I am trying to update my webserver from mod_proxy to mod_jk.
I am able to access http pages using following configurations
JkMount /* loadbalancer
and my workers.properties are
worker.list=loadbalancer,status
Define Node1
worker.node1.port=8009
worker.node1.host=10.255.255.77
worker.node1.type=ajp13
worker.node1.lbfactor=1
worker.node1.cachesize=10
worker.loadbalancer.type=lb
worker.loadbalancer.balance_workers=node1
worker.loadbalancer.sticky_session=1
worker.list=loadbalancer
worker.status.type=status
For our SSL tomcat is listening on diffrent port, so how can I pass this ssl to diffrent port. How I need to configure workers.properties.
My tomcat configurations are
Can you guide me on SSL please?
Sreenivas
Created new worker and assigned SSL port 8010. In ssl virtual host we mounted that worker.
Sreenivas
Related
I have a apache server with loadbalancer(apache-2.2) and two tomcat nodes(clusters). To communicate with tomcat nodes I'm using mod_jk. I've defined two loadbalancer in apache(by changing httpd.conf and worker property files). Apache is running in port 80. The configuration as follows. iSencer is one of my application.
In httpd.conf
=============
Listen localhost:80
ServerName localhost
DocumentRoot "/home/xx/projects/apache/content" (I've created a seperate root directory as content)
JkMount /iSencer loadbalancer
JkMount /iSencer/ loadbalancer
JkMount /iSencer/* loadbalancer
In worker.properites
====================
worker.list=loadbalancer
#------------------------
# iSencer node 1 - tomcat
#------------------------
worker.iSencer1.type=ajp13
worker.iSencer1.host=localhost
worker.iSencer1.port=8109
#------------------------
# iSencer node 2 - tomcat
#------------------------
worker.iSencer2.type=ajp13
worker.iSencer2.host=localhost
worker.iSencer2.port=8010
# ------------------------
# Load Balancer for yard
# ------------------------
worker.loadbalancer.sticky_session=1
worker.loadbalancer.balanced_workers=iSencer1,iSencer2
worker.loadbalancer.type=lb
worker.loadbalancer.method=B
and there are some changes in tomcat server.xml.So, cluster is working properly.
Now I want to add a jboss server to same apache. But need to run in different loadbalancer. My changes as follows as in httpd.conf in apache.
JkMount /index.html loadbalancer2
JkMount /servlet/* loadbalancer2
worker property
===============
worker.list=loadbalancer, worker.list=loadbalancer2
#------------------------
# tracker node 1
#------------------------
worker.track.port=8009
worker.track.host=localhost
worker.track.type=ajp13
worker.track.lbfactor=1
worker.track.connection_pool_size=10
# ------------------------
# Load Balancer for tracker
# ------------------------
worker.loadbalancer2.sticky_session=1
worker.loadbalancer2.balanced_workers=track
worker.loadbalancer2.type=lb
worker.loadbalancer2.method=B
But after adding jboss to apache as a cluster my tomcat cluster is not working properly ? In browser it will show two JSESSIONIDs. When I remove jboss form apache configuration still not working. Browser still showing two JSESSIONIDs. After clearing cookies in browser cluster is working fine. so what is the reason not to work cluster with jboss ?
It seems that it is possible to get Apache server to Proxy and Manage SSL handshake on https requests and service them as 'http' thru another server behind it.
I have configured an apache server for ProxyPass using following configuration
SSLProxyEngine On
ProxyPass / http://localhost:8081/
ProxyPassReverse / http://localhost:8081/
I am able to get all all traffic to the apache server that is listening to port 8080 direct and serve by the localhost:8081 server so
http://localhost:8080/hi is being correctly served by http://localhost:8081/hi
However the following does not work :
http**s**://localhost:8080/hi to be served by http://localhost:8081/hi
Apache is trying to pass the https:// traffic to the 8081 server, without managing the SSL handshake.
Your Apache listener on port 8080 is an http listener, not an https listener. You can't handle both types of traffic on the same port. If you want to handle SSL traffic, you'll need to set up a new context on another port with SSLEngine On and all the other normal SSL configuration (certificate, key, etc).
This question has one version of this configuration.
Also this post.
I have a need to run Apache httpd in front of my JBoss so I can leave the JBoss ports in place (8080/8443) but have Apache/80 forward to Jboss/8080 and Apache/443 forward to Jboss/8443.
I have the HTTP forwarding working but I can't get HTTPS forwarding to work.
To get HTTP forwarding to work I simply loaded the correct proxy modules:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
Then added these new directives:
ProxyPass / ajp://localhost:8009/
ProxyPassReverse / ajp://localhost:8009/
If all I want to do is forward port 443 to 8443 to I have to enable SSL? I don't need Apache to load and process a certificate.
You're confusing two things.
If you want port forwarding from port 443 to 8443, don't go via Apache Httpd, just forward the port (for example, via iptables). In this case your JBoss container must be configured to handle the SSL/TLS connection (all the certificate settings).
If you want a reverse proxy from Apache Httpd (listening on port 443) to your JBoss container, you don't need to enable SSL/TLS on your JBoss container (especially on localhost), just proxy the request to Apache Httpd in plain HTTP (or via AJP). For this, you'll need to configure Apache Httpd to handle the SSL/TLS connection.
This is currently my environment setup.
Apache Tomcat: Apache-Tomacat-7.0.21
Apache HTTP Server: c. Apache HTTP Server 2.2.19
Tomcat Connector JK 1.2.32 for Apache HTTP Server 2, mod_jk
I'm trying to implement sticky session but i still can't get it to work. I'm able to load balance between 2 machines in a cluster. Please advise what else i have missed out!
Following is my workers.properties file
# Define 2 real workers using ajp13 & 1 balancer
worker.list=balancer
#
worker.balancer.type=lb
worker.balancer.balance_workers=worker1,worker2
worker.balancer.sticky_session=True
# Set properties for worker1 (ajp13)
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
worker.worker1.lbfactor=50
worker.worker1.cachesize=10
worker.worker1.cache_timeout=600
worker.worker1.socket_keepalive=1
worker.worker1.recycle_timeout=300
# Set properties for worker2 (ajp13)
worker.worker2.type=ajp13
worker.worker2.host=X.X.X.X
worker.worker2.port=8009
worker.worker2.lbfactor=50
worker.worker2.cachesize=10
worker.worker2.cache_timeout=600
worker.worker2.socket_keepalive=1
worker.worker2.recycle_timeout=300
I've also set the jvmRoute in server.xml to:
<Engine name="Catalina" defaultHost="localhost" jvmRoute="worker1">
I have Apache running and serving PHP but I will also like to run JBOSS for my other web app. JBOSS is running on port 8080 while Apache is running on port 80. If there is a request for URL example.com, I want Apache to handle it because it is PHP backend but for URL example2.com, I want Apache to forward the request to port 8080 to be handled by JBOSS AS.
I appreciate any help in configuring Apache in the way I described it.
You need to use Apache proxy module: http://httpd.apache.org/docs/1.3/mod/mod_proxy.html
Your configuration of proxy will look similar to:
ProxyRequests Off
ProxyPass /foo http://foo.example.com:8080/foo