AppLogic 2.7/2.8 Documentation The latest production release is AppLogic 2.8.9
OUT2: Single Host Output Gateway Appliance
Latest version: 1.0.5-1
 | At a Glance |
|---|
| Catalog | System |
| Category | Beta |
| User volumes | no |
| Min. memory | 64 MB |
| OS | Linux |
| Constraints | no |
| Questions/Comments | Ask Forum |
Functional overview
OUT2 is not available in AppLogic 2.8+. Please use OUT instead.
OUT2 is an output gateway that provides access to a network host located outside of an application. OUT2 accepts traffic from the application on its in terminal and forwards it through its external interface to the remote host.
OUT2 has a firewall that allows only outgoing traffic (connections and datagrams); it drops incoming traffic that is not for an already established connection or related to a datagram request.
OUT2 passes all traffic to the remote host specified by the remote_host property. The remote host can be specified either as a DNS host name (e.g., www.3tera.com) or as an IP address in "dots" notation (e.g., 192.168.1.1). If the remote host is configured using a DNS name, the OUT2 gateway ensures that if the name-to-IP mapping changes, the gateway redirects its traffic to the new IP address.
OUT2 is used to access services outside of the application, such as an external database, web service or document repository. OUT2 is the only appliance in an application that needs to be configured with the name or IP address of the remote host; the remaining application components can access that host simply by being connected to the OUT2 appliance input.
If the log terminal is connected then OUT2 logs via the log terminal to a remote syslog server.
OUT2 is implemented using BusyBox to provide a small and efficient environment tailored to support its functionality. It boots from a read-only volume and uses a 2MB ramdisk to store files which change during boot or run time.
Please note: the log terminal is not used for storing logs on a mounted cifs file system, but rather for sending logging messages to a remote syslog server. In the future other AppLogic appliances will be updated to log via their log terminals to a remote syslog server.
Boundary
Resources
Terminals
| Name | Dir | Protocol | Description |
|---|
in | in | any | Accepts traffic to be forwarded to the remote host |
log | out | syslog | Sends logging messages using the syslog protocol. This terminal may be left unconnected if it is not used.
Please note: the log terminal is not used for storing logs on a mounted cifs file system, but rather for sending logging messages to a remote syslog server. |
mon | out | cce | Sends performance and resource usage statistics |
The external interface is enabled. It is used for outgoing traffic. It is configured to send all traffic to the remote host.
The default interface is enabled. It is used for maintenance (incoming ssh connections).
Boot volume
OUT2 appliance is based on custom Linux distribution with a read-only boot volume and inherits its file system layout.
Almost all files reside in the boot volume. Files or folders that need to be modified either reside on the RAM drive or are symbolic links to the RAM drive.
Any changes applied to an instance of the OUT2 appliance will be lost after appliance stop or restart.
User Volumes
None
Properties
| Property name | Type | Description |
|---|
remote_host | String | The remote host to which all traffic is forwarded. This can be the resolvable domain name of the host or its IP address in "dots" notation. This property is mandatory. |
dns_poll | Integer | The poll interval, in seconds, at which OUT2 checks the mapping of the DNS name of remote_host to an IP address (used only if remote_host is specified as a domain name). Set to 0 to disable polling and not try to detect changes. Default: 3600 seconds (1 hour). |
ip_addr | IP Address | IP address of the external interface. This property is mandatory. |
netmask | IP Address | Network mask for the network on which ip_addr resides. This property is mandatory. |
gateway | IP Address | IP network gateway (router) used for all outgoing traffic to the external network via ip_addr. This property may be left empty only if the remote host is on the same subnet; otherwise it must be specified. Default: empty. |
dns1 | IP Address | IP address of the primary DNS server used for host name resolution. This property may be left empty if the remote host is specified by its IP address; otherwise it must be specified. Default: empty. |
dns2 | IP Address | IP address of the backup DNS server used for host name resolution. Default: empty (not used). |
Error Messages
The following messages may appear in either the appliance log file or the system log of the grid controller when the appliance fails to start:
- Failed to set up rules (exit code code); using backup rule set
Typical Usage
The following diagram shows a typical usage of OUT2 for a simple web server application that accesses an external database while serving user requests:
Summary of Parts
-
in - input gateway appliance, class IN2
-
web - web server appliance, class WEB5
-
out - output gateway appliance, class OUT2
in passes client web requests arriving from outside the application to the web server. web serves static content by itself; for dynamic content, scripts that run in web access an external database through the out gateway. The out gateway is configured with the host name of the server that provides the external database.
The following sections describe the configuration of OUT2 in several typical use cases:
OUT2 with a remote host by DNS name
This mode is used when the remote host has a valid entry in the DNS server. In this mode, OUT2 can resolve the DNS name and monitors for changes to the DNS entry for the remote host.
OUT2 resolves remote_host using the DNS servers configured as properties. In this mode, at least dns1 must be set.
Example:
| Property name | Value | Description |
|---|
remote_host | www.google.com | DNS name or the IP address of the remote host to forward all traffic to. |
dns_poll | 3600 | The poll interval for the DNS name, in seconds. |
ip_addr | 192.168.1.12 | IP address for the gateway itself. |
netmask | 255.255.255.0 | Netmask for the gateway. |
gateway | 192.168.1.1 | IP address of a router used to reach remote networks. |
dns1 | 192.168.1.1 | Address of a DNS server to use to resolve remote_host. |
dns2 | 192.168.1.2 | Address of a backup DNS server (used if the first one is not available). |
OUT2 with a remote host by IP address
This mode is used when the IP address of remote_host is fixed or has no DNS records. In this mode the dns_poll proprty is ignored.
Example:
| Property name | Value | Description |
|---|
remote_host | 66.102.7.104 | DNS name or the IP address of the remote host to forward all traffic to. |
ip_addr | 192.168.1.12 | IP address for the gateway itself. |
netmask | 255.255.255.0 | Netmask for the gateway. |
gateway | 192.168.1.1 | IP address of a router used to reach remote networks. |
Notes
- OUT2 can not be used for accessing multiple hosts with different addresses. Applications that need to access multiple hosts through the same output, such as STMP servers, can use the NET2 gateway appliance.
- OUT2 cannot be used for providing incoming requests to an application. Incoming request can be handled using the IN2 gateway appliance.
Open source and 3rd party software used inside of the appliance
OUT2 use the following open source and 3rd party packages in addition to its base install of Busybox OS.
| Software | Version | Modified | License | Notes |
|---|
| busybox | 1.13.4 | No | GPLv2 | homepage |
| openssh | 5.2p1 | No | BSD | homepage |
| bash | 3.1-16.1 | No | GPLv2 | N/A |
| coreutils | 5.97-12.1.el5 | No | GPLv2 | N/A |
| curl | 7.15.5-2.1.el5_3.5 | No | MIT | N/A |
| dhclient | 3.0.5-7.el5 | No | ISC | N/A |
| e2fsprogs-libs | 1.39-8.el5 | No | GPLv2 | N/A |
| glibc | 2.5-12.2 | No | LGPLv2.1 | N/A |
| grep | 2.5.1-54.2.el5 | No | GPLv2 | N/A |
| initscripts | 8.45.14.EL-1.el5.centos.1 | No | GPLv2 | N/A |
| iproute | 2.6.18-4.el5 | No | GPLv2 | N/A |
| iptables | 1.3.5-1.2.1 | No | GPLv2 | N/A |
| iputils | 20020927-43.el5 | No | BSD | N/A |
| krb5-libs | 1.5-23 | No | MIT, freely distributable | N/A |
| libidn | 0.6.5-1.1 | No | GPLv2 | N/A |
| libtermcap | 2.0.8-46.1 | No | LGPLv2.0 | N/A |
| mingetty | 1.07-5.2.2 | No | GPLv2 | N/A |
| module-init-tools | 3.3-0.pre3.1.16.el5 | No | GPLv2 | N/A |
| openssl | 0.9.8b-8.3.el5 | No | BSD | N/A |
| pcre | 6.6-1.1 | No | BSD | N/A |
| perl | 5.8.8-10 | No | Artistic | N/A |
| procps | 3.2.7-8.1.el5 | No | GPLv2 | N/A |
| strace | 4.5.15-1.el5 | No | BSD | N/A |
| SysVinit? | 2.86-14 | No | GPLv2 | N/A |
| tcpdump | 3.9.4-11.el5 | No | BSD | N/A |
| wget | 1.10.2-7.el5 | No | GPLv2 | N/A |
| zlib | 1.2.3-3 | No | zlib | N/A |
To see the full list of open source packages used in this appliance, please see its implementation design.
Related Documents
Questions and Comments
To post a question or comment on this appliance, visit our forum.
-- AndriyMayevskyy - 27 Jul 2009
Copyright © 2005-2010 3tera, Inc. All Rights Reserved.
AppLogic27 Web