I need to use the mod_proxy_http for some requests and the mod_proxy_ajp to be used with mod_cluster. The documentation of mod_cluster specifies to either use mod_proxy_http OR the mod_proxy_ajp.
Does anybody know if it's possible to tell mod_cluster to use mod_proxy_ajp in virtual hosts while mod_proxy_http can still be used for other purposes like proxypass or mod_rewrite proxy redirects in the same Apache 2.2.xx server?
After quite a bit of research and testing I found out that the default protocol for mod_cluster is AJP if the mod_proxy_ajp is loaded, otherwise it reverts to HTTP protocol(mod_proxy_http). Exactly what I wanted.
Related
What apache module would fit better to build the following cluster:
2x Red Hat each has a tomcat an apache.
No Scalability needs.
High availability needs.
Session replication needs.
DNS
|
Load Balancer
/ \
APACHE1 APACHE2
TOMCAT1 TOMCAT2
The question is regarding what module to use for the load balancing with apache?
mod_proxy
mod_cluster
other?
If I understand mod_cluster correctly, it must be used with JBoss, or with a modified Tomcat. So if you are using plain-old Tomcat (or TomEE), then I think mod_cluster is out.
The easiest out-of-the box option is to use mod_proxy with either the AJP or HTTP back-end. If you are comfortable building additional modules, mod_jk is available from the Tomcat folks and offers a few advantages over mod_proxy, though mod_proxy has nearly achieved feature-parity.
Your diagram suggests that a load-balancer will be choosing between two httpd instances which are coupled directly to a single Tomcat instance each. In that scenario, httpd is not performing any load-balancing at all (the lb is doing the work), and so httpd might be superfluous in that configuration.
If you instead want to cross-link both httpds with both Tomcats, that's when you start having to configure cluster-like behavior with mod_proxy's "balancer" configurations. It would look something like this:
<Proxy balancer://appA>
BalancerMember http://tomcatA:8080/appA
BalancerMember http://tomcatB:8380/appA
</Proxy>
ProxyPass /appA balancer://appA
ProxyPassReverse /appA balancer://appA
There are tons of options for mod_proxy that you should read about and apply to suit your configuration. You can configure things like sticky-sessions, hot-standbys (not present in your example diagram but a good idea if you really need HA), and asymmetric load-balancing.
browser (IE) -> apache httpd proxy -> Proxy 1 -> target url
Proxy 2 -> target url
Proxy n -> target url
So basically I want to make my own apache httpd proxy that works as a loadbalancer between choosing external proxy setup'ed in httpd conf.
Current setup:
ProxyPreserveHost On
ProxyRequests On
ProxyVia On
ProxyRemote * http://proxy_ip:80
This version works nicely but I can't figure out how to add several proxy's to ProxyRemote?
... seems not working when setuping as:
ProxyRemote * balancer://mycluster
Any ideas? Can it be achieved with apache or some other load balancer should be used?
Perhaps I'm a bit too late to help you, but it seems there is no clear answer elsewhere to your question, so this could be useful in the future.
Unfortunately the answer is you cannot achieve this kind of load balancing with Apache: as per the Apache documentation (https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#proxyremote) the ProxyRemote directive only supports http and https schemas, not balancer://
Cannot really figure out why the Apache developers didn't consider this configuration, tough, since I found a patch for mod_proxy.c (http://apache-http-server.18135.x6.nabble.com/attachment/4777809/0/ProxyRemote-Balancer.patch) which seems to do the trick by essentially just adding the balancer:// schema to the list of matched protocols.
Maybe it could work if you set up another vhost on the proxy server mapping to the balancer, then proxy to that vhost via
ProxyRemote * http://balancer-proxy.vhost.local
I found one documentation here to run multiple node application on single port using proxypass, I understood the concept, it just forward the request to node application port unsing ProxyPass. In that example, they used httpd, and I am using tomcat.
My question is, how can I do same configuration in tomcat?
simply I am expecting tomcat configuration for this httpd configuration.
ProxyPass /node http://host.xyz.com:3000
You really should consider using Apache httpd (or any other frontend) for this purpose. This is the software that handles the requirement best - and tomcat best serves application data.
Also, Apache httpd knows how to handle port 80 or 443, something that needs some extra work with tomcat (if you don't want to run it as root. And you actually don't want to run it as root)
It doesn't require so many extra resources, use the appropriate tool for the job. And, when you use mod_proxy, look up all the related options and understand what they're there for. You probably also want ProxyPreserveHost On, but I'll stop here.
I hope the document will be helpful.
My problem is, that I recently set up a Tomcat7 application container with Apache2.2 Frontend. As the project is still under development I am controlling access by an IP whitelist set up in .htaccess for the domain.
I set up mod_jk via AJP13 to Tomcat, it works absolutely fine, except the fact that .htaccess doesn't block the forward for Tomcat. In other words if you enter www.mydomain.com from a "black" IP, you get forwarded to the error page but if you enter www.mydomain.com/AppContext you slip through Apache into Tomcat
I started messing with urlrewritefilter with Tomcat, but for some reason it didn't work.
I am wondering if there is any way to set up .htaccess or apache instead to block requests forwarded to Tomcat similarly to request for Apache?
Also noticed a dramatic speed decrease when using it like that, us that common when using Apache as a frontend?
.htaccess files will work only when Apache is using a <Directory> based configuration (in httpd.conf). In case of mod_jk, matching requests (as specified by JkMount directive) will simply be forwarded to the AJP connector.
Use <Location> to control access instead:
<Location "/AppContext">
Order Deny,Allow
Deny from all
Allow from .myCompany.local
</Location>
See <Location> Directive> for details.
I faced the same problem and found a solution which may solve your case too.
Use a reverse proxy server like Nginx or Squid to redirect the traffic Apache Tomcat. Both of them can use htpassword for authentication and hence, will serve your need. If you want to use Apache as frontend then backend can be nginx which in turn will redirect to Tomcat after proper authentication. It may have a performance hit, though.
https://www.digitalocean.com/community/tutorials/how-to-set-up-http-authentication-with-nginx-on-ubuntu-12-10
I'm working on my first Java site. I'm running Apache Tomcat on port 8080, and Apache HTTPD on port 80. The current URL that I can access the site at is (for example) 123.4.5.6:8080. I want to remove the port number from the URL before I point the domain at the new IP.
At the moment I am only using Apache for phpmyadmin, however I plan on using it for CGI scripts and other stuff once I figure out mod_jk etc... So I don't want to change Tomcat's port to 80 and turn off Apache.
I hope this makes sense.
The correct way to do things is to leave Apache at 80 and Tomcat at 8080 and use a plug in (preferably mod_proxy) to proxy Tomcat from Apache. mod_proxy would only take you 10 minutes to set up.
This how-to is very simple to follow.
The usual way this is done, as you already mentioned, is to use mod_jk from Apache HTTPD to forward that content that you want to be processed by Tomcat.
There is a Quick HowTo at tomcat.apache.org. You need to do the following:
Copy mod_jk.so into the appropriate modules directory for Apache HTTPD.
Create a configuration file workers.properties
In Apache HTTPD's httpd.conf, add a section to configure mod_jk.
Ensure that Tomcat is configured to accept the mod_jk protocol, which is usually on port 8009.
The lines in httpd.conf with JkMount:
JkMount /examples/* worker1
tell Apache HTTPD which requests are to be forwarded to Tomcat.
Both the helpful answers above are good, but I much prefer mod_proxy over mod_jk. There's no extra installation to do for mod_proxy, unlike mod_jk, and the setup is much easier. mod_jk gives you more control over detailed tuning of Tomcat parameters, but if you just want a simple redirect from Apache to Tomcat, mod_proxy is the way to go.
If you want static content to be served by Apache instead of Tomcat you should use mod_jk : http://tomcat.apache.org/tomcat-6.0-doc/proxy-howto.html
And what about SSL - if we want Apache to handle HTTPS, because it is faster then java/Tomcat?
you should configure your tomcat using this link. for tomcat 7
http://tomcat.apache.org/tomcat-7.0-doc/proxy-howto.html