You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Nes Yarug <ne...@gmail.com> on 2006/08/07 15:52:25 UTC
[users@httpd] 2nd try: Load balancing Apache on both HTTP and HTTPS
Hi all,
2nd try to see if anyone can shed some light on my configuration.
I've been trying to configure Apache's balancer proxy, but have not had any
luck. I've been trying to configure a load balancing proxy that forwards
requests to 2 web servers. I want both http and https requests to be
forwarded. (Actually, the forwarded requests do not need to be https as they
are routed over the LAN)
A simple picture of what I want:
Internet HTTP/HTTPS-->
--------------------------------------
| Box 1: (Apache) Load balancer | -->
--------------------------------------
--------------------------
| Box 2: Web server 1 |
--------------------------
--------------------------
| Box 3: Web server 2 |
--------------------------
I started with the following configuration in /etc/apache/httpd.conf:
ProxyPass /awstats !
ProxyPass /balancer-manager !
ProxyPass / balancer://mycluster/ stickysession=jsessionid
ProxyPreserveHost On
<Proxy balancer://mycluster/> <balancer://mycluster/%3E>
BalancerMember http://192.168.0.2:80 <http://192.168.0.2/>
BalancerMember http://192.168.0.3:80 <http://192.168.0.3/>
</Proxy>
This worked fine, but ofcourse not for https requests. I then removed the
above configuration from httpd.conf and placed it in the default vhost
configuration at /etc/apache2/vhosts.d/00_default_vhost.conf:
ProxyPass /awstats !
ProxyPass /balancer-manager !
ProxyPass / balancer://mycluster/ stickysession=jsessionid
ProxyPreserveHost On
<Proxy balancer://mycluster/> <balancer://mycluster/%3E>
BalancerMember http://192.168.0.2:80 <http://192.168.0.2/>
BalancerMember http://192.168.0.3:80 <http://192.168.0.3/>
</Proxy>
I then configured the default ssl virtual host simularly
(/etc/apache2/modules.d/41_mod_ssl.default-vhost.conf):
ProxyPass / balancer://mysslcluster/ stickysession=jsessionid
ProxyPreserveHost On
<Proxy balancer://mysslcluster/> <balancer://mysslcluster/%3E>
BalancerMember https://192.168.0.2:443 <https://192.168.0.2/>
BalancerMember https://192.168.0.3:443 <https://192.168.0.3/>
</Proxy>
But now I cannot get my requests to the balancer handled by one of the web
servers (i.e. the request is not forwarded). An http request is forwarded to
the web servers, but an https request is giving an Internal Server Error.
https requests seem never been forwarded to the balancer members. I can see
the request coming in on the load balancer, but no requests are logged by
any of the two balancer members. As for http requests I can see the requests
coming in on the load balancer and then in the logs of one of the two
balancer members.
Can someone please comment on the above configuration and tell me what I'm
doing wrong?
Many thanks,
Nes
Re: [users@httpd] 2nd try: Load balancing Apache on both HTTP and HTTPS
Posted by Nes Yarug <ne...@gmail.com>.
On 8/7/06, Pid <p...@pidster.com> wrote:
>
>
>
> Nes Yarug wrote:
> > Hi all,
> >
> > 2nd try to see if anyone can shed some light on my configuration.
> >
> > I've been trying to configure Apache's balancer proxy, but have not had
> any
> > luck. I've been trying to configure a load balancing proxy that forwards
> > requests to 2 web servers. I want both http and https requests to be
> > forwarded. (Actually, the forwarded requests do not need to be https as
> > they are routed over the LAN)
> >
> > A simple picture of what I want:
> >
> > Internet HTTP/HTTPS-->
> >
> > --------------------------------------
> > | Box 1: (Apache) Load balancer | -->
> > --------------------------------------
> > --------------------------
> > | Box 2: Web server 1 |
> > --------------------------
> > --------------------------
> > | Box 3: Web server 2 |
> > --------------------------
> >
> > I started with the following configuration in /etc/apache/httpd.conf:
> >
> > ProxyPass /awstats !
> > ProxyPass /balancer-manager !
> > ProxyPass / balancer://mycluster/ stickysession=jsessionid
> > ProxyPreserveHost On
> >
> > <Proxy balancer://mycluster/> <balancer://mycluster/%3E>
> > BalancerMember http://192.168.0.2:80 <http://192.168.0.2/>
> > BalancerMember http://192.168.0.3:80 <http://192.168.0.3/>
> > </Proxy>
> >
> > This worked fine, but ofcourse not for https requests. I then removed
> the
> > above configuration from httpd.conf and placed it in the default vhost
> > configuration at /etc/apache2/vhosts.d/00_default_vhost.conf:
> >
> > ProxyPass /awstats !
> > ProxyPass /balancer-manager !
> > ProxyPass / balancer://mycluster/ stickysession=jsessionid
> > ProxyPreserveHost On
> >
> > <Proxy balancer://mycluster/> <balancer://mycluster/%3E>
> > BalancerMember http://192.168.0.2:80 <http://192.168.0.2/>
> > BalancerMember http://192.168.0.3:80 <http://192.168.0.3/>
> > </Proxy>
> >
> > I then configured the default ssl virtual host simularly
> > (/etc/apache2/modules.d/41_mod_ssl.default-vhost.conf):
> >
> > ProxyPass / balancer://mysslcluster/ stickysession=jsessionid
> > ProxyPreserveHost On
> >
> > <Proxy balancer://mysslcluster/> <balancer://mysslcluster/%3E>
> > BalancerMember https://192.168.0.2:443 <https://192.168.0.2/>
> > BalancerMember https://192.168.0.3:443 <https://192.168.0.3/>
> > </Proxy>
> >
> > But now I cannot get my requests to the balancer handled by one of the
> web
> > servers (i.e. the request is not forwarded). An http request is
> > forwarded to
> > the web servers, but an https request is giving an Internal Server
> Error.
> >
> > https requests seem never been forwarded to the balancer members. I can
> > see the request coming in on the load balancer, but no requests are
> > logged by any of the two balancer members. As for http requests I can
> > see the requests coming in on the load balancer and then in the logs of
> > one of the two balancer members.
> >
> > Can someone please comment on the above configuration and tell me what
> I'm
> > doing wrong?
>
> comment: stickysession isn't doing anything unless you're running
> another application or server which manages sessions (e.g. Tomcat).
I know. The "request handling" Apaches are handling static content (images
and stuff) and send off page JSP requests through to an application server.
what you're doing wrong: do you have SSL running on those two servers,
> and can you create a normal request directly to them and does that give
> you a 500 too?
Both "request handling" servers and the load balancing Apache have SSL
running. If I make an HTTPS request directly to the Apache servers, I do see
the request logged in the ssl_access_log. I made the wget request from the
load balancer box to eliminate connection issues.
What is the cause of the 500 in the error_log of the proxied servers?
There is nothing logged in the proxied servers, but your questions made me
look again at the ssl_error_log of the Load Balancer and I got this error
message:
[Mon Aug 07 21:49:05 2006] [error] proxy: HTTPS: failed to enable ssl
support for 192.168.0.3:443 (192.168.0.3)
[Mon Aug 07 21:55:26 2006] [error] [client 192.168.0.2] SSL Proxy requested
for www.sportsnn.com:443 but not enabled [Hi
nt: SSLProxyEngine]
I then turned on SSLProxyEngine in the SSL default virtual host
configuration and SSL request were being passed!
Many thanks, this issue is solved now. On to the next problem :)
Many thanks,
Nes
> Many thanks,
> > Nes
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
Re: [users@httpd] 2nd try: Load balancing Apache on both HTTP and
HTTPS
Posted by Pid <p...@pidster.com>.
Nes Yarug wrote:
> Hi all,
>
> 2nd try to see if anyone can shed some light on my configuration.
>
> I've been trying to configure Apache's balancer proxy, but have not had any
> luck. I've been trying to configure a load balancing proxy that forwards
> requests to 2 web servers. I want both http and https requests to be
> forwarded. (Actually, the forwarded requests do not need to be https as
> they are routed over the LAN)
>
> A simple picture of what I want:
>
> Internet HTTP/HTTPS-->
>
> --------------------------------------
> | Box 1: (Apache) Load balancer | -->
> --------------------------------------
> --------------------------
> | Box 2: Web server 1 |
> --------------------------
> --------------------------
> | Box 3: Web server 2 |
> --------------------------
>
> I started with the following configuration in /etc/apache/httpd.conf:
>
> ProxyPass /awstats !
> ProxyPass /balancer-manager !
> ProxyPass / balancer://mycluster/ stickysession=jsessionid
> ProxyPreserveHost On
>
> <Proxy balancer://mycluster/> <balancer://mycluster/%3E>
> BalancerMember http://192.168.0.2:80 <http://192.168.0.2/>
> BalancerMember http://192.168.0.3:80 <http://192.168.0.3/>
> </Proxy>
>
> This worked fine, but ofcourse not for https requests. I then removed the
> above configuration from httpd.conf and placed it in the default vhost
> configuration at /etc/apache2/vhosts.d/00_default_vhost.conf:
>
> ProxyPass /awstats !
> ProxyPass /balancer-manager !
> ProxyPass / balancer://mycluster/ stickysession=jsessionid
> ProxyPreserveHost On
>
> <Proxy balancer://mycluster/> <balancer://mycluster/%3E>
> BalancerMember http://192.168.0.2:80 <http://192.168.0.2/>
> BalancerMember http://192.168.0.3:80 <http://192.168.0.3/>
> </Proxy>
>
> I then configured the default ssl virtual host simularly
> (/etc/apache2/modules.d/41_mod_ssl.default-vhost.conf):
>
> ProxyPass / balancer://mysslcluster/ stickysession=jsessionid
> ProxyPreserveHost On
>
> <Proxy balancer://mysslcluster/> <balancer://mysslcluster/%3E>
> BalancerMember https://192.168.0.2:443 <https://192.168.0.2/>
> BalancerMember https://192.168.0.3:443 <https://192.168.0.3/>
> </Proxy>
>
> But now I cannot get my requests to the balancer handled by one of the web
> servers (i.e. the request is not forwarded). An http request is
> forwarded to
> the web servers, but an https request is giving an Internal Server Error.
>
> https requests seem never been forwarded to the balancer members. I can
> see the request coming in on the load balancer, but no requests are
> logged by any of the two balancer members. As for http requests I can
> see the requests coming in on the load balancer and then in the logs of
> one of the two balancer members.
>
> Can someone please comment on the above configuration and tell me what I'm
> doing wrong?
comment: stickysession isn't doing anything unless you're running
another application or server which manages sessions (e.g. Tomcat).
what you're doing wrong: do you have SSL running on those two servers,
and can you create a normal request directly to them and does that give
you a 500 too?
What is the cause of the 500 in the error_log of the proxied servers?
> Many thanks,
> Nes
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org