Oracle Traffic Director - a vital part of your Oracle infrastructure
4,188 views
34 slides
Feb 16, 2016
Slide 1 of 34
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
About This Presentation
Load balancing is a critical, but widely overlooked, component of a resilient Fusion Middleware platform. Oracle's premium product in this area is called Traffic Director (OTD), which is a software load balancer, something akin to BIG-IP VE or NetScaler VPX. Previously OTD has only been availabl...
Slide Content
Copyright © 2014, eProseed and/or its affiliates. All rights reserved. | Confidential
ORACLE TRAFFIC DIRECTOR
a vital part of your Oracle infrastructure
Simon Haslam
eProseed UK
Jacco Landlust
ING
2
ORACLE TRAFFIC DIRECTOR
a vital part of your Oracle infrastructure
Simon Haslam
eProseed UK
Jacco Landlust
ING
2
© 2016, eProseed 3
Simon Haslam
Technical Director &
Partner @ eProseed UK
Jacco Landlust
Senior Managing
Consultant @ ING
Dad, spouse, adventurer,
procrastinator, Oracle ACE and
general tech-head.
Lives in Dalen, The Netherlands
Oracle infrastructure specialist
ACE Director
Founder of Veriton &
Lives in Sherborne, Dorset, UK
Simon Haslam
Technical Director &
Partner @ eProseed UK
Jacco Landlust
Senior Managing
Consultant @ ING
Dad, spouse, adventurer,
procrastinator, Oracle ACE and
general tech-head.
Lives in Dalen, The Netherlands
Oracle infrastructure specialist
ACE Director
Founder of Veriton &
Lives in Sherborne, Dorset, UK
© 2016, eProseed
AGENDA
Load Balancing – what is it good for?!
What is OTD? What’s new in OTD 12c
OTD specifics for WLS, SOA Suite, EM
OTD specifics for Exalogic & ODA
Summary
4
1
2
3
4
5
AGENDA
Load Balancing – what is it good for?!
What is OTD? What’s new in OTD 12c
OTD specifics for WLS, SOA Suite, EM
OTD specifics for Exalogic & ODA
Summary
4
1
2
3
4
5
Copyright © 2014, eProseed and/or its affiliates. All rights reserved. | Confidential
LOAD BALANCING
What is it good for?!
6
Photo credit: Christian Holmér
LOAD BALANCING
What is it good for?!
6
Photo credit: Christian Holmér
© 2016, eProseed
WHY DO WE NEED LOAD BALANCERS?
•To distribute processing across nodes in a cluster
a)to allow for horizontal scaling
b)to handle failure
7
Load balancing
algorithms
Health
monitoring
Bonus feature!
Good place for
SSL termination
•To distribute processing across sites
–Geographic Load Balancing
–Same principles except that client characteristics likely to be more significant
–Implemented using special DNS handling
–Not covered in this presentation
WHY DO WE NEED LOAD BALANCERS?
•To distribute processing across nodes in a cluster
a)to allow for horizontal scaling
b)to handle failure
7
Load balancing
algorithms
Health
monitoring
Bonus feature!
Good place for
SSL termination
•To distribute processing across sites
–Geographic Load Balancing
–Same principles except that client characteristics likely to be more significant
–Implemented using special DNS handling
–Not covered in this presentation
© 2016, eProseed
TYPICAL N-TIER ARCHITECTURE
8
Web
Server
Web
Server
App
Server
App
Server
Load balancer
Wouldn’t it be simpler if
load balancer & web server
were the same thing?
Database
Server
Database
Server
Firewall, IPS, IDS
App tier
DMZ
Data tier
Internet
TYPICAL N-TIER ARCHITECTURE
8
Web
Server
Web
Server
App
Server
App
Server
Load balancer
Wouldn’t it be simpler if
load balancer & web server
were the same thing?
Database
Server
Database
Server
Firewall, IPS, IDS
App tier
DMZ
Data tier
Internet
© 2016, eProseed
HARDWARE LOAD BALANCERS
9
Application Delivery Controllers
Custom hardware
High performance
Modular
Robust
Appliance
NetScaler MPX
BIG-IP
HARDWARE LOAD BALANCERS
9
Application Delivery Controllers
Custom hardware
High performance
Modular
Robust
Appliance
NetScaler MPX
BIG-IP
© 2016, eProseed
LATEST BREED OF SOFTWARE LOAD BALANCERS
•BIG-IP VE
•NetScaler-VPX
•Oracle Traffic Director
•& others…
10
Exploit very fast processors
Flexible, sold on bandwidth
Smaller units owned by app
Scalable
‘cloud friendly’
+ Hybrid
Hardware appliance
but virtualised
(e.g. NetScaler SDX)
LATEST BREED OF SOFTWARE LOAD BALANCERS
•BIG-IP VE
•NetScaler-VPX
•Oracle Traffic Director
•& others…
10
Exploit very fast processors
Flexible, sold on bandwidth
Smaller units owned by app
Scalable
‘cloud friendly’
+ Hybrid
Hardware appliance
but virtualised
(e.g. NetScaler SDX)
© 2016, eProseed
WHY NOT JUST USE ORACLE HTTP SERVER (OHS)?
OHS (web tier) licence is cheap so why not just use that?
•No built-in failover – either need:
–a load balancing layer in front of OHS, or,
–to use virtualization layer migration for OHS itself (slow)
–a home-grown solution
•OHS can’t do application-level health monitoring – it relies on WLS instance failure
detection (not so good for complex products like SOA Suite)
•Arguably OTD is more secure
–OHS = Apache → big target
–Far fewer security patches for OTD
•OTD 12c config is more efficient than OHS
11
WHY NOT JUST USE ORACLE HTTP SERVER (OHS)?
OHS (web tier) licence is cheap so why not just use that?
•No built-in failover – either need:
–a load balancing layer in front of OHS, or,
–to use virtualization layer migration for OHS itself (slow)
–a home-grown solution
•OHS can’t do application-level health monitoring – it relies on WLS instance failure
detection (not so good for complex products like SOA Suite)
•Arguably OTD is more secure
–OHS = Apache → big target
–Far fewer security patches for OTD
•OTD 12c config is more efficient than OHS
11
Copyright © 2014, eProseed and/or its affiliates. All rights reserved. | Confidential
ORACLE TRAFFIC DIRECTOR
13
ORACLE TRAFFIC DIRECTOR
13
© 2016, eProseed
BASIC EXAMPLE
14
Oracle Traffic Director
listens on a VIP and
routes requests to
2 back-end web servers
BASIC EXAMPLE
14
Oracle Traffic Director
listens on a VIP and
routes requests to
2 back-end web servers
© 2016, eProseed
OTD TERMINOLOGY
•Configuration: the full collection of config details for one or more
services, typically for an environment
•OTD Instance: the engines that handle the traffic
•Origin Server: the back-end server(s) providing the underlying
service
•Listener: the definition of a single service (type, port, etc)
•Virtual Server: the front-end service presented to uses that gets
routed, via a Listener, through to an Origin Server Pool
•Admin Server: the management unit that co-ordinates config &
monitors system
•Failover Group: active-passive pair of Instances grouped together
•11g: Admin Server + Admin Nodes
•12c: Admin Server + OTD Instances
15
OTD TERMINOLOGY
•Configuration: the full collection of config details for one or more
services, typically for an environment
•OTD Instance: the engines that handle the traffic
•Origin Server: the back-end server(s) providing the underlying
service
•Listener: the definition of a single service (type, port, etc)
•Virtual Server: the front-end service presented to uses that gets
routed, via a Listener, through to an Origin Server Pool
•Admin Server: the management unit that co-ordinates config &
monitors system
•Failover Group: active-passive pair of Instances grouped together
•11g: Admin Server + Admin Nodes
•12c: Admin Server + OTD Instances
15
© 2016, eProseed
THE EDG DILEMMA
•Disconnect between:
–load balancing at network level (to cope with webserver failure), and,
–load balancing at webserver level (to cope with managed server failure)
•Do we really want two layers of load balancing in the same site?
19
THE EDG DILEMMA
•Disconnect between:
–load balancing at network level (to cope with webserver failure), and,
–load balancing at webserver level (to cope with managed server failure)
•Do we really want two layers of load balancing in the same site?
19
© 2016, eProseed
WHAT’S NEW IN TRAFFIC DIRECTOR 12c?
20
WHAT’S NEW IN TRAFFIC DIRECTOR 12c?
20
© 2016, eProseed 21
11g
11g
© 2016, eProseed 22
12c
12c
© 2016, eProseed
KEY NEW FEATURES
•WebLogic Management Framework
–Managed like WebLogic managed servers and OHS 12c
–WLST available for provisioning
–Standalone Management Console has gone (now UI in EM FMWC if co-located, otherwise no UI)
•Multi-tenancy
–OTD is MT-aware and can handle traffic for specific WLS partitions
•Queueing, Request Throttling & Prioritisation
•Health check can use external executable
•Origin server pool maintenance (11.1.1.9+)
23
KEY NEW FEATURES
•WebLogic Management Framework
–Managed like WebLogic managed servers and OHS 12c
–WLST available for provisioning
–Standalone Management Console has gone (now UI in EM FMWC if co-located, otherwise no UI)
•Multi-tenancy
–OTD is MT-aware and can handle traffic for specific WLS partitions
•Queueing, Request Throttling & Prioritisation
•Health check can use external executable
•Origin server pool maintenance (11.1.1.9+)
23
© 2016, eProseed
PRE-REQS
For management UI you need to configure OTD into a co-located WLS domain, either:
1.(Full) FMW Infrastructure
–also need Database with RCU schemas
–(OTD doesn’t use DB so probably only need min schema for Infra, e.g. OPSS etc)
2.FMW Infra with Restricted JRF
–“This is the recommended mode of creating an OTD domain” says Oracle doc
–No database required (note: this is a 12.2.1+ feature for FMW Infra )
24
PRE-REQS
For management UI you need to configure OTD into a co-located WLS domain, either:
1.(Full) FMW Infrastructure
–also need Database with RCU schemas
–(OTD doesn’t use DB so probably only need min schema for Infra, e.g. OPSS etc)
2.FMW Infra with Restricted JRF
–“This is the recommended mode of creating an OTD domain” says Oracle doc
–No database required (note: this is a 12.2.1+ feature for FMW Infra )
24
© 2016, eProseed
WATCH OUT FOR…
•Oracle Traffic Director instances cannot be created using the Configuration Wizard
–you must use either FMWC or WLST
•Standalone domain limitations
–You can use the WLST in a standalone domain, but not all offline WLST commands are available
–No management capabilities available (including FMWC and WLST custom commands)
25
WATCH OUT FOR…
•Oracle Traffic Director instances cannot be created using the Configuration Wizard
–you must use either FMWC or WLST
•Standalone domain limitations
–You can use the WLST in a standalone domain, but not all offline WLST commands are available
–No management capabilities available (including FMWC and WLST custom commands)
25
© 2016, eProseed
DIRECTORIES
•Oracle Home
–$ORACLE_HOME/otd
•Instance
–$ASERVER_HOME/config/ fmwconfig/components/OTD/
<config>/config
–$MSERVER_HOME/config/ fmwconfig/components/OTD/
otd_<instance-name>/config
•Note: OTD 12c works exactly like OHS (12.12+) except:
–OTD instead of OHS (obviously!) in path – in both cases the config is sync’d by Node Manager
–You can’t currently (12.2.1) create OTD instances from Config Wizard
(even though it looks like you can!)
26
DIRECTORIES
•Oracle Home
–$ORACLE_HOME/otd
•Instance
–$ASERVER_HOME/config/ fmwconfig/components/OTD/
<config>/config
–$MSERVER_HOME/config/ fmwconfig/components/OTD/
otd_<instance-name>/config
•Note: OTD 12c works exactly like OHS (12.12+) except:
–OTD instead of OHS (obviously!) in path – in both cases the config is sync’d by Node Manager
–You can’t currently (12.2.1) create OTD instances from Config Wizard
(even though it looks like you can!)
26
© 2016, eProseed
WATCH OUT FOR…
•There are quite a few subtleties with OTD 12c configuration. Consider:
–Domain specific or platform wide resource
–Patching
–UI or manual
•OTD 12.2.1 – see Release Notes “2.2 Configuration update fails after starting failover”
–Permissions issue when otd_startFailover has run
–Instead use WLST script for failover as described in note
27
WATCH OUT FOR…
•There are quite a few subtleties with OTD 12c configuration. Consider:
–Domain specific or platform wide resource
–Patching
–UI or manual
•OTD 12.2.1 – see Release Notes “2.2 Configuration update fails after starting failover”
–Permissions issue when otd_startFailover has run
–Instead use WLST script for failover as described in note
27
© 2016, eProseed
TRAFFIC DIRECTOR LICENSING
•Exalogic (physical & virtual)
•Oracle WebLogic Suite + Multi-tenancy or Continuous Availability option
•Oracle Access Management Suite Plus and Oracle Enterprise Sign-On Suite Plus
–Restricted to load balancing OAM components inc. using OAM WebGate
•Enterprise Single Sign-On Suite Plus
–Restricted to load balancing ESSO components inc. using OAM WebGate
•SPARC Super Cluster
•Oracle Database Appliance
–With WebLogic licence
–Restricted to services within the ODA
28
New!
12.2.1
For Guidance Only
Please check latest
details with your
account manager or
Oracle Partner
TRAFFIC DIRECTOR LICENSING
•Exalogic (physical & virtual)
•Oracle WebLogic Suite + Multi-tenancy or Continuous Availability option
•Oracle Access Management Suite Plus and Oracle Enterprise Sign-On Suite Plus
–Restricted to load balancing OAM components inc. using OAM WebGate
•Enterprise Single Sign-On Suite Plus
–Restricted to load balancing ESSO components inc. using OAM WebGate
•SPARC Super Cluster
•Oracle Database Appliance
–With WebLogic licence
–Restricted to services within the ODA
28
New!
12.2.1
For Guidance Only
Please check latest
details with your
account manager or
Oracle Partner
Copyright © 2014, eProseed and/or its affiliates. All rights reserved. | Confidential
OTD SPECIFICS FOR WLS, SOA, EM
29
Photo credit: Imm808
OTD SPECIFICS FOR WLS, SOA, EM
29
Photo credit: Imm808
© 2016, eProseed
WEBLOGIC SPECIFIC
•(as with OHS) OTD uses HTTP headers on existing connection to WebLogic servers to:
–Detect failure of managed server
–Add new origin servers
•Health monitor times also monitor successful requests
–a bit like time to trust idle connection for data sources
30
WEBLOGIC SPECIFIC
•(as with OHS) OTD uses HTTP headers on existing connection to WebLogic servers to:
–Detect failure of managed server
–Add new origin servers
•Health monitor times also monitor successful requests
–a bit like time to trust idle connection for data sources
30
© 2016, eProseed
SOA SPECIFIC
•Health monitors need to check the SOA fabric status, not just port
–/soa-infra/ – HTTP 401 status code
–/soa-infra/services/isSoaServerReady – HTTP 200 status code
–Less important with lazy loading of composites in SOA 12c
31
SOA SPECIFIC
•Health monitors need to check the SOA fabric status, not just port
–/soa-infra/ – HTTP 401 status code
–/soa-infra/services/isSoaServerReady – HTTP 200 status code
–Less important with lazy loading of composites in SOA 12c
31
© 2016, eProseed
ENTERPRISE MANAGER CLOUD CONTROL SPECIFICS
•This example still keeps OHS running as part of “OMS unit”
•You need:
–1 virtual server: forwards to the OHS pool without context or anything - just a default route to the ohs-
pool
–1 TCP proxy: for the upload port (e.g. port 4900)
•Note: if you do not have a real certificate on OMS but are stuck with demo ones, you
have to disable "validate server certificate" at the general settings tab of the default
route (this is not the certificate on the VIP, it is traffic between OTD and OMS)
33
ENTERPRISE MANAGER CLOUD CONTROL SPECIFICS
•This example still keeps OHS running as part of “OMS unit”
•You need:
–1 virtual server: forwards to the OHS pool without context or anything - just a default route to the ohs-
pool
–1 TCP proxy: for the upload port (e.g. port 4900)
•Note: if you do not have a real certificate on OMS but are stuck with demo ones, you
have to disable "validate server certificate" at the general settings tab of the default
route (this is not the certificate on the VIP, it is traffic between OTD and OMS)
33
Copyright © 2014, eProseed and/or its affiliates. All rights reserved. | Confidential
OTD ON ENGINEERED SYSTEMS
Exalogic & Database Appliance (SSC later)
34
OTD ON ENGINEERED SYSTEMS
Exalogic & Database Appliance (SSC later)
34
© 2016, eProseed
EXALOGIC
SOA EDG
35
EXALOGIC
SOA EDG
35
© 2016, eProseed
OTD ON EXALOGIC
•See “Tuning Oracle Traffic Director for Oracle Fusion Middleware, Business Applications”
–http://www.oracle.com/technetwork/middleware/otd/learnmore/otd-exalogic-tuning-whitepaper-
2196721.pdf
•Key points:
–Exalogic network (IPoIB and EoIB alike) do not support multicast. This means that you cannot cluster
OTD without the undocumented -unicast flag for (11g) tadm create-failover-group
http://docs.oracle.com/cd/E23389_01/doc.11116/e21037/create-failover-group.htm
–Usage of TCP (instead of SDP) is a best practice for certain versions of virtualised Exalogic - see
note 1932308.1. This has to do with a memory leak with SDP on OVM but has been fixed in a very
recent kernel patch on Exalogic (Oct 15 PSU).
•
36
OTD ON EXALOGIC
•See “Tuning Oracle Traffic Director for Oracle Fusion Middleware, Business Applications”
–http://www.oracle.com/technetwork/middleware/otd/learnmore/otd-exalogic-tuning-whitepaper-
2196721.pdf
•Key points:
–Exalogic network (IPoIB and EoIB alike) do not support multicast. This means that you cannot cluster
OTD without the undocumented -unicast flag for (11g) tadm create-failover-group
http://docs.oracle.com/cd/E23389_01/doc.11116/e21037/create-failover-group.htm
–Usage of TCP (instead of SDP) is a best practice for certain versions of virtualised Exalogic - see
note 1932308.1. This has to do with a memory leak with SDP on OVM but has been fixed in a very
recent kernel patch on Exalogic (Oct 15 PSU).
•
36
© 2016, eProseed 37
DOG’S
BREAKFAST
https://hemmingforddogblog.wordpress.com/2012/10/15/it
-
seems
-
that
-
breakfast
-
really
-
is
-
the
-
most
-
important
-
meal
-
of
-
the
-
day/
DOG’S
BREAKFAST
https://hemmingforddogblog.wordpress.com/2012/10/15/it
-
seems
-
that
-
breakfast
-
really
-
is
-
the
-
most
-
important
-
meal
-
of
-
the
-
day/
© 2016, eProseed
ODA
•There is a WLS ODA OTD template
–Fully configured single VIP with failure group
–Only 11.1.1.7 and no longer being maintained
–ODA X5-2, 12.1.2+
•License VMs with WebLogic to use OTD (for services within ODA)
•Same as on Exalogic on ODA – use the OTD white paper mentioned for Exalogic
39
ODA
•There is a WLS ODA OTD template
–Fully configured single VIP with failure group
–Only 11.1.1.7 and no longer being maintained
–ODA X5-2, 12.1.2+
•License VMs with WebLogic to use OTD (for services within ODA)
•Same as on Exalogic on ODA – use the OTD white paper mentioned for Exalogic
39
Copyright © 2014, eProseed and/or its affiliates. All rights reserved. | Confidential
SUMMARY
40
Photo credit: Steve-h
SUMMARY
40
Photo credit: Steve-h
© 2016, eProseed
SUMMARY
•New licensing options (e.g. conventional
hardware) mean Traffic Director is more
widely available now
•OTD is a mature and stable product, well
integrated into Oracle stack
•OTD is better suited to high performance
pure Oracle infrastructures than OHS
•Big change in management in OTD 12c but
now much more consistent with FMW admin
41
SUMMARY
•New licensing options (e.g. conventional
hardware) mean Traffic Director is more
widely available now
•OTD is a mature and stable product, well
integrated into Oracle stack
•OTD is better suited to high performance
pure Oracle infrastructures than OHS
•Big change in management in OTD 12c but
now much more consistent with FMW admin
41
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 4,188
- Slides 34
- Favorites 4
- Age 3576 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
45 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
21
Know for Certain
DaveSinNM
19 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views