8 Managing Virtual Servers

You can use multiple virtual servers within a single Oracle Traffic Director instance to provide several entry points—domain names and IP addresses—for client requests, and to offer differentiated services for caching, quality of service, and so on. You can bind virtual servers to one or more listeners—HTTP or HTTPS—and configure them to forward requests to different origin-server pools.

You can configure caching, compression, routing, quality of service, log-file and web application firewall settings individually for each virtual server.

This chapter describes how to create, view, modify, and delete virtual servers. It contains the following sections:

Creating a Virtual Server

When you create a configuration, a virtual server is created automatically with the same name as that of the configuration and is associated with the HTTP listener that was specified while creating the configuration. A default routing rule is also created for the virtual server, to distribute all requests received at the associated HTTP listener to the origin servers that were specified while creating the configuration.

You can create additional virtual servers in a configuration by using either the administration console or the CLI.

Note:

When you create a virtual server, you are, in effect, modifying a configuration. So for the new virtual-server to take effect in the Oracle Traffic Director instances, you should redeploy the configuration as described in Deploying a Configuration.
The CLI examples in this section are shown in shell mode (tadm>). For information about invoking the CLI shell, see Accessing the Command-Line Interface.

Before You Begin

Before you begin creating a virtual server, decide the following:

A unique name for the virtual server. Choose the name carefully; after creating a virtual server, you cannot change its name.
One or more unique listen ports. For information about creating listeners, see Managing Listeners.
The names of the hosts, or the host patterns, for which the virtual server will handle requests.

When a request is received, Oracle Traffic Director determines the virtual server that should process it, by comparing the Host header in the request with the host patterns defined for each virtual server in the configuration.
- The request is routed to the first virtual server that has a host pattern matching the Host header in the request.
- If the Host header in the request does not match the host patterns defined for any of the virtual servers, or if the request does not contain the Host header, the request is routed to the default virtual server that is associated with the HTTP listener through which the request was received.
Note:

When Strict SNI Host Matching is enabled for an HTTP listener, and if for that listener at least one of the virtual servers has certificates, then Oracle Traffic Director returns a 403-Forbidden error to the client, if any of the following conditions is true:
- The client did not send the SNI host extension during the SSL/TLS handshake.
- The request does not have the Host: header.
- The host name sent by the client in the SNI host extension during the SSL/TLS handshake does not match the Host: header in the request.
For more information, see About Strict SNI Host Matching.
The name of the origin-server pool to which the virtual server should forward requests. For information about creating origin-server pools, see Managing Origin-Server Pools.

Creating a Virtual Server Using the Administration Console

To create a virtual server by using the administration console, do the following:

Log in to the administration console, as described in Accessing the Administration Console.
Click the Configurations button that is situated at the upper left corner of the page.

A list of the available configurations is displayed.
Select the configuration for which you want to create a virtual server.
In the Common Tasks pane, click New Virtual Server.

The New Virtual Server wizard starts.

Figure 8-1 New Virtual Server Wizard

Description of "Figure 8-1 New Virtual Server Wizard"
Follow the on-screen prompts to complete creation of the virtual server by using the details—listener, origin-server pool, and so on—that you decided earlier.

After the virtual server is created, the Results screen of the New Virtual Server wizard displays a message confirming successful creation of the virtual server.
Click Close on the Results screen.
- The details of the virtual server that you just created are displayed on the Virtual Servers page.
- In addition, the Deployment Pending message is displayed at the top of the main pane. You can either deploy the updated configuration immediately by clicking Deploy Changes, or you can do so later after making further changes, as described in Deploying a Configuration.

Creating a Virtual Server Using the CLI

To create a virtual server, run the create-virtual-server command.

For example, the following command creates a virtual server named vs_soa associated with the listener hl1 for the configuration soa.example.com, and configures the virtual server to forward client requests to the origin-server pool soa-pool.

tadm> create-virtual-server --config=soa.example.com --http-listener-name=hl1 --origin-server-pool=soa-pool vs_soa
OTD-70201 Command 'create-virtual-server' ran successfully.

For the updated configuration to take effect, you should deploy it to the Oracle Traffic Director instances by using the deploy-config command.

For more information about create-virtual-server, see the Oracle Traffic Director Command-Line Reference or run the command with the --help option.

Viewing a List of Virtual Servers

You can view a list of virtual servers by using either the administration console or the CLI.

Note:

The CLI examples in this section are shown in shell mode (tadm>). For information about invoking the CLI shell, see Accessing the Command-Line Interface.

Viewing List of Virtual Servers Using the Administration Console

To view a list of virtual servers by using the administration console, do the following:

Log in to the administration console, as described in Accessing the Administration Console.
Click the Configurations button that is situated at the upper left corner of the page.

A list of the available configurations is displayed.
Select the configuration for which you want to view virtual servers.
In the navigation pane, select Virtual Servers.

The Virtual Servers page is displayed. It shows a list of the virtual servers defined for the configuration.

You can view the properties of a virtual server by clicking on its name.

Viewing a List of Virtual Servers Using the CLI

To view a list of virtual servers, run the list-virtual-servers command, as shown in the following example:

tadm> list-virtual-servers --config=soa.example.com
name            http-listener-name
----------------------------------
soa             http-listener-1
adf             adf-listener

For the updated configuration to take effect, you should deploy it to the Oracle Traffic Director instances by using the deploy-config command.

You can view the properties of a virtual server in detail by running the get-virtual-server-prop command.

For more information about the list-virtual-servers and get-virtual-server-prop commands, see the Oracle Traffic Director Command-Line Reference or run the commands with the --help option.

Modifying a Virtual Server

You can modify virtual servers by using either the administration console or the CLI.

Note:

When you modify a virtual server, you are, in effect, modifying a configuration. So for the new virtual-server settings to take effect in the Oracle Traffic Director instances, you should redeploy the configuration as described in Deploying a Configuration.
The CLI examples in this section are shown in shell mode (tadm>). For information about invoking the CLI shell, see Accessing the Command-Line Interface.

Modifying a Virtual Server Using the Administration Console

To modify a virtual server by using the administration console, do the following:

Log in to the administration console, as described in Accessing the Administration Console.
Click the Configurations button that is situated at the upper left corner of the page.

A list of the available configurations is displayed.
Select the configuration for which you want to modify virtual servers.
In the navigation pane, select Virtual Servers.

The Virtual Servers page is displayed. It shows a list of the virtual servers defined for the configuration.
Select the virtual server that you want to modify.
The Virtual Server Settings page is displayed. On this page, you can do the following:
- Enable and disable the virtual server.
- Add, remove, and change host patterns served by the virtual server. For more information about how Oracle Traffic Director uses host patterns, see the "Before You Begin" section.
- Add and remove HTTP listeners. For information about creating HTTP listeners, see Creating a Listener.
- Enable SSL/TLS, by associating an RSA or an ECC certificate (or both) with the virtual server. For more information, see Associating Certificates with Virtual Servers.
- Configure the virtual server to serve instance-level statistics in the form of XML and plain-text reports that users can access through a browser. Note that the statistics displayed in the XML and plain-text reports are for the Oracle Traffic Director instance as a whole and not specific to each virtual server. For more information, see Configuring URI Access to Statistics Reports.
- The default language for messages is English. If required, this can be set to other languages that Oracle Traffic Director supports.
- Specify error pages that the virtual server should return to clients for different error codes. This is necessary only if you do not wish to use the default error pages and would like to customize them.
  
  To specify error codes and error pages of your choice, first create html pages that you would like displayed for specific error codes and save them to any directory that can be accessed by the administration server. Next, on the Virtual Server Settings page, in the Error Pages section, click New Error Page.
  
  In the New Error Page dialog box that appears, select an error code and enter the full path to the error page for that particular error code. In addition to the error codes that are provided, you can create your own custom error code by clicking Custom Error Code and entering a value for the same. When done, click Create Error Page.
- Enable and quality of service limits—the maximum speed at which the virtual server should transfer data to clients and the maximum number of concurrent connections that the virtual server can support.
In the navigation pane, under the Virtual Servers node, you can select the following additional categories of settings for the virtual server. The parameters relevant to the selected category are displayed in the main pane.
- Routes: Create, change, and delete rules for routing requests to origin servers. For more information, see Configuring Routes.
- Caching: Create, change, and delete rules for caching responses received from origin servers. For more information, see Configuring Caching Parameters.
- Request Limits: Create, change, and delete rules for limiting the number and rate of requests received by the virtual server. For more information, see Preventing Denial-of-Service Attacks.
- Compression: Create, change, and delete rules for compressing responses from origin servers before forwarding them to the clients. For more information, see Enabling and Configuring Content Compression.
- Logging: Define a server log file and location that is specific to the virtual server. For more information, see Configuring Log Preferences.
- Webapp Firewall Ruleset: Enable or disable webapp firewall rule set, specify rule set patterns and install rule set files. For more information, see Managing Web Application Firewalls.
Specify the parameters that you want to change.

On-screen help and prompts are provided for all of the parameters.

When you change the value in a field or tab out of a text field that you changed, the Save button near the upper right corner of the page is enabled.

At any time, you can discard the changes by clicking the Reset button.
After making the required changes, click Save.
- A message, confirming that the updated configuration was saved, is displayed in the Console Messages pane.
- In addition, the Deployment Pending message is displayed at the top of the main pane. You can either deploy the updated configuration immediately by clicking Deploy Changes, or you can do so later after making further changes as described in Deploying a Configuration.

Modifying a Virtual Server Using the CLI

The CLI provides several commands (see Table 8-1) that you can use to change specific parameters of a virtual server.

Table 8-1 CLI Commands for Modifying a Virtual Server

Task/s	CLI Command/s
Enable or disable a virtual server; change the host, the HTTP listener, name and location of the log file; enable SSL/TLS by associating an RSA, or an ECC certificate, or both (see also: Associating Certificates with Virtual Servers and Configuring Log Preferences	`set-virtual-server-prop`
Create and manage caching rules (see Tuning Caching Settings	`create-cache-rule` `list-cache-rules` `delete-cache-rule` `get-cache-rule-prop` `set-cache-rule-prop`
Create and manage compression rules (see Enabling and Configuring Content Compression)	`create-compression-rule` `set-compression-rule-prop` `delete-compression-rule` `list-compression-rules` `get-compression-rule-prop`
Change QoS settings	`set-qos-limits-prop` `get-qos-limits-prop`
Change request limiting settings (see Preventing Denial-of-Service Attacks)	`create-request-limit` `delete-request-limit` `get-request-limit-prop` `list-request-limits` `set-request-limit-prop`
Create and manage routes (see Configuring Routes)	`create-route` `list-routes` `delete-route` `set-route-prop` `get-route-prop`
Create and manage error pages	`create-error-page` `delete-error-page` `list-error-pages`

For example, the following command changes the location of the error log file for the virtual server soa to /home/log/errors.log.

tadm> set-virtual-server-prop --config=soa --vs=soa log-file=/home/log/errors.log
OTD-70201 Command 'set-virtual-server-prop' ran successfully.

For the updated configuration to take effect, you should deploy it to the Oracle Traffic Director instances by using the deploy-config command.

For more information about the CLI commands mentioned in this section, see the Oracle Traffic Director Command-Line Reference or run the commands with the --help option.

Configuring Routes

When you create a configuration, a virtual server is automatically created with the listener that you specified while creating the configuration. For the automatically created virtual server, as well as for any virtual server that you add subsequently in the configuration, a default route is created. The default route rule specifies that all requests to the virtual server should be routed to the origin-server pool that you specified while creating the virtual server. The default route of a virtual server cannot be deleted, but you can change its properties.

You can create additional routes for the virtual server, to route requests that satisfy specified conditions to specific origin-server pools. For example, in a banking software solution, if customer transactions for loans and deposits are processed by separate applications, you can host each of those applications in a separate origin-server pool behind an Oracle Traffic Director instance. To route customer requests to the appropriate origin-server pool depending on whether the request pertains to the loans or deposits applications, you can set up two routes as follows:

Route 1: If the request URI starts with /loan, send the request to the origin-server pool that hosts the loans application.
Route 2: If the request URI starts with /deposit, send the request to the origin-server pool that hosts the deposits application.

When a virtual server that is configured with multiple routes receives a request, it checks the request URI against each of the available routes. The routes are checked in the order in which they were created.

If the request satisfies the condition in a route, Oracle Traffic Director sends the request to the origin-server pool specified for that route.
If the request does not match the condition in any of the defined routes, Oracle Traffic Director sends the request to the origin-server pool specified in the default route.

WebSocket upgrade is enabled by default. In the Administration Console, use the WebSocket Upgrade check box to enable or disable WebSocket protocol for a route. Similarly, WebSocket protocol can also be enabled or disabled using the websocket-upgrade-enabled property, which can be set using the set-route-prop CLI command. For more information, see Oracle Traffic Director Command-Line Reference.

You can configure routes in a virtual server by using either the administration console or the CLI.

Note:

When you modify a virtual server, you are, in effect, modifying a configuration. So for the new virtual-server settings to take effect in the Oracle Traffic Director instances, you should redeploy the configuration as described in Deploying a Configuration.
The CLI examples in this section are shown in shell mode (tadm>). For information about invoking the CLI shell, see Accessing the Command-Line Interface.

Configuring Routes Using the Administration Console

To configure routes by using the administration console, do the following:

Log in to the administration console, as described in Accessing the Administration Console.
Click the Configurations button that is situated at the upper left corner of the page.

A list of the available configurations is displayed.
Select the configuration for which you want to configure routes.
In the navigation pane, expand Virtual Servers, expand the name of the virtual server for which you want to configure routes, and select Routes.

The Routes page is displayed. It lists the routes that are currently defined for the virtual server.

Creating a Route
1. Click New Route.
  
  The New Route dialog box is displayed.
  
  In the Name field, enter a name for the new route.
  
  In the Origin Server Pool field, select the origin-server pool to which requests that satisfy the specified condition should be routed.
2. Click Next.
  
  In the Condition Information pane, select a Variable/Function and an Operator from the respective drop-down lists, and provide a value in the Value field.
  
  Select the and/or operator from the drop-down list when configuring multiple expressions. Similarly, use the Not operator when you want the route to be applied only when the given expression is not true.
  
  Click Ok.
  
  To enter a condition manually, click Cancel and then click Edit Manually. In the Condition field, specify the condition under which the routing rule should be applied. For information about building condition expressions, click the help button near the Condition field or see "Using Variables, Expressions, and String Interpolation" in the Oracle Traffic Director Configuration Files Reference.
3. Click Next and then click Create Route.
  
  The route that you just created is displayed on the Routes page.
  
  In addition, the Deployment Pending message is displayed at the top of the main pane. You can either deploy the updated configuration immediately by clicking Deploy Changes, or you can do so later after making further changes as described in Deploying a Configuration.
Editing a Route

To change the settings of a route, do the following:
1. Click the Name of the route.
  
  The Route Settings page is displayed.
2. Specify the parameters that you want to change.
  
  On-screen help and prompts are provided for all of the parameters.
  
  When you change the value in a field or tab out of a text field that you changed, the Save button near the upper right corner of the page is enabled.
  
  At any time, you can discard the changes by clicking the Reset button.
3. After making the required changes, click Save.
  
  A message, confirming that the updated configuration was saved, is displayed in the Console Messages pane.
  
  In addition, the Deployment Pending message is displayed at the top of the main pane. You can either deploy the updated configuration immediately by clicking Deploy Changes, or you can do so later after making further changes as described in Deploying a Configuration.
Deleting a Route Rule

To delete a route rule, click the Delete button. At the confirmation prompt, click OK.

Configuring Routes Using the CLI

To create a route, run the create-route command.

Examples:
- The following command creates a route named loan-route in the virtual server soa.example.com of the configuration soa, to send requests for which the URI matches the pattern /loan to the origin-server pool loan-app.
```
tadm> create-route --config=soa --vs=soa.example.com --condition="$uri='/loan'" --origin-server-pool=loan-app loan-route
OTD-70201 Command 'create-route' ran successfully.
```
- The following command creates a route named images-route in the virtual server soa.example.com of the configuration soa, to send requests for which the URI path matches the pattern /images to the origin-server pool images-repo.
```
tadm> create-route --config=soa --vs=soa.example.com --condition="$path='/images/*'" --origin-server-pool=images-repo images-route
OTD-70201 Command 'create-route' ran successfully.
```
- The following command creates a route named subnet-route in the virtual server soa.example.com of the configuration soa, to send requests from any client in the subnet 130.35.46.* to the origin-server pool dedicated-osp.
```
tadm> create-route --config=soa --vs=soa.example.com --condition="$ip='130.35.45.*'" --origin-server-pool=dedicated-osp subnet-route
OTD-70201 Command 'create-route' ran successfully.
```
- The following command creates a route named body-route in the virtual server soa.example.com of the configuration soa, to route requests to the origin-server pool dedicated-osp if the request body contains the word alpha.
```
tadm> create-route --config=soa --vs=soa.example.com --condition="$body ='alpha'" --origin-server-pool=dedicated-osp body-route
OTD-70201 Command 'create-route' ran successfully.
```
Note that the value of the --condition option should be a regular expression. For information about building condition expressions, see "Using Variables, Expressions, and String Interpolation" in the Oracle Traffic Director Configuration Files Reference.

To view a list of the routes defined for a virtual server, run the list-routes command, as shown in the following example:

tadm> list-routes --config=soa --vs=soa.example.com
route           condition
-------------------------
loan-route       "$uri = '/loan'"
default-route   -

To view the properties of a route, run the get-route-prop command, as shown in the following example:

tadm> get-route-prop --config=soa --vs=soa.example.com --route=loan-route
keep-alive-timeout=15
sticky-cookie=JSESSIONID
condition="$uri = '/loan'"
validate-server-cert=true
always-use-keep-alive=false
origin-server-pool=origin-server-pool-1
sticky-param=jsessionid
route-header=Proxy-jroute
rewrite-headers=location,content-location
use-keep-alive=true
route=loan-route
log-headers=false
route-cookie=JROUTE
timeout=300

To change the properties of a route, run the set-route-prop command.

Examples:
- The following command changes the keep-alive timeout setting for the route named loan-route in the virtual server soa.example.com of the configuration soa to 30 seconds.
```
tadm> set-route-prop --config=soa --vs=soa.example.com --route=loan-route keep-alive-timeout=30
```
- The following command enables logging of the headers that Oracle Traffic Director sends to, and receives from, the origin servers associated with the route named default-route in the virtual server soa.example.com of the configuration soa.
```
tadm> set-route-prop --config=soa --vs=soa.example.com --route=default-route log-headers=true
```

To delete a route, run the delete-route command, as shown in the following example:

tadm> delete-route --config=soa --vs=soa.example.com loan-route
OTD-70201 Command 'delete-route' ran successfully.

To disable WebSocket support, run the set-route-prop command with the websocket-upgrade-enabled property, as shown in the following example:

tadm> set-route-prop --config=soa --vs=soa.example.com --route=default-route websocket-upgrade-enabled=false
OTD-70201 Command 'set-route-prop' ran successfully.

For the updated configuration to take effect, you should deploy it to the Oracle Traffic Director instances by using the deploy-config command.

For more information about the CLI commands mentioned in this section, see the Oracle Traffic Director Command-Line Reference or run the commands with the --help option.

Copying a Virtual Server

You can copy a virtual server by using either the administration console or the CLI.

Note:

When you copy a virtual server, you are, in effect, modifying a configuration. So for the new virtual server to take effect in the Oracle Traffic Director instances, you should redeploy the configuration as described in Deploying a Configuration.
The CLI examples in this section are shown in shell mode (tadm>). For information about invoking the CLI shell, see Accessing the Command-Line Interface.

Copying a Virtual Server Using the Administration Console

To copy a virtual server by using the administration console, do the following:

Log in to the administration console, as described in Accessing the Administration Console.
Click the Configurations button that is situated at the upper left corner of the page.

A list of the available configurations is displayed.
Select the configuration for which you want to copy virtual servers.
In the navigation pane, select Virtual Servers.

The Virtual Servers page is displayed. It shows a list of the virtual servers defined for the configuration.
Click the Duplicate icon for the virtual server that you want to copy.

The Duplicate Virtual Server dialog box is displayed.
Enter a name for the new virtual server, and click Duplicate.

A message is displayed confirming that the new virtual server was created.
Click Close.

The virtual server that you just created is displayed on the Virtual Servers page.

In addition, the Deployment Pending message is displayed at the top of the main pane. You can either deploy the updated configuration immediately by clicking Deploy Changes, or you can do so later after making further changes, as described in Deploying a Configuration.

Copying a Virtual Server Using the CLI

To copy a virtual server, run the copy-virtual-server command.

For example, the following command creates a copy (vs2) of the virtual server vs1.

tadm> copy-virtual-server --config=soa --vs=vs1 vs2OTD-70201 Command 'copy-virtual-server' ran successfully.

For the updated configuration to take effect, you should deploy it to the Oracle Traffic Director instances by using the deploy-config command.

For more information about copy-virtual-server, see the Oracle Traffic Director Command-Line Reference or run the command with the --help option.

Deleting a Virtual Server

You can delete virtual servers by using either the administration console or the CLI.

Note:

When you delete a virtual server, you are, in effect, modifying a configuration. So for the configuration changes to take effect in the Oracle Traffic Director instances, you should redeploy the configuration as described in Deploying a Configuration.
The CLI examples in this section are shown in shell mode (tadm>). For information about invoking the CLI shell, see Accessing the Command-Line Interface.

Deleting a Virtual Server Using the Administration Console

To delete a virtual server by using the administration console, do the following:

Log in to the administration console, as described in Accessing the Administration Console.
Click the Configurations button that is situated at the upper left corner of the page.

A list of the available configurations is displayed.
Select the configuration for which you want to delete virtual servers.
In the navigation pane, select Virtual Servers.

The Virtual Servers page is displayed. It shows a list of the virtual servers defined for the configuration.
Click the Delete icon for the virtual server that you want to delete.

A prompt to confirm the deletion is displayed.
Click OK.

A message is displayed in the Console Message pane confirming that the virtual server was deleted.

In addition, the Deployment Pending message is displayed at the top of the main pane. You can either deploy the updated configuration immediately by clicking Deploy Changes, or you can do so later after making further changes, as described in Deploying a Configuration.

Deleting a Virtual Server Using the CLI

To delete a virtual server, run the delete-virtual-server command, as shown in the following example:

tadm> delete-virtual-server --config=soa vs1
OTD-70201 Command 'delete-virtual-server' ran successfully.

For the updated configuration to take effect, you should deploy it to the Oracle Traffic Director instances by using the deploy-config command.

For more information about delete-virtual-server, see the Oracle Traffic Director Command-Line Reference or run the command with the --help option.