I am trying to setup mod_cluster as a reverse proxy for Wildfly 9. When I use http as a protocol (between mod_cluster and Wildfly), everything works just fine (forwarding requests to application server and detecting server).
My problems come up when I try to wire mod_cluster and wildfly using ajp as a protocol. I checked mod_cluster-manager and it seemed that
mod_cluster was connected to wildfly, but it couldn't forward
requests to application server.
I have the following configuration:
http server: Apache/2.4.18 (Ubuntu)
application server: Wildfly 9.0.2
mod_cluster: 1.3
mod_cluster.conf
PersistSlots on
CreateBalancers 1
MemManagerFile /opt/mod_cluster/logs
EnableOptions
AllowDisplay On
AllowCmd On
WaitForRemove 1
UseAlias 1
ServerAdvertise Off
Listen *:5555
<VirtualHost *:5555>
<Directory />
Order deny,allow
Allow from 192.168.0.71
Allow from 192.168.0.71
Allow from 127
Require all granted
</Directory>
<Location /mcm>
SetHandler mod_cluster-manager
Allow from 192.168
Allow from all
</Location>
KeepAliveTimeout 300
MaxKeepAliveRequests 0
ManagerBalancerName mycluster
#AdvertiseFrequency 5
EnableMCPMReceive
</VirtualHost>
<VirtualHost *:80>
ServerName my-app.org
ServerAlias my-app.org
ErrorLog /var/log/apache2/user.error.log
LogLevel warn
CustomLog /var/log/apache2/my_app.access.log combined
ServerSignature On
Redirect "/" https://my-app.org
ProxyPreserveHost On
SSLProxyEngine On
ProxyPreserveHost On
#ProxyPass /_error !
#ProxyPass / balancer://mycluster stickysession=JSESSIONID|jsessionid nofailover=on
#ProxyPassReverse / balancer://mycluster
<Location />
Order deny,allow
Allow from all
</Location>
</VirtualHost>
<VirtualHost *:443>
ServerName my-app.org
ServerAlias my-app.org
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
ErrorLog /var/log/apache2/user.ssl.error.log
LogLevel warn
CustomLog /var/log/apache2/my_app.ssl.access.log combined
ServerSignature On
SSLProxyEngine On
ProxyPreserveHost On
ProxyPass /_error !
ProxyPass / balancer://mycluster stickysession=JSESSIONID|jsessionid nofailover=on
ProxyPassReverse / balancer://mycluster
<Location />
Order deny,allow
Allow from all
</Location>
</VirtualHost>
Wildfly Configuration (relevant fragments):
mod_cluster subsystem:
<subsystem xmlns="urn:jboss:domain:modcluster:2.0">
<mod-cluster-config advertise-socket="modcluster"
proxies="mc-prox1"
advertise="false"
sticky-session-force="true" load-balancing-group="mycluster" connector="ajp">
<dynamic-load-provider>
<load-metric type="cpu"/>
</dynamic-load-provider>
</mod-cluster-config>
</subsystem>
outbound-socket-binding:
<outbound-socket-binding name="mc-prox1">
<remote-destination host="192.168.0.71" port="5555"/>
</outbound-socket-binding>
[EDIT]
I should have included ajp configuration:
<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:1500}">
<socket-binding name="ajp" port="${jboss.ajp.port:0}" />
.......
</socket-binding-group>
[EDIT2]
When I set ajp port to 8009, it works. I want to use custom port number.
Does anyone have a clue how to do it?
It turned out I had the wrong binaries :/. After replacing them with the ones from the offical website, I managed to connect Wildfly with apache through AJP.
Related
HOpe that someone help me. I have search and search and try several solutions but I still get this error of Origin not allowed on Grafana. I understand this is related with the proxy reverse but I think its correct
My httpd.conf with proxy reverse:
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /...
SSLCertificateKeyFile /..
ServerName example.com
ServerAlias 11.11.11.11
ServerAlias example01.*
DocumentRoot /app/...
<Location "/grafana">
ProxyPreserveHost On
ProxyPass http://localhost:3000
ProxyPassReverse http://localhost:3000
</Location>
ErrorLog logs/...
CustomLog logs/...
</VirtualHost>
is it something missing or the problem could be in another place?
Thanks in davance.
I have a website www.example.com that is hosted on apache2 web server in /var/www/example.com directory and the virtual host config file is
<VirtualHost *:80>
ServerAdmin admin#gmail.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/example.com/public
<Directory /var/www/example.com/public/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<IfModule mod_dir.c>
DirectoryIndex index.php index.pl index.cgi index.html index.xhtml >
</IfModule>
</VirtualHost>
I have installed let's encrypt certificate for this domain.
Now I have to change configuration settings and the config file should be like this:
<VirtualHost *:80>
ServerAdmin admin#gmail.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/example.com/dist //here is the change
<Directory /var/www/example.com/dist/> //here is the change
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<IfModule mod_dir.c>
DirectoryIndex index.php index.pl index.cgi index.html index.xhtml >
</IfModule>
</VirtualHost>
I have edited the config file and ran command certbot --apache -d example.com -d www.example.com.
Chose reinstall and renew both options and the installation was successful in both cases. But when I go to example.com then it shows 404 error.
How can I solve my problem?
HTTPS uses port 443, not port 80. Port 443 is closed. You need to add a new virtual host to handle HTTPS request
<VirtualHost *:443>
ServerName example.com
#ServerAlias www.example.com
ServerAdmin admin#gmail.com
DocumentRoot /var/www/example.com/dist
LogLevel debug ssl:info
SSLEngine on
SSLCertificateFile /path/to/yout/cert
SSLCertificateKeyFile //path/to/yout/key
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
If you check ports.conf under /etc/apache2, you will see this:
<IfModule ssl_module>
Listen 443
</IfModule>
Apache2 will open port 443 when the SSL module is enabled. So remember to run:
sudo a2dismod ssl
sudo systemctl restart apache2
I have configured apache to redirect HTTPS reqests to the local running application server PUMA. PUMA is part of the Ruby on Rails framework.
<IfModule mod_ssl.c>
<VirtualHost *:443>
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
Puma Server is listening on http://localhost:3000/
When I access this apache web site from a browser I get: Too many redirections.
And idea?
I had the same issue. Try to add after your Proxy:
RequestHeader set X-Forwarded-Proto https to your ...ssl.conf which is in sites-available folder.
I had same issue, I was trying to setup a SSL termination reverse proxy with apache. I followed this article.
Using 0.0.0.0 instead of localhost worked for me.
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName exemple.com
SSLCertificateFile /path/fullchain.pem
SSLCertificateKeyFile /path/privkey.pem
ProxyPass / http://0.0.0.0:80/
ProxyPassReverse / http://0.0.0.0:80/
</VirtualHost>
</IfModule>
I've two sites serving on port 8080
1) localhost:8080 -> mainsite
2) localhost:8080/foo -> foosite
I've placed all the folders in /var/www/html
Now I've another node.js website running on port 7777
If i received a request localhost:8080/survey-> this should redirect to localhost:7777/examples/react
But it is redirected to localhost:8080/examples/react
I've enabled proxy and proxy_http and added the required proxy Paths
<VirtualHost *:8090>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ProxyPass /survey http://localhost:7777/examples/react
ProxyPassReverse /survey http://localhost:7777/examples/react
</VirtualHost>
Try with load modules:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
<VirtualHost *:8090>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ProxyPass /survey http://localhost:7777/examples/react
ProxyPassReverse /survey http://localhost:7777/examples/react
</VirtualHost>
Also you should leave out the domain http://localhost:7777 in ProxyPass and ProxyPassReverse and leave it as /
I have odoo running on port 8069 and I want to run wordpress on port 80 on the same domain. I would like to redirect example.com* to port 8069 except example.com/wordpress* which I want to go to port 80.
I know this is similar to Redirecting from port 80 to different ports based on URL. I want to implement a reverse proxy solution as advised by abhi-devireddy. I tried the following reverse proxy. All requests are forwarded to port 8069 including http://example.com/wordpress/. Odoo reports error 404 page not found when browser points to http://example.com/wordpress
<VirtualHost *:80>
ServerName odoo
ErrorLog /var/log/odoo/odoo-error.log
CustomLog /var/log/odoo/odoo-access.log combined
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://example.com:8069/
ProxyPassReverse / http://example.com:8069/
ProxyPass http://example.com/wordpress/ http://example.com:80/wordpress
ProxyPassReverse http://example.com/wordpress/ http://example.com:80/wordpress
ProxyVia On
LogLevel warn
</VirtualHost>
ProxyPass ! excludes the URL http://example.com:80/wordpress from the reverse proxy. This allows everything except http://example.com:80/wordpress to be mapped to port 8069 while leaving http://example.com:80/wordpress to go through to port 80:
<VirtualHost *:80>
ServerName odoo
ErrorLog /var/log/odoo/odoo-error.log
CustomLog /var/log/odoo/odoo-access.log combined
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyRequests Off
ProxyPass /wordpress !
ProxyPass / http://example.com:8069/
ProxyPassReverse / http://example.com:8069/
Alias /wordpress /var/lib/wordpress/
# ProxyVia On
LogLevel warn
</VirtualHost>