On 06/15/2011 04:42 PM, Dominick Grift wrote:
On Wed, 2011-06-15 at 17:09 -0430, Marcos Ortiz wrote:
> Regards to all the list
> I was wondering if any of you have deployed Traffic Server under SELinux
> ´s policies?
> If it´s true, Where I can find the work?
I suspect selinux does not "support" that yet. You can determine by
grepping the "Traffic server" process in ps -auxZ. If it is running in
the initrc_t domain then that means that SELinux is currently not aware
of this application.
In that case we can work to make SELinux support this application. If
you want to help us support this application let us know so that we can
make arrangements to get this going.
> --
> selinux mailing list
> selinux(a)lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/selinux Ok, thanks a lot,
Dominick.
I think that´s a good start to me.
Well, for anyone that don´t know what is Apache Traffic Server, I let
its description from its own official site:
Apache Traffic Server™ is fast, scalable and extensible HTTP/1.1
compliant caching proxy server.
Formerly a commercial product, Yahoo! donated it to the Apache
Foundation, and is now an Apache TLP.
TS can be deployed in three modes:
- as a web proxy proxy cache
- as a reverse proxy
- In a cache hierarchy
Everything can be read here for version 2:
http://trafficserver.apache.org/docs/v2/admin/intro.htm
and here for version 3
http://trafficserver.apache.org/docs/v3/admin/intro.htm
There are there processes that work together to serve TS request and
manage/control/monitor the health of the completed system:
- The traffic_server process is the transaction processing engine of
Traffic Server.
It is responsible for accepting connections, processing protocol
requests, and
serving documents from the cache or origin server.
- The traffic_manager process is the command and control facility of the
Traffic Server,
responsible for launching, monitoring, and reconfiguring the
traffic_server process.
The traffic_manager process is also responsible for the proxy
autoconfiguration port,
the statistics interface, cluster administration, and virtual IP
failover.
If the traffic_manager process detects a traffic_server process
failure, it instantly
restarts the process but also maintains a connection queue of all
incoming requests.
All incoming connections that arrive in the several seconds before
full server restart
are saved in the connection queue and processed in first-come,
first-served order.
This connection queueing shields users from any server restart downtime.
- The traffic_cop process monitors the health of both the traffic_server
and traffic_manager processes.
The traffic_cop process periodically (several times each minute)
queries the traffic_server and
traffic_manager process by issuing heartbeat requests to fetch
synthetic web pages.
In the event of failure (if no response is received within a timeout
interval or if an incorrect response is received)
, traffic_cop restarts the traffic_manager and traffic_server processes.
--
Marcos Luís Ortíz Valmaseda
Software Engineer (UCI)
http://marcosluis2186.posterous.com
http://twitter.com/marcosluis2186