http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol-website/blob/5521f214/docs/latest/_sources/admin/quick_howto/steering.txt ---------------------------------------------------------------------- diff --git a/docs/latest/_sources/admin/quick_howto/steering.txt b/docs/latest/_sources/admin/quick_howto/steering.txt new file mode 100644 index 0000000..be3c319 --- /dev/null +++ b/docs/latest/_sources/admin/quick_howto/steering.txt @@ -0,0 +1,111 @@ +.. +.. +.. Licensed under the Apache License, Version 2.0 (the "License"); +.. you may not use this file except in compliance with the License. +.. You may obtain a copy of the License at +.. +.. http://www.apache.org/licenses/LICENSE-2.0 +.. +.. Unless required by applicable law or agreed to in writing, software +.. distributed under the License is distributed on an "AS IS" BASIS, +.. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +.. See the License for the specific language governing permissions and +.. limitations under the License. +.. + +.. _rl-steering-qht: + +*********************************** +Configure Delivery Service Steering +*********************************** + +1) Create two target delivery services in Traffic Ops. They must both be HTTP delivery services that are part of the same CDN. + +.. image:: steering01.png + :scale: 100% + :align: center + +2) Create a delivery service with type STEERING in Traffic Ops. + +.. image:: steering02.png + :scale: 100% + :align: center + +3) Click the 'Manage Steering Assignments' button on the delivery service screen to assign targets. + +.. image:: steering03.png + :scale: 100% + :align: center + +4) Create a user with the role of Steering. + +.. image:: steering04.png + :scale: 100% + :align: center + +5) As the steering user, assign weights or orders to target delivery services. Assignments must either have a value for weight or order, but not both. The value of weight must be a positive integer, while the value of order can be any integer. This will require logging in to Traffic Ops first via ``http://to.kabletown.net/api/1.2/user/login`` and storing the mojolicious cookie. + + Sample cURL: ``curl -H "Cookie: mojolicious=xxxyyy" -XPUT "https://to.kabletown.net/internal/api/1.2/steering/steering-ds"; -d @/tmp/steering.json`` + + Sample JSON body: + +:: + + { + "targets": [ + { + "weight": "1000", + "deliveryService": "target-deliveryservice-1" + }, + { + "weight": "9000", + "deliveryService": "target-deliveryservice-2" + } + { + "order": -1, + "deliveryService": "target-deliveryservice-3" + } + { + "order": 3, + "deliveryService": "target-deliveryservice-4" + } + ] + } + +6) If desired, the steering user can create filters for the target delivery services. + + Sample cURL: ``curl -H "Cookie: mojolicious=xxxyyy" -XPUT "https://to.kabletown.net/internal/api/1.2/steering/steering-ds"; -d @/tmp/steering.json`` + + Sample JSON body: + +:: + + { + "filters": [ + { + "pattern": ".*\\gototarget1\\..*", + "deliveryService": "target-deliveryservice-1" + } + ], + "targets": [ + { + "weight": "1000", + "deliveryService": "target-deliveryservice-1" + }, + { + "weight": "9000", + "deliveryService": "target-deliveryservice-2" + } + { + "order": -1, + "deliveryService": "target-deliveryservice-3" + } + { + "order": 3, + "deliveryService": "target-deliveryservice-4" + } + ] + } + +7) Any requests to Traffic Router for the steering delivery service should now be routed to target delivery services based on configured weight or order. Example: ``curl -Lvs http://tr.steering-ds.cdn.kabletown.net/foo`` +
http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol-website/blob/5521f214/docs/latest/_sources/admin/traffic_monitor.rst.txt ---------------------------------------------------------------------- diff --git a/docs/latest/_sources/admin/traffic_monitor.rst.txt b/docs/latest/_sources/admin/traffic_monitor.rst.txt deleted file mode 100644 index 3a06e78..0000000 --- a/docs/latest/_sources/admin/traffic_monitor.rst.txt +++ /dev/null @@ -1,142 +0,0 @@ -.. -.. -.. Licensed under the Apache License, Version 2.0 (the "License"); -.. you may not use this file except in compliance with the License. -.. You may obtain a copy of the License at -.. -.. http://www.apache.org/licenses/LICENSE-2.0 -.. -.. Unless required by applicable law or agreed to in writing, software -.. distributed under the License is distributed on an "AS IS" BASIS, -.. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -.. See the License for the specific language governing permissions and -.. limitations under the License. -.. - -****************************** -Traffic Monitor Administration -****************************** -Installing Traffic Monitor -========================== -The following are requirements to ensure an accurate set up: - -* CentOS 6 -* 4 vCPUs -* 8GB RAM -* Successful install of Traffic Ops -* Tomcat -* Administrative access to the Traffic Ops -* Physical address of the site -* perl-JSON -* perl-WWW-Curl - -1. Enter the Traffic Monitor server into Traffic Ops -2. Make sure the FQDN of the Traffic Monitor is resolvable in DNS. -3. Install Traffic Monitor and Perl mods: ``sudo yum -y install traffic_monitor perl-JSON perl-WWW-Curl`` -4. Take the config from Traffic Ops - run : ``sudo /opt/traffic_monitor/bin/traffic_monitor_config.pl`` - - Sample output: :: - - traffic_mon # /opt/traffic_monitor/bin/traffic_monitor_config.pl https://traffic-ops.cdn.kabletown.net admin:password prompt - DEBUG: traffic_ops selected: https://traffic-ops.cdn.kabletown.net - DEBUG: traffic_ops login: admin:kl0tevax - DEBUG: Config write mode: prompt - DEBUG: Found profile from traffic_ops: RASCAL_CDN - DEBUG: Found CDN name from traffic_ops: kabletown_cdn - DEBUG: Found location for rascal-config.txt from traffic_ops: /opt/traffic_monitor/conf - WARN: Param not in traffic_ops: allow.config.edit description: Allow the running configuration to be edited through the UI Using default value of: false - WARN: Param not in traffic_ops: default.accessControlAllowOrigin description: The value for the header: Access-Control-Allow-Origin for published jsons... should be narrowed down to TMs Using default value of: * - WARN: Param not in traffic_ops: default.connection.timeout description: Default connection time for all queries (cache, peers, TM) Using default value of: 2000 - WARN: Param not in traffic_ops: hack.forceSystemExit description: Call System.exit on shutdown Using default value of: false - WARN: Param not in traffic_ops: hack.peerOptimistic description: The assumption of a caches availability when unknown by peers Using default value of: true - WARN: Param not in traffic_ops: hack.publishDsStates description: If true, the delivery service states will be included in the CrStates.json Using default value of: true - WARN: Param not in traffic_ops: health.ds.interval description: The polling frequency for calculating the deliveryService states Using default value of: 1000 - WARN: Param not in traffic_ops: health.ds.leniency description: The amount of time before the deliveryService disregards the last update from a non-responsive cache Using default value of: 30000 - WARN: Param not in traffic_ops: health.event-count description: The number of historical events that will be kept Using default value of: 200 - WARN: Param not in traffic_ops: health.polling.interval description: The polling frequency for getting the states from caches Using default value of: 5000 - WARN: Param not in traffic_ops: health.startupMinCycles description: The number of query cycles that must be completed before this Traffic Monitor will start reporting Using default value of: 2 - WARN: Param not in traffic_ops: health.timepad description: A delay between each separate cache query Using default value of: 10 - WARN: Param not in traffic_ops: peers.polling.interval description: Polling frequency for getting states from peer monitors Using default value of: 5000 - WARN: Param not in traffic_ops: peers.polling.url description: The url for current, unfiltered states from peer monitors Using default value of: http://${hostname}/publish/CrStates?raw - WARN: Param not in traffic_ops: peers.threadPool description: The number of threads given to the pool for querying peers Using default value of: 1 - WARN: Param not in traffic_ops: tm.auth.url description: The url for the authentication form Using default value of: https://${tmHostname}/login - WARN: Param not in traffic_ops: tm.crConfig.json.polling.url description: Url for the cr-config (json) Using default value of: https://${tmHostname}/CRConfig-Snapshots/${cdnName}/CRConfig.json - WARN: Param not in traffic_ops: tm.healthParams.polling.url description: The url for the heath params (json) Using default value of: https://${tmHostname}/health/${cdnName} - WARN: Param not in traffic_ops: tm.polling.interval description: The polling frequency for getting updates from TM Using default value of: 10000 - DEBUG: allow.config.edit needed in config, but does not exist in config on disk. - DEBUG: cdnName value on disk () does not match value needed in config (kabletown_cdn). - DEBUG: default.accessControlAllowOrigin needed in config, but does not exist in config on disk. - DEBUG: default.connection.timeout needed in config, but does not exist in config on disk. - DEBUG: hack.forceSystemExit needed in config, but does not exist in config on disk. - DEBUG: hack.peerOptimistic needed in config, but does not exist in config on disk. - DEBUG: hack.publishDsStates needed in config, but does not exist in config on disk. - DEBUG: health.ds.interval needed in config, but does not exist in config on disk. - DEBUG: health.ds.leniency needed in config, but does not exist in config on disk. - DEBUG: health.startupMinCycles needed in config, but does not exist in config on disk. - DEBUG: health.timepad value on disk (20) does not match value needed in config (10). - DEBUG: peers.polling.interval needed in config, but does not exist in config on disk. - DEBUG: peers.threadPool needed in config, but does not exist in config on disk. - DEBUG: tm.auth.password value on disk () does not match value needed in config (kl0tevax). - DEBUG: tm.auth.username value on disk () does not match value needed in config (admin). - DEBUG: tm.hostname value on disk () does not match value needed in config (traffic-ops.cdn.kabletown.net). - DEBUG: Proposed traffic_monitor_config: - { - "traffic_monitor_config":{ - "default.accessControlAllowOrigin":"*", - "health.startupMinCycles":"2", - "tm.auth.password":"kl0tevax", - "tm.auth.url":"https://${tmHostname}/login";, - "tm.healthParams.polling.url":"https://${tmHostname}/health/${cdnName}";, - "allow.config.edit":"false", - "tm.crConfig.json.polling.url":"https://${tmHostname}/CRConfig-Snapshots/${cdnName}/CRConfig.json";, - "tm.auth.username":"admin", - "peers.polling.url":"http://${hostname}/publish/CrStates?raw";, - "health.timepad":"10", - "hack.publishDsStates":"true", - "default.connection.timeout":"2000", - "health.ds.interval":"1000", - "peers.polling.interval":"5000", - "hack.forceSystemExit":"false", - "health.ds.leniency":"30000", - "cdnName":"kabletown_cdn", - "peers.threadPool":"1", - "tm.polling.interval":"10000", - "health.polling.interval":"5000", - "health.event-count":"200", - "hack.peerOptimistic":"true", - "tm.hostname":"traffic-ops.cdn.kabletown.net" - } - } - ---------------------------------------------- - ----OK to write this config to disk? (Y/n) [n]y - ---------------------------------------------- - ---------------------------------------------- - ----OK to write this config to disk? (Y/n) [n]Y - ---------------------------------------------- - DEBUG: Writing /opt/traffic_monitor/conf/traffic_monitor_config.js - traffic_mon # - -5. Start Tomcat: ``sudo service tomcat start`` :: - - - Using CATALINA_BASE: /opt/tomcat - Using CATALINA_HOME: /opt/tomcat - Using CATALINA_TMPDIR: /opt/tomcat/temp - Using JRE_HOME: /usr - Using CLASSPATH:/opt/tomcat/bin/bootstrap.jar - Using CATALINA_PID:/var/run/tomcat/tomcat.pid - Starting tomcat [ OK ] - -6. Verify Traffic Monitor is running by pointing your browser to port 80 on the Traffic Monitor host. - -Configuring Traffic Monitor -=========================== - -Configuration Overview ----------------------- -Traffic Monitor is configured using its JSON configuration file, ``traffic_monitor_config.js``. Specify the URL, username, password, and CDN name for the instance of Traffic Ops for which this Traffic Monitor is a member, and start the software. Once started with the correct configuration, Traffic Monitor downloads its configuration from Traffic Ops and begins polling caches. Once a configurable number of polling cycles completes, health protocol state is available via RESTful JSON endpoints. - - -Troubleshooting and log files -============================= -Traffic Monitor log files are in ``/opt/traffic_monitor/var/log/``, and tomcat log files are in ``/opt/tomcat/logs/``. http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol-website/blob/5521f214/docs/latest/_sources/admin/traffic_monitor.txt ---------------------------------------------------------------------- diff --git a/docs/latest/_sources/admin/traffic_monitor.txt b/docs/latest/_sources/admin/traffic_monitor.txt new file mode 100644 index 0000000..1e0c797 --- /dev/null +++ b/docs/latest/_sources/admin/traffic_monitor.txt @@ -0,0 +1,177 @@ +.. +.. +.. Licensed under the Apache License, Version 2.0 (the "License"); +.. you may not use this file except in compliance with the License. +.. You may obtain a copy of the License at +.. +.. http://www.apache.org/licenses/LICENSE-2.0 +.. +.. Unless required by applicable law or agreed to in writing, software +.. distributed under the License is distributed on an "AS IS" BASIS, +.. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +.. See the License for the specific language governing permissions and +.. limitations under the License. +.. + +****************************** +Traffic Monitor Administration +****************************** + +.. _rl-tm-java: + +* These instructions are for the Java Traffic Monitor, for the Golang beta, see :ref:`rl-tm-golang`. + +Installing Traffic Monitor +========================== +The following are requirements to ensure an accurate set up: + +* CentOS 6 +* 4 vCPUs +* 8GB RAM +* Successful install of Traffic Ops +* Tomcat +* Administrative access to the Traffic Ops +* Physical address of the site +* perl-JSON +* perl-WWW-Curl + +#. Add the Traffic Monitor server into Traffic Ops using 'Servers' -> 'Add Server'. Set the 'Type' field to 'RASCAL'. + +#. Make sure the FQDN of the Traffic Monitor is resolvable in DNS. + +#. Get the Traffic Monitor RPM. + + Sample command: :: + + wget http://traffic-control-cdn.net/downloads/1.7.0/RELEASE-1.7.0/traffic_monitor-1.7.0-3908.5b77f60f.el6.x86_64.rpm + +#. Install Traffic Monitor and Perl modules: :: + + sudo yum -y install traffic_monitor-*.rpm perl-JSON perl-WWW-Curl + +#. Take the config from Traffic Ops: :: + + sudo /opt/traffic_monitor/bin/traffic_monitor_config.pl https://<traffic-ops-URL> <traffic-ops-user>:<traffic-ops-password> prompt + + Sample session: :: + + traffic_mon # /opt/traffic_monitor/bin/traffic_monitor_config.pl https://traffic-ops.cdn.kabletown.net admin:kl0tevax prompt + DEBUG: traffic_ops selected: https://traffic-ops.cdn.kabletown.net + DEBUG: traffic_ops login: admin:kl0tevax + DEBUG: Config write mode: prompt + DEBUG: Found profile from traffic_ops: RASCAL_CDN + DEBUG: Found CDN name from traffic_ops: kabletown_cdn + DEBUG: Found location for rascal-config.txt from traffic_ops: /opt/traffic_monitor/conf + WARN: Param not in traffic_ops: allow.config.edit description: Allow the running configuration to be edited through the UI Using default value of: false + WARN: Param not in traffic_ops: default.accessControlAllowOrigin description: The value for the header: Access-Control-Allow-Origin for published jsons... should be narrowed down to TMs Using default value of: * + WARN: Param not in traffic_ops: default.connection.timeout description: Default connection time for all queries (cache, peers, TM) Using default value of: 2000 + WARN: Param not in traffic_ops: hack.forceSystemExit description: Call System.exit on shutdown Using default value of: false + WARN: Param not in traffic_ops: hack.peerOptimistic description: The assumption of a caches availability when unknown by peers Using default value of: true + WARN: Param not in traffic_ops: hack.publishDsStates description: If true, the delivery service states will be included in the CrStates.json Using default value of: true + WARN: Param not in traffic_ops: health.ds.interval description: The polling frequency for calculating the deliveryService states Using default value of: 1000 + WARN: Param not in traffic_ops: health.ds.leniency description: The amount of time before the deliveryService disregards the last update from a non-responsive cache Using default value of: 30000 + WARN: Param not in traffic_ops: health.event-count description: The number of historical events that will be kept Using default value of: 200 + WARN: Param not in traffic_ops: health.polling.interval description: The polling frequency for getting the states from caches Using default value of: 5000 + WARN: Param not in traffic_ops: health.startupMinCycles description: The number of query cycles that must be completed before this Traffic Monitor will start reporting Using default value of: 2 + WARN: Param not in traffic_ops: health.timepad description: A delay between each separate cache query Using default value of: 10 + WARN: Param not in traffic_ops: peers.polling.interval description: Polling frequency for getting states from peer monitors Using default value of: 5000 + WARN: Param not in traffic_ops: peers.polling.url description: The url for current, unfiltered states from peer monitors Using default value of: http://${hostname}/publish/CrStates?raw + WARN: Param not in traffic_ops: peers.threadPool description: The number of threads given to the pool for querying peers Using default value of: 1 + WARN: Param not in traffic_ops: tm.auth.url description: The url for the authentication form Using default value of: https://${tmHostname}/login + WARN: Param not in traffic_ops: tm.crConfig.json.polling.url description: Url for the cr-config (json) Using default value of: https://${tmHostname}/CRConfig-Snapshots/${cdnName}/CRConfig.json + WARN: Param not in traffic_ops: tm.healthParams.polling.url description: The url for the heath params (json) Using default value of: https://${tmHostname}/health/${cdnName} + WARN: Param not in traffic_ops: tm.polling.interval description: The polling frequency for getting updates from TM Using default value of: 10000 + DEBUG: allow.config.edit needed in config, but does not exist in config on disk. + DEBUG: cdnName value on disk () does not match value needed in config (kabletown_cdn). + DEBUG: default.accessControlAllowOrigin needed in config, but does not exist in config on disk. + DEBUG: default.connection.timeout needed in config, but does not exist in config on disk. + DEBUG: hack.forceSystemExit needed in config, but does not exist in config on disk. + DEBUG: hack.peerOptimistic needed in config, but does not exist in config on disk. + DEBUG: hack.publishDsStates needed in config, but does not exist in config on disk. + DEBUG: health.ds.interval needed in config, but does not exist in config on disk. + DEBUG: health.ds.leniency needed in config, but does not exist in config on disk. + DEBUG: health.startupMinCycles needed in config, but does not exist in config on disk. + DEBUG: health.timepad value on disk (20) does not match value needed in config (10). + DEBUG: peers.polling.interval needed in config, but does not exist in config on disk. + DEBUG: peers.threadPool needed in config, but does not exist in config on disk. + DEBUG: tm.auth.password value on disk () does not match value needed in config (kl0tevax). + DEBUG: tm.auth.username value on disk () does not match value needed in config (admin). + DEBUG: tm.hostname value on disk () does not match value needed in config (traffic-ops.cdn.kabletown.net). + DEBUG: Proposed traffic_monitor_config: + { + "traffic_monitor_config":{ + "default.accessControlAllowOrigin":"*", + "health.startupMinCycles":"2", + "tm.auth.password":"kl0tevax", + "tm.auth.url":"https://${tmHostname}/login";, + "tm.healthParams.polling.url":"https://${tmHostname}/health/${cdnName}";, + "allow.config.edit":"false", + "tm.crConfig.json.polling.url":"https://${tmHostname}/CRConfig-Snapshots/${cdnName}/CRConfig.json";, + "tm.auth.username":"admin", + "peers.polling.url":"http://${hostname}/publish/CrStates?raw";, + "health.timepad":"10", + "hack.publishDsStates":"true", + "default.connection.timeout":"2000", + "health.ds.interval":"1000", + "peers.polling.interval":"5000", + "hack.forceSystemExit":"false", + "health.ds.leniency":"30000", + "cdnName":"kabletown_cdn", + "peers.threadPool":"1", + "tm.polling.interval":"10000", + "health.polling.interval":"5000", + "health.event-count":"200", + "hack.peerOptimistic":"true", + "tm.hostname":"traffic-ops.cdn.kabletown.net" + } + } + ---------------------------------------------- + ----OK to write this config to disk? (Y/n) [n]y + ---------------------------------------------- + ---------------------------------------------- + ----OK to write this config to disk? (Y/n) [n]Y + ---------------------------------------------- + DEBUG: Writing /opt/traffic_monitor/conf/traffic_monitor_config.js + traffic_mon # + +#. Update the 'allow_ip' and 'allow_ip6' parameters in the profiles of all caches defined in traffic ops, both edge and mid, + with the address of the traffic monitor being installed, so that the traffic servers will allow this Traffic Monitor + to access the astats plugin. + For details see :ref:`rl-param-prof` in the *Configuring Traffic Ops* section. + +#. Start Tomcat: ``sudo service tomcat start`` :: + + Using CATALINA_BASE: /opt/tomcat + Using CATALINA_HOME: /opt/tomcat + Using CATALINA_TMPDIR: /opt/tomcat/temp + Using JRE_HOME: /usr + Using CLASSPATH:/opt/tomcat/bin/bootstrap.jar + Using CATALINA_PID:/var/run/tomcat/tomcat.pid + Starting tomcat [ OK ] + +#. Configure tomcat to start automatically: ``sudo chkconfig tomcat on`` + +#. Verify Traffic Monitor is running by pointing your browser to port 80 on the Traffic Monitor host: + + * The 'Cache States' tab should display all Mid and Edge caches configured in Traffic Ops. + * The 'DeliveryService States' tab should display all delivery services configured in Traffic Ops. + +#. In Traffic Ops servers table, click 'Edit' for this server, then click 'Online'. + + +Configuring Traffic Monitor +=========================== + +Configuration Overview +---------------------- +Traffic Monitor is configured using its JSON configuration file, ``/opt/traffic_monitor/conf/traffic_monitor_config.js``. +This file is created by ``traffic_monitor_config.pl`` script, and among other things, it contains the Traffic Ops URL and the user:password +specified during the invocation of that script. + +When started, Traffic Monitor uses this basic configuration to downloads its configuration from Traffic Ops, and begins polling caches. +Once a configurable number of polling cycles completes, health protocol state is available via RESTful JSON endpoints. + + +Troubleshooting and log files +============================= +Traffic Monitor log files are in ``/opt/traffic_monitor/var/log/``, and tomcat log files are in ``/opt/tomcat/logs/``. http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol-website/blob/5521f214/docs/latest/_sources/admin/traffic_monitor_golang.txt ---------------------------------------------------------------------- diff --git a/docs/latest/_sources/admin/traffic_monitor_golang.txt b/docs/latest/_sources/admin/traffic_monitor_golang.txt new file mode 100644 index 0000000..d08e010 --- /dev/null +++ b/docs/latest/_sources/admin/traffic_monitor_golang.txt @@ -0,0 +1,65 @@ +.. +.. +.. Licensed under the Apache License, Version 2.0 (the "License"); +.. you may not use this file except in compliance with the License. +.. You may obtain a copy of the License at +.. +.. http://www.apache.org/licenses/LICENSE-2.0 +.. +.. Unless required by applicable law or agreed to in writing, software +.. distributed under the License is distributed on an "AS IS" BASIS, +.. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +.. See the License for the specific language governing permissions and +.. limitations under the License. +.. + +****************************** +Traffic Monitor Administration +****************************** + +.. _rl-tm-golang: + +* These instructions are for the beta Golang Traffic Monitor, for the old Java version, see :ref:`rl-tm-java`. + +Installing Traffic Monitor +========================== + +The following are requirements to ensure an accurate set up: + +* CentOS 6 +* 8 vCPUs +* 16GB RAM +* Successful install of Traffic Ops +* Administrative access to the Traffic Ops +* Physical address of the site + +1. Enter the Traffic Monitor server into Traffic Ops +2. Make sure the FQDN of the Traffic Monitor is resolvable in DNS. +3. Install Traffic Monitor: ``sudo yum -y install traffic_monitor`` +4. Configure Traffic Monitor. See :ref:`rl-tm-configure` +5. Start the service: ``sudo service traffic_monitor start`` :: + + Starting traffic_monitor: + +6. Verify Traffic Monitor is running by pointing your browser to port 80 on the Traffic Monitor host. + +Configuring Traffic Monitor +=========================== + +Configuration Overview +---------------------- + +.. _rl-tm-configure: + +Traffic Monitor is configured via two JSON configuration files, ``traffic_ops.cfg`` and ``traffic_monitor.cfg``, by default located in the ``conf`` directory in the install location. + +The ``traffic_ops.cfg`` config contains Traffic Ops connection information. Specify the URL, username, and password for the instance of Traffic Ops for which this Traffic Monitor is a member. + +The ``traffic_monitor.cfg`` config contains log file locations, as well as detailed application configuration variables, such as processing flush times and initial poll intervals. + +Once started with the correct configuration, Traffic Monitor downloads its configuration from Traffic Ops and begins polling caches. Once every cache has been polled, health protocol state is available via RESTful JSON endpoints. + + +Troubleshooting and log files +============================= +Traffic Monitor log files are in ``/opt/traffic_monitor/var/log/``. http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol-website/blob/5521f214/docs/latest/_sources/admin/traffic_ops/configuration.txt ---------------------------------------------------------------------- diff --git a/docs/latest/_sources/admin/traffic_ops/configuration.txt b/docs/latest/_sources/admin/traffic_ops/configuration.txt new file mode 100644 index 0000000..d293b89 --- /dev/null +++ b/docs/latest/_sources/admin/traffic_ops/configuration.txt @@ -0,0 +1,300 @@ +.. +.. +.. Licensed under the Apache License, Version 2.0 (the "License"); +.. you may not use this file except in compliance with the License. +.. You may obtain a copy of the License at +.. +.. http://www.apache.org/licenses/LICENSE-2.0 +.. +.. Unless required by applicable law or agreed to in writing, software +.. distributed under the License is distributed on an "AS IS" BASIS, +.. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +.. See the License for the specific language governing permissions and +.. limitations under the License. +.. + +Traffic Ops - Configuring +%%%%%%%%%%%%%%%%%%%%%%%%% + +Follow the steps below to configure the newly installed Traffic Ops Instance. + +Installing the SSL Cert +======================= +By default, Traffic Ops runs as an SSL web server, and a certificate needs to be installed. + +Self-signed Certificate (Development) +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + + Example Procedure:: + + $ openssl genrsa -des3 -passout pass:x -out localhost.pass.key 2048 + Generating RSA private key, 2048 bit long modulus + ... + $ openssl rsa -passin pass:x -in localhost.pass.key -out localhost.key + writing RSA key + $ rm localhost.pass.key + + $ openssl req -new -key localhost.key -out localhost.csr + You are about to be asked to enter information that will be incorporated + into your certificate request. + What you are about to enter is what is called a Distinguished Name or a DN. + There are quite a few fields but you can leave some blank + For some fields there will be a default value, + If you enter '.', the field will be left blank. + ----- + Country Name (2 letter code) [XX]:US<enter> + State or Province Name (full name) []:CO<enter> + Locality Name (eg, city) [Default City]:Denver<enter> + Organization Name (eg, company) [Default Company Ltd]: <enter> + Organizational Unit Name (eg, section) []: <enter> + Common Name (eg, your name or your server's hostname) []: <enter> + Email Address []: <enter> + + Please enter the following 'extra' attributes + to be sent with your certificate request + A challenge password []: pass<enter> + An optional company name []: <enter> + $ openssl x509 -req -sha256 -days 365 -in localhost.csr -signkey localhost.key -out localhost.crt + Signature ok + subject=/C=US/ST=CO/L=Denver/O=Default Company Ltd + Getting Private key + $ sudo cp localhost.crt /etc/pki/tls/certs + $ sudo cp localhost.key /etc/pki/tls/private + $ sudo chown trafops:trafops /etc/pki/tls/certs/localhost.crt + $ sudo chown trafops:trafops /etc/pki/tls/private/localhost.key + +Certificate from Certificate Authority (Production) +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +.. Note:: You will need to know the appropriate answers when generating the certificate request file `trafficopss.csr` below. + +Example Procedure:: + + $ openssl genrsa -des3 -passout pass:x -out trafficops.pass.key 2048 + Generating RSA private key, 2048 bit long modulus + ... + $ openssl rsa -passin pass:x -in trafficops.pass.key -out trafficops.key + writing RSA key + $ rm localhost.pass.key + + Generate the Certificate Signing Request (CSR) file needed for Certificate Authority (CA) request. + + $ openssl req -new -key trafficops.key -out trafficops.csr + You are about to be asked to enter information that will be incorporated + into your certificate request. + What you are about to enter is what is called a Distinguished Name or a DN. + There are quite a few fields but you can leave some blank + For some fields there will be a default value, + If you enter '.', the field will be left blank. + ----- + Country Name (2 letter code) [XX]: <enter country code> + State or Province Name (full name) []: <enter state or province> + Locality Name (eg, city) [Default City]: <enter locality name> + Organization Name (eg, company) [Default Company Ltd]: <enter organization name> + Organizational Unit Name (eg, section) []: <enter organizational unit name> + Common Name (eg, your name or your server's hostname) []: <enter server's hostname name> + Email Address []: <enter e-mail address> + + Please enter the following 'extra' attributes + to be sent with your certificate request + A challenge password []: <enter challenge password> + An optional company name []: <enter> + $ sudo cp trafficops.key /etc/pki/tls/private + $ sudo chown trafops:trafops /etc/pki/tls/private/trafficops.key + + You must then take the output file trafficops.csr and submit a request to your Certificate Authority (CA). + Once you get approved and receive your trafficops.crt file: + + $ sudo cp trafficops.crt /etc/pki/tls/certs + $ sudo chown trafops:trafops /etc/pki/tls/certs/trafficops.crt + + If necessary, install the CA certificates .pem and .crt in /etc/pki/tls/certs. + + You will need to update the file /opt/traffic_ops/app/conf/cdn.conf with the following changes: + ... + e.g. given trafficops.crt and trafficops.key + 'hypnotoad' => ... + 'listen' => 'https://[::]:443?cert=/etc/pki/tls/certs/trafficops.crt&key=/etc/pki/tls/private/trafficops.key&ca=/etc/pki/tls/certs/localhost.ca&verify=0x00&ciphers=AES128-GCM-SHA256:HIGH:!RC4:!MD5:!aNULL:!EDH:!ED' + ... + + +Content Delivery Networks +========================= + +.. _rl-param-prof: + +Profile Parameters +====================== +Many of the settings for the different servers in a Traffic Control CDN are controlled by parameters in the parameter view of Traffic Ops. Parameters are grouped in profiles and profiles are assigned to a server or a deliveryservice. For a typical cache there are hundreds of configuration settings to apply. The Traffic Ops parameter view contains the defined settings. To make life easier, Traffic Ops allows for duplication, comparison, import and export of Profiles. Traffic Ops also has a "Global profile" - the parameters in this profile are going to be applied to all servers in the Traffic Ops instance, or apply to Traffic Ops themselves. These parameters are: + + +.. index:: + Global Profile + ++--------------------------+---------------+---------------------------------------------------------------------------------------------------------------------------------------+ +| Name | Config file | Value | ++==========================+===============+=======================================================================================================================================+ +| tm.url | global | The URL where this Traffic Ops instance is being served from. | ++--------------------------+---------------+---------------------------------------------------------------------------------------------------------------------------------------+ +| tm.rev_proxy.url | global | Not required. The URL where the Traffic Ops Config file cache instance is being served from. Requires Traffic Ops ORT 2.1 and above. | +| | | When configured, ORT will request configuration files via this fqdn, which should be setup as a reverse proxy to the Traffic Ops host | +| | | or hosts. Suggested cache lifetime for these files is ~3 minutes or less. This setting allows for greater scaleability of a CDN | +| | | maintained by Traffic Ops by caching configuration files of profile and cdn scope. | ++--------------------------+---------------+---------------------------------------------------------------------------------------------------------------------------------------+ +| tm.toolname | global | The name of the Traffic Ops tool. Usually "Traffic Ops". Used in the About screen and in the comments headers of the files generated. | ++--------------------------+---------------+---------------------------------------------------------------------------------------------------------------------------------------+ +| tm.infourl | global | This is the "for more information go here" URL, which is visible in the About page. | ++--------------------------+---------------+---------------------------------------------------------------------------------------------------------------------------------------+ +| tm.logourl | global | This is the URL of the logo for Traffic Ops and can be relative if the logo is under traffic_ops/app/public. | ++--------------------------+---------------+---------------------------------------------------------------------------------------------------------------------------------------+ +| tm.instance_name | global | The name of the Traffic Ops instance. Can be used when multiple instances are active. Visible in the About page. | ++--------------------------+---------------+---------------------------------------------------------------------------------------------------------------------------------------+ +| tm.traffic_mon_fwd_proxy | global | When collecting stats from Traffic Monitor, Traffic Ops uses this forward proxy to pull the stats through. | +| | | This can be any of the MID tier caches, or a forward cache specifically deployed for this purpose. Setting | +| | | this variable can significantly lighten the load on the Traffic Monitor system and it is recommended to | +| | | set this parameter on a production system. | ++--------------------------+---------------+---------------------------------------------------------------------------------------------------------------------------------------+ +| geolocation.polling.url | CRConfig.json | The location to get the GeoLiteCity database from. | ++--------------------------+---------------+---------------------------------------------------------------------------------------------------------------------------------------+ +| geolocation6.polling.url | CRConfig.json | The location to get the IPv6 GeoLiteCity database from. | ++--------------------------+---------------+---------------------------------------------------------------------------------------------------------------------------------------+ + +These parameters should be set to reflect the local environment. + + +After running the postinstall script, Traffic Ops has the following profiles pre-loaded: + ++----------+-------------------------------------------------------------------------------------------------+ +| Name | Description | ++==========+=================================================================================================+ +| EDGE1 | The profile to be applied to the latest supported version of ATS, when running as an EDGE cache | ++----------+-------------------------------------------------------------------------------------------------+ +| TR1 | The profile to be applied to the latest version of Traffic Router | ++----------+-------------------------------------------------------------------------------------------------+ +| TM1 | The profile to be applied to the latest version of Traffic Monitor | ++----------+-------------------------------------------------------------------------------------------------+ +| MID1 | The profile to be applied to the latest supported version of ATS, when running as an MID cache | ++----------+-------------------------------------------------------------------------------------------------+ +| RIAK_ALL | Riak profile for all CDNs to be applied to the Traffic Vault servers | ++----------+-------------------------------------------------------------------------------------------------+ + +.. Note:: The Traffic Server profiles contain some information that is specific to the hardware being used (most notably the disk configuration), so some parameters will have to be changed to reflect your configuration. Future releases of Traffic Control will separate the hardware and software profiles so it is easier to "mix-and-match" different hardware configurations. + +Below is a list of cache parameters that are likely to need changes from the default profiles shipped with Traffic Ops: + ++--------------------------+-------------------+-------------------------------------------------------------------------------------------------------------------------+ +| Name | Config file | Description | ++==========================+===================+=========================================================================================================================+ +| allow_ip | astats.config | This is a comma separated list of IPv4 CIDR blocks that will have access to the astats statistics on the caches. | +| | | The Traffic Monitor IP addresses have to be included in this, if they are using IPv4 to monitor the caches. | ++--------------------------+-------------------+-------------------------------------------------------------------------------------------------------------------------+ +| allow_ip6 | astats.config | This is a comma separated list of IPv6 CIDR blocks that will have access to the astats statistics on the caches. | +| | | The Traffic Monitor IP addresses have to be included in this, if they are using IPv6 to monitor the caches. | ++--------------------------+-------------------+-------------------------------------------------------------------------------------------------------------------------+ +| Drive_Prefix | storage.config | The device path start of the disks. For example, if you have ``/dev/sda`` through ``/dev/sdf`` set this to ``/dev/sd`` | ++--------------------------+-------------------+-------------------------------------------------------------------------------------------------------------------------+ +| Drive_Letters | storage.config | The letter part of the disks, in the same example as above set this to ``a,b,c,d,e,f`` | ++--------------------------+-------------------+-------------------------------------------------------------------------------------------------------------------------+ +| purge_allow_ip | ip_allow.config | The IP address range that is allowed to execute the PURGE method on the caches (not related to :ref:`rl-purge`) | ++--------------------------+-------------------+-------------------------------------------------------------------------------------------------------------------------+ +| coalesce_masklen_v4 | ip_allow.config | The masklen to use when coalescing v4 networks into one line using http://search.cpan.org/~miker/NetAddr-IP-4.078/IP.pm | ++--------------------------+-------------------+-------------------------------------------------------------------------------------------------------------------------+ +| coalesce_number_v4 | ip_allow.config | The number to use when coalescing v4 networks into one line using http://search.cpan.org/~miker/NetAddr-IP-4.078/IP.pm | ++--------------------------+-------------------+-------------------------------------------------------------------------------------------------------------------------+ +| coalesce_masklen_v6 | ip_allow.config | The masklen to use when coalescing v6 networks into one line using http://search.cpan.org/~miker/NetAddr-IP-4.078/IP.pm | ++--------------------------+-------------------+-------------------------------------------------------------------------------------------------------------------------+ +| coalesce_masklen_v6 | ip_allow.config | The masklen to use when coalescing v6 networks into one line using http://search.cpan.org/~miker/NetAddr-IP-4.078/IP.pm | ++--------------------------+-------------------+-------------------------------------------------------------------------------------------------------------------------+ +| health.threshold.loadavg | rascal.properties | The Unix load average at which Traffic Router will stop sending traffic to this cache | ++--------------------------+-------------------+-------------------------------------------------------------------------------------------------------------------------+ +| health.threshold.\\ | rascal.properties | The amount of bandwidth that Traffic Router will try to keep available on the cache. | +| availableBandwidthInKbps | | For example: "">1500000" means stop sending new traffic to this cache when traffic is at 8.5Gbps on a 10Gbps interface. | ++--------------------------+-------------------+-------------------------------------------------------------------------------------------------------------------------+ + +Below is a list of Traffic Server plugins that need to be configured in the parameter table: + ++------------------+---------------+------------------------------------------------------+------------------------------------------------------------------------------------------------------------+ +| Name | Config file | Description | Details | ++==================+===============+======================================================+============================================================================================================+ +| astats_over_http | package | The package version for the astats_over_http plugin. | `astats_over_http <http://trafficcontrol.apache.org/downloads/index.html>`_ | ++------------------+---------------+------------------------------------------------------+------------------------------------------------------------------------------------------------------------+ +| trafficserver | package | The package version for the trafficserver plugin. | `trafficserver <http://trafficcontrol.apache.org/downloads/index.html>`_ | ++------------------+---------------+------------------------------------------------------+------------------------------------------------------------------------------------------------------------+ +| regex_revalidate | plugin.config | The config to be used for regex_revalidate. | `regex_revalidate <https://docs.trafficserver.apache.org/en/5.3.x/reference/plugins/regex_remap.en.html>`_ | +| | | For example: --config regex_revalidate.config | | ++------------------+---------------+------------------------------------------------------+------------------------------------------------------------------------------------------------------------+ +| remap_stats | plugin.config | The config to be used for remap_stats. | `remap_stats <https://github.com/apache/trafficserver/tree/master/plugins/experimental/remap_stats>`_ | +| | | Value is left blank. | | ++------------------+---------------+------------------------------------------------------+------------------------------------------------------------------------------------------------------------+ + + +Regions, Locations and Cache Groups +=================================== +All servers have to have a `location`, which is their physical location. Each location is part of a `region`, and each region is part of a `division`. For Example, ``Denver`` could be a location in the ``Mile High`` region and that region could be part of the ``West`` division. Enter your divisions first in `Misc->Divisions`, then enter the regions in `Misc->Regions`, referencing the divisions entered, and finally, enter the physical locations in `Misc->Locations`, referencing the regions entered. + +All servers also have to be part of a `cache group`. A cache group is a logical grouping of caches, that don't have to be in the same physical location (in fact, usually a cache group is spread across minimally 2 physical Locations for redundancy purposes), but share geo coordinates for content routing purposes. JvD to add more. + + + +Configuring Content Purge +========================= +Content purge using ATS is not simple; there is no file system to delete files/directories from, and in large caches it can be hard to delete a simple regular expression from the cache. This is why Traffic Control uses the `Regex Revalidate Plugin <https://docs.trafficserver.apache.org/en/latest/admin-guide/plugins/regex_revalidate.en.html>`_ to purge content from the system. We don't actually remove the content, we have a check that gets run before each request on each cache to see if this request matches a list of regular expressions, and if it does, we force a revalidation to the origin, making the original content inaccessible. The regex_revalidate plugin will monitor it's config file, and will pick up changes to it without a `traffic_line -x` signal to ATS. Changes to this file need to be distributed to the highest tier (MID) caches in the CDN before they are distributed to the lower tiers, to prevent filling the lower tiers with the content that should be purged from the highe r tiers without hitting the origin. This is why the ort script (see :ref:`reference-traffic-ops-ort`) will by default push out config changes to MID first, confirm that they have all been updated, and then push out the changes to the lower tiers. In large CDNs, this can make the distribution and time to activation of the purge too long, and because of that there is the option to not distribute the `regex_revalidate.config` file using the ort script, but to do this using other means. By default, Traffic Ops will use ort to distribute the `regex_revalidate.config` file. + +Content Purge is controlled by the following parameters in the profile of the cache: + ++----------------------+-------------------------+--------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------+ +| Name | Config file | Description | Details | ++======================+=========================+==================================================+=========================================================================================================================================================+ +| location | regex_revalidate.config | What location the file should be in on the cache | The presence of this parameter tells ort to distribute this file; delete this parameter from the profile if this file is distributed using other means. | ++----------------------+-------------------------+--------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------+ +| maxRevalDurationDays | regex_revalidate.config | The maximum time a purge can be active | To prevent a build up of many checks before each request, this is longest time the system will allow | ++----------------------+-------------------------+--------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------+ +| regex_revalidate | plugin.config | The config to be used for regex_revalidate. | `regex_revalidate <https://docs.trafficserver.apache.org/en/5.3.x/reference/plugins/regex_remap.en.html>`_ | +| | | For example: --config regex_revalidate.config | | ++----------------------+-------------------------+--------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------+ +| use_reval_pending | global | Configures Traffic Ops to use separate | When this flag is in use ORT will check for a new regex_revalidate.config every 60 seconds in syncds mode during the dispersal timer. This will | +| | | reval_pending flag for each cache. | also allow ORT to be run in revalidate mode, which will check for and clear the reval_pending flag. This can be set to run via cron task. | +| | | | Enable with a value of 1. Use of this feature requires Traffic Ops 2.1 and above. Parameter should be assigned to the GLOBAL profile. | ++----------------------+-------------------------+--------------------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------+ + + +Note that the TTL the adminstrator enters in the purge request should be longer than the TTL of the content to ensure the bad content will not be used. If the CDN is serving content of unknown, or unlimited TTL, the administrator should consider using `proxy-config-http-cache-guaranteed-min-lifetime <https://docs.trafficserver.apache.org/en/latest/admin-guide/files/records.config.en.html#proxy-config-http-cache-guaranteed-min-lifetime>`_ to limit the maximum time an object can be in the cache before it is considered stale, and set that to the same value as `maxRevalDurationDays` (Note that the former is in seconds and the latter is in days, so convert appropriately). + + + +.. _Creating-CentOS-Kickstart: + +Creating the CentOS Kickstart File +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +The kickstart file is a text file, containing a list of items, each identified by a keyword. You can create it by using the Kickstart Configurator application, or writing it from scratch. The Red Hat Enterprise Linux installation program also creates a sample kickstart file based on the options that you selected during installation. It is written to the file ``/root/anaconda-ks.cfg``. This file is editable using most text editors that can save files as ASCII text. + +To generate ISO, the CentOS Kickstart is necessary: + +1. Create a kickstart file. +2. Create a boot media with the kickstart file or make the kickstart file available on the network. +3. Make the installation tree available. +4. Start the kickstart installation. + +Create a ks.src file in the root of the selection location. See the example below: + +:: + + + mkdir newdir + cd newdir/ + cp -r ../centos65/* . + vim ks.src + vim isolinux/isolinux.cfg + cd vim osversions.cfg + vim osversions.cfg + + +This is a standard kickstart formatted file that the generate ISO process uses to create the kickstart (ks.cfg) file for the install. The generate ISO process uses the ks.src, overwriting any information set in the Generate ISO tab in Traffic Ops, creating ks.cfg. + +.. Note:: Streamline your install folder for under 1GB, which assists in creating a CD. + +.. seealso:: For in-depth instructions, please see `Kickstart Installation <https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Installation_Guide/s1-kickstart2-howuse.html>`_ + + + + http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol-website/blob/5521f214/docs/latest/_sources/admin/traffic_ops/default_profiles.txt ---------------------------------------------------------------------- diff --git a/docs/latest/_sources/admin/traffic_ops/default_profiles.txt b/docs/latest/_sources/admin/traffic_ops/default_profiles.txt new file mode 100644 index 0000000..9b629be --- /dev/null +++ b/docs/latest/_sources/admin/traffic_ops/default_profiles.txt @@ -0,0 +1,53 @@ +.. +.. +.. Licensed under the Apache License, Version 2.0 (the "License"); +.. you may not use this file except in compliance with the License. +.. You may obtain a copy of the License at +.. +.. http://www.apache.org/licenses/LICENSE-2.0 +.. +.. Unless required by applicable law or agreed to in writing, software +.. distributed under the License is distributed on an "AS IS" BASIS, +.. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +.. See the License for the specific language governing permissions and +.. limitations under the License. +.. + +.. index:: + Traffic Ops - Default Profiles + +.. _rl-to-default-profiles: + +Traffic Ops - Default Profiles +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +Traffic Ops has the concept of :ref:`rl-working-with-profiles`, which are an integral function within Traffic Ops. To get started, a set of default Traffic Ops profiles need to be imported into Traffic Ops +to get started to support Traffic Control components Traffic Router, Traffic Monitor, and Apache Traffic Server. + +`Download Default Profiles from here <http://trafficcontrol.incubator.apache.org/downloads/profiles/>`_ + +.. _rl-to-profiles-min-needed: + +Minimum Traffic Ops Profiles needed +----------------------------------- + * EDGE_ATS_<version>_<platform>_PROFILE.traffic_ops + * MID_ATS_<version>_<platform>_PROFILE.traffic_ops + * TRAFFIC_MONITOR_PROFILE.traffic_ops + * TRAFFIC_ROUTER_PROFILE.traffic_ops + * TRAFFIC_STATS_PROFILE.traffic_ops + + + +Steps to Import a Profile +------------------------- +1. Sign into Traffic Ops + +2. Navigate to 'Parameters->Select Profile' + +3. Click the "Import Profile" button at the bottom + +4. Choose the specific profile you want to import from your download directory + +5. Click 'Submit' + +6. Continue these steps for each :ref:`rl-to-profiles-min-needed` above http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol-website/blob/5521f214/docs/latest/_sources/admin/traffic_ops/extensions.txt ---------------------------------------------------------------------- diff --git a/docs/latest/_sources/admin/traffic_ops/extensions.txt b/docs/latest/_sources/admin/traffic_ops/extensions.txt new file mode 100644 index 0000000..4aceebb --- /dev/null +++ b/docs/latest/_sources/admin/traffic_ops/extensions.txt @@ -0,0 +1,88 @@ +.. +.. +.. Licensed under the Apache License, Version 2.0 (the "License"); +.. you may not use this file except in compliance with the License. +.. You may obtain a copy of the License at +.. +.. http://www.apache.org/licenses/LICENSE-2.0 +.. +.. Unless required by applicable law or agreed to in writing, software +.. distributed under the License is distributed on an "AS IS" BASIS, +.. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +.. See the License for the specific language governing permissions and +.. limitations under the License. +.. + +.. _admin-to-ext-script: + +Managing Traffic Ops Extensions +******************************* + +Each script is a separate bash script located in ``$TO_HOME/bin/checks/``. + +The extensions must be registered with Traffic Ops in order to display a column on the Server Check page. The list of currently registered extensions can be listed by running ``/opt/traffic_ops/app/bin/extensions -a``. + +The below extensions are automatically registered with the Traffic Ops database (``to_extension`` table) at install time (see ``traffic_ops/app/db/seeds.sql``). However, cron must still be configured to run these checks periodically. + +The scripts are called as follows: :: + + + $TO_HOME/bin/checks/To<name>Check.pl -c "{\"base_url\": \",https://\";<traffic_ops_ip>\", \"check_name\": \"<check_name>\"}" -l <log level> + where: + + <name> is the type of check script + <traffic_ops_ip> is the IP address of the Traffic Ops Server + <check_name> is the name of the check. For example: CDU, CHR, DSCP, MTU, etc... + <log_level> is between 1 and 4, with 4 being the most verbose. This field is optional + + +Example Cron File +================= +Edit with ``crontab -e``. You may need to adjust the path to your $TO_HOME to match your system. + +:: + + + PERL5LIB=/opt/traffic_ops/app/local/lib/perl5:/opt/traffic_ops/app/lib + + # IPv4 ping examples - The 'select: ["hostName","domainName"]' works but, if you want to check DNS resolution use FQDN. + */15 * * * * root /opt/traffic_ops/app/bin/checks/ToPingCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"10G\", \"select\": [\"hostName\",\"domainName\"]}" >> /var/log/traffic_ops/extensionCheck.log 2>&1 + */15 * * * * root /opt/traffic_ops/app/bin/checks/ToPingCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"10G\", \"select\": \"ipAddress\"}" >> /var/log/traffic_ops/extensionCheck.log 2>&1 + */15 * * * * root /opt/traffic_ops/app/bin/checks/ToPingCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"10G\", \"name\": \"IPv4 Ping\", \"select\": \"ipAddress\", \"syslog_facility\": \"local0\"}" > /dev/null 2>&1 + + # IPv6 ping examples + */15 * * * * root /opt/traffic_ops/app/bin/checks/ToPingCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"10G6\", \"name\": \"IPv6 Ping\", \"select\": \"ip6Address\", \"syslog_facility\": \"local0\"}" >/dev/null 2>&1 + */15 * * * * root /opt/traffic_ops/app/bin/checks/ToPingCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"10G6\", \"select\": \"ip6Address\"}" >> /var/log/traffic_ops/extensionCheck.log 2>&1 + + # iLO ping + 18 * * * * root /opt/traffic_ops/app/bin/checks/ToPingCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"ILO\", \"select\": \"iloIpAddress\"}" >> /var/log/traffic_ops/extensionCheck.log 2>&1 + 18 * * * * root /opt/traffic_ops/app/bin/checks/ToPingCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"ILO\", \"name\": \"ILO ping\", \"select\": \"iloIpAddress\", \"syslog_facility\": \"local0\"}" >/dev/null 2>&1 + + # MTU ping + 45 0 * * * root /opt/traffic_ops/app/bin/checks/ToPingCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"MTU\", \"select\": \"ipAddress\"}" >> /var/log/traffic_ops/extensionCheck.log 2>&1 + 45 0 * * * root /opt/traffic_ops/app/bin/checks/ToPingCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"MTU\", \"select\": \"ip6Address\"}" >> /var/log/traffic_ops/extensionCheck.log 2>&1 + 45 0 * * * root /opt/traffic_ops/app/bin/checks/ToPingCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"MTU\", \"name\": \"Max Trans Unit\", \"select\": \"ipAddress\", \"syslog_facility\": \"local0\"}" > /dev/null 2>&1 + 45 0 * * * root /opt/traffic_ops/app/bin/checks/ToPingCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"MTU\", \"name\": \"Max Trans Unit\", \"select\": \"ip6Address\", \"syslog_facility\": \"local0\"}" > /dev/null 2>&1 + + # FQDN + 27 * * * * root /opt/traffic_ops/app/bin/checks/ToFQDNCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"FQDN\"" >> /var/log/traffic_ops/extensionCheck.log 2>&1 + 27 * * * * root /opt/traffic_ops/app/bin/checks/ToFQDNCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"FQDN\", \"name\": \"DNS Lookup\", \"syslog_facility\": \"local0\"}" > /dev/null 2>&1 + + # DSCP + 36 * * * * root /opt/traffic_ops/app/bin/checks/ToDSCPCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"DSCP\", \"cms_interface\": \"eth0\"}" >> /var/log/traffic_ops/extensionCheck.log 2>&1 + 36 * * * * root /opt/traffic_ops/app/bin/checks/ToDSCPCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"DSCP\", \"name\": \"Delivery Service\", \"cms_interface\": \"eth0\", \"syslog_facility\": \"local0\"}" > /dev/null 2>&1 + + # RTR + 10 * * * * root /opt/traffic_ops/app/bin/checks/ToRTRCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"RTR\"}" >> /var/log/traffic_ops/extensionCheck.log 2>&1 + 10 * * * * root /opt/traffic_ops/app/bin/checks/ToRTRCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"RTR\", \"name\": \"Content Router Check\", \"syslog_facility\": \"local0\"}" > /dev/null 2>&1 + + # CHR + */15 * * * * root /opt/traffic_ops/app/bin/checks/ToCHRCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"CHR\"}" >> /var/log/traffic_ops/extensionCheck.log 2>&1 + + # CDU + 20 * * * * root /opt/traffic_ops/app/bin/checks/ToCDUCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"CDU\"}" >> /var/log/traffic_ops/extensionCheck.log 2>&1 + + # ORT + 40 * * * * ssh_key_edge_user /opt/traffic_ops/app/bin/checks/ToORTCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"ORT\"}" >> /var/log/traffic_ops/extensionCheck.log 2>&1 + 40 * * * * ssh_key_edge_user /opt/traffic_ops/app/bin/checks/ToORTCheck.pl -c "{\"base_url\": \"https://localhost\";, \"check_name\": \"ORT\", \"name\": \"Operational Readiness Test\", \"syslog_facility\": \"local0\"}" > /dev/null 2>&1 + http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol-website/blob/5521f214/docs/latest/_sources/admin/traffic_ops/installation.txt ---------------------------------------------------------------------- diff --git a/docs/latest/_sources/admin/traffic_ops/installation.txt b/docs/latest/_sources/admin/traffic_ops/installation.txt new file mode 100644 index 0000000..b5cce9f --- /dev/null +++ b/docs/latest/_sources/admin/traffic_ops/installation.txt @@ -0,0 +1,243 @@ +.. +.. +.. Licensed under the Apache License, Version 2.0 (the "License"); +.. you may not use this file except in compliance with the License. +.. You may obtain a copy of the License at +.. +.. http://www.apache.org/licenses/LICENSE-2.0 +.. +.. Unless required by applicable law or agreed to in writing, software +.. distributed under the License is distributed on an "AS IS" BASIS, +.. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +.. See the License for the specific language governing permissions and +.. limitations under the License. +.. + +.. index:: + Traffic Ops - Installing + +.. _rl-to-install: + +Traffic Ops - Installing +%%%%%%%%%%%%%%%%%%%%%%%% + +System Requirements +------------------- +The user must have the following for a successful minimal install: + +* CentOS 7 +* 2 VMs with at least 2 vCPUs, 4GB RAM, 20 GB disk space each +* Access to Centos Base and epel repositories +* Access to `The Comprehensive Perl Archive Network (CPAN) <http://www.cpan.org/>`_ + +As of version 2.0 only Postgres is supported as the database. This documentation assumes CentOS 7.2 and Postgresql 9.6.3. For a production install + +.. highlight:: none + +Navigating the Install +----------------------- +To begin the install: + +1. Install Postgres + + For a production install it is best to install postgres on it's own server/VM. To install postgres, on the postgres host (pg) :: + + pg-$ sudo su - + pg-# yum -y update + pg-# yum -y install https://download.postgresql.org/pub/repos/yum/9.6/redhat/rhel-7-x86_64/pgdg-centos96-9.6-3.noarch.rpm + pg-# yum -y install postgresql96-server + pg-$ su - postgres + pg-$ /usr/pgsql-9.6/bin/initdb -A md5 -W #-W forces the user to provide a superuser (postgres) password + + + Edit ``/var/lib/pgsql/9.6/data/pg_hba.conf`` to allow your traffic ops app server access. For example if you are going to install traffic ops on ``99.33.99.1`` add:: + + host all all 99.33.99.1/32 md5 + + to the appropriate section of this file. Edit the ``/var/lib/pgsql/9.6/data/postgresql.conf`` file to add the approriate listen_addresses or ``listen_addresses = '*'``, and start the database: :: + + pg-$ exit + pg-# systemctl enable postgresql-9.6 + pg-# systemctl start postgresql-9.6 + pg-# systemctl status postgresql-9.6 + + +2. Build Traffic Ops + + Build a Traffic Ops rpm using the instructions under the :ref:`dev-building` page. + + +3. Install Postgresql + + Install the postgresql 9.6 yum repository access. :: + + to-$ sudo su - + to-# yum -y install https://download.postgresql.org/pub/repos/yum/9.6/redhat/rhel-7-x86_64/pgdg-centos96-9.6-3.noarch.rpm + +4. Install the rpm built in step 2. :: + + to-# yum -y install ./dist/traffic_ops-2.0.0-xxxx.yyyyyyy.el7.x86_64.rpm + + + Install some additional packages that it depends on that were not installed as dependecies in the previous step (these are for the 2.0.0 install, this may change, but the pre-installs won't hurt): :: + + to-# yum -y install git + to-# wget -q https://storage.googleapis.com/golang/go1.8.3.linux-amd64.tar.gz + to-# tar -C /usr/local -xzf go1.8.3.linux-amd64.tar.gz + to-# PATH=$PATH:/usr/local/go/bin # go bins are needed in the path for postinstall + to-# go get bitbucket.org/liamstask/goose/cmd/goose + + At this point you should be able to login to the database from the ``to`` host to the ``pg`` host like: :: + + to-# psql -h 99.33.99.1 -U postgres + Password for user postgres: + psql (9.6.3) + Type "help" for help. + + postgres=# + + Use this connectivity to create the user and database. In this example, we use user: ``traffic_ops``, password: ``tcr0cks``, database: ``traffic_ops``: :: + + to-# psql -U postgres -h 99.33.99.1 -c "CREATE USER traffic_ops WITH ENCRYPTED PASSWORD 'tcr0cks';" + Password for user postgres: + CREATE ROLE + to-# createdb traffic_ops --owner traffic_ops -U postgres -h 99.33.99.1 + Password: + to-# + + + Now, run the following command as root: ``/opt/traffic_ops/install/bin/postinstall`` + + The postinstall will first get all packages needed from CPAN. This may take a while, expect up to 30 minutes on the first install. + If there are any prompts in this phase, please just answer with the defaults (some CPAN installs can prompt for install questions). + + When this phase is complete, you will see:: + + Complete! Modules were installed into /opt/traffic_ops/app/local + + Some additional files will be installed, and then it will proceed with the next phase of the install, where it will ask you about the local environment for your CDN. Please make sure you remember all your answers and the database answers match the database information previously used to create the database. + + + Example output:: + + ===========/opt/traffic_ops/app/conf/production/database.conf=========== + Database type [Pg]: + Database type: Pg + Database name [traffic_ops]: + Database name: traffic_ops + Database server hostname IP or FQDN [localhost]: 99.33.99.1 + Database server hostname IP or FQDN: 99.33.99.1 + Database port number [5432]: + Database port number: 5432 + Traffic Ops database user [traffic_ops]: + Traffic Ops database user: traffic_ops + Password for Traffic Ops database user: + Re-Enter Password for Traffic Ops database user: + Writing json to /opt/traffic_ops/app/conf/production/database.conf + Database configuration has been saved + ===========/opt/traffic_ops/app/db/dbconf.yml=========== + Database server root (admin) user [postgres]: + Database server root (admin) user: postgres + Password for database server admin: + Re-Enter Password for database server admin: + Download Maxmind Database? [yes]: + Download Maxmind Database?: yes + ===========/opt/traffic_ops/app/conf/cdn.conf=========== + Generate a new secret? [yes]: + Generate a new secret?: yes + Number of secrets to keep? [10]: + Number of secrets to keep?: 10 + Not setting up ldap + ===========/opt/traffic_ops/install/data/json/users.json=========== + Administration username for Traffic Ops [admin]: + Administration username for Traffic Ops: admin + Password for the admin user: + Re-Enter Password for the admin user: + Writing json to /opt/traffic_ops/install/data/json/users.json + ===========/opt/traffic_ops/install/data/json/openssl_configuration.json=========== + Do you want to generate a certificate? [yes]: + Country Name (2 letter code): US + State or Province Name (full name): CO + Locality Name (eg, city): Denver + Organization Name (eg, company): Super CDN, Inc + Organizational Unit Name (eg, section): + Common Name (eg, your name or your server's hostname): + RSA Passphrase: + Re-Enter RSA Passphrase: + ===========/opt/traffic_ops/install/data/json/profiles.json=========== + Traffic Ops url [https://localhost]: + Traffic Ops url: https://localhost + Human-readable CDN Name. (No whitespace, please) [kabletown_cdn]: blue cdn + Human-readable CDN Name. (No whitespace, please): blue cdn + DNS sub-domain for which your CDN is authoritative [cdn1.kabletown.net]: blue-cdn.supercdn.net + DNS sub-domain for which your CDN is authoritative: blue-cdn.supercdn.net + Writing json to /opt/traffic_ops/install/data/json/profiles.json + Downloading Maxmind data + --2017-06-11 15:32:41-- http://geolite.maxmind.com/download/geoip/database/GeoLite2-City.mmdb.gz + Resolving geolite.maxmind.com (geolite.maxmind.com)... 2400:cb00:2048:1::6810:262f, 2400:cb00:2048:1::6810:252f, 104.16.38.47, ... + Connecting to geolite.maxmind.com (geolite.maxmind.com)|2400:cb00:2048:1::6810:262f|:80... connected. + + ... much SQL output skipped + + Starting Traffic Ops + Restarting traffic_ops (via systemctl): [ OK ] + Waiting for Traffic Ops to restart + Success! Postinstall complete. + + to-# ifconfig + + + Explanation of the information that needs to be provided: + + +----------------------------------------------------+----------------------------------------------------------------------------------------------+ + | Field | Description | + +====================================================+==============================================================================================+ + | Database type | Pg | + +----------------------------------------------------+----------------------------------------------------------------------------------------------+ + | Database name | The name of the database Traffic Ops uses to store the configuration information | + +----------------------------------------------------+----------------------------------------------------------------------------------------------+ + | Database server hostname IP or FQDN | The hostname of the database server | + +----------------------------------------------------+----------------------------------------------------------------------------------------------+ + | Database port number | The database port number | + +----------------------------------------------------+----------------------------------------------------------------------------------------------+ + | Traffic Ops database user | The username Traffic Ops will use to read/write from the database | + +----------------------------------------------------+----------------------------------------------------------------------------------------------+ + | Password for traffic ops | The password for the above database user | + +----------------------------------------------------+----------------------------------------------------------------------------------------------+ + | Database server root (admin) user name | Privileged database user that has permission to create the database and user for Traffic Ops | + +----------------------------------------------------+----------------------------------------------------------------------------------------------+ + | Database server root (admin) user password | The password for the above privileged database user | + +----------------------------------------------------+----------------------------------------------------------------------------------------------+ + | Traffic Ops url | The URL to connect to this instance of Traffic Ops, usually https://<traffic ops host FQDN>/ | + +----------------------------------------------------+----------------------------------------------------------------------------------------------+ + | Human-readable CDN Name | The name of the first CDN traffic Ops will be managing | + +----------------------------------------------------+----------------------------------------------------------------------------------------------+ + | DNS sub-domain for which your CDN is authoritative | The DNS domain that will be delegated to this Traffic Control CDN | + +----------------------------------------------------+----------------------------------------------------------------------------------------------+ + | Administration username for Traffic Ops | The Administration (highest privilege) Traffic Ops user to create; | + | | use this user to login for the first time and create other users | + +----------------------------------------------------+----------------------------------------------------------------------------------------------+ + | Password for the admin user | The password for the above user | + +----------------------------------------------------+----------------------------------------------------------------------------------------------+ + + +Traffic Ops is now installed! + + +**To complete the Traffic Ops Setup See:** :ref:`rl-to-default-profiles` + + +Upgrading Traffic Ops +===================== +To upgrade: + +.. Note:: TODO : review for > 2.0 + +1. Enter the following command:``service traffic_ops stop`` +2. Enter the following command:``yum upgrade traffic_ops`` +3. See :ref:`rl-to-install` to run postinstall. +4. Enter the following command:``service traffic_ops start`` + + + + http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol-website/blob/5521f214/docs/latest/_sources/admin/traffic_ops/migration_from_10_to_20.txt ---------------------------------------------------------------------- diff --git a/docs/latest/_sources/admin/traffic_ops/migration_from_10_to_20.txt b/docs/latest/_sources/admin/traffic_ops/migration_from_10_to_20.txt new file mode 100644 index 0000000..4133fee --- /dev/null +++ b/docs/latest/_sources/admin/traffic_ops/migration_from_10_to_20.txt @@ -0,0 +1,88 @@ +.. +.. +.. Licensed under the Apache License, Version 2.0 (the "License"); +.. you may not use this file except in compliance with the License. +.. You may obtain a copy of the License at +.. +.. http://www.apache.org/licenses/LICENSE-2.0 +.. +.. Unless required by applicable law or agreed to in writing, software +.. distributed under the License is distributed on an "AS IS" BASIS, +.. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +.. See the License for the specific language governing permissions and +.. limitations under the License. +.. + +.. index:: + Traffic Ops - Migrating from Traffic Ops 1.x to Traffic Ops 2.x + +.. _rl-ps: + +Traffic Ops - Migrating from 1.x to 2.x +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +In Traffic Ops 2.x MySQL was removed and Postgres was replaced as the database of choice for the unforeseen future. A Docker-based migration tool was developed to +help with that conversion using an open source Postgres tool called `pgloader <http://pgloader.io/>`_. The following instructions will help configuring the Migration tool + +System Requirements +------------------- +The user must have the following for a successful minimal install: + +* CentOS 7.2+ +* Docker installed (this migration was tested against version **docker-engine-selinux-17.05.0.ce-1.el7.centos.noarch.rpm**) +* Postgres has been installed according to :ref:`rl-to-install` + +Setup the traffic_ops_db directory +---------------------------------- + + Modify /opt dir permission to make it writable and owned by postgres:postgres + + :: + + $ sudo chmod 755 /opt + + Download the Traffic Control tarball for 2.0.0 + + :: + + $ cd /opt + $ wget https://dist.apache.org/repos/dist/release/incubator/trafficcontrol/<tarball_version> + + Extract the **traffic_ops_db** dir to **/opt/traffic_ops_db** + + :: + + $ tar -zxvf trafficcontrol-incubating-<version>.tar.gz --strip=1 trafficcontrol-incubating-<version>/traffic_ops_db + $ sudo chown -R postgres:postgres /opt/traffic_ops_db + +.. highlight:: none + +Migration Preparation +--------------------- +Be sure there is connectivity between your MySQL server's IP address/port and your Postgres server's IP address/port. + +Navigating the Database Migration +--------------------------------- +Begin the database migration after settings up the **/opt/traffic_ops_db** directory + + Switch to the postgres user so permissions stay intact. + :: + + $ su - postgres + $ cd /opt/traffic_ops_db/ + +1. Configure the **/opt/traffic_ops_db/pg-migration/mysql-to-postgres.env** migration for your source MySQL and target Postgres settings + + +2. Run the migration, watch the console output for any errors (it may take some time) + :: + + $ ./migrate.sh + + + Your MySQL data should now be ported into your new instance of Postgres! + + + + +
