MACROMEDIA BREEZE 5 User manual

Brand: MACROMEDIA

Model: BREEZE 5

Type: User manual

This manual is also suitable for

Breeze Edge Server

Installing and Configuring Breeze Edge Server

Trademarks

1 Step RoboPDF, ActiveEdit, ActiveTest, Authorware, Blue Sky Software, Blue Sky, Breeze, Breezo, Captivate, Central,

ColdFusion, Contribute, Database Explorer, Director, Dreamweaver, Fireworks, Flash, FlashCast, FlashHelp, Flash Lite,

FlashPaper, Flex, Flex Builder, Fontographer, FreeHand, Generator, HomeSite, JRun, MacRecorder, Macromedia, MXML,

RoboEngine, RoboHelp, RoboInfo, RoboPDF, Roundtrip, Roundtrip HTML, Shockwave, SoundEdit, Studio MX, UltraDev,

and WebHelp are either registered trademarks or trademarks of Macromedia, Inc. and may be registered in the United States or

in other jurisdictions including internationally. Other product names, logos, designs, titles, words, or phrases mentioned within

this publication may be trademarks, service marks, or trade names of Macromedia, Inc. or other entities and may be registered in

certain jurisdictions including internationally.

Third-Party Information

This guide contains links to third-party websites that are not under the control of Macromedia, and Macromedia is not

responsible for the content on any linked site. If you access a third-party website mentioned in this guide, then you do so at your

own risk. Macromedia provides these links only as a convenience, and the inclusion of the link does not imply that Macromedia

endorses or accepts any responsibility for the content on those third-party sites.

translated, or converted to any electronic or machine-readable form in whole or in part without written approval from

Macromedia, Inc. Notwithstanding the foregoing, the owner or authorized user of a valid copy of the software with which

this manual was provided may print out one copy of this manual from an electronic version of this manual for the sole

purpose of such owner or authorized user learning to use such software, provided that no part of this manual may be

printed out, reproduced, distributed, resold, or transmitted for any other purposes, including, without limitation,

commercial purposes, such as selling copies of this documentation or providing paid-for support services.

Acknowledgments

Project Management: Stephanie Gowin

Writing: John Norton

Editing: John Hammett

Production Management: Patrice O’Neill

Media Design and Production: Adam Barnett, Paul Benkman, John Francis, Mario Reynoso

Second Edition: October 2005

Macromedia, Inc.

601 Townsend St.

San Francisco, CA 94103

Contents

Introduction to edge servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

Connecting to Breeze through edge servers . . . . . . . . . . . . . . . . . . . . . . . 8

System requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Installing Breeze Edge Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9

The Breeze Edge Server license file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Configuring FCS for Breeze Edge Server . . . . . . . . . . . . . . . . . . . . . . . . 14

Configuring FCS for SSL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Stopping and starting Breeze Edge Server . . . . . . . . . . . . . . . . . . . . . . 24

Deploying an edge server cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Scheduling maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

4Contents

Macromedia Breeze Edge

Server

For a successful installation and configuration of Macromedia Breeze Edge Server, read the

information provided in this document. It contains the following sections:

■ “Introduction to edge servers” on page 6

■ “Connecting to Breeze through edge servers” on page 8

■ “System requirements” on page 8

■ “Installing Breeze Edge Server” on page 9

■ “The Breeze Edge Server license file” on page 14

■ “Configuring FCS for Breeze Edge Server” on page 14

■ “Mapping the DNS entry for Breeze Edge Server” on page 15

■ “Configuring FCS for SSL” on page 16

■ “Alternative SSL implementations” on page 16

■ “HTTP tunneling” on page 17

■ “Adding the required SSL tags in the Adaptor.xml file” on page 17

■ “Locating the required SSL tags in the Server.xml file” on page 17

■ “Stopping and starting Breeze Edge Server” on page 24

■ “Deploying an edge server cluster” on page 25

■ “Scheduling maintenance” on page 26

6 Macromedia Breeze Edge Server

Introduction to edge servers

Edge servers are configured to allocate and balance access to a Breeze server by using the

existing bandwidth resources more efficiently. Once the edge servers are deployed, users access

Breeze through their edge server. Edge servers authenticate these users and authorize their

requests for web services such as Macromedia Breeze Meeting rather than forwarding every

request to the Breeze server and consuming its resources for these tasks. If the data requested is

found in the edge server’s cache, it returns the Breeze Meeting data to the requesting client

(the user’s computer) without calling upon the Breeze server. This detour to the Breeze server

is transparent to users. In this scenario, no demands are placed on the origin Breeze server.

If the data requested is not found in the edge server’s cache, it forwards the client’s request to

the Breeze server, where the user is authenticated and the request for services authorized. The

Breeze server returns the results to the requesting edge server, which in turn delivers the results

to the requesting client. The edge server also stores this information in its cache, where other

authenticated users can access it. In this scenario, fewer requests for services are forwarded to

the origin Breeze server.

Introduction to edge servers 7

An edge server is configured to intercept the requests for Breeze services from a particular

zone, to collect or aggregate these requests, and transmit them to the origin Breeze server. The

Breeze server returns the results to the edge server, which forwards the data to the user’s client

computer. A networked Breeze deployment might have multiple edge servers installed. For

example, one edge server might aggregate and forward requests from San Francisco and

another might aggregate and forward requests from Boston. Each edge server gathers the

requests from its clients and forwards them to the origin Breeze server located in a data center

in Chicago, receives the responses from the origin Breeze server, then transmits and distributes

them to the clients in its zone.

Boston

Meeting X

Breeze Edge

San Francisco

Meeting X

Breeze Edge

Breeze

Chicago

Company A

8 Macromedia Breeze Edge Server

Connecting to Breeze through edge

servers

When edge servers are present on an organization’s network, Breeze users connect to Breeze

Meeting indirectly through the edge (or proxy) server. This connection occurs transparently.

To Breeze users, it appears that they are connected directly to the Breeze server hosting Breeze

Meeting, but they are most likely connected through the proxy or edge server servicing their

local network. Edge servers offload traffic to the origin Breeze server caching static content

like recorded Breeze meetings and presentations.

These take place behind the network connection to the Breeze server. The client (the user’s

computer) connects to the edge (proxy) server instead of making a direct connection to Flash

Communication Server (FCS) (Breeze Meeting) directly. The edge server in turn connects to

the origin Breeze server. Many additional steps, such as user authentication and permissions

authorization, are hidden from the Breeze user.

Edge servers provide an additional layer of defense between the user’s Internet connection and

the Breeze server. All traffic coming from the Internet and with Breeze as its destination goes

through the edge server.

System requirements

This release of Edge Server is certified to support up to 500 users or 50 meeting rooms. The

following table lists the hardware requirements for edge servers.

Component Requirement

Operating System Windows Server 2000

Windows Server 2003

Server Processor Pentium IV 3.6 GHz

Cache Processor 2 MB cache processor

Memory 4 GB RAM recommended

2 GB RAM minimum

Hard Drive 80 GB 10K RPM recommended

40 GB 7200 RPM minimum

Network Adaptor TCP/IP Adaptor supporting 1 GB over CAT5 Ethernet

Display SGVA supporting 800x600 or higher resolution

Drive CD-ROM or DVD-ROM

Installing Breeze Edge Server 9

Installing Breeze Edge Server

Use the procedures described in this section to install the Breeze Edge Server. Macromedia

recommends that you close all other applications before starting to install.

To install and configure Breeze Edge Server:

1. Insert the installation CD into the CD-ROM drive. If the Macromedia Breeze Edge Server

Setup wizard does not start automatically, double-click the setup.exe file in the installation

CD’s root

folder.

The Welcome to the Macromedia Breeze Edge Server Setup Wizard window appears.

10 Macromedia Breeze Edge Server

2. Click Next to continue.

The License Agreement window appears.

3. Read the agreement, select I Accept the Agreement, and click Next to continue.

The Select Destination Location window appears.

Installing Breeze Edge Server 11

4. Click Next to accept the default installation location, or click Browse to select a different

location, and then click Next.

If the wizard detects a previous installation of a Breeze Edge Server, you will see the

following screen.

5. Click Next to continue.

The Select Start Menu Folder window appears.

12 Macromedia Breeze Edge Server

6. Accept the default shortcut, or click Browse to select a different location, and then click

Next.

The Ready to Install window alerts you that the Breeze installation is about to begin.

7. Review the choices for the destination folder where Breeze will be installed and for adding

Macromedia Breeze Edge Server to the Start Menu folder.

Installing Breeze Edge Server 13

8. Click Back if you want to review or change these settings, or click Install to continue.

The Installing Breeze window appears. The wizard is beginning to extract the Breeze Edge

Server files on the installation CD and install them. This process takes less than two

minutes.

9. Click Cancel at any time if you want to abort or cancel the installation.

When the installation is complete, the Completing the Macromedia Breeze Edge Server

Setup Wizard window appears.

10. Click Finish to exit the Edge Server installation.

14 Macromedia Breeze Edge Server

The Breeze Edge Server license file

When your order for Breeze Edge Server is processed, Macromedia Order Services dispatches

an e-mail with the Breeze Edge Server license file (license.lic) attached.

To install the Breeze Edge Server license file, do the following:

1. Go to c:\{install_path}\edgeserver\conf\win32\.

2. Create a folder named licenses, if it does not already exist.

3. Open the e-mail from Macromedia.

4. Save the license.lic file in the licenses folder.

With the license file in place, you can now stop and start Breeze Edge Server and FCS services

to verify that the installation was successful.

For more information, see “Stopping and starting Breeze Edge Server” on page 24.

Configuring FCS for Breeze Edge Server

Each organization configures its network differently, reflecting its business rules and

geographical distribution. The key for a successful edge server deployment is making sure that

the user’s computers (Breeze clients) receive an edge server’s IP address when resolving the

Domain Name Server (DNS) entry for the

BREEZEHOST variable (formerly known as

ADMIN_HOST).

Here is a scenario for large Breeze deployments that builds upon the graphic in “Introduction

to edge servers” on page 6.

■ On-site clients (Chicago users) can access the Breeze origin server directly. The Breeze

Host DNS mapping for these clients resolves to the Breeze origin server’s IP address.

■ Edge servers collect off-site clients’ (Boston and San Francisco users) requests for services

and route the requests to the Breeze origin server.

■ The Breeze Host DNS mapping for these remote clients resolves to the appropriate edge

server’s IP address.

■ San Francisco clients access Breeze through edge server 1; Boston clients use edge server 2.

No clients in these regions communicate directly with the Breeze origin server.

Access to Breeze is determined by modifying the DNS server that is nearest to the client. To

direct Breeze users to their nearest edge server, the Breeze administrator creates a DNS entry

in the edge server’s custom.ini configuration file. For edge servers, the

FCS.HTTPCACHE_BREEZE_SERVER_NORMAL_PORT variable contains the DNS entry.

Configuring FCS for Breeze Edge Server 15

Mapping the DNS entry for Breeze Edge Server

Mapping the DNS entry for an edge server is comparable to mapping the BREEZE_HOST

variable for Breeze Server on the Breeze Application Management Console. For example, if

the value for BREEZE_HOST (the host name to use in a URL for accessing the Breeze origin

server) is breeze.mycompany.com, the DNS entry for an edge server maps

breeze.mycompany.com to the IP address of the nearest edge server.

To configure Breeze Edge Server manually:

1. Open the {install_path}\root directory.

2. Delete the custom.ini file in this directory, if there is one.

3. Create a new text file and save it as custom.ini.

4. Open the custom.ini file with a text editor, such as Notepad.

5. Add the following line to the custom.ini file:

FCS.HTTPCACHE_BREEZE_SERVER_NORMAL_PORT=yourbreezeserver:80

where yourbreezeserver:80 is the IP address or domain name and port number of the

machine where the Breeze server is installed.

The value for this variable configures the edge server to connect to the Breeze server at this

location.

6. Save the custom.ini file.

You can now start and stop Breeze Edge Server. For more information, see “Stopping and

starting Breeze Edge Server” on page 24.

Configuring the Breeze Edge Server ports

Edge servers are configured to listen on ports 80 and 443 in addition to the default port of

1935. You configure the ports by modifying the

DEFAULT_FCS_HOSTPORT variable. If this

variable is not found in the custom.ini configuration file, you must add the following line to

the file:

DEFAULT_FCS_HOSTPORT=:1935,80,-443

NOTE

The values in the custom.ini file override the values in the config.ini file. The

FCS.HTTPCACHE_BREEZE_SERVER_NORMAL_PORT variable also appears in the

config.ini file. Do not change the values for any variable in the config.ini file.

NOTE

FCS.HTTPCACHE_BREEZE_SERVER_NORMAL_PORT should be the only entry in the edge

server custom.ini file.

16 Macromedia Breeze Edge Server

This tag now specifies that edge servers listen on ports 1935, 80, and 443. A port is defined as

a secure port by placing a minus sign in front of the port number in a configuration variable

or file. For example, you can configure a secure port by editing the

HostPort tag of the

Adaptor.xml file.

Port 443 is designated as a secure port that receives only RTMPS connections. Attempting an

RTMPS connection request to ports 1935 or 80 results in a failure to connect. Similarly, an

unsecured RTMP connection request to port 443 fails to connect.

Configuring FCS for SSL

To use FCS for Secure Sockets Layer (SSL)–enabled communications, a secure protocol for

transmitting private documents over the Internet, you must configure the FCS Adaptor.xml

and Server.xml files for native SSL support by defining the appropriate SSL tags.

For example, the default settings for the

Redirect tag in the HTTPTunneling section of

Adaptor.xml configures FCS to handle only traffic with the RTMP and RTMPS protocols.

</Redirect>

The default location of the FCS files is c:\breeze\conserv. The configuration files for FCS are

found in

c:\breeze\comserv\win32\conf.

Alternative SSL implementations

FCS also supports the following implementations for SSL-secured transmissions:

■ SSL through an external hardware accelerator

■ SSL through an internal PCI card

NOTE

If your Breeze Edge Server uses an external hardware accelerator, port 443 does not

have to be configured as a secure port.

NOTE

The PCI-card based implementation has not been tested at this writing.

Configuring FCS for SSL 17

HTTP tunneling

For SSL to work properly, HTTP tunneling must be enabled. Clients use HTTP tunneling to

connect to the server via SSL.

Adding the required SSL tags in the Adaptor.xml file

All SSL tags in the Server.xml file are included by default. Not all of the required SSL tags in

Adaptor.xml are present by default, however.

You need to insert the following SSL-specific tags in the Adaptor.xml file.

<SSL>

</SSLServerCtx>

</SSL>

Place this section right after the end tag </HTTPTunneling> but before the </Adaptor> end

root tag.

Locating the required SSL tags in the Server.xml file

The SSL-enabling tags in the Server.xml file occur in the following sequence:

■ <SSLEngine>

■ <SSLRandomSeed>

■ <SSLSessionCacheGC>

■ <SSLVerifyCertificate>

■ <SSLCACertificatePath>

■ <SSLCACertificateFile>

■ <SSLVerifyDepth>

■ <SSLCipherSuite>

NOTE

HTTP tunneling is enabled by default. No user action is required.

18 Macromedia Breeze Edge Server

Defining the SSL tags in FCS

The following table lists alphabetically all the SSL-specific tags in both the Adaptor.xml and

Server.xml files. You must configure these tags to enable SSL in FCS.

FCS File XML Tag Default Description

Adaptor.xml Redirect [none] Specifies whether unknown

requests are redirected to an

external server such as Breeze.

When FCS receives an

unknown request, the request is

redirected to the specified

redirect host. For redirection to

work, HTTP tunneling must be

enabled.

You can control which port on

the redirect host listens for

redirected traffic.

A request for redirection to a

specific host can be:

Redirect enable=false>

</Redirect>

Adaptor.xml SSLCertificateFile [none] Specifies the location of the

certificate file to send to the

client. If an absolute path is not

specified, the certificate is

assumed to be located relative

to the Adaptor directory.

Adaptor.xml SSLCertificateKeyFile type =

PEM

PEM Specifies the location of the

private key file for the certificate.

If an absolute path is not

specified, the key file is assumed

to be located relative to the

Adaptor directory. If the key file

is encrypted, the pass phrase

must be specified in the

SSLPassPhrase tag.

The type attribute specifies the

type of encoding used for the

certificate key file. This can be

either

PEM or ASN1.

Configuring FCS for SSL 19

Adaptor.xml SSLCipherSuite Specifies the ciphers to use.

This is a list of colon-delimited

components. A component can

be a key exchange algorithm,

authentication method,

encryption method, digest type,

or one of a selected number of

aliases for common groupings.

For a list of components, see the

FCS documentation.

The default setting for this tag is:

ALL:!ADH:!LOW:!EXP:!MD5:@STRE

NGTH

Contact Breeze Technical

Support before changing the

default settings.

Adaptor.xml SSLPassPhrase [none] Specifies the pass phrase to use

for decrypting the private key

file. If the private key file is not

encrypted, leave this tag empty.

Adaptor.xml SSLSessionTimeout 5 Specifies in minutes how long a

session remains valid.

FCS File XML Tag Default Description

20 Macromedia Breeze Edge Server

Server.xml SSLCACertificateFile This tag configures the server to

act as an SSL client (out-going

SSL connections), and is used

only when making outgoing SSL

connections.

This tag specifies the name of a

file that contains one or more

certificates issued by a valid

Certificate Authority (CA) in the

Privacy Enhanced Mail (PEM)

encryption format.

A CA is an organization such as

Verisign that issues certificates

to people. A certificate is

normally signed by a CA. The CA

is saying that the owner of the

certificate is who he says he is.

The CA has done the necessary

research and background

checks before issuing the

certificate to this person.

This directory specifies the

certificates for CA's that are

considered trusted. If you

encounter a certificate signed by

one of these CA's, you can trust

that the person is who he says

he is because you trust the

issuer of the certificate. Each

certificate in the directory must

be named by the subject name's

hash, and an extension of ".0".

FCS File XML Tag Default Description

Page is loading ...

MACROMEDIA BREEZE 5 User manual

Brand: MACROMEDIA

Model: BREEZE 5

Type: User manual

This manual is also suitable for

Breeze Edge Server

Download PDF

report

MACROMEDIA BREEZE 5 User manual

This manual is also suitable for

MACROMEDIA BREEZE 5 User manual

Related papers

Other documents