window, then create the directory into which you will install vFabric Web Server. Do not create a directory
name that contains spaces. For example:
prompt> mkdir c:\opt\vmware
Note: Depending on the Windows version, you may not have the required permissions when you start the command
window, even if you logged in as the Administrator user. If, when executing the steps in this procedure, you find that some
commands fail because of a lack of permissions, start a new command window from the original one using the runas
command and run the commands from there instead:
prompt> runas /user:administrator "cmd.exe /k"
3.Download the appropriate vFabric Web Server self-extracting ZIP from the VMware Download Web site and place it in the
directory you created.
8Installing vFabric Web Server
Installing vFabric Web Server9
Be sure to choose the correct architecture (32- or 64-bit). For example, the file to install vFabric Web Server on a 64-bit
Windows platform is vfabric-web-server-version-x64-windows.zip.exe.
4.Execute the downloaded *.zip.exe file to self-extract the files into the directory you created. You can do this, for
example, by opening Window Explorer, navigating to the directory, and double-clicking on the *.zip.exe file.
When the extraction completes, the vFabric Web Server files are located in the vfabric-web-server subdirectory.
5.From your command window, change to the main vFabric Web Server directory:
prompt> cd c:\opt\vmware\vfabric-web-server
6.Run the fixrootpath.vbs VBScript to correct the root paths; use the cscript command to invoke the script. For
example:
prompt> cscript fixrootpath.vbs
7.Create a symbolic link from the existing httpd-2.2.version directory to one called httpd-2.2, where version
refers to the minor version and architecture of vFabric Web Server.
For example, to use the 64-bit edition of vFabric Web Server on a Windows 2008 computer, run the following command:
prompt> mklink /d httpd-2.2 httpd-2.2.22.0-64
On Windows 2003, use the makelink command, which is included in the main vFabric Web Server directory (such as c:
\opt\vmware\vfabric-web-server). For example:
prompt> makelink httpd-2.2 httpd-2.2.22.0-64
What to do next
• If you installed Web Server standalone, activate a local Web Server license as described in Activate a local vFabric Web
Server License.
If you installed Web Server as part of vFabric Suite, then you should have already activated a network license using the
vSphere client, as described Installation Note for vFabric Suite Customers.
• Read Description of the vFabric Web Server Installation for a brief tour of what was installed.
• Create and start using a vFabric Web Server as described in Creating and Using vFabric Web Server Instances.
Activate a local vFabric Web Server License
When you purchase a local production vFabric Web Server license, your account manager provides you with one or more serial
numbers. This section describes how to activate this local license.
Important: This section does not apply if you plan to use the vFabric License Server to track Web Server licenses; for
information on how to activate a network license, see Installation Note for vFabric Suite Customers.
Procedure
1.On the computer on which you installed Web Server, paste the serial number into a file named vf.ws-serialnumbers.txt.
2.Save this file to the directory appropriate to your operating system:
• Windows: %ALLUSERSPROFILE%\VMware\vFabric\
VMware vFabric Suite 5.19
10vFabric Web Server
• Unix: /etc/opt/vmware/vfabric/
3.Ensure that the file is readable by the user who runs the Web Server instance. Because this user is typically root, no
additional steps are typically required on Unix. Windows users who adjust the vFabric Web Server service to run as an
account other than LocalSystem will need to verify these permissions.
Description of the vFabric Web Server Installation
The main vFabric Web Server directory structure, although similar in many ways to the standard Apache HTTP directory layout,
differs from it in a very fundamental way: vFabric Web Server separates the runtime binaries from the configuration data.
To implement this separation, you use the newserver.pl command to create a vFabric Web Server instance that lives in a
subdirectory of the main vFabric Web Server home directory. The name of the instance is the name of the new subdirectory. You
then configure this instance as you want, using the standard Apache httpd files in the server-name/conf directory, such as
httpd.conf.
Perform all configuration work inside the server instance (server-name/conf) directory. Never modify any
files under the binary directory (such as httpd-2.2).
Keeping the runtime binary files apart from the files that are configured by administrators or end users makes it easier to upgrade
or apply patches to the code without the risk of overwriting or corrupting user data. It also enables administrators to run multiple
server instances independently.
Directly after installing vFabric Web Server, you see the following files and directories:
• httpd-2.2/ : Symbolic link to a sibling directory that actually contains the Apache 2.2 binary runtime files.
• httpd-2.2.version/ : Directory that contains the actual Apache 2.2 binary runtime files. The 2.2.version string
specifies the Apache HTTP version, such as 2.2.22.0 or 2.2.22.0-64.
• licenses/ : EULA and open source license files.
• newserver.pl : (Unix) Perl script for creating vFabric Web Server instances.
• newserver.vbs : (Windows) VBscript for creating vFabric Web Server instances.
• fixrootpath.pl : (Unix) Perl script for fixing root paths; run only once.
• fixrootpath.vbs : (Windows) VBscript for fixing root paths; run only once.
After you use newserver to create a new vFabric Web Server instance, the command creates a new directory that contain a
separately configurable instance of vFabric Web Server. An instance is a complete, discrete server configuration. You can create
multiple instances. You can run multiple instances at the same time if you are careful not to use the same ports in two different
instances. For example, the default HTTP listening port is 80, and only one instance on any computer is allowed to communicate
on port 80 at any one time. So if you wanted to have two vFabric Web Server instances running at the same time on the same
computer, you would configure one instance to use a port other than 80.
Each instance directory contains subdirectories that contain all the data required to run a given vFabric Web Server instance. This
includes configuration data as well as all other data that is associated with that instance's configuration. For example, assume you
installed vFabric Web Server in /opt/vmware/vfabric-web-server and create an instance called myserver:
prompt$ cd /opt/vmware/vfabric-web-server/myserver
prompt$ ls
bin cgi-bin conf ftpdocs htdocs logs proxy ssl var
The conf directory contains the vFabric Web Server configuration files, such as httpd.conf. The bin directory contains the
startup script used to start and stop the myserver instance (httpdctl.sh|bat. Each of these directories is specific to the
myserver instance. Each instance that you create has a similar set of directories.
10Installing vFabric Web Server
Installing vFabric Web Server11
Upgrading vFabric Web Server
The instructions for upgrading vFabric Web Server differ slightly depending on your operating system and how you installed the
original version. See:
• RHEL: Upgrade Using the VMware RPM Repository
• Unix: Upgrade Using a Self-Extracting ZIP
• Windows: Upgrade Using a Self-Extracting ZIP
RHEL: Upgrade Using the VMware RPM Repository
You use yum upgrade to upgrade an existing RHEL installation of vFabric Web Server to the latest version. It is assumed that
you used yum install to originally install the older version.
The yum upgrade process:
• Installs the latest version of the Apache HTTPD Web Server binaries in a new directory (such as httpd-2.2.22.1) and
removes the older versions.
• Adjusts the httpd-2.2 symbolic link to point to the new binaries.
• Automatically updates all existing Web Server instances to start using the new binaries.
Prerequisites
• Stop all running Web Server instances in the installation that you are upgrading. See Unix: Start and Stop vFabric Web Server
Instances
• If necessary, install the vFabric repository RPMs for the current vFabric Web Server release, or the release to which you are
upgrading.
Procedure
1.From the RHEL VM on which you will upgrade vFabric Web Server, log in as the root user.
2.Execute the following yum command:
prompt# yum upgrade vfabric-web-server
The yum command begins the upgrade process, resolves dependencies, and displays the packages it plans to upgrade.
Depending on the versions of vFabric components you have previously installed on this computer, the yum command might
also install a newer version of the vfabric-eula RPM and prompt you to accept the VMware license agreement.
3.Enter y at the prompt to begin the actual upgrade.
When the upgrade process finishes, you will see a Complete! message at the end. Check the output of the command to
ensure that the upgrade was successful.
Unix: Upgrade Using a Self-Extracting ZIP
Upgrading vFabric Web Server on Unix is very similar to installing, except you unzip the self-extracting ZIP file into the
existing vFabric Web Server installation directory.
Prerequisites
• Stop all running Web Server instances in the installation that you are upgrading. See Unix: Start and Stop vFabric Web Server
Instances
• Read the Unix installation prerequisites which also apply to upgrading. See Unix: Install vFabric Web Server from a Self-
Extracting ZIP .
VMware vFabric Suite 5.111
12vFabric Web Server
Procedure
1.Download the appropriate vFabric Web Server self-extracting ZIP from the VMware Download Web site and place it in the
parent directory of the main Web Server installation directory (vfabric-web-server.)
For example, if you originally installed Web Server in /opt/vmware/vfabric-web-server, which in turn means
that the HTTPD binaries are located in /opt/vmware/vfabric-web-server/httpd-2.2.version, then place
the downloaded ZIP file in /opt/vmware.
Be sure to choose the correct Unix operating system and chip architecture. For example, the file to install vFabric Web
Server on a 64-bit Linux platform is vfabric-web-server-version-x86_64-linux-glibc2.zip.sfx.
2.Log in as the root user on to the Unix computer on which you want to upgrade vFabric Web Server and start a terminal.
3.Change to the parent directory of the main Web Server installation directory, which is also the directory in which you
downloaded the ZIP file of the new Web Server version. For example:
prompt# cd /opt/vmware
4.If necessary, change the permissions of the downloaded ZIP file to make it executable:
At the prompt to replace vfabric-web-server/fixrootpath.pl, answer All.
When it completes, the new vFabric Web Server files are located in the vfabric-web-server subdirectory. If the new
version of Web Server includes a more recent version of the Apache HTTPD binaries, you will see a new corresponding
directory, such as vfabric-web-server/httpd-2.2.22.1-64.
6.Change to the vfabric-web-server directory and run the fixrootpath.pl Perl script to correct the root paths and
adjust the httpd-2.2 symbolic link:
prompt# cd vfabric-web-server
prompt# perl fixrootpath.pl
When you next start your existing Web Server instances, they will automatically use the new Apache HTTPD binaries you just
installed.
Windows: Upgrade Using a Self-Extracting ZIP
Upgrading vFabric Web Server on Windows is very similar to installing, except you unzip the self-extracting ZIP file into the
existing vFabric Web Server installation directory.
Prerequisites
• Stop all running Web Server instances in the installation that you are upgrading and uninstall them as Windows services. See
Windows: Start and Stop vFabric Web Server Instances
• Read the Windows installation prerequisites which also apply to upgrading. See Windows: Install vFabric Web Server from a
Self-Extracting ZIP .
Procedure
1.Log in as the Administrator user on the Windows computer on which you want to upgrade vFabric Web Server and
start a command window.
12Installing vFabric Web Server
Installing vFabric Web Server13
2.Download the appropriate vFabric Web Server self-extracting ZIP from the VMware Download Web site and place it in the
parent directory of the main Web Server installation directory (vfabric-web-server.)
For example, if you originally installed Web Server in c:\opt\vmware\vfabric-web-server, which in turn means
that the HTTPD binaries are located in c:\opt\vmware\vfabric-web-server\httpd-2.2.version, then
place the downloaded ZIP file in c:\opt\vmware.
Be sure to choose the correct architecture (32- or 64-bit). For example, the file to install vFabric Web Server on a 64-bit
Windows platform is vfabric-web-server-version-x64-windows.zip.exe.
3.Execute the downloaded *.zip.exe file to self-extract the files into the installation directory. You can do this, for
example, by opening Window Explorer, navigating to the directory, and double-clicking on the *.zip.exe file.
At the prompt to replace vfabric-web-server/fixrootpath.pl, answer All.
When the extraction completes, the new vFabric Web Server files are located in the vfabric-web-server subdirectory.
If the new version of Web Server includes a more recent version of the Apache HTTPD binaries, you will see a new
corresponding directory, such as vfabric-web-server\httpd-2.2.22.1-64.
4.From your command window, change to the main Web Server installation directory. Following our example:
prompt> cd c:\opt\vmware\vfabric-web-server
5.Run the fixrootpath.vbs VBScript to correct the root paths using the cscript command:
prompt> cscript fixrootpath.vbs
6.Remove the existing httpd-2.2 symbolic link and recreate it so that it points to the new Apache HTTP binary directory.
When you next start your existing Web Server instances, they will automatically use the new Apache HTTPD binaries you just
installed.
What to do next
• Re-install your existing Web Server instances as Windows services; see Windows: Start and Stop vFabric Web Server
Instances
VMware vFabric Suite 5.113
14vFabric Web Server
14Installing vFabric Web Server
Creating and Using vFabric Web
Server Instances
4. Creating and Using vFabric Web Server Instances
To start using vFabric Web Server, you explicitly create a new instance after you install it. An instance is not created for you by
default.
Subtopics
Description of vFabric Web Server Instances
Create vFabric Web Server Instances
newserver Prompts and Command Reference
Unix: Start and Stop vFabric Web Server Instances
Windows: Start and Stop vFabric Web Server Instances
Serve a Sample HTML File from Your vFabric Web Server Instance
Description of vFabric Web Server Instances
A vFabric Web Server instance is a complete, discrete HTTP server configuration.
15
You can create multiple instances that you can run simultaneously on the same computer if you do not use the same ports in
two different instances. For example, the default HTTP listening port on Unix is 80, and only one instance on any computer is
allowed to communicate on port 80 at any one time. So if you wanted to have two vFabric Web Server instances running at the
same time on the same Unix computer, you configure one instance to use a port other than 80.
After you create an instance, its corresponding directory contains subdirectories that in turn contain all the data required to run
a given vFabric Web Server instance. This data includes configuration information and all other data that is associated with that
instance's configuration. For example, assume you installed vFabric Web Server in /opt/vmware/vfabric-web-server
and create an instance called myserver:
prompt$ cd /opt/vmware/vfabric-web-server/myserver
prompt$ ls
bin cgi-bin conf ftpdocs htdocs logs proxy ssl var
The conf directory contains the vFabric Web Server configuration files, such as httpd.conf. The bin directory contains the
startup script used to start and stop the myserver instance (httpdctl.sh|bat. Each of these directories is specific to the
myserver instance. Each instance you create will have a similar set of directories.
Create vFabric Web Server Instances
You create a new vFabric Web Server instance with the newserver command. The command creates a new directory that
contains the instance-specific configuration files.
The newserver command format depends on your operating system:
• newserver.pl : Perl script for Unix operating systems.
• newserver.vbs: VBScript file for Windows operation systems.
The command-line options for the two flavors are exactly the same. Where appropriate, the following procedure calls out the
different usage depending on whether you are on Unix or Windows.
Prerequisites
• Complete the appropriate procedure in Installing vFabric Web Server.
VMware vFabric Suite 5.115
16vFabric Web Server
Procedure
1.Log on to your computer as root (Unix) or the Administrator user (Windows) and open a terminal (Unix) or command
window (Windows).
Note for Windows: Depending on the Windows version, you may not have the required permissions when you start the
command window, even if you logged in as the Administrator user. If some commands in this procedure fail because of
a lack of permissions, start a new command window and use the runas command to execute commands from the new
window instead of the original one:
prompt> runas /user:administrator "cmd.exe /k"
2.Change to the directory in which you installed vFabric Web Server. For example, on Unix:
prompt# cd /opt/vmware/vfabric-web-server
3.Run the newserver command to create the new instance; the command prompts you for information about the new server.
The only required command option is --server, with which you specify the name of your vFabric Web Server instance.
On Unix, use the Perl flavor; for example:
prompt# ./newserver.pl --server=myserver
On Windows, use the cscript command to invoke the VBS flavor:
prompt> cscript newserver.vbs --server=myserver
In both preceding examples, the way you specify the options is exactly the same. In the examples, the new instance is called
myserver and its server directory is /opt/vmware/vfabric-web-server/myserver.
For additional options, see newserver Prompts and Command Reference.
4.Enter values for the newserver prompts as the command requests information about your new instance. You can use the
default values for many of the prompts, or even leave them blank.
newserver Prompts and Command Reference provides additional information about the prompts.
What to do next
• Start the vFabric Web Server instance and verify that it is working correctly. See Unix: Start and Stop vFabric Web Server
Instances and Windows: Start and Stop vFabric Web Server Instances.
• Complete the procedure in Serve a Sample HTML File from your vFabric Web Server Instance.
• Configure your instance as described in Configuring vFabric Web Server.
newserver Prompts and Command Reference
The newserver command has a number of options and prompts, as described in the two tables that follow.
The newserver command format depends on your operating system:
• newserver.pl : Perl script for Unix.
• newserver.vbs: VBScript file for Windows.
The command-line options for the two flavors are exactly the same.
Creating and Using vFabric Web
16
Server Instances
Creating and Using vFabric Web
Server Instances
Table 4.1. Options of the newserver Command
OptionDescriptionRequired?
17
--server=servernameName of the new vFabric Web Server
instance. The value of this option also can be
the name of the directory that contains the
instance configuration files, and by default is
the name of the host.
--httpddir=httpddirDirectory that contains the Apache HTTP
binaries.
The default value is rootdir/
httpd-httpdver, such as /opt/
vmware/vfabric-web-server/
httpd-2.2.19.0-32.
--httpdver=httpdverVersion of the Apache HTTP binaries you
want your instance to use.
The default value is 2.2, which is a symbolic
link to the actual installed version of the
binaries, such as 2.2.19.0-32.
--mpm=mpmSpecifies the type of multi-processing module
(MPM) that the instance uses. Valid values
are:
• worker: Threaded MPM, ideal if you need
a great deal of scalability. By using threads
to serve requests, the instance can serve
many requests with fewer system resources
than a process-based server.
• prefork: Non-threaded, pre-forking MPM
if you require stability or compatibility with
older software.
• event: Less proven but higher-efficiency
asynchronous connection-keepalive MPM.
The event MPM offers little benefit for
HTTPS connections, but is able to handle
more simultaneous kept-alive and pending
HTTP connections.
The default value is worker.
Yes.
No.
No.
No.
--overlaySpecifies that, if serverdir exists, you want
to overwrite the existing files with new ones.
--quietSpecifies that the newserver command
should use default values for all prompts.
--rootdir=rootdirDirectory that contains the
httpd-2.2.version directory, which in turn
contains the Apache HTTP binaries.
The default value is the current directory.
--serverdir=serverdirDirectory in which you want the new instance
directory to be created.
The default value is rootdir.
No.
If you do not specify this option, and
serverdir exists, the newserver command
returns an error and suggests you specify a
unique name and directory location for the
new instance.
No.
If you do not specify this option, newserver
interactively prompts for all answers.
No.
No.
VMware vFabric Suite 5.117
18vFabric Web Server
OptionDescriptionRequired?
--sourcedir=sourcedirName of the directory that contains the
template that newserver uses to create the
new vFabric Web Server instance.
The default value is httpdir/_instance.
No.
Table 4.2. newserver Prompts
PromptDescription
Enable SSL and create a default key [y/n]?Enabling SSL provides secure communication between client and
Server hostname (e.g. www.example.com) [myserver]?Name that the vFabric Web Server instance uses to identify itself. If
Administrator email [webmaster@myserver]?Email address to which vFabric Web Server instances send problems.
Port for http:// traffic [80]?HTTP port to which the vFabric Web Server instance listens. Default
Port for https:// SSL traffic [443]?HTTPS port to which the vFabric Web Server instance listens. Default
server by allowing mutual authentication; the use of digital signatures
for integrity; and encryption for privacy. If you answer yes, you are
later asked for information that will be used to create a certificate.
your host does not have a registered DNS name, enter its IP address.
The default value is the value you entered for the --server option.
This address appears on some instance-generated pages, such as
error documents.
value is 80 when running the newserver command as the root user
on Unix, 8080 otherwise.
value is 443 when running the newserver command as the root
user on Unix, 8443 otherwise.
Creating a sample conf/userfile, add initial usersPrompts for creating a sample file that contains the list of users
If you previously specified that you want to enable SSL...The newserver command prompts you for information required to
and passwords for authentication. Use this file if you later need to
authenticate users who use the vFabric Web Server instance. The
prompts ask you for the username and their password; enter Return at
the username prompt when you are done.
create the private key, such as the size of the SSL RSA key in bits and
the PEM pass phrase you specify when you start the instance.
You also are prompted to enter information for your certificate. The
information is mostly about your Distinguished Name, or DN, that will
be incorporated into your certificate request. As indicated, some fields
have default values. You can also leave some fields blank by entering
a '.' (period.)
When newserver completes, it generates the following SSL files in
the ssl subdirectory of the instance directory:
• instancename.key: Unencrypted private key. The file has a
permission code of 0600 for additional security.
• instancename.pem: DES 3 encrypted private key.
• instancename.csr: Certificate-signing request. Submit this file to
the Certificate Authority.
• instancename.crt: Self-signed certificate. Replace this certificate
with a signed certificate by the CA.
Important Be sure to record the passphrase to decrypt the *.pem
file and back up the file. Never transmit the .key file or cause it to be
readable by others.
18
Creating and Using vFabric Web
Server Instances
Creating and Using vFabric Web
19
Server Instances
Unix: Start and Stop vFabric Web Server Instances
You start, stop, or restart a vFabric Web Server instance on Unix with the httpdctl shell script in the bin directory of the
instance.
Warning: You always use the start script in the bin of the instance directory, such as /opt/vwmare/vfabric-web-
server/myserver/bin. Do not use the start script in the httpd-2.2/bin sub-directory of the main installation directory.
Prerequisites
• Complete the appropriate procedure in Create vFabric Web Server Instances.
Procedure
1.Log in to your Unix computer as the root user.
2.Start a terminal window and change to the bin sub-directory of your vFabric Web Server instance's root directory. For
example, if you created an instance called myserver that lives in the installation directory /opt/vmware/vfabric-
web-server:
prompt# cd /opt/vmware/vfabric-web-server/myserver/bin
3.Start the instance using the ./httpdctl start command:
prompt# ./httpdctl start
You should see a message as follows:
Starting Apache:
Server started OK
4.To test that the vFabric Web Server instance actually started, navigate to the http://host:port URL in your browser,
where host refers to the host computer (you can use localhost if your browser is on the same computer) and port
refers to the HTTP listen port number you provided when you created the instance. The default value is 80
For example, if you are using the default ports on your local computer, you can use this URL:
http://localhost:80
If the instance started successfully, you should see the Welcome page.
5.To stop the instance immediately, even if there are current connections in use:
prompt# cd /opt/vmware/vfabric-web-server/myserver/bin
prompt$ ./httpdctl stop
To stop the instance gracefully:
prompt$ ./httpdctl gracefulstop
6.To restart a currently running instance:
prompt$ ./httpdctl restart
What to do next
• Complete the procedure in Serve a Sample HTML File from your vFabric Web Server Instance.
• Configure your instance as described in Configuring vFabric Web Server.
VMware vFabric Suite 5.119
20vFabric Web Server
Windows: Start and Stop vFabric Web Server Instances
You start, stop, or restart a vFabric Web Server instance on Windows by first installing it as Windows service using the
httpdctl.bat script in the bin directory of the instance directory, and subsequently using the Windows Services console to
start or stop it.
Warning: You always use the start script in the bin of the instance directory, such as c:\vmware\vfabric-web-server
\myserver\bin. Do not use the start script in the httpd-2.2\bin sub-directory of the main installation directory.
Prerequisites
• Complete the appropriate procedure in Create vFabric Web Server Instances.
Procedure
1.Log in to your Windows computer as the Administrator user and start a command window.
Note: Depending on the Windows version, you may not have the required permissions when you start the command
window, even if you logged in as the Administrator user. If some commands in this procedure fail because of a lack of
permissions, start a new command window and use the runas command to execute commands from the new window
instead of the original one:
prompt> runas /user:administrator "cmd.exe /k"
2.Change to the bin subdirectory of the root directory for the vFabric Web Server instance.
For example, if you created an instance called myserver that lives in the installation directory c:\vmware\vfabric-
web-server:
prompt> cd c:\vmware\vfabric-web-server\myserver\bin
3.Install the instance as a Windows service by running the httpdctl.bat install command:
prompt> httpdctl.bat install
Subsequently use the Windows Services console or the sc command to start, stop, and restart the vFabric Web Server
instance. Its properties are as follows:
• Service Name: vFabrichttpdinstance-name. Example: vFabrichttpdmyserver
Also use the Windows Services control panel or sc command to configure whether the service starts automatically when
Windows starts, and so on.
4.To test that the vFabric Web Server instance actually started, navigate to the http://host:port URL in your browser,
where host is the host computer (you can use localhost if your browser is on the same computer), and port is the
HTTP port number you provided when you created the instance. The default value on Windows is 80.
For example, if you are using the default ports on your local computer, use this URL:
http://localhost:80
If the vFabric Web Server instance started successfully, you should see the Welcome page.
5.To uninstall the vFabric Web Server instance as a Windows service, use the following command:
prompt> cd c:\vmware\vfabric-web-server\myserver\bin
prompt> httpdctl.bat uninstall
Creating and Using vFabric Web
20
Server Instances
Creating and Using vFabric Web
Server Instances
What to do next
• Complete the procedure in Serve a Sample HTML File from your vFabric Web Server Instance.
• Configure your instance as described in Configuring vFabric Web Server.
Serve a Sample HTML File from Your vFabric Web Server Instance
After you install vFabric Web Server and create an instance, you can use it to host your entire Web site. This section does not
describe the entire process; rather, it simply shows how to serve an HTML file from the default document root of your instance.
Prerequisites
• Create and start a vFabric Web Server instance. See Create vFabric Web Server Instances.
• Create or download one or more sample HTML pages that you want to serve from the instance.
Procedure
1.Open the configuration file for your vFabric Web Server instance and make note of the value of the DocumentRoot
directive, which is the directory out of which the instance serves your documents. By default, vFabric Web Server takes all
requests from this directory.
21
The configuration file is called httpd.conf and is located in the INSTANCE-DIR/conf, such as /opt/vmware/
vfabric-web-server/myserver/conf/httpd.conf. The DocumentRoot directive looks like the following:
3.Invoke the HTML page in your browser using the vFabric Web Server instance.
For example, if your browser is running on the same computer as vFabric Web Server and the instance is listening at the
default port 80, the URL is as follows:
http://localhost/hello.html
Because the instance is using the default port of 80, you do not have to explicitly specify it in the URL. If you set a different
port, such as 8000, then the URL would be:
http://localhost:8000/hello.html
You should see your hello.html page in your browser.
4.You can create a directory hierarchy under the document root to better organize your HTML pages.
For example:
prompt# cd /opt/vmware/vfabric-web-server/myserver/htdocs
prompt# mkdir fun
prompt# cp /home/samples/hello.html fun
The URL to invoke the HTML page would now be:
http://localhost/fun/hello.html
VMware vFabric Suite 5.121
22vFabric Web Server
What to do next
• Configure vFabric Web Server instances to take advantage features such as load balancing, virtual hosts, and SSL. See
Configuring vFabric Web Server Instances.
22
Creating and Using vFabric Web
Server Instances
Configuring vFabric Web Server
Instances
5. Configuring vFabric Web Server Instances
The default configuration of a newly created vFabric Web Server instance is fairly simple. Although the configuration is likely
adequate for your needs, sometimes you might need to further configure the instance to enable one of its many useful features,
such as load-balancing between two or more tc Server instances. This chapter provides some information to get you started.
For complete documentation on how to configure vFabric Web Server instances, see Apache HTTP Server Version 2.2
Documentation. Because vFabric Web Server is based on Apache HTTP server, the general configuration documentation on the
Apache Web site applies to vFabric Web Server as well.
Subtopics
Using the Sample Configuration Files to Enable Features and Modify Configuration
Configure Load Balancing Between Two or More tc Runtime Instances
Configure BMX for Monitoring vFabric Web Server Instances
Using Sample Configuration Files to Enable Features and Modify
Configuration
23
All vFabric Web Server instances include sample configuration files that you can use to enable extra features in the server
instance or to modify its default configuration. These files are located in the INSTANCE-DIR/conf/extra directory, where
INSTANCE-DIR refers to the instance directory, such as /opt/vmware/vfabric-web-server/myserver.
For example, the httpd-info.conf sample configuration file shows how you can get information about the requests being
processed by the vFabric Web Server instance as well as information about the configuration of the instance. The httpd-ssl.conf file shows how to provide SSL support. It contains the configuration directives to instruct the instance how to serve
pages over an HTTPS connection.
For your convenience, the main vFabric Web Server configuration file for a particular instance (INSTANCE-DIR/conf/httpd.conf) already includes commented-out lines for including each sample configuration file. For example, the line to
include the httpd-info.conf configuration file is as follows:
#Include conf/extra/httpd-info.conf
To include the configuration file, simply uncomment the Include directive:
Include conf/extra/httpd-info.conf
You do not have to use Include in this way; you can simply copy and paste the information in a sample configuration file into
the main configuration file.
The sample configuration files are full of comments on how exactly to enable the feature they configure. Be sure to read these
comments before you proceed further.
What to do next
• Restart the vFabric Web Server instance for the configuration changes to take effect. For example, on Unix:
prompt# cd /opt/vmware/vfabric-web-server/myserver
prompt# bin/httpdctl.sh restart
Configure Load Balancing Between Two or More tc Runtime Instances
You can configure a vFabric Web Server instance to perform simple load balancing between two or more tc Runtime instances.
VMware vFabric Suite 5.123
24vFabric Web Server
In the procedure that follows, you configure a vFabric Web Server instance to run in front of the tc Runtime instances; this
vFabric Web Server instance receives all requests from users, and then passes them back to the tc Runtime instances using a
specified load-balancing algorithm. Responses from the tc Runtime instances are then routed back through this same vFabric
Web Server instance. For this reason, the vFabric Web Server instance acts like a proxy (both reverse and forward) so that the
users never know the URLs of the backend tc Runtime instance that are actually doing all the work. Additionally, the vFabric
Web Server instance ensures that the load on each tc Runtime instance is balanced. You can specify that each tc Runtime instance
take on an equal work load, or you can specify that one instance work twice as hard as the others.
In the procedure, the following scenario pertains. These assumptions are not requirements; your environment might be very
different. The assumptions are listed only to make the procedure easier to understand.
• Two tc Runtime instances are running at the following two hosts and port numbers:
• http://192.168.0.203:8081
• http://192.168.0.203:8082
The two tc Runtime instances are running on the same computer, are part of the same installation and their respective
CATALINA_BASE variables are as follows:
• Each tc Runtime instance is configured exactly the same (other than the value of the various ports).
• You have deployed the same application to both tc Runtime instances and the URL context is the same in both instances: /my-app.
• You want all users of the application to first go through the front-end vFabric Web Server instance, and any evidence of the
backend tc Runtime instances upon which the application is actually deployed should be hidden from the user.
• vFabric Web Server is installed on a different computer than vFabric tc Server. The name of the particular vFabric Web Server
instance is lb-server and its home directory is /opt/vmware/vfabric-web-server/lb-server.
• You want to configure sticky sessions, which means that the vFabric Web Server instance always routes the requests for a
particular session to the same tc Runtime instance that serviced the first request for that session.
• You want to use the HTTP protocol for all communication between the vFabric Web Server and the tc Runtime instances.
The load balancing described in this procedure is very simple, although you have many options available to further customize
it. At appropriate locations in the procedure, links to the Apache HTTP Server documentation are provided for additional
configuration options not covered by this specific scenario. Adapt the procedure for your particular environment.
As part of the procedure, you update the configuration files of both the vFabric Web Server instance and the two tc Runtime
instances.
Prerequisites
• Install vFabric Web Server on your platform and create a new instance.
• Install vFabric tc Server on the same or different computer as vFabric Web Server, and create two more instances. Make note
of the host and port numbers of the two instances. See the vFabric tc Server documentation for details.
• Deploy the same application to the two tc Runtime instances.
Procedure
To configure load balancing for the scenario described in the introduction to this section, follow these steps:
Configuring vFabric Web Server
24
Instances
Configuring vFabric Web Server
Instances
1.On the computer on which vFabric Web Server is installed, stop the instance, if it is currently running. Following the
example and assumptions:
prompt# cd /opt/vmware/vfabric-web-server/lb-server
prompt# bin/httpdctl.sh stop
2.Open the httpd.conf configuration file of the vFabric Web Server instance and ensure that the three required
LoadModule directives (proxy_balancer_module, mod_proxy, and mod_proxy_http, are present and enabled
where VFWS-INSTALL refers to the directory in which you installed vFabric Web Server. If they are not in the file, add
them in the same location as the other LoadModule directives.
Following our example, the directive configurations would be:
The vFabric Web Server configuration file is located in the conf directory of your vFabric Web Server instance (/opt/
vmware/vfabric-web-server/lb-server/conf in our example).
3.In the same httpd.conf file, add the proxy configuration.
Use the <Proxy> element to specify the list of tc Runtime instances and the method of load balancing you want to use.
Then use the ProxyPass and ProxyPassReverse directives to specify the URLs that will use this proxy and loadbalancing (both for requests and responses.) For example:
• The balancer parameter of the <Proxy> element specifies a unique identifier for this load balancer configuration.
• Each tc Runtime instance that is serviced by this load balancer must have its own BalancerMember; the first
parameter of this directive specifies the full IP address (including port number) of the tc Runtime instance.
• The route parameter contains session ID information. You later use the value of this parameter in the tc
Runtime configuration file to configure sticky sessions; for now, just ensure that the values are unique for each
BalancerMember.
• The loadfactor parameter specifies how much load a particular member carries. If you want each member to carry
the same load, set the numbers equal to each other (as in the example above). If, however, you want one member to work
three times harder than the other, set the load factors to 3 and 1.
• Use the lbmethod parameter of the ProxySet directive to specify the load balancing algorithm. The possible values
are as follows:
• byrequests: performs weighted request counting. This is the default value.
• Use the ProxyPass and ProxyPassReverse to specify the context URLs of the application that will be routed to
the tc Runtime instances that you have configured in the load balancing scheme. ProxyPass specifies that when the
vFabric Web Server instance receives a request at the /my-app URL, it routes the request to the load balancer that will
in turn route it to the tc Runtime instance. ProxyPassReverse does the reverse: when the tc Runtime instance sends a
response to a user who is using /my-app, the response appears to come from the vFabric Web Server instance, and not
the tc Runtime instance. Thus the details of the tc Runtime instance are hidden from the user.
4.Optional. If you want to enable the balancer manager Web application to watch the load balancing activity and control the
behavior, add the following to the httpd.conf configuration file of your vFabric Web Server instance:
<Location /balancer-manager>
SetHandler balancer-manager
Order Deny,Allow
Deny from all
# BE VERY RESTRICTIVE with YOUR ALLOW STATEMENT
Allow from 127.0.0.1
</Location>
5.Optional. If you want to enable sticky sessions, follow these steps:
a.In the httpd.conf file of the vFabric Web Server instance, update the ProxySet directive of the <Proxy>
element you configured in a preceding step by adding the stickysession=JSESSIONID|jsessionid
parameter. This parameter configures the cookie/path that will be used for stickiness. For example (update shown in
bold):
b.Go to the computer on which vFabric tc Server is running and update the server.xml configuration file of
both tc Runtime instances by adding the jvmRoute=value attribute to the Catalina <Engine> element. Set
the value of this attribute equal to the value you specified (in a preceding step) for the route parameter of the
BalancerMember directive in the vFabric Web Server httpd.conf file that describes the tc Runtime instance.
Following our example, the updated <Engine> entry for the instanceOne tc Runtime instance (that uses port
8081) would be as follows (new attribute in bold):
If you configure sticky sessions, VMware recommends that you also configure session replication for the tc Runtime
instances. For details, see the section titled Enabling Clustering for High Availability in the vFabric tc Server
documentation.
6.Start the vFabric Web Server instance. Following our example:
prompt# cd /opt/vmware/vfabric-web-server/lb-server
prompt# bin/httpdctl.sh start
7.Start (or restart) the two tc Runtime instances for the configuration changes to take effect. Following our example:
You have now configured load balancing for the two tc Runtime instance using the front-end vFabric Web Server.
What to do next
• For full reference documentation on the directives described in step 3, along with additional parameters you can use, see
Apache Module mod_proxy on the Apache Software Foundation Web site.
• Ensure that you can access your application through the vFabric Web Server instance, which in turn routes the request to
one of the tc Runtime instances. Do this by invoking your application in a browser, but specify the vFabric Web Server
instance rather than the tc Runtime instance. For example, if the URL to access the vFabric Web Server is http://
www.myhost.com, invoke the /my-app application using the following URL in your browser:
http://www.myhost.com/my-app
If you see your application, then you have correctly set up the vFabric Web Server instance to route requests to the /my-app
application to one of the two tc Runtime instances. The vFabric Web Server instance will also balance the load between the
two instances.
• If you enabled the balancer manager Web application, use it to watch and control load-balancing activity. Access the balancer
manager application by navigating to the following URL in your browser:
http://localhost:port/balancer-manager
27
where port is the port number of the vFabric Web Server instance (80 by default.) For security, the balancer manager
configuration allows access only to users who navigate to the application using a browser installed on the same computer on
which the vFabric Web Server instance is actually running.
Configure BMX for Monitoring vFabric Web Server Instances
As of version 5.1, all new vFabric Web Server instances are configured with BMX by default.
BMX is an Apache HTTPD framework that provides internal runtime information (performance metrics, status, configuration,
and current capacity) to monitoring applications such as vFabric Hyperic. In turn, these types of applications monitor the health
of vFabric Web Server instances by running BMX queries to gather metrics and configuration information.
New vFabric Web Server instances have the following default BMX configuration:
• Three main BMX modules (mod_bmx, mod_bmx_status, and mod_bmx_vhost) are all enabled. Together, these
modules provide overall runtime statistics of the Web Server instance, as well as the virtual hosts running within the instance.
• Access is allowed only to processes running on http://localhost (IP address 127.0.0.1), or in other words, only to
monitoring applications running on the same computer as the Web Server instance.
• Access requires no authentication.
• BMX access is enabled for all virtual hosts defined for the Web Server instance.
The default BMX configuration for vFabric Web Server instances make them immediately available for monitoring by
monitoring applications.
The BMX-related modules are loaded into the Web Server instance using appropriate LoadModule directives in the conf/httpd.conf configuration file. Additional BMX configuration is in the conf/extra/httpd-info.conf file, which the
main conf/httpd.conf file includes using the Include conf/extra/httpd-info.conf directive.
Procedure
1.To disable BMX access to your vFabric Web Server instance, comment out the appropriate LoadModule directives in the
conf/httpd.conf configuration file for your instance as shown:
2.To allow BMX access to processes running on hosts other than the localhost, edit the <Location /bmx> directive in
the conf/extra/httpd-info.conf file and add the IP address or fully qualified domain name to the Allow from
directive. For example, to allow myhost.com access in addition to localhost:
<Location /bmx>
SetHandler bmx-handler
Order Deny,Allow
Deny from all
Allow from 127.0.0.1 myhost.com
</Location>
3.To restrict BMX access to a particular virtual host, put the <Location /bmx> directive inside the appropriate
<VirtualHost> directive. For example:
<VirtualHost 10.1.2.3:80>
DocumentRoot "/opt/vmware/vfabric-web-server/myserver/myhost.com/htdocs"
ServerName status.myhost.com
...
<Location /bmx>
SetHandler bmx-handler
Order Deny,Allow
Deny from all
Allow from 127.0.0.1 myhost.com
</Location>
</VirtualHost>
What to do next
• Restart the vFabric Web Server instance for the configuration changes to take effect. For example, on Unix:
prompt# cd /opt/vmware/vfabric-web-server/myserver
prompt# bin/httpdctl.sh restart
28
Configuring vFabric Web Server
Instances
Security Information29
6. Security Information
VMware is committed to providing products and solutions that allow you to assess the security of your information, secure your
information infrastructure, protect your sensitive information, and manage security information and events to assure effectiveness
and regulatory compliance. As part of this commitment, the following vFabric Web Server-specific security information is
provided to help you secure your environment:
• External Ports
• Resources That Must Be Protected
• Log File Locations
• User Accounts Created at Installation
• Obtaining and Installing Latest Version of Product
External Interfaces, Ports, and Services
A vFabric Web Server instance uses TCP/IP ports to receive incoming requests and send outgoing responses. Different protocols
(such as HTTP or HTTPS) listen on different ports. You can change these port numbers when you create the Web Server instance
using the newserver script, but these are the default values:
• HTTP: 80
• HTTPS: 443
If you have already created the Web Server instance, you can change its HTTP listen port by updating the Listen 90 http
directive in the INSTANCE-DIR/conf/httpd.conf file, where INSTANCE-DIR refers to the directory in which the Web
Server instance is located, such as /opt/vmware/vfabric-web-server/myserver. To update the HTTPS port, update
the Listen 443 https directive in the INSTANCE-DIR/conf/extra/httpd-ssl.conf file.
vFabric Web Server does not have any external interfaces or services that need to be enabled or opened.
Resources That Must Be Protected
The following vFabric Web Server configuration files should be readable and writeable only by the root (Unix) or
Administrator (Windows) user:
• conf/httpd.conf
• conf/userfile
• All files in the ssl directory (if you have enabled SSL for the instance)
• extra/conf/httpd-ssl.conf (if you have enabled SSL for the instance)
• Any other conf/httpd-XX.conf file that you have for which there is an uncommented Include in the main conf/httpd.conf configuration file.
These configuration files are specific to a Web Server instance and are stored in the INSTANCE-DIR directory, where
INSTANCE-DIR refers to the directory in which the Web Server instance is located, such as /opt/vmware/vfabric-web-
server/myserver.
Log File Locations
The most important log files for a vFabric Web Server instance are as follows:
• error_log: Contains errors and diagnostic information that occurred while the Web Server instance was serving requests.
VMware vFabric Suite 5.129
30vFabric Web Server
• access_log: Contains information about all Web Server requests.
• ssl_request_log: Applies only if you enabled SSL. Contains information about requests that came over HTTPS.
These log files are specific to a Web Server instance and are stored by default in the INSTANCE-DIR/logs directory, where
INSTANCE-DIR refers to the directory in which the Web Server instance is located, such as /opt/vmware/vfabric-web-
server/myserver.
The preceding log files should be readable and writeable only by the root (Unix) or Administrator (Windows) user.
The logs directory also contains other log files associated with BMX and the vFabric License server.
User Accounts Created at Installation
If you install vFabric Web Server on Red Hat Enterprise Linux (RHEL) using the RPM, a user with the following characteristics
is automatically created:
• ID: vfhttpd
• Group: vfhttpd
• Non-interactive, which means that you cannot directly log in to the RHEL computer as this user. Rather, you must log in as
root or user with appropriate sudo privileges and su - vfhttpd.
When installing from RPM on RHEL, the installation directory will be owned by the root user, with group root.
When installing Web Server on Windows or Unix from a self-extracting *.zip file, a user account is not automatically created
for you. Rather, you should install as root on Unix and Administrator on Windows.
Obtaining and Installing Security Updates
vFabric Web Server an HTTPD server based on open-source Apache HTTPD. A particular version of vFabric Web Server
includes a particular version of Apache HTTPD, such as httpd-2.2.22.1. New versions of vFabric Web Server typically
include an updated version of Apache HTTPD, some of which might fix important security vulnerabilities. To install these
security updates, you install the new version of vFabric Web Server and then upgrade your existing instances.
To download the latest *.zip distributions of the vFabric Web Server, go to the VMware Download Center and navigate to the
vFabric Web Server page.
When using RPMs on RHEL, use the yum upgrade command to upgrade to the latest vFabric Web Server version.
See Upgrading vFabric Web Server for details.
30Security Information
Additional Documentation31
7. Additional Documentation
The documentation in this guide provides information about what vFabric Web Server contains; how to install it; and how to
create, start, and stop instances. The vFabric Web Server documentation does not, however, provide details about configuring and
using the core Apache HTTP component; for that you must go elsewhere, such as the Apache documentation.
• Apache HTTP Server 2.2 http://httpd.apache.org/docs/2.2/
• OpenSSL http://www.openssl.org/docs/
• ASF Bugzilla page (search for known bugs in Apache HTTP Server) https://issues.apache.org/bugzilla/
• Searchable archive of Apache HTTP Users mail list http://marc.info/?l=apache-httpd-users&r=1&w=2
VMware vFabric Suite 5.131
32vFabric Web Server
32Additional Documentation
Loading...
+ hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.