ProxyPass and the P Option
Locked
12
12
 
|
As I understand it, if you use the P¹ option in the rewrite rule, you don¹t
need ProxyPass. But for me, this simply isn¹t true. Here¹s my httpd.conf file: LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so ServerName www.mydomain.com NameVirtualHost 192.168.1.101:80 <VirtualHost 192.168.1.101:80> RewriteEngine on ProxyRequests off DocumentRoot /var/www RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f RewriteRule ^/(.*)$ <a href="https://%">https://%{SERVER_NAME}/$1 [L,R] </VirtualHost> NameVirtualHost 192.168.1.101:443 <VirtualHost 192.168.1.101:443> RewriteEngine on ProxyRequests off SSLEngine on SSLCertificateFile /etc/apache2/ssl/apache.pem DocumentRoot /var/www/ssl #ProxyPass /seaside/go http://localhost:9090/seaside/go #ProxyPassReverse /seaside/go http://localhost:9090/seaside/go RewriteRule ^/$ http://localhost:9090/seaside/go/$1 [P,L] </VirtualHost> With the ProxyPass and ProxyPassReverse directives uncommented, this configuration works like a charm. However, if they are commented out, then I get the following weird behaviour: If I click on a menu item in the browser, I get https://localhost:9090/seaside/go?_k=IJjENelR&_s=jSDbFwqLpajXQQVf ...instead of https://www.mydomain.com/seaside/go?_k=IJjENelR&_s=jSDbFwqLpajXQQVf This screws up my application. The question is, why is this happening? Why isn't the P option working? Thanks, Richard _______________________________________________ seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
Yes, I'm on Apache2.
I just tried 'ProxyPreserveHost on'. It doesn't solve the problem--I *still* need the ProxyPass directives. Thanks, anyway. Regards, Richard ------- > The question is, why is this happening? Why isn't the P option working? Seaside is missing information to produce valid absolute URLs. Either you set ProxyPreserveHost On if you are on Apache 2 or you set 'Server Host' (probably also 'Server Protocol', 'Server Port' and 'Server Path') in the application configuration. In your case ProxyPassReverse fixes the paths for redirects, but not the URLs in the generated HTML. Cheers, Lukas _______________________________________________ seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
I'll try to come to one of the meetings.
I'm planning to perform load balancing with Apache2. That's why I'm looking at rewrite rules. It seems like every load-balancing solution I've seen on the Internet uses rewrite rules. Also, the rewrite rules are useful for constraining the URLs that the users can send. I want to control how they access our website. I'm on localhost for testing purposes, but eventually the server will go live at a host provider through co-location. Regards, Richard ----------- Hi Richard, My first answer is that because you are in Toronto, you should come out to the Beach Outings Club, which meets every third Tuesday in the Annex. We used to have a page, but now we just communicate on the Yahoo! Group of The Toronto Smalltalk Users Group. Look for BOC in the messages: http://tech.groups.yahoo.com/group/toronto-smalltalk-users/ Your setup is overly complex. Is there a reason you're using a Rewrite Rule? It's totally unnecessary to make Seaside work with Apache. Stick to the ProxyPass, and ProxyPassReverse, and you can have your domain name appear, no problem. Unless you're using the RewriteRule for some other reason, you should rip it out and simplify the Virtual Host directive. If you're still on localhost, and not using a live server, why are you bothering with httpd.conf at all? Chris Cunnington Toronto _______________________________________________ seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
In reply to this post by Richard Eng
> The question is, why is this happening? Why isn't the P option working?
Seaside is missing information to produce valid absolute URLs. Either you set ProxyPreserveHost On if you are on Apache 2 or you set 'Server Host' (probably also 'Server Protocol', 'Server Port' and 'Server Path') in the application configuration. In your case ProxyPassReverse fixes the paths for redirects, but not the URLs in the generated HTML. Cheers, Lukas -- Lukas Renggli http://www.lukas-renggli.ch _______________________________________________ seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
Re: ProxyPass and the P Option
|
|
In reply to this post by Richard Eng
Hi Richard,
My first answer is that because you are in Toronto, you should come out to the Beach Outings Club, which meets every third Tuesday in the Annex. We used to have a page, but now we just communicate on the Yahoo! Group of The Toronto Smalltalk Users Group. Look for BOC in the messages: http://tech.groups.yahoo.com/group/toronto-smalltalk-users/ Your setup is overly complex. Is there a reason you're using a Rewrite Rule? It's totally unnecessary to make Seaside work with Apache. Stick to the ProxyPass, and ProxyPassReverse, and you can have your domain name appear, no problem. Unless you're using the RewriteRule for some other reason, you should rip it out and simplify the Virtual Host directive. If you're still on localhost, and not using a live server, why are you bothering with httpd.conf at all? Chris Cunnington Toronto _______________________________________________ seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
Re: ProxyPass and the P Option
|
|
In reply to this post by Richard Eng
Hi,
Here is an example vhost setup from one of the servers I am running with apache2: <VirtualHost *:80> #I've removed web address, ServerName xxx.xxx.xxx #normally this would be a domain #such as www.google.com ProxyRequests Off ProxyPreserveHost On <Location /files> ProxyPass http://127.0.0.1:9090/seaside/files/FVFiles/ ProxyPassReverse http://127.0.0.1:9090/seaside/files/FVFiles/ </Location> <Location /images> ProxyPass ! </Location> <Location /tinymce> ProxyPass ! </Location> <Location /> ProxyPass http://127.0.0.1:9091/seaside/fv/ ProxyPassReverse http://127.0.0.1:9091/seaside/fv/ </Location> </VirtualHost> Hope this helps, John www.pinesoft.co.uk Richard Eng wrote: > As I understand it, if you use the ŒP¹ option in the rewrite rule, you don¹t > need ProxyPass. But for me, this simply isn¹t true. > > Here¹s my httpd.conf file: > > > LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so > LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so > LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so > LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so > > ServerName www.mydomain.com > > NameVirtualHost 192.168.1.101:80 > > <VirtualHost 192.168.1.101:80> > RewriteEngine on > ProxyRequests off > DocumentRoot /var/www > RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f > RewriteRule ^/(.*)$ <a href="https://%">https://%{SERVER_NAME}/$1 [L,R] > </VirtualHost> > > NameVirtualHost 192.168.1.101:443 > > <VirtualHost 192.168.1.101:443> > RewriteEngine on > ProxyRequests off > SSLEngine on > SSLCertificateFile /etc/apache2/ssl/apache.pem > DocumentRoot /var/www/ssl > #ProxyPass /seaside/go http://localhost:9090/seaside/go > #ProxyPassReverse /seaside/go http://localhost:9090/seaside/go > RewriteRule ^/$ http://localhost:9090/seaside/go/$1 [P,L] > </VirtualHost> > > > With the ProxyPass and ProxyPassReverse directives uncommented, this > configuration works like a charm. However, if they are commented out, then I > get the following weird behaviour: > > If I click on a menu item in the browser, I get > > https://localhost:9090/seaside/go?_k=IJjENelR&_s=jSDbFwqLpajXQQVf > > ...instead of > > https://www.mydomain.com/seaside/go?_k=IJjENelR&_s=jSDbFwqLpajXQQVf > > > This screws up my application. > > The question is, why is this happening? Why isn't the P option working? > > Thanks, > Richard > > > _______________________________________________ > seaside mailing list > [hidden email] > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside > > > > Pinesoft Computers are registered in England, Registered number: 2914825. Registered office: 266-268 High Street, Waltham Cross, Herts, EN8 7EA This message has been scanned for viruses by BlackSpider MailControl - www.blackspider.com _______________________________________________ seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
Re: ProxyPass and the P Option
|
|
P.S. The addresses for "/files" and "/" differ as I am using separate
ports (two squeak images) for each, this is not a necessity. :) John John Thornborrow wrote: > Hi, > > Here is an example vhost setup from one of the servers I am running with > apache2: > > <VirtualHost *:80> > #I've removed web address, > ServerName xxx.xxx.xxx #normally this would be a domain > #such as www.google.com > ProxyRequests Off > ProxyPreserveHost On > > <Location /files> > ProxyPass http://127.0.0.1:9090/seaside/files/FVFiles/ > ProxyPassReverse http://127.0.0.1:9090/seaside/files/FVFiles/ > </Location> > > <Location /images> > ProxyPass ! > </Location> > > <Location /tinymce> > ProxyPass ! > </Location> > > <Location /> > ProxyPass http://127.0.0.1:9091/seaside/fv/ > ProxyPassReverse http://127.0.0.1:9091/seaside/fv/ > </Location> > > </VirtualHost> > > > Hope this helps, > John > > www.pinesoft.co.uk > > Richard Eng wrote: >> As I understand it, if you use the ŒP¹ option in the rewrite rule, you don¹t >> need ProxyPass. But for me, this simply isn¹t true. >> >> Here¹s my httpd.conf file: >> >> >> LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so >> LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so >> LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so >> LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so >> >> ServerName www.mydomain.com >> >> NameVirtualHost 192.168.1.101:80 >> >> <VirtualHost 192.168.1.101:80> >> RewriteEngine on >> ProxyRequests off >> DocumentRoot /var/www >> RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f >> RewriteRule ^/(.*)$ <a href="https://%">https://%{SERVER_NAME}/$1 [L,R] >> </VirtualHost> >> >> NameVirtualHost 192.168.1.101:443 >> >> <VirtualHost 192.168.1.101:443> >> RewriteEngine on >> ProxyRequests off >> SSLEngine on >> SSLCertificateFile /etc/apache2/ssl/apache.pem >> DocumentRoot /var/www/ssl >> #ProxyPass /seaside/go http://localhost:9090/seaside/go >> #ProxyPassReverse /seaside/go http://localhost:9090/seaside/go >> RewriteRule ^/$ http://localhost:9090/seaside/go/$1 [P,L] >> </VirtualHost> >> >> >> With the ProxyPass and ProxyPassReverse directives uncommented, this >> configuration works like a charm. However, if they are commented out, then I >> get the following weird behaviour: >> >> If I click on a menu item in the browser, I get >> >> https://localhost:9090/seaside/go?_k=IJjENelR&_s=jSDbFwqLpajXQQVf >> >> ...instead of >> >> https://www.mydomain.com/seaside/go?_k=IJjENelR&_s=jSDbFwqLpajXQQVf >> >> >> This screws up my application. >> >> The question is, why is this happening? Why isn't the P option working? >> >> Thanks, >> Richard >> >> >> _______________________________________________ >> seaside mailing list >> [hidden email] >> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside >> >> >> >> > > > Pinesoft Computers are registered in England, Registered number: 2914825. Registered office: 266-268 High Street, Waltham Cross, Herts, EN8 7EA > > > > This message has been scanned for viruses by BlackSpider MailControl - www.blackspider.com > > _______________________________________________ > seaside mailing list > [hidden email] > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside > seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
In reply to this post by Richard Eng
> With the ProxyPass and ProxyPassReverse directives > uncommented, this configuration works like a charm. However, > if they are commented out, then I get the following weird behaviour: > > If I click on a menu item in the browser, I get > > https://localhost:9090/seaside/go?_k=IJjENelR&_s=jSDbFwqLpajXQQVf > > ...instead of > > https://www.mydomain.com/seaside/go?_k=IJjENelR&_s=jSDbFwqLpajXQQVf > > > This screws up my application. > > The question is, why is this happening? Why isn't the P > option working? > > Thanks, > Richard Here's what I run, I prefer rewrite rules over proxypass, watch for wrapping. <VirtualHost *:80> ServerName some.host.name.com DocumentRoot "/some/path/to/webfiles" RewriteEngine On ProxyRequests Off ProxyPreserveHost On UseCanonicalName Off #content expiration ExpiresActive on ExpiresByType text/css A864000 ExpiresByType text/javascript A864000 ExpiresByType application/x-javascript A864000 ExpiresByType image/gif A864000 ExpiresByType image/jpeg A864000 FileETag none # http compression AddOutputFilterByType DEFLATE application/x-javascript text/css text/html text/plain text/xml application/xml application/xhtml+xml text/javascript BrowserMatch ^Mozilla/4 gzip-only-text/html BrowserMatch ^Mozilla/4.0[678] no-gzip BrowserMatch \bMSIE !no-gzip !gzip-only-text/html #maintainence for site RewriteCond %{DOCUMENT_ROOT}/maintenance.html -f RewriteCond %{SCRIPT_FILENAME} !maintenance.html RewriteRule ^.*$ /maintenance.html [L] #squeak RewriteRule ^/seaside/files(.*)$ http://localhost:3001/seaside/files$1 [P,L] RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f RewriteRule ^/(.*)$ http://localhost:3001/seaside/someApp/$1 [P,L] </VirtualHost> Ramon Leon http://onsmalltalk.com _______________________________________________ seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
In reply to this post by Richard Eng
Thanks for the various configuration files. But I *am* trying to avoid using
ProxyPass directives, and I am not successful. Apache is wickedly complicated. I think very few people actually fully understand how it works. That's why there are a myriad of ad hoc configurations floating throughout the Internet with users employing trial and error (ie, guesswork) to adapt these configurations for their own use. Consequently, these configurations are very fragile. It's a right bloody mess. With my configuration, I am trying to accomplish two goals: 1) Secure my site with SSL. 2) Load-balance my Seaside application using Apache2. I've succeeded with 1), but I need to get rid of ProxyPass directives for 2). My configuration, so far, is as simple as I can make it. Complex configurations obfuscate the situation. Like I said, very few people really understand Apache. I need to proceed very, very cautiously... Richard _______________________________________________ seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
In reply to this post by Richard Eng
Okay, I've set
Resource Base Url to /var/www/ssl Server Hostname to www.mysite.com Server Path to ?? No matter what I set Server Path to, the browser complains that it can't find it on the server. I've tried /seaside/go. I've tried /www.mysite.com/seaside/go. I've tried /home/richard/seaside (where the Seaside image resides). What exactly is Server Path expecting? Thanks, Richard --------- One thing that is worth restating is what Lukas said about configuring the actual application in Seaside. You need to add mysite.com to the Server Hostname field in the Configuration page in Seaside. Also, Ramon Leon's kung fu is very great, so if he has a solution that does not use ProxyPass, then it is a model worth taking seriously. Chris _______________________________________________ seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
In reply to this post by Richard Eng
I don't think I can use ProxyPass directives with Apache's mod_balancer
load-balancing feature. Apache's balancer expects something like: <Proxy balancer://seaside_cluster> BalancerMember http://127.0.0.1:8000 BalancerMember http://127.0.0.1:8001 BalancerMember http://127.0.0.1:8002 </Proxy> ProxyPass directives don't seem to fit in with this. (I'm getting ready to explore mod_balancer. I know very little about it.) Richard --------- Would you care to elaborate on the reason(s) for avoiding ProxyPass? I also have a site with SSL that is using ProxyPass just as happily. John. Richard Eng wrote: > Thanks for the various configuration files. But I *am* trying to avoid using > ProxyPass directives, and I am not successful. > > Apache is wickedly complicated. I think very few people actually fully > understand how it works. That's why there are a myriad of ad hoc > configurations floating throughout the Internet with users employing trial > and error (ie, guesswork) to adapt these configurations for their own use. > Consequently, these configurations are very fragile. It's a right bloody > mess. > > With my configuration, I am trying to accomplish two goals: > > 1) Secure my site with SSL. > > 2) Load-balance my Seaside application using Apache2. > > I've succeeded with 1), but I need to get rid of ProxyPass directives for > 2). My configuration, so far, is as simple as I can make it. Complex > configurations obfuscate the situation. Like I said, very few people really > understand Apache. I need to proceed very, very cautiously... > > Richard _______________________________________________ seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
Re: ProxyPass and the P Option
|
|
In reply to this post by Richard Eng
Would you care to elaborate on the reason(s) for avoiding ProxyPass?
I also have a site with SSL that is using ProxyPass just as happily. John. Richard Eng wrote: > Thanks for the various configuration files. But I *am* trying to avoid using > ProxyPass directives, and I am not successful. > > Apache is wickedly complicated. I think very few people actually fully > understand how it works. That's why there are a myriad of ad hoc > configurations floating throughout the Internet with users employing trial > and error (ie, guesswork) to adapt these configurations for their own use. > Consequently, these configurations are very fragile. It's a right bloody > mess. > > With my configuration, I am trying to accomplish two goals: > > 1) Secure my site with SSL. > > 2) Load-balance my Seaside application using Apache2. > > I've succeeded with 1), but I need to get rid of ProxyPass directives for > 2). My configuration, so far, is as simple as I can make it. Complex > configurations obfuscate the situation. Like I said, very few people really > understand Apache. I need to proceed very, very cautiously... > > Richard > > > _______________________________________________ > seaside mailing list > [hidden email] > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside > > > > Pinesoft Computers are registered in England, Registered number: 2914825. Registered office: 266-268 High Street, Waltham Cross, Herts, EN8 7EA This message has been scanned for viruses by BlackSpider MailControl - www.blackspider.com _______________________________________________ seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
Re: ProxyPass and the P Option
|
|
In reply to this post by Richard Eng
> > Apache is wickedly complicated. I think very few people actually fully > understand how it works. That's why there are a myriad of ad hoc > configurations floating throughout the Internet with users employing trial > and error (ie, guesswork) to adapt these configurations for their own use. > Consequently, these configurations are very fragile. It's a right bloody > mess. > I'm certainly one of those people. One thing that is worth restating is what Lukas said about configuring the actual application in Seaside. You need to add mysite.com to the Server Hostname field in the Configuration page in Seaside. Also, Ramon Leon's kung fu is very great, so if he has a solution that does not use ProxyPass, then it is a model worth taking seriously. Chris _______________________________________________ seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
RE: ProxyPass and the P Option
|
|
In reply to this post by Richard Eng
Except you still need ProxyPass to actually proxy, but instead of
proxying a specific host, you will proxy the cluster as you defined it, ProxyPass / balancer://hotcluster/ <Proxy balancer://hotcluster> BalancerMember http://1.2.3.4:8009 loadfactor=1 BalancerMember http://1.2.3.5:8009 loadfactor=2 ProxySet lbmethod=bytraffic </Proxy> I recall playing with this a little while ago and it seemed to be doable, rewrites had nothing to do with it. Cheers! -Boris -- +1.604.689.0322 DeepCove Labs Ltd. 4th floor 595 Howe Street Vancouver, Canada V6C 2T5 http://tinyurl.com/r7uw4 [hidden email] CONFIDENTIALITY NOTICE This email is intended only for the persons named in the message header. Unless otherwise indicated, it contains information that is private and confidential. If you have received it in error, please notify the sender and delete the entire message including any attachments. Thank you. > -----Original Message----- > From: [hidden email] [mailto:seaside- > [hidden email]] On Behalf Of Richard Eng > Sent: Monday, November 05, 2007 9:43 AM > To: Seaside - general discussion > Subject: Re: [Seaside] ProxyPass and the P Option > > I don't think I can use ProxyPass directives with Apache's mod_balancer > load-balancing feature. Apache's balancer expects something like: > > <Proxy balancer://seaside_cluster> > BalancerMember http://127.0.0.1:8000 > BalancerMember http://127.0.0.1:8001 > BalancerMember http://127.0.0.1:8002 > </Proxy> > > ProxyPass directives don't seem to fit in with this. > > (I'm getting ready to explore mod_balancer. I know very little about > > Richard > > --------- > Would you care to elaborate on the reason(s) for avoiding ProxyPass? > > I also have a site with SSL that is using ProxyPass just as happily. > > John. > > Richard Eng wrote: > > Thanks for the various configuration files. But I *am* trying to > using > > ProxyPass directives, and I am not successful. > > > > Apache is wickedly complicated. I think very few people actually fully > > understand how it works. That's why there are a myriad of ad hoc > > configurations floating throughout the Internet with users employing > trial > > and error (ie, guesswork) to adapt these configurations for their own > use. > > Consequently, these configurations are very fragile. It's a right bloody > > mess. > > > > With my configuration, I am trying to accomplish two goals: > > > > 1) Secure my site with SSL. > > > > 2) Load-balance my Seaside application using Apache2. > > > > I've succeeded with 1), but I need to get rid of ProxyPass directives > for > > 2). My configuration, so far, is as simple as I can make it. Complex > > configurations obfuscate the situation. Like I said, very few people > really > > understand Apache. I need to proceed very, very cautiously... > > > > Richard > > > _______________________________________________ > seaside mailing list > [hidden email] > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
In reply to this post by Richard Eng
> Server Hostname to www.mysite.com
> > Server Path to ?? All these 'Server ...' settings tell Seaside how to generate absolute URLs. These settings are not used for the lookup, just to generate URLs in HTTP responses and the associated HTML contents (anchors, forms). There is absolutely no magic behind it. EXAMPLE: If you want to run your application 'appname' on 'http://www.mysite.com/somewhere/?_s=123123' use the following setup. Replace any part of the configuration with YOUR settings. Comments are enclosed in square brakets and a number. SEASIDE: Server Protocol: http [1] Server Host: www.mysite.com [1] Server Port: 80 [1] Server Path: /somewhere/ APACHE: RewriteRule ^/somewhere/(.*)$ http://localhost:8080/seaside/appname/$1 [P,L] [2] [1] Leave blank, if ProxyPreserveHost On [2] Unfortunately Cincom decided to go with a different setup. You probably need to replace /seaside/appname/ with something like /seaside/go/appname/ in VisualWorks. Check with your Cincom for details. -- Lukas Renggli http://www.lukas-renggli.ch _______________________________________________ seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
In reply to this post by Richard Eng
Richard,
Here are some apache conf snippets that we use for the GLASS appliance. We have a virtual host listening on port 80 and then virtual hosts sitting on ports 8081, 8082 and 8083. The loadbalancer is used to route requests to the virtual hosts. The path /opt/gemstone/apache/htdocs/glass1 resolves to a FastCGI port and host in our setup, so you will probably need to change that, but the real trick here might be 'ProxyPreserveHost' - I can't tell if you used it or not: <VirtualHost *:80> ProxyPreserveHost On #make proxy rewrite urls in the output ProxyPass /seaside balancer://gemtrio ProxyPassReverse /seaside balancer://gemtrio <Proxy balancer://gemtrio> BalancerMember http://localhost:8081/seaside BalancerMember http://localhost:8082/seaside BalancerMember http://localhost:8083/seaside </Proxy> </VirtualHost> <VirtualHost *:8081> DocumentRoot /opt/gemstone/apache/htdocs/glass1 </VirtualHost> Hope this helps, Dale Richard Eng wrote: > I don't think I can use ProxyPass directives with Apache's mod_balancer > load-balancing feature. Apache's balancer expects something like: > > <Proxy balancer://seaside_cluster> > BalancerMember http://127.0.0.1:8000 > BalancerMember http://127.0.0.1:8001 > BalancerMember http://127.0.0.1:8002 > </Proxy> > > ProxyPass directives don't seem to fit in with this. > > (I'm getting ready to explore mod_balancer. I know very little about it.) > > Richard > > --------- > Would you care to elaborate on the reason(s) for avoiding ProxyPass? > > I also have a site with SSL that is using ProxyPass just as happily. > > John. > > Richard Eng wrote: > >> Thanks for the various configuration files. But I *am* trying to avoid using >> ProxyPass directives, and I am not successful. >> >> Apache is wickedly complicated. I think very few people actually fully >> understand how it works. That's why there are a myriad of ad hoc >> configurations floating throughout the Internet with users employing trial >> and error (ie, guesswork) to adapt these configurations for their own use. >> Consequently, these configurations are very fragile. It's a right bloody >> mess. >> >> With my configuration, I am trying to accomplish two goals: >> >> 1) Secure my site with SSL. >> >> 2) Load-balance my Seaside application using Apache2. >> >> I've succeeded with 1), but I need to get rid of ProxyPass directives for >> 2). My configuration, so far, is as simple as I can make it. Complex >> configurations obfuscate the situation. Like I said, very few people really >> understand Apache. I need to proceed very, very cautiously... >> >> Richard >> > > > _______________________________________________ > seaside mailing list > [hidden email] > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside > _______________________________________________ seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
In reply to this post by Richard Eng
The following httpd.conf file *almost* does what I want to do (SSL and
load-balancing): LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so LoadModule proxy_balancer_module /usr/lib/apache2/modules/mod_proxy_balancer.so ServerName www.goodsexnetwork.com NameVirtualHost 192.168.1.101:80 <VirtualHost 192.168.1.101:80> RewriteEngine on ProxyRequests off DocumentRoot /var/www RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f RewriteRule ^/(.*)$ <a href="https://%">https://%{SERVER_NAME}/$1 [L,R] </VirtualHost> NameVirtualHost 192.168.1.101:443 <VirtualHost 192.168.1.101:443> RewriteEngine on ProxyRequests off ProxyPreserveHost on SSLEngine on SSLCertificateFile /etc/apache2/ssl/apache.pem DocumentRoot /var/www/ssl ProxyPass /seaside/go balancer://seaside_cluster ProxyPassReverse /seaside/go balancer://seaside_cluster <Proxy balancer://seaside_cluster> BalancerMember http://localhost:9090/seaside/go BalancerMember http://localhost:9091/seaside/go BalancerMember http://localhost:9092/seaside/go </Proxy> RewriteRule ^/$ balancer://seaside_cluster [P,L] </VirtualHost> However, I am unable to navigate to other pages in the web app... When I type: http://www.goodsexnetwork.com it takes me to: https://www.goodsexnetwork.com which is, effectively: https://www.goodsexnetwork.com/seaside/go (my homepage) But then if I try to click to another page (which has the URL: https://www.goodsexnetwork.com/seaside/go?_k=something&_s=something &somedigit), it strips off everything after the /go and leaves me stranded at the homepage. In other words, the *only* URL I ever see is: https://www.goodsexnetwork.com/seaside/go Like I said, almost everything works. I have SSL (https). I have load balancing (at least to the homepage). I just have to understand why the _k and _s parts of the URL are not being transferred. So close, yet so far. This is frustrating... Regards, Richard _______________________________________________ seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
> But then if I try to click to another page (which has the URL:
> https://www.goodsexnetwork.com/seaside/go?_k=something&_s=something > &somedigit), it strips off everything after the /go and leaves me stranded > at the homepage. In other words, the *only* URL I ever see is: > > https://www.goodsexnetwork.com/seaside/go Did you observe access_log, error_log, rewrite_log, etc. of your server? Did you consider adding some logging statements to the Smalltalk web-server to see what comes in and what goes out? Lukas -- Lukas Renggli http://www.lukas-renggli.ch _______________________________________________ seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
In reply to this post by Richard Eng
As a matter of fact, Lukas, when I woke up this morning, I thought I should
gather some data. So I started tracking the Transcript. Here's what I found: With ONE VM (9090) in the balancer cluster: Initial page (typing http://www.goodsexnetwork.com) /seaside/go/ Clicking on About Us /seaside/go/?_k=LQeoPxhB&_s=GKpDhxmXUPTXvMES&5 /seaside/go/?_k=BeOXObFr&_s=GKpDhxmXUPTXvMES Clicking on Services /seaside/go/?_k=GcdAcWkd&_s=GKpDhxmXUPTXvMES&6 /seaside/go/?_k=ymJpsfHH&_s=GKpDhxmXUPTXvMES Clicking on Registration/Login /seaside/go/?_k=GBUIFPiq&_s=GKpDhxmXUPTXvMES&7 /seaside/go/?_k=FQErKPay&_s=GKpDhxmXUPTXvMES Clicking on Contact Us /seaside/go/?_k=LHOSwmFl&_s=GKpDhxmXUPTXvMES&9 /seaside/go/?_k=yqdTQvsk&_s=GKpDhxmXUPTXvMES As you can see, the session number remains constant. My web app is working perfectly! With THREE VMs (9090, 9091, 9092): Initial page (9090) /seaside/go/ Clicking on About Us (9092) /seaside/go/ (9091) /seaside/go/?_k=HOPZQNPd&_s=AnxoaOgasUPcEfCp&5 Clicking on Services (9091) /seaside/go/ (9090) /seaside/go/?_k=EWqdbkqZ&_s=LCdHsZYDEHKgRPJx&6 Clicking on Registration/Login (9090) /seaside/go/ (9092) /seaside/go/?_k=MSKlyDVX&_s=IPsgzreQVBMvqmbr&7 Clicking on Contact Us (9092) /seaside/go/ (9091) /seaside/go/?_k=dvMVcwbK&_s=EdWhWjDdMnBoRAPP&8 Clicking on About Us (9091) /seaside/go/ (9090) /seaside/go/?_k=wscOnKIR&_s=YOTvBvZGLAwbxnlk&5 As you can see, what's happening when you have more than one VM in the balancer cluster is that each time you click on a page, it starts a new session! And in a different VM! The succession of port numbers (9092/9091, 9091/9090, 9090/9092, 9092/9091, 9091/9090) suggests that the sessions are not sticky. The load balancer is cycling through my VMs. But I'm the only user! I should only have one session. What is going on??? Regards, Richard ------- Did you observe access_log, error_log, rewrite_log, etc. of your server? Did you consider adding some logging statements to the Smalltalk web-server to see what comes in and what goes out? Lukas _______________________________________________ seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
|
|
The error.log says only one thing of any significance:
[warn] Init: Session Cache is not configured [hint: SSLSessionCache] Except for access.log, I don't have any other log files. I have a plain vanilla Apache2 install. Richard > ------- > Did you observe access_log, error_log, rewrite_log, etc. of your > server? Did you consider adding some logging statements to the > Smalltalk web-server to see what comes in and what goes out? > > Lukas _______________________________________________ seaside mailing list [hidden email] http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside |
«
Return to Seaside General
|
1 view|%1 views
| Free forum by Nabble | Edit this page |