Basic File Layout

This document will explain the AMS standard configuration file set and the thinking behind this configuration standard

🏠Table of Contents

πŸ”™PreviousΒ What is "The Dispatcher"

Default Enterprise Linux folder structure

In AMS the base installation uses Enterprise Linux as the base operating system.Β  When installing Apache Webserver it will have a default install file set.Β  Here is the default files that get installed by installing the basic RPM's provided by the yum repository

/etc/httpd/ 
β”œβ”€β”€ conf 
β”‚   β”œβ”€β”€ httpd.conf 
β”‚   └── magic 
β”œβ”€β”€ conf.d 
β”‚   β”œβ”€β”€ autoindex.conf 
β”‚   β”œβ”€β”€ README 
β”‚   β”œβ”€β”€ userdir.conf 
β”‚   └── welcome.conf 
β”œβ”€β”€ conf.modules.d 
β”‚   β”œβ”€β”€ 00-base.conf 
β”‚   β”œβ”€β”€ 00-dav.conf 
β”‚   β”œβ”€β”€ 00-lua.conf 
β”‚   β”œβ”€β”€ 00-mpm.conf 
β”‚   β”œβ”€β”€ 00-proxy.conf 
β”‚   β”œβ”€β”€ 00-systemd.conf 
β”‚   └── 01-cgi.conf 
β”œβ”€β”€ logs -> ../../var/log/httpd 
β”œβ”€β”€ modules -> ../../usr/lib64/httpd/modules 
└── run -> /run/httpd

When following and honoring the installation design / structure we gain the following benefits:

  • Easier to support a predictable layout
  • Automatically familiar to anyone who has worked on Enterprise Linux HTTPD installs in the past
  • Allows patching cycles that are fully supported by the Operating System without any conflicts or manual adjustments
  • Avoids SELinux violations of mislabeled file contexts
Bemærk:

The Adobe Managed Services servers images typically have small Operating System root drives.Β  We put our data in a separate volume which is typically mounted in /mnt

Then we use that volume instead of the defaults for the following default directories

DocumentRoot

  • Default: /var/www/html
  • AMS: /mnt/var/www/html

Log Directory

  • Default: /var/log/httpd
  • AMS: /mnt/var/log/httpd

Keep in mind that the old and new directories are mapped back to the original mount point to eliminate confusion.

Using a seperate volume isn't vital but it's note worthy

AMS Add-ons

AMS adds on to the base install of Apache web server.

Document Roots

AMS Default document roots:

  • Author:
    • /mnt/var/www/author/Β 
  • Publish:
    • /mnt/var/www/html/
  • Catch-All and Health Check Maintenance
    • /mnt/var/www/default/

Staging and Enabled VirtualHost Directories

The following directories allow you to build out configuration files having a staging area that you can work on files and only enable then when they are ready.
  • /etc/httpd/conf.d/available_vhosts/
    • This folder will host all of your <VirtualHost /> files called .vhost
  • /etc/httpd/conf.d/enabled_vhosts/
    • When you're ready to use the .vhost files you have inside the available_vhosts folder symlink them using a relative path into the enabled_vhosts directory

Additional conf.d Directories

There are additional pieces that are common in Apache configurations and we created sub directories to allow for a clean way to seperate those files and not have all the files in one directory

Rewrites Directory

This directory can contain all of the *_rewrite.rules files you create that contain your typical RewriteRule syntax that engage Apache web servers mod_rewrite module

  • /etc/httpd/conf.d/rewrites/

Whitelists Directory

This directory can contain all of the *_whitelist.rules files you create that contain your typical IP Allow or Require IP syntax that engage Apache web servers access controls

  • /etc/httpd/conf.d/whitelists/

Variables Directory

This directory can contain all of the *.vars files you create that contain variables you can consume in your configuration files

  • /etc/httpd/conf.d/variables/

Dispatcher Module Specific Configuration Directory

Apache web server is very extensible and when a module has a lot of configuration files it's best practice to create your own configuration directory under the install base directory instead of cluttering up the default one.

We follow the best practice and created our own

Module Configuration file directory

  • /etc/httpd/conf.dispatcher.d/

Staging and Enabled Farm Directories

The following directories allow you to build out configuration files having a staging area that you can work on files and only enable then when they are ready.
  • /etc/httpd/conf.dispatcher.d/available_farms/
    • This folder will host all of your /myfarm {Β files called *_farm.any
  • /etc/httpd/conf.dispatcher.d/enabled_farms/
    • When you're ready to use the farm file you have inside the available_farms folder symlink them using a relative path into the enabled_farms directory

Additional conf.dispatcher.d Directories

There are additional pieces that are sub sections of the dispatcher farm file configurations and we created sub directories to allow for a clean way to seperate those files and not have a all the files in one directory

Cache Directory

This directory contains all of the *_cache.any, *_invalidate.any files you create that contain your rules on how you want the module to handle caching elements that come from AEM as well as invalidation rules syntax.Β  More details on this section is here

  • /etc/httpd/conf.dispatcher.d/cache/

Client Headers Directory

This directory can contain all of the *_clientheaders.any files you create that contain lists of Client Headers you want to pass through to AEM when a request comes in.Β  More details on this section is here

  • /etc/httpd/conf.dispatcher.d/clientheaders/

Filters Directory

This directory can contain all of the *_filters.any files you create that contain all of your filter rules to block or allow traffic through the dispatcher to reach AEM

  • /etc/httpd/conf.dispatcher.d/filters/

Renders Directory

This directory can contain all of the *_renders.any files you create that contain the connectivity details to each backend server that the dispatcher will consume content from

  • /etc/httpd/conf.dispatcher.d/renders/

Vhosts Directory

This directory can contain all of the *_vhosts.any files you create that contain a list of the domain names and paths to match to a particular farm to a particular back end server

  • /etc/httpd/conf.dispatcher.d/vhosts/

Complete Folder Structure

AMS has structured each of the files with custom file extensions and with the intention to avoid namespace issues / conflicts and any confusion.

Here is an example of a standard fileset from an AMS default deployment:

/etc/httpd/ 
β”œβ”€β”€ conf 
β”‚   β”œβ”€β”€ httpd.conf 
β”‚   └── magic 
β”œβ”€β”€ conf.d 
β”‚   β”œβ”€β”€ autoindex.conf 
β”‚   β”œβ”€β”€ available_vhosts 
β”‚   β”‚   β”œβ”€β”€ 000_unhealthy_author.vhost 
β”‚   β”‚   β”œβ”€β”€ 000_unhealthy_publish.vhost 
β”‚   β”‚   β”œβ”€β”€ aem_author.vhost 
β”‚   β”‚   β”œβ”€β”€ aem_flush.vhost 
β”‚   β”‚   β”œβ”€β”€ aem_health.vhost 
β”‚   β”‚   β”œβ”€β”€ aem_lc.vhost 
β”‚   β”‚   └── aem_publish.vhost 
β”‚   β”œβ”€β”€ dispatcher_vhost.conf 
β”‚   β”œβ”€β”€ enabled_vhosts 
β”‚   β”‚   β”œβ”€β”€ aem_author.vhost -> ../available_vhosts/aem_author.vhost 
β”‚   β”‚   β”œβ”€β”€ aem_flush.vhost -> ../available_vhosts/aem_flush.vhost 
β”‚   β”‚   β”œβ”€β”€ aem_health.vhost -> ../available_vhosts/aem_health.vhost 
β”‚   β”‚   └── aem_publish.vhost -> ../available_vhosts/aem_publish.vhost 
β”‚   β”œβ”€β”€ README 
β”‚   β”œβ”€β”€ rewrites 
β”‚   β”‚   β”œβ”€β”€ base_rewrite.rules 
β”‚   β”‚   └── xforwarded_forcessl_rewrite.rules 
β”‚   β”œβ”€β”€ userdir.conf 
β”‚   β”œβ”€β”€ variables 
β”‚   β”‚   └── ams_default.vars 
β”‚   β”œβ”€β”€ welcome.conf 
β”‚   └── whitelists 
β”‚       └── 000_base_whitelist.rules 
β”œβ”€β”€ conf.dispatcher.d 
β”‚   β”œβ”€β”€ available_farms 
β”‚   β”‚   β”œβ”€β”€ 000_ams_author_farm.any 
β”‚   β”‚   β”œβ”€β”€ 001_ams_lc_farm.any 
β”‚   β”‚   └── 999_ams_publish_farm.any 
β”‚   β”œβ”€β”€ cache 
β”‚   β”‚   β”œβ”€β”€ ams_author_cache.any 
β”‚   β”‚   β”œβ”€β”€ ams_author_invalidate_allowed.any 
β”‚   β”‚   β”œβ”€β”€ ams_publish_cache.any 
β”‚   β”‚   └── ams_publish_invalidate_allowed.any 
β”‚   β”œβ”€β”€ clientheaders 
β”‚   β”‚   β”œβ”€β”€ ams_author_clientheaders.any 
β”‚   β”‚   β”œβ”€β”€ ams_common_clientheaders.any 
β”‚   β”‚   β”œβ”€β”€ ams_lc_clientheaders.any 
β”‚   β”‚   └── ams_publish_clientheaders.any 
β”‚   β”œβ”€β”€ dispatcher.any 
β”‚   β”œβ”€β”€ enabled_farms 
β”‚   β”‚   β”œβ”€β”€ 000_ams_author_farm.any -> ../available_farms/000_ams_author_farm.any 
β”‚   β”‚   └── 999_ams_publish_farm.any -> ../available_farms/999_ams_publish_farm.any 
β”‚   β”œβ”€β”€ filters 
β”‚   β”‚   β”œβ”€β”€ ams_author_filters.any 
β”‚   β”‚   β”œβ”€β”€ ams_lc_filters.any 
β”‚   β”‚   └── ams_publish_filters.any 
β”‚   β”œβ”€β”€ renders 
β”‚   β”‚   β”œβ”€β”€ ams_author_renders.any 
β”‚   β”‚   β”œβ”€β”€ ams_lc_renders.any 
β”‚   β”‚   └── ams_publish_renders.any 
β”‚   └── vhosts 
β”‚       β”œβ”€β”€ ams_author_vhosts.any 
β”‚       β”œβ”€β”€ ams_lc_vhosts.any 
β”‚       └── ams_publish_vhosts.any 
β”œβ”€β”€ conf.modules.d 
β”‚   β”œβ”€β”€ 00-base.conf 
β”‚   β”œβ”€β”€ 00-dav.conf 
β”‚   β”œβ”€β”€ 00-lua.conf 
β”‚   β”œβ”€β”€ 00-mpm.conf 
β”‚   β”œβ”€β”€ 00-proxy.conf 
β”‚   β”œβ”€β”€ 00-systemd.conf 
β”‚   β”œβ”€β”€ 01-cgi.conf 
β”‚   └── 02-dispatcher.conf 
β”œβ”€β”€ logs -> ../../var/log/httpd 
β”œβ”€β”€ modules -> ../../usr/lib64/httpd/modules 
└── run -> /run/httpd 

Keeping it ideal

Enterprise Linux has patching cycles for the Apache Webserver Package (httpd).

The less installed default files you change the better, for reasons that if there is any patched security fixes or configuration improvements are applied via the RPM / Yum command it will not apply the fixes over the top of an altered file.

Instead it creates an .rpmnew file next to the original.Β  This means you'll miss some changes you might have wanted and created more garbage in your configuration folders.

Enterprise linux was setup properly to handle this use case in a better way.Β  They give you areas in which you can extend or override the defaults they set for you.Β  Inside the base installation of httpd you'll find the file /etc/httpd/conf/httpd.conf, and it has syntax in it like:

Β 

Include conf.modules.d/*.conf 
IncludeOptional conf.d/*.conf

The idea is that Apache wants you to extend the modules and configurations in adding new files to the /etc/httpd/conf.d/ and /etc/httpd/conf.modules.d/ directories with a file extension of .conf

As the perfect example when adding the dispatcher module to apache you'd create a module .so file in /etc/httpd/modules/Β and then include it by adding a file in /etc/httpd/conf.modules.d/02-dispatcher.confΒ with the contents to load your module .so file

LoadModule dispatcher_module modules/mod_dispatcher.so

NoticeΒ we didn't modify any already existing files apache provided.Β  Instead just added ours to the directories they were meant to go.

Now we consume our module in our file /etc/httpd/conf.d/dispatcher_vhost.confΒ which initializes our module and loads the inital module specific configuration file

<IfModule disp_apache2.c> 
    DispatcherConfig conf.dispatcher.d/dispatcher.any 
    ...SNIP... 
</IfModule>

Again you'll notice we've added files and modules but not altered any original files.Β  This gives us the desired functionality and protects us from missing wanted patch fixes as well as keeping to the highest level of compatability with each upgrade of the package.

Adobe-logo

Log ind pΓ₯ din konto