5.3
Table Of Contents
- vFabric Web Server Installation and Configuration
- Table of Contents
- 1. About vFabric Web Server Installation and Configuration
- 2. Overview of vFabric Web Server
- 3. Installing vFabric Web Server
- Installation Note for vFabric Suite Customers
- Available Distribution Packages
- RHEL: Install vFabric Web Server from an RPM
- Unix: Install vFabric Web Server from a Self-Extracting ZIP
- Windows: Install vFabric Web Server from a ZIP File
- Activate a vFabric Web Server Local License
- Description of the vFabric Web Server Installation
- 4. Upgrading vFabric Web Server
- 5. Migrating Enterprise Ready Server to vFabric Web Server
- 6. Creating and Using vFabric Web Server Instances
- 7. Configuring vFabric Web Server Instances
- Using Sample Configuration Files to Enable Features and Modify Configuration
- Configure Load Balancing Between Two or More tc Runtime Instances
- Configure SSL Between vFabric Web Server and vFabric tc Server
- Configure tc Runtime Instances to Use SSL
- Configure the vFabric Web Server Instance to Use SSL
- Restrict Communication With tc Runtime Instances to Known Clients
- Update the Web Server Configuration for HTTPS Connections to tc Runtime Instances
- Configure vFabric Web Server to Authenticate Itself Using a Specific Client Certificate
- Configure BMX for Monitoring vFabric Web Server Instances
- Metrics
- 8. Security Information
- 9. Managing Planned and Unplanned Outages
- 10. Additional Documentation
Configuring vFabric Web Server
Instances
39
VMware vFabric Suite 5.3 39
prompt# cd /opt/vmware/vfabric-web-server/lb-server
prompt# bin/httpdctl start
7. Start (or restart) the two tc Runtime instances for the configuration changes to take effect. Following our example:
prompt$ cd /var/opt/vmware/vfabric-tc-server-standard
prompt$ ./tcruntime-ctl.sh instanceOne restart
prompt$ ./tcruntime-ctl.sh instanceTwo restart
You have now configured load balancing for the two tc Runtime instance using the front-end vFabric Web Server.
What to do next
• For full reference documentation on the directives described in step 3, along with additional parameters you can use, see
Apache Module mod_proxy on the Apache Software Foundation Web site.
• Ensure that you can access your application through the vFabric Web Server instance, which in turn routes the request to
one of the tc Runtime instances. Do this by invoking your application in a browser, but specify the vFabric Web Server
instance rather than the tc Runtime instance. For example, if the URL to access the vFabric Web Server is http://
www.myhost.com, invoke the /my-app application using the following URL in your browser:
http://www.myhost.com/my-app
If you see your application, then you have correctly set up the vFabric Web Server instance to route requests to the /my-app
application to one of the two tc Runtime instances. The vFabric Web Server instance will also balance the load between the
two instances.
• If you enabled the balancer manager Web application, use it to watch and control load-balancing activity. Access the balancer
manager application by navigating to the following URL in your browser:
http://localhost:port/balancer-manager
where port is the port number of the vFabric Web Server instance (80 by default.) For security, the balancer manager
configuration allows access only to users who navigate to the application using a browser installed on the same computer on
which the vFabric Web Server instance is actually running.
Configure SSL Between vFabric Web Server and vFabric tc Server
For additional security, it is often desirable to configure SSL between a vFabric Web Server instance and one or more tc Runtime
instances, although it's not required. (tc Runtime is the runtime component of vFabric tc Server.)
SSL certificates are frequently used to confirm the identity of a server before consuming its services and to secure
communications with the server. Typically, if you use a vFabric Web server instance to load balance requests to one or more tc
Runtime instances, the SSL encryption and certificate authentication is terminated at the Web Server instance. Communication
between the Web Server and tc Runtime instances is then trusted and in clear text.
However, there are organizational security policies and B2B scenarios that might mandate secure communication between the
vFabric Web Server and tc Runtime instances. Furthermore, it might be important to restrict access to the tc Runtime instances to
known instances of vFabric Web Server.
This section provides details for configuring SSL communication and client certificate authentication between vFabric Web
Server and tc Server. The high-level steps are as follows, with detailed information about each step in its own sub-section:
1. Configure tc Runtime Instances to Use SSL
2. Configure the vFabric Web Server instance to Use SSL
3. Update the Web Server Configuration for HTTPS Connections to tc Runtime Instances