I have a website that I am trying to convert to a docker-compose solution.
Part of the website is a CMS (WordPress, specifically), and there are also a few Java web applications that are currently handled by tomcat.
The current approach is that I have an official WordPress container and an official Tomcat container. I load my custom content in the WordPress (via a MySQL container which is not really a part of this question) and the WAR files into tomcat.
So the problem is this:
Parts of the WordPress website have links to Java applications. Previously, some of these links were relative links as simple as /Application1 and the user would be able to access the Java application.
Now, since they are hosted in separate containers, I cannot do this because there is nothing named "Application1" in the WordPress container. I have modified the htaccess file for the WordPress container with a RewriteRules like this:
# Tomcat exposes port 8085
RewriteRule ^.*Application1/(.*)$ http://localhost:8085/Application1/$1 [R,L]
But this means that if the user clicks the link for Application1 in wordpress, their browser will then redirect them to localhost:8085 - which works fine if you run this set of containers locally, but does not work for remote users.
I could change localhost to the actual name of the server this will run on. But then it would need to be manually updated for every server this stack will run on, or reset to localhost for developers.
I could combine WordPress and Tomcat into a single container, but we were hoping to keep them separate so that when we need to upgrade, we just change the version of the container we are pulling rather than having to rebuild a custom container from scratch.
Is there a more seamless way to do this, so that the URL in the user's browser never changes? Is there way to get this working so that remote users won't even know that the different parts of the site are hosted in different containers?
Assuming you do docker-compose in development and also in production, you replace localhost with servicename of the corresponding upstream.
Lets say, you have 3 containers: httpd, fpm ( wordpress) and java ( tomcat ). You configure httpd, to redirect to fpm:9000 if its domain.tld/php and redirect to java:8086 if the request is domain.tld/Application1.
All you need to understand is, that the actual service-name you have in docker-compose is available as a hostname in the container ( all containers ) - so containers can reach themselfs using the service-name of the other container - that makes inter-container communication very easy and pre-configureable, without knowing the actual container IPs ( which will change during development / production and host migrations )
I think I figured it out: I should have been using a proxy instead of a RewriteRule.
This seems to get me what I want:
ProxyPass "/Application1" "http://my-tomcat-server:8080/Application1"
ProxyPassReverse "/Application1" "http://my-tomcat-server:8080/Application1"
Related
I wanted to host a couple of websites (and apps) on the same VPS, so my idea was to have it like this:
Site 1
- HTML content only
Site 2
- PHP and HTML content
Site 3
- Java / SpringBoot app
Site 4
- Python app
Site 5
- Java / SpringBoot app
So I got the smallest pack on DigitalOcean, and thought I would start with Apache. Note: I configured the OS already, and tested basic functionality (see more info below)
I installed Apache, configured it to work with my domain (an actual one, not from hosts) and it loaded the basic HTML page. Before I did this, I tested my-domain.com:8080 and it showed the Apache Admin page, all fine. Unfortunately, now after adding my first VirtualHost (and deleting the default one), my Admin page is not accessible anymore (getting a timeout). I also used Let's Encrypt to test how SSL works.
The current state of sites-enabled:
000-default: NOT ENABLED, doesn't work even if enabled
my-domain.com: ENABLED, working with SSL, redirects to SSL by default
my-domain2-from-hosts-file.com: ENABLED, not working, redirects to the default domain
Ideally, I'd like to have a different VirtualHost/domain for each WAR deployed, but let's get the admin/manager page working first.
What could I be doing wrong? I can post logs and config if needed.
Turns out firewall was the one to blame. Port 8080 became blocked after I added Let's Encrypt SSL using their script, so... that's weird.
I have an OpenShift environment built with an Apache AAA Pod (service and route) that allows external (to OpenShift) https requests via an intranet browser (yes, I mean intranet and not internet). Apache is setup as a proxy server for multiple pods/services inside of OpenShift. I also have a new pod that was recently created that runs Jenkins. Jenkins has a web interface built in. I am able to get to the Jenkins web GUI by setting up a ProxyPass and ProxyPassReverse for the default Jenkins web address.
Now here comes the problem...
When I go to example.com/jenkins, Apache sees the request and passes it to the Jenkins Pod but the Pod returns another address example.com/login. For this I have to enter another ProxyPass and Reverse into Apache. I then get that in and find that every link on the presented Jenkins Web GUI has another link that seems to present https://example.com/*. This is a problem because there are dozens of sub links and sub pages that each seem to require a separate ProxyPass and Reverse entry.
To add to this, I cannot simply pass "/" to the Jenkins pod because there are other pods and services that are being passed through the Apache server. My department does not have access to create new URLs on a whim so I have to stick with example.com/ as my only path into my OpenShift setup.
How can I do one of the following:
Change Jenkins to force the presented URL to include a header for every link. Like putting .../jenkins/* in front of every link so that I can use .../jenkins/ as my ProxyPass & Reverse to cover all jenkins web GUI URLs.
Configure Apache to convert the URLs coming from the Jenkins Pod into a URL that is presented to the web browser in such a way that .../jenkins/ is added between & /login or any other jenkins web links.
Some other option that I have not thought of yet that may have worked for others with similar setups.
(Sorry for the long question but there are a lot of details that needed to be included as this is a complex issue.)
You could startup jenkins at a different context path: java -jar jenkins.war --prefix=/jenkins, or start it up behind tomcat with a different context path.
Have you set the Jenkins URL in the Jenkins->Manage Jenkins->Configure System?
you can achieve this in two steps
implement the route changes at proxy level
implement the route changes at app level
I have implemented the same with Openshift environment.
Thanks.
I'm running apache 2.2.24 on Max OS X 10.9.1. Currently, we have a network drive that we access all of our Git repos on at /Volumes/GitWebsites. I would like to configure Apache to serve our PHP based repos from that directory. So, localhost (or 127.0.0.1)/phpsite1/ or /phpsite2? etc. will serve sites from /Volumes/GitWebsites/phpsite1/ or /phpsite2/ in the browser. My two questions are:
Do I simply modify the server root or do I need to use the mod-alias in the httpd.conf file?
What are the permission setting I need to in order for apache to access /Volumes/GitWebsites ?
I've done configuration changes like this in IIS 7.5 and set up a NodeJS dev environment but still new to make large scale changes to Apache. Thanks for any help given.
If you are happy with serving the contents of /Volumes/GitWebsites as it is then it should be fine to point the document root at it. It's also makes it easy to add sites later.
However this could be troublesome later if you want to manage php configuration later on for the sites separately.
I am trying to integrate the liferay tomcat with apache web server.I successfully integrate the liferay with web server.
Condition:
Life ray deployed on ip say : 10.10.10.70
Apache web server on ip say: 10.10.10.80
I provided all the requirement virtual host requirement in httpd.conf file..and provided the web.server.host in portal-ext.properties file.
Problem: When i run liferay portal i can open it on ip: 10.10.10.70
but when i click on any page link (let say /home)that is present in my portal it moved the request to
10.10.10.80:8080/home instead of 10.10.10.70:8080/home
I want to know how to handle this condition.
Because i dont have any page resource on web server doc folder only contain static css..
You might be a bit more precise what "all the required virtual host settings" are, e.g. what did you configure?
Note that by explicitly configuring hostnames/IP-addresses, you're explicitly overriding the autodetected settings from the request - no matter how you get to your portal, Liferay will generate URLs based on the explicitly configured hostname/port.
What's the point in having an Apache in front and then trying to reach tomcat through the non-apache IP/Port? Typically you might have static resources, rewrites, caches on Apache, so that you'll get different results when you alternatively access tomcat through both URLs.
If you configure Apache to "properly" handle the requests before tomcat sees them, you'll typically not need to configure Liferay at all, because Apache will make the actual hostname that it's requested under available to Tomcat. I'm typically using mod_jk for this and it beautifully handles all the configuration with almost no need to explicitly configure tomcat/liferay. If you don't like this, keep in mind that you're explicitly configuring Liferay for the virtual host setup - naturally this explicitly configured name is what Liferay uses. It would be weird if the explicit value would not be used, right?
I am trying to use CloudBees PaaS (RUN#CloudBees) to consolidate essentially three different distinct uses under the same URL space:
root (/) main landing, marketing page
app (/app) java app running in CloudBees
blog (/blog) another java app running in cloudbees or possibly outside (example.wordpress.com)
If I was doing it myself in a datacenter or in AWS I would setup a reverse proxy (possibly like Varnish and configure reverse proxy to map the URL space as follows:
root (/): www.example.com/ --> CMS running as cloudbees app example-cms.cloudbees.net
app (/app) java app running in CloudBees www.example.com/app -> app.example.com
blog (/blog) similarly www.example.com/blog -> example.wordpress.com or exampleblog.cloudbees.net
How can I achieve the same with CloudBees. Can it be done? Is this too much to expect from a PaaS vendor?
An interesting problem, and a few solutions:
Use domains instead of paths (eg blog.example.com etc) - so you can use DNS to direct things
Build an app that essentially proxies traffic for you (this could run on cloudbees or elsewhere) - there are lots of ways to do this.
Use some routing/proxy service (like CloudFlare) which may let you set up routing rules (so it can proxy traffic).
My preference would always be for number 1 - DNS is a great way to do things like this.
You can with this approach have /blog similar Urls in your paas application, and have it do a 302 redirect to the real blog.example.com - that kind of gives you a bit of both.