- 302 content routing
http-cr
.- ACME Account
An account previously created with an
ACME (Automatic Certificate Management Environment)
provider.- astats (stats_over_http)
An
ATS (Apache Traffic Server)
plugin that allows you to monitor vitals of theATS (Apache Traffic Server)
server. Seeastats
.
Cache Server cache server cache servers The main function of a CDN is to proxy requests from clients to origin servers
and cache the results. To proxy, in the CDN context, is to obtain content using HTTP from an origin server
on behalf of a client. To cache is to store the results so they can be reused when other clients are requesting the same content. There are three types of proxies in use on the Internet today:
reverse proxy
: Used by Traffic Control for Edge-tiercache servers
.forward proxy
: Used by Traffic Control for Mid-tiercache servers
.- transparent proxy: These are not used by Traffic Control. If you are interested you can learn more about transparent proxies on wikipedia.
Cache Group Cache Groups A group of caching HTTP proxy servers that together create a combined larger cache using consistent hashing. Traffic Router treats all servers in a Cache Group
as though they are in the same geographic location, though they are in fact only in the same general area. A Cache Group
has one single set of geographical coordinates even if the cache servers
that make up the Cache Group
are actually in Physical Locations
. The cache servers
in a Cache Group
are not aware of the other cache servers
in the group - there is no clustering software or communications between cache servers
in a Cache Group
.
There are two basic types of
Cache Groups
: EDGE_LOC and MID_LOC ("LOC" being short for "location" - a holdover from whenCache Groups
were called "Cache Locations). Traffic Control is a two-tiered system, where the clients get directed to the Edge-tier (EDGE_LOC)Cache Group
. On cache miss, thecache server
in the Edge-tierCache Group
obtains content from a Mid-tier (MID_LOC)Cache Group
, rather than the origin, which is shared with multiple Edge-tierCache Groups
. Edge-tierCache Groups
are usually configured to have a single "parent"Cache Group
, but in general Mid-tierCache Groups
have many "children".Note
Often the Edge-tier to Mid-tier relationship is based on network distance, and does not necessarily match the geographic distance.
A
Cache Group
serves a particular part of the network as defined in theCoverage Zone File
(orDeep Coverage Zone File
, when applicable).For a more complete description of Cache Groups, see the
cache-groups
overview section.
Content Invalidation Job Content Invalidation Jobs job jobs Content Invalidation Jobs
are a way to force cache servers
to treat their cached content as stale (or even not in cache at all).
For a more complete description of Content Invalidation Jobs, see the
jobs
overview section.
- content routing
Directing clients (or client systems) to a particular location or device in a location for optimal delivery of content See also
http-cr
anddns-cr
.
Coverage Zone File Coverage Zone Map The CZM (Coverage Zone Map)
or CZF (Coverage Zone File)
is a file that maps network prefixes to Cache Groups
. Traffic Router uses the CZM (Coverage Zone Map)
to determine what Cache Group
is closest to the client. If the client IP address is not in this CZM (Coverage Zone Map)
, it falls back to geographic mapping, using a MaxMind GeoIP2 database to find the client's location, and the geographic coordinates from Traffic Ops for the Cache Group
. Traffic Router is inserted into the HTTP retrieval process by making it the authoritative DNS server for the domain of the CDN Delivery Service
. In the example of the reverse proxy
, the client was given the http://www-origin-cache.cdn.com/foo/bar/fun.html
URL. In a Traffic Control CDN, URLs start with a routing name, which is configurable per-Delivery Service
, e.g. http://foo.mydeliveryservice.cdn.com/fun/example.html
with the chosen routing name foo
.
{ "coverageZones": { "cache-group-01": { "network6": [ "1234:5678::/64", "1234:5679::/64" ], "network": [ "192.168.8.0/24", "192.168.9.0/24" ] } }}
Deep Coverage Zone File Deep Coverage Zone Map The DCZF (Deep Coverage Zone File)
or DCZM (Deep Coverage Zone Map)
maps network prefixes to "locations" - almost like the Coverage Zone File
. Location names must be unique, and within the file are simply used to group Edge-tier cache servers
. When a mapping is performed by Traffic Router, it will only look in the DCZF (Deep Coverage Zone File)
if the Delivery Service
to which a client is being directed makes use of ds-deep-caching
. If the client's IP address cannot be matched by entries in this file, Traffic Router will first fall back to the regular Coverage Zone File
. Then, failing that, it will perform geographic mapping using a database provided by the Delivery Service
's ds-geo-provider
.
{ "deepCoverageZones": { "location-01": { "network6": [ "1234:5678::/64", "1234:5679::/64" ], "network": [ "192.168.8.0/24", "192.168.9.0/24" ], "caches": [ "edge" ] } }}
Delivery Service Delivery Services Delivery Services
are often referred to as a reverse proxy
"remap rule" that exists on Edge-tier cache servers
. In most cases, a Delivery Service
is a one-to-one mapping to an FQDN (Fully Qualified Domain Name)
that is used as a hostname to deliver the content. Many options and settings regarding how to optimize the content delivery exist, which are configurable on a Delivery Service
basis. Some examples of these Delivery Service
settings are:
- Cache in RAM, cache on disk, or do not cache at all.
- Use DNS or HTTP Content routing.
- Limits on transactions per second and bandwidth.
- Protocol (HTTP or HTTPS).
- Token-based authentication settings.
- Header rewrite rules.
Since Traffic Control version 2.1,
Delivery Services
can optionally be linked to aProfile
, and haveParameters
associated with them. One example of a feature that usesDelivery Service
Parameters
is theds-multi-site-origin
configuration.Delivery Services
are also for use in allowing multipleTenants
to coexist in a Traffic Control CDN without interfering with each other, and to keep information about their content separated.See
delivery-services
for a more in-depth explanation ofDelivery Services
.
Delivery Service Request Delivery Service Requests DSR DSRs A Delivery Service Request
is the result of attempting to modify a Delivery Service
when dsRequests.enabled
is set to true
in traffic_portal_properties.json
. See ds_requests
for more information.
See
delivery-service-requests
for a more in-depth explanation ofDelivery Service Requests
, including their data model. Seeds_requests
for more information on how to useDelivery Service Requests
in Traffic Portal.
- Delivery Service required capabilities
Delivery Services required capabilities
are capabilities, which correlate to server capabilities, that are required in order to assign a server to a delivery service.`
Division Divisions A group of Regions
.
Edge Edge-tier Edge-Tier Edge-tier cache Edge-tier caches Edge-tier cache server Edge-tier cache servers Closest to the client or end-user. The edge tier is the tier that serves the client, edge caches are caches in the edge tier. In a Traffic Control CDN the basic function of the edge cache is that of a reverse proxy
.
Federation Federations Federations
allow for other ("federated") CDNs (e.g. at a different ISP (Internet Service Provider)
) to add a list of DNS resolvers and an FQDN (Fully Qualified Domain Name)
to be used in a DNS CNAME record for a Delivery Service
. When a request is made from one of the federated CDN's clients, Traffic Router will return the CNAME record configured from the federation mapping. This allows the federated CDN to serve the content without the content provider changing the URL, or having to manage multiple URLs. For example, if the external CDN was actually another ATC (Apache Traffic Control)
-managed CDN, then a federation mapping to direct clients toward it should use the FQDN (Fully Qualified Domain Name)
of a Delivery Service
on the external CDN.
Federations only have meaning to DNS-routed
Delivery Services
- HTTP-routed Delivery services should instead treat the externalFQDN (Fully Qualified Domain Name)
as anOrigin
to achieve the same effect.Federations are currently only manageable by directly using the
to-api
. The endpoints related to federations areto-api-federations
,to-api-federation_resolvers
,to-api-federations-id-deliveryservices
,to-api-federations-id-deliveryservices-id
,to-api-federations-id-federation_resolvers
,to-api-federations-id-users
, andto-api-federations-id-users-id
.
First-tier First-tier cache First-tier caches First-tier cache server First-tier cache servers Closest to the client or end-user. The first tier in a Topology
is the tier that serves the client, similar to the Edge-tier
.
forward proxy forward proxies A forward proxy acts on behalf of the client such that the origin server
is (potentially) unaware of the proxy's existence. All Mid-tier cache servers
in a Traffic Control based CDN are forward proxies
. In a forward proxy
scenario, the client is explicitly configured to use the the proxy's IP address and port as a forward proxy
. The client always connects to the forward proxy
for content. The content provider does not have to change the URL the client obtains, and is (potentially) unaware of the proxy in the middle.
If a client uses a
forward proxy
to request the URLhttp://www.origin.com/foo/bar/fun.html
the resulting chain of events follows.
To retrieve
http://www.origin.com/foo/bar/fun.html
, the client sends an HTTP request to theforward proxy
.GET http://www.origin.com/foo/bar/fun.html HTTP/1.1 Host: www.origin.comNote
In this case, the client requests the entire URL instead of just the path as is the case when using a
reverse proxy
or when requesting content directly from theorigin server
.The proxy verifies whether the response for
http://www-origin-cache.cdn.com/foo/bar/fun.html
is already in the cache. If it is not in the cache:
The proxy sends the HTTP request to the
Origin
.GET /foo/bar/fun.html HTTP/1.1 Host: www.origin.comThe
origin server
responds with the requested content.HTTP/1.1 200 OK Date: Sun, 14 Dec 2014 23:22:44 GMT Server: Apache/2.2.15 (Red Hat) Last-Modified: Sun, 14 Dec 2014 23:18:51 GMT ETag: "1aa008f-2d-50a3559482cc0" Content-Length: 45 Connection: close Content-Type: text/html; charset=UTF-8 <!DOCTYPE html><html><body>This is a fun file</body></html>The proxy sends this on to the client, optionally adding a
Via:
header to indicate that the request was serviced by proxy.HTTP/1.1 200 OK Date: Sun, 14 Dec 2014 23:22:44 GMT Last-Modified: Sun, 14 Dec 2014 23:18:51 GMT ETag: "1aa008f-2d-50a3559482cc0" Content-Length: 45 Connection: close Content-Type: text/html; charset=UTF-8 Age: 0 Via: http/1.1 cache01.cdn.kabletown.net (ApacheTrafficServer/4.2.1 [uScSsSfUpSeN:t cCSi p sS]) Server: ATS/4.2.1 <!DOCTYPE html><html><body>This is a fun file</body></html>If, however, the requested content was in the cache the proxy responds to the client with the previously retrieved result
HTTP/1.1 200 OK Date: Sun, 14 Dec 2014 23:22:44 GMT Last-Modified: Sun, 14 Dec 2014 23:18:51 GMT ETag: "1aa008f-2d-50a3559482cc0" Content-Length: 45 Connection: close Content-Type: text/html; charset=UTF-8 Age: 99711 Via: http/1.1 cache01.cdn.kabletown.net (ApacheTrafficServer/4.2.1 [uScSsSfUpSeN:t cCSi p sS]) Server: ATS/4.2.1 <!DOCTYPE html><html><body>This is a fun file</body></html>
- geo localization or geo routing
Localizing clients to the nearest caches using a geo database like the one from Maxmind.
- Health Protocol
The protocol to monitor the health of all the caches. See
health-proto
.
Inner-tier Inner-tier cache Inner-tier caches Inner-tier cache server Inner-tier cache servers The tier between the First tier and the Last tier. The inner tier in a Topology
is the tier that forwards requests from other caches to other caches, i.e. caches in this tier do not directly serve the end-user and do not make requests to Origins
.
Last-tier Last-tier cache Last-tier caches Last-tier cache server Last-tier cache servers The tier above the First and Inner tiers. The last tier in a Topology
is the tier that forwards requests from other caches to Origins
.
- localization
Finding location on the network, or on planet earth
Mid Mid-tier Mid-Tier Mid-tier cache Mid-tier caches Mid-tier cache server Mid-tier cache servers The tier above the edge tier. The mid tier does not directly serves the end-user and is used as an additional layer between the edge and the Origin
. In a Traffic Control CDN the basic function of the mid cache is that of a forward proxy
.
Origin Origins origin server origin servers Origin Servers The source of content for the CDN. Usually a redundant HTTP/1.1 webserver.
- ORT
The previous Traffic Control cache config app, replaced by
t3c
.
Parameter Parameters Typically refers to a line in a configuration file, but in practice can represent any arbitrary configuration option.
The
profiles-and-parameters
overview section.
parent parents The parent(s)
of a cache server
is/are the cache server
(s) belonging to either the "parent" or "secondary parent" Cache Group
(s) of the Cache Group
to which the cache server
belongs. For example, in general it is true that an Edge-tier cache server
has one or more parents
which are Mid-tier cache servers
.
Physical Location Physical Locations A pair of geographic coordinates (latitude and longitude) that is used by Cache Groups
to define their location. This information is used by Traffic Router to route client traffic to the geographically nearest Cache Group
.
Profile Profiles A Profile
is, most generally, a group of Parameters
that will be applied to a server. Profiles
are typically re-used by all Edge-tier cache servers
within a CDN or Cache Group
. A Profile
will, in addition to configuration Parameters
, define the CDN to which a server belongs and the "Type" <profile-type>
of the Profile - which determines some behaviors of Traffic Control components. The allowed "Types" <profile-type>
of Profiles
are not the same as Types
, and are maintained as a PostgreSQL "Enum" in traffic_ops/app/db/create_tables.sql
.
Tip
A
Profile
of the wrong type assigned to a Traffic Control component will (in general) cause it to function incorrectly, regardless of theParameters
assigned to it.The
profiles-and-parameters
overview section.
Queue Queue Updates Queue Server Updates Queuing Updates
is an action that signals to various ATC components - most notably cache servers
- that any configuration changes that are pending are to be applied now. Specifically, Traffic Monitor and Traffic Router are updated through a CDN Snapshot
, and not Queued Updates
. In particular, ORT
will notice that the server on which it's running has new configuration, and will request the new configuration from Traffic Ops.
Updates may be queued on a server-by-server basis (in Traffic Portal's
tp-configure-servers
view), a Cache Group-wide basis (in Traffic Portal'stp-configure-cache-groups
view), or on a CDN-wide basis (in Traffic Portal'stp-cdns
view). Usually using the CDN-wide version is easiest, and unless there are special circumstances, and/or the user really knows what he or she is doing, it is recommended that the full CDN-wideQueue Updates
be used.This is similar to taking a CDN
Snapshot
, but this configuration change affects only servers, and not routing.That seems like a vague difference because it is - in general the rule to follow is that changes to
Profiles
andParameters
requires only updates be queued, changes to the assignments ofcache servers
toDelivery Services
requires both aSnapshot
and aQueue Updates
, and changes to only aDelivery Service
itself (usually) entails aSnapshot
only. These aren't exhaustive rules, and a grasp of what changes require which action(s) will take time to form. In general, when doing bothQueuing Updates
as well as taking a CDNSnapshot
, it is advisable to firstQueue Updates
and then take theSnapshot
, as otherwise Traffic Router may route clients toEdge-tier cache servers
that are not equipped to service their request(s). However, when modifying the assignment(s) ofcache servers
to one or moreDelivery Services
, aSnapshot
ought to be taken before updates are queued.Warning
Updates to
Parameters
with certainparameter-config-file
values may require runningORT
in a different mode, occasionally manually. Though the server may appear to no longer have pending updates in these cases, until this manual intervention is performed the configuration will not be correct.
Region Regions A group of Physical Locations
.
reverse proxy reverse proxies A reverse proxy
acts on behalf of the origin server
such that the client is (potentially) unaware it is not communicating directly with the Origin
. All Edge-tier cache servers
in a Traffic Control CDN are reverse proxies
. To the end user a Traffic Control-based CDN appears as a reverse proxy
since it retrieves content from the origin server
, acting on behalf of that origin server
. The client requests a URL that has a hostname which resolves to the reverse proxy
's IP address and, in compliance with the HTTP 1.1 specification (2616
), the client sends a Host:
header to the reverse proxy
that matches the hostname in the URL. The proxy looks up this hostname in a list of mappings to find the Origin
hostname; if the hostname of the Host:
header is not found in the list, the proxy will send an error (usually either 404 Not Found
or 503 Service Unavailable
as appropriate) to the client. If the supplied hostname is found in this list of mappings, the proxy checks its cache, and when the content is not already present, connects to the Origin
to which the requested Host:
maps requests the path of the original URL, providing the Origin
hostname in the Host
header. The proxy then stores the URL in its cache and serves the contents to the client. When there are subsequent requests for the same URL, a caching proxy serves the content out of its cache - provided cache-revalidation
are satisfied - thereby reducing latency and network traffic.
To insert a
reverse proxy
into a typical HTTP 1.1 request and response flow, thereverse proxy
needs to be told where theorigin server
can be reached (and whichOrigin
to use for a given request when it's configured to proxy requests for multipleOrigins
). InATS (Apache Traffic Server)
this is handled by adding rules to the remap.config configuration file. The content owner must inform the clients, by updating the URL, to receive the content from the cache and not from theorigin server
directly. For example, clients might be instructed to request content fromhttp://www-origin-cache.cdn.com
which points to areverse proxy
for the actualOrigin
located athttp://www.origin.com
.Now, if the client requests
/foo/bar/fun.html
from thereverse proxy
the sequence of events is as follows. is given the URLhttp://www-origin-cache.cdn.com/foo/bar/fun.html
(note the different hostname) and when attempting to obtain that URL, the following occurs:
- The client sends a DNS request to the
LDNS (Local Domain Name Server)
to resolve the namewww-origin-cache.cdn.com
to an IP address.- The
LDNS (Local Domain Name Server)
finds an IP address forwww-origin-cache.cdn.com
e.g.55.44.33.22
.The client sends an HTTP request for
/foo/bar/fun.html
to the IP address.GET /foo/bar/fun.html HTTP/1.1 Host: www-origin-cache.cdn.com- The
reverse proxy
finds out the URL of the trueOrigin
- in the case ofATS (Apache Traffic Server)
this is done by looking upwww-origin-cache.cdn.com
in its remap rules - and finds that it iswww.origin.com
.- The proxy checks its cache to see if the response for
GET /foo/bar/fun.html HTTP/1.1
fromwww.origin.com
is already in the cache.If the response is not in the cache:
The proxy sends the request to the actual
Origin
GET /foo/bar/fun.html HTTP/1.1 Host: www.origin.comThe
origin server
responds with the requested contentHTTP/1.1 200 OK Date: Sun, 14 Dec 2014 23:22:44 GMT Server: Apache/2.2.15 (Red Hat) Last-Modified: Sun, 14 Dec 2014 23:18:51 GMT ETag: "1aa008f-2d-50a3559482cc0" Content-Length: 45 Connection: close Content-Type: text/html; charset=UTF-8 <!DOCTYPE html><html><body>This is a fun file</body></html>The proxy sends the response on to the client, optionally adding a
Via:
header to indicate that the request was serviced by proxy.HTTP/1.1 200 OK Date: Sun, 14 Dec 2014 23:22:44 GMT Last-Modified: Sun, 14 Dec 2014 23:18:51 GMT ETag: "1aa008f-2d-50a3559482cc0" Content-Length: 45 Connection: close Content-Type: text/html; charset=UTF-8 Age: 0 Via: http/1.1 cache01.cdn.kabletown.net (ApacheTrafficServer/4.2.1 [uScSsSfUpSeN:t cCSi p sS]) Server: ATS/4.2.1 <!DOCTYPE html><html><body>This is a fun file</body></html>If, however, the response was already in the cache - and still valid according to the
cache-revalidation
- the proxy responds to the client with the previously retrieved result.HTTP/1.1 200 OK Date: Sun, 14 Dec 2014 23:22:44 GMT Last-Modified: Sun, 14 Dec 2014 23:18:51 GMT ETag: "1aa008f-2d-50a3559482cc0" Content-Length: 45 Connection: close Content-Type: text/html; charset=UTF-8 Age: 39711 Via: http/1.1 cache01.cdn.kabletown.net (ApacheTrafficServer/4.2.1 [uScSsSfUpSeN:t cCSi p sS]) Server: ATS/4.2.1 <!DOCTYPE html><html><body>This is a fun file</body></html>
Role Roles Permissions Roles
define the operations a user is allowed to perform, and are currently an ordered list of permission levels.
For a more complete description of Roles, see the
roles
overview section.
Server Capability Server Capabilities A Server Capability
(not to be confused with a "Capability") expresses the capacity of a cache server
to serve a particular kind of traffic. For example, a Server Capability
could be created named "RAM" to be assigned to cache servers
that have RAM-disks allocated for content caching. Server Capabilities
can also be required by Delivery Services
, which will prevent cache servers
without that Server Capability
from being assigned to them. It also prevents Mid-tier cache servers
without said Server Capability
from being selected to serve upstream requests from those Edge-tier cache servers
assigned to the requiring Delivery Services
.
Service Category Service Categories A Service Category
defines the type of content being delivered by a Delivery Service
. For example, a Service Category
could be created named "linear" and assigned to a Delivery Service
that delivers linear content.
Snapshot Snapshots CDN Snapshot CDN Snapshots Previously called a "CRConfig" or "CRConfig.json" (and still called such in many places), this is a rather large set of routing information generated from a CDN's configuration and topology.
Status Statuses A Status
represents the current operating state of a server. The default Statuses
made available on initial startup of Traffic Ops are related to the health-proto
and are explained in that section.
- t3c
The Traffic Control cache config app, used to generate and apply cache configuration files.
For usage and testing documentation, refer to
t3c
.
Tenant Tenants Tenancy Tenancies Users are grouped into Tenants
(or Tenancies
) to segregate ownership of and permissions over Delivery Services
and their resources. To be clear, the notion of Tenancy
only applies within the context of Delivery Services
and does not apply permissions restrictions to any other aspect of Traffic Control.
Topology Node Topology Nodes Parent Topology Node Parent Topology Nodes Child Topology Node Child Topology Nodes Each Topology Node
is associated with a particular Cache Group
. In addition, the Topology Node has 0, 1, or 2 Parent Topology Nodes and has 0, 1, or 2 Child Topology Nodes, according to your configuration.
Topology Topologies A structure composed of Cache Groups
and parent relationships, which is assignable to one or more Delivery Services
.
Type Types A Type
defines a type of some kind of object configured in Traffic Ops. Unfortunately, that is exactly as specific as this definition can be.