LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   CentOS 5 - Need a reverse proxy (http://www.linuxquestions.org/questions/linux-server-73/centos-5-need-a-reverse-proxy-925786/)

TomBodet 01-26-2012 07:49 AM

CentOS 5 - Need a reverse proxy
 
I'm kind of swinging wildly at this point and need a little direction.

I have a very mixed environment as it's loaded with various contracts. I also have a limited number of public IPs.

What I'd like to do is take a single DNS entry (www.example.com) and use different URLs to be the gateway to various DMZ web and app servers. For example:

www.example.com/login - this forwards to a server for end user LDAP account maintenance
www.example.com/redmine - takes the user to our redmine server
www.example.com/contract1 - takes the user to the main web page on a server run by a specific contract
...and so on

It's a mixed bag where some target servers are HTTP or HTTPS, some are Tomcat servers so they're listening on 8080 or 8443, some are IIS based...etc.

I tried apache and kept getting mixed results. For example one URL I forwarded to google and didn't get the page images and the search itself didn't work but it still showed the proxy address, not the target address. I tried another to our LDAP login in which you actually got forwarded to the page but it was literally forwarded where the URL was now the target address. Another I tried to a Tomcat app and just never could get it to do anything, it always timed out.

Someone in the office suggested Squid but after looking at it, I don't see examples of it being used to split a single address into multiple URLs and I really don't want any caching.

Thanks for your time.

klearview 01-26-2012 07:52 AM

Nginx

kirukan 01-26-2012 08:20 AM

How about varnish for caching & reverse proxy? Varnish is using in hosting environment
https://www.varnish-cache.org/about

TomBodet 01-26-2012 08:42 AM

Quote:

Originally Posted by kirukan (Post 4584924)
How about varnish for caching & reverse proxy? Varnish is using in hosting environment
https://www.varnish-cache.org/about

Thanks kirukan but I don't want caching I just need the reverse proxy.

I'm having a look at nginx but I think my issue is the same as Apache, I have a hard time deciphering what I need in the conf.

I see the nginx conf has a call to run any conf file in conf.d so I added my own "testproxy.conf" with the following:

server {
listen 443;
server_name login.example.local;
location /pwm {
proxy_pass https://192.168.20.22:8443;
}
}

That's me trying to get to the tomcat app, in this case just the tomcat "home" page. I've also tried just doing the google forward but I don't see how to add a specific URL on the listening side. Meaning I tried server_name login.example.local/google but startup complains about it.

vikas027 01-26-2012 08:44 AM

These links should be useful

http://www.apachetutor.org/admin/reverseproxies
http://www.askapache.com/htaccess/re...xy-apache.html
http://httpd.apache.org/docs/2.0/mod/mod_proxy.html
http://linuxpoison.blogspot.com/2010...d-reverse.html
http://www.cyberciti.biz/faq/linux-h...load-balancer/
http://www.linuxquestions.org/questi...ration-836036/
http://www.linuxquestions.org/questi...tomcat-836905/
http://blog.ilithium.com/2009/07/how...-apache-2.html
http://www.howtoforge.com/how-to-set...-on-centos-5.3
http://www.server-world.info/en/note..._5&p=httpd&f=8

anomie 01-26-2012 09:50 AM

Quote:

Originally Posted by TomBodet
I tried apache and kept getting mixed results. For example one URL I forwarded to google and didn't get the page images and the search itself didn't work but it still showed the proxy address, not the target address. I tried another to our LDAP login in which you actually got forwarded to the page but it was literally forwarded where the URL was now the target address. Another I tried to a Tomcat app and just never could get it to do anything, it always timed out.

By (your) design, this thread is all over the place, with different reverse proxy suggestions.

If you wish to troubleshoot your Apache web server directives, then please start a thread on that, and actually post the directives (in code tags) that you've attempted.

TomBodet 01-26-2012 10:01 AM

Quote:

Originally Posted by anomie (Post 4584976)
By (your) design, this thread is all over the place, with different reverse proxy suggestions.

If you wish to troubleshoot your Apache web server directives, then please start a thread on that, and actually post the directives (in code tags) that you've attempted.

I love when people come into threads only to dump on them.

I provided information about where I've been and what I've tried.

What other folks have been kind enough to try and answer is if there was any other things I should be looking at that might do what I need in a simpler config/package.

anomie 01-26-2012 10:11 AM

Maybe I didn't communicate clearly. This problem is easily solvable with Apache web server. I'd like to see your exact configurations - not "information about where [you've] been".

klearview 01-26-2012 11:50 AM

Quote:

Originally Posted by TomBodet (Post 4584987)
I love when people come into threads only to dump on them.

I provided information about where I've been and what I've tried.

What other folks have been kind enough to try and answer is if there was any other things I should be looking at that might do what I need in a simpler config/package.

He wasn't 'dumping' on you. His suggestion to post specific configuration and errors you encounter is a very good one - people will be able to help you here. In the end of the day you have many different applications sitting behind proxy - so digging into config files is necessary. The reason why I suggested Nginx, for example, is that I would then be able to help you with configuration for some of the applications you mentioned as we use Nginx as a proxy with them ourselves. Pick a proxy (be it Apache, Nginx or something else) and then ask for help with configuring it one step at a time.

TomBodet 01-26-2012 12:40 PM

I guess my head doesn't work like the rest of the world.

When someone says "By (your) design, this thread is all over the place, with different reverse proxy suggestions. " That sentence leads with making seem like I'm complaining about getting suggestions which I have not done.

He then continues with "If you wish to troubleshoot your Apache web server directives, then please start a thread on that, and actually post the directives (in code tags) that you've attempted." Where my problem is I'm ignorant of whether I have a tool that will do the thing I'm looking for so my thought process says, hey, let's first figure out if I need a hammer or a screwdriver! Once I get the right tool in my hand, then let's figure out how to use it.

Taking the previous response and translating it into something that would have made sense (again in my narrow world) would be, "Actually you're correct in trying to use Apache, it will do exactly what you're looking for. For the sake of tidyness, start a new thread with your config and we'll work it out."

...don't mind me, I'm overly frustrated at my ability to get something working that's apparently so inane any random idiot off the street can do it....

anomie 01-26-2012 03:25 PM

Look, I'll withdraw my request about a separate thread (although I think that's a cleaner approach). If you haven't abandoned this thread, and if you'd still like to give Apache web server a try, then please post the configs you have tried -- at least the snippets that are related to proxying.


All times are GMT -5. The time now is 09:24 AM.