HAProxy architecture image (Please refer this) I want to configure HAProxy with Apache and Tomcat Servers. My current application structure is Apache -> Tomcat. I need to configure HAProxy above Apache which is HAProxy -> Apache -> Tomcat. I am configuring HAProxy above Apache to add load balancing using multiple load balancers.
Can anyone suggest how to achieve this. Any help will be appreciated.
Related
I have Alfresco 5.x enterprise. I want to have httpd web server ahead of actual Tomcat of Alfresco.
Do anyone have step by step guide to configure Apache httpd (I'm new to it). Help to configure Apache httpd with Tomcat. Proxy way is prefered.
I am configuring load balancing using httpd which will connect to jboss using AJP (mod_jk connector).
My Jboss is running using SSL and httpd is not with SSL.
How can I establish communication from http httpd to https jboss?
Any help appreciated.
I have enable https in httpd so that it can route to the https of jboss properly. And it has started working as expected.
Instead of using mod_jk, have you considered using mod_cluster? It fits well with JBoss and serves sticky session and session replication as well.
We are currently using the "standard" architecture created by AWS OpsWorks.
We have set up AWS ELB in front of multiple machines, which sends the requests to one machine using round-robin algorithm ( we have stateless application without any cookies ). Apache httpd + Apache tomcat is installed on every machine ( everything set up and configured by AWS OpsWorks ). So Apache httpd handles the connection and then sends it to Tomcat via AJP connection.
I would like to get rid of the apache httpd.
Few reasons for that:
Easier architecture, easier configuration
Maybe slight gain in performance
Less monitoring ( need to monitor only Tomcat, but not Apache httpd )
I have checked the following thread:
Why use Apache Web Server in front of Glassfish or Tomcat?
and haven't find any reasons why I shouldn't remove apache httpd from my architecture.
However, I know that some applications have nginx in front of the Tomcat for the following reasons:
Slow clients handling ( ie worker thread of tomcat is freed, but async nginx thread sends clients )
DDoS SYN ( using SYN cookies ) protection
Questions to consider:
Does apache httpd protects from these DDoS techniques?
Does AWS ELB protects from these DDoS techniques?
Should I remove apache httpd ( given that I don't need anything from the list )? Should I replace it with nginx? Should I replace it with nginx ( taking into account that we have a DDoS protection with Incapsula )?
Any other advice/comment would be highly appreciated!
Thank you in advance!
Does apache httpd protects from these DDoS techniques?
No apache httpd does not automatically protect from DDOS attack you have to enable and configure the security modules.
Does AWS ELB protects from these DDoS techniques?
AWS ELB features are High Availability, Health Checks, Security Features By managing associated security groups, SSL Offloading for encryption etc.No AWS ELB does not protect from the DDOS and DDoS techniques.
Should I remove apache httpd?
By using Apache HTTP as a front end you can let Apache HTTP act as a front door to your content to multiple Apache Tomcat instances. If one of your Apache Tomcats fails, Apache HTTP ignores it and your Sysadmin can sleep through the night. This point could be ignored if you use a hardware loadbalancer and Apache Tomcat's clustering capabilities. This option is when you are not using AWS ELB.
Should I replace it with nginx?
If you have Incapsula for DDOS there no need to complex the process by adding nginx.
I'd like to know if is a good decision to configure tomcat through port 80 (in apache with virtual-hosts ).
I need to setup a tomcat service in the same server I have apache, plus I need to use Tomcat through port 80.
Is this right? or is best to use them in separated servers?
That's OK. But sometimes tomcat is deployed with Apache. The Apache is a front-end server to balance load. And many tomcats are as back-end servers.
I'm working on my first Java site. I'm running Apache Tomcat on port 8080, and Apache HTTPD on port 80. The current URL that I can access the site at is (for example) 123.4.5.6:8080. I want to remove the port number from the URL before I point the domain at the new IP.
At the moment I am only using Apache for phpmyadmin, however I plan on using it for CGI scripts and other stuff once I figure out mod_jk etc... So I don't want to change Tomcat's port to 80 and turn off Apache.
I hope this makes sense.
The correct way to do things is to leave Apache at 80 and Tomcat at 8080 and use a plug in (preferably mod_proxy) to proxy Tomcat from Apache. mod_proxy would only take you 10 minutes to set up.
This how-to is very simple to follow.
The usual way this is done, as you already mentioned, is to use mod_jk from Apache HTTPD to forward that content that you want to be processed by Tomcat.
There is a Quick HowTo at tomcat.apache.org. You need to do the following:
Copy mod_jk.so into the appropriate modules directory for Apache HTTPD.
Create a configuration file workers.properties
In Apache HTTPD's httpd.conf, add a section to configure mod_jk.
Ensure that Tomcat is configured to accept the mod_jk protocol, which is usually on port 8009.
The lines in httpd.conf with JkMount:
JkMount /examples/* worker1
tell Apache HTTPD which requests are to be forwarded to Tomcat.
Both the helpful answers above are good, but I much prefer mod_proxy over mod_jk. There's no extra installation to do for mod_proxy, unlike mod_jk, and the setup is much easier. mod_jk gives you more control over detailed tuning of Tomcat parameters, but if you just want a simple redirect from Apache to Tomcat, mod_proxy is the way to go.
If you want static content to be served by Apache instead of Tomcat you should use mod_jk : http://tomcat.apache.org/tomcat-6.0-doc/proxy-howto.html
And what about SSL - if we want Apache to handle HTTPS, because it is faster then java/Tomcat?
you should configure your tomcat using this link. for tomcat 7
http://tomcat.apache.org/tomcat-7.0-doc/proxy-howto.html