On Fri, Jun 17, 2011 at 09:00:03AM -0400, Daniel J Walsh wrote:
> I grabbed the package and started writing policy for it, but it seems to
> be writing data to /etc/trafficserver?
Yes, as far as I understand it the traffic_manager will write to
filename.config_$somenumber whenever it sees a configuration change.
Also several traffic servers can operate in a cluster, where
configchanges on one host is supposed to be replicated to the other
hosts.
It could be nice to have a selinux boolean controlling if
traffic_manager is allowed to write to the /etc/trafficserver/filename.config
files, and maybe only allow it to write to the _$number backup-files.
That would allow us to use an external configuration manager for the
real config-files.
>
> Right now I wrote the policy to run under trafficserver_t, We could
> break this into multiple domains, but I really would like to treat /etc
> as read only if at all possible.
I think multiple domains makes sense. One for each of the traffic_cop,
traffic_manager and traffic_server. To get an idea of the role of each
of these (from the old admin manual):
traffic_server:
---------------
The traffic_server process is the transaction processing engine of
Traffic Edge. It is responsible for accepting connections,
processing protocol requests, and serving documents from the cache
or origin server.
traffic_manager:
----------------
The traffic_manager process is the command and control facility of
the Traffic Edge, responsible for launching, monitoring, and
reconfiguring the traffic_server process. The traffic_manager
process is also responsible for the Traffic Manager UI, the proxy
autoconfiguration port, the statistics interface, cluster
administration, and virtual IP failover.
If the traffic_manager process detects a traffic_server process
failure, it instantly restarts the process but also maintains a
connection queue of all incoming requests. All incoming
connections that arrive in the several seconds before full server
restart are saved in the connection queue and processed in
first-come, first-served order. This connection queueing shields
users from any server restart downtime.
traffic_cop:
------------
The traffic_cop process monitors the health of both the
traffic_server and traffic_manager processes. The traffic_cop
process periodically (several times each minute) queries the
traffic_server and traffic_manager process by issuing heartbeat
requests to fetch synthetic web pages. In the event of failure
(if no response is received within a timeout interval or if an
incorrect response is received), traffic_cop restarts the
traffic_manager and traffic_server processes.
-jf
