LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   apache reverse proxy config (https://www.linuxquestions.org/questions/linux-newbie-8/apache-reverse-proxy-config-4175622766/)

divyashree 01-30-2018 10:55 PM
apache reverse proxy config
 
I have 3 Machines which I am configuring this way to work.

MachineA(https) -> MachineB(reverseproxy) -> MachineC(App)

MachineA - The public facing load balancer where SSL certificate is installed MachineB - Apache http server to which the request from MachineA will be redirected and will be forwarded to Application server using mod_wls MachineC - Weblogic Application server where app is deployed

I have configured my MachineB http config this way:



Code:
  LoadModule weblogic_module modules/mod_wl.so
    RewriteEngine On
    RewriteCond %{HTTPS} on
    RewriteRule ^$ http://%{HTTP_HOST} [L,R]
   
    <IfModule mod_weblogic.c>
        ProxyPreserveHost  On
        RewriteEngine      On
        WebLogicCluster wlsrv:7001
        Debug ALL
        MatchExpression /
        DebugConfigInfo ON
        WLLogFile /var/log/wlproxy-qa.log
    <Location /console>
        SetHandler weblogic-handler
        ProxyPass http://wlsrv:7001/console
        ProxyPassReverse http://wlsrv:7001/console
    </Location>
    <Location /App1>
        SetHandler weblogic-handler
        ProxyPass http://wlsrv:7001/App1
        ProxyPassReverse http://wlsrv:7001/App1
    </Location>
    </IfModule>
The requests are coming to access the first webpage from application, but after that the URI is not getting forwarded correctly and giving 400.

Is the configuration of MachineB, correct to handle this ?

bathory 01-31-2018 04:07 AM
Quote:
The requests are coming to access the first webpage from application, but after that the URI is not getting forwarded correctly and giving 400.
You should first check the apache error_log, but most likely it's an error from the backend, so check also logs of the weblogic server.

I'm not familiar with weblogic, but I see that you're using the apache plugin for your server, so I guess you don't need to configure apache as a reverse proxy, but rather use the plugin to serve the requests.

Read the plugin documentation and pay attention to the examples.

Regards

TB0ne 01-31-2018 07:52 AM
Quote:
Originally Posted by divyashree (Post 5813644)
I have 3 Machines which I am configuring this way to work.
MachineA(https) -> MachineB(reverseproxy) -> MachineC(App)

MachineA - The public facing load balancer where SSL certificate is installed MachineB - Apache http server to which the request from MachineA will be redirected and will be forwarded to Application server using mod_wls MachineC - Weblogic Application server where app is deployed I have configured my MachineB http config this way:
Code:
  LoadModule weblogic_module modules/mod_wl.so
    RewriteEngine On
    RewriteCond %{HTTPS} on
    RewriteRule ^$ http://%{HTTP_HOST} [L,R]
   
    <IfModule mod_weblogic.c>
        ProxyPreserveHost  On
        RewriteEngine      On
        WebLogicCluster wlsrv:7001
        Debug ALL
        MatchExpression /
        DebugConfigInfo ON
        WLLogFile /var/log/wlproxy-qa.log
    <Location /console>
        SetHandler weblogic-handler
        ProxyPass http://wlsrv:7001/console
        ProxyPassReverse http://wlsrv:7001/console
    </Location>
    <Location /App1>
        SetHandler weblogic-handler
        ProxyPass http://wlsrv:7001/App1
        ProxyPassReverse http://wlsrv:7001/App1
    </Location>
    </IfModule>
The requests are coming to access the first webpage from application, but after that the URI is not getting forwarded correctly and giving 400. Is the configuration of MachineB, correct to handle this ?
You have a somewhat similar thread FOUR YEARS ago:
https://www.linuxquestions.org/quest...ps-4175496400/

divyashree 02-01-2018 12:01 AM
Quote:
Originally Posted by TB0ne (Post 5813806)
You have a somewhat similar thread FOUR YEARS ago:
https://www.linuxquestions.org/quest...ps-4175496400/
Thank you TB0ne. This is not similar to that, else I wouldn't have asked. Here the MachineA(the loadbalancer where ssl certificate is installed) is not in my control and is mapped to a port of MachineB(apache http server) and MachineA works as a secure public gateway.

The connection between MachineB(Apache http) and MachineC(weblogic) is working without any issue.

Problem here is the traffic coming from the MachineA(loadbalancer) is https and response from MachineB(Apache http) is plain http, so the URI is no getting created correctly in browser outside loadbalancer. And for this I had asked the question.

divyashree 02-01-2018 12:05 AM
Quote:
Originally Posted by bathory (Post 5813734)
You should first check the apache error_log, but most likely it's an error from the backend, so check also logs of the weblogic server.

I'm not familiar with weblogic, but I see that you're using the apache plugin for your server, so I guess you don't need to configure apache as a reverse proxy, but rather use the plugin to serve the requests.

Read the plugin documentation and pay attention to the examples.

Regards
Thank you bathroy. There is no issue with the weblogic plugin, as here connection between MachineB and MachineC is working smoothly. Problem here is the URI creation request and response between MachineB(Plain http server acts as a frontend to weblogic) and MachineA(Simple loadbalancer where SSL cert is installed)

bathory 02-01-2018 03:35 AM
Quote:
Originally Posted by divyashree (Post 5814092)
Thank you bathroy. There is no issue with the weblogic plugin, as here connection between MachineB and MachineC is working smoothly. Problem here is the URI creation request and response between MachineB(Plain http server acts as a frontend to weblogic) and MachineA(Simple loadbalancer where SSL cert is installed)
So check the apache logs for the request from the loadbalancer to see if you find anything.

TB0ne 02-01-2018 08:31 AM
Quote:
Originally Posted by divyashree (Post 5814091)
Thank you TB0ne. This is not similar to that, else I wouldn't have asked. Here the MachineA(the loadbalancer where ssl certificate is installed) is not in my control and is mapped to a port of MachineB(apache http server) and MachineA works as a secure public gateway.

The connection between MachineB(Apache http) and MachineC(weblogic) is working without any issue.

Problem here is the traffic coming from the MachineA(loadbalancer) is https and response from MachineB(Apache http) is plain http, so the URI is no getting created correctly in browser outside loadbalancer. And for this I had asked the question.
It is similar, because:
  • You're asking about redirects/load balancing
  • You're asking about Apache
  • You've asked about reverse proxies before
So after many years of work with this software, your 'certification', and ostensibly other skills....you cannot diagnose this issue, even though you've worked with it before?

divyashree 02-01-2018 12:14 PM
Quote:
Originally Posted by TB0ne (Post 5814239)
It is similar, because:
  • You're asking about redirects/load balancing
  • You're asking about Apache
  • You've asked about reverse proxies before
So after many years of work with this software, your 'certification', and ostensibly other skills....you cannot diagnose this issue, even though you've worked with it before?
Thank you Guru. There is nothing to do with certifications here as every situations is unique.

Last time it was the issue with https -> Jboss and this time issue was with the reverse response from httpslb -> http -> weblogic.
Here httpslb is a simple LB which doesnt support anything but only port mapping which was messing the URL outside and I proposed to put a http in between to resolve the URL mess . As I always feel strong with the support of forums like linuxquestions from where I started learning linux since when I was a student.

No one knows everything else forum wouldnt have exist. This kind of configs I dealt with only 2 times in so many years, So I had asked the question, if some one might have faced this kind of issue or to get any hint.

By the way this issue is resolved with below simple http configuration and I am pasting the solution which might help others.

Code:
LoadModule weblogic_module modules/mod_wl.so
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule ^$ http://%{HTTP_HOST} [L,R]




<IfModule mod_weblogic.c>
 <VirtualHost *:80>
  ServerName https://lbhost.com:9001
  RewriteEngine      On
  RewriteOptions inherit
  RewriteRule ^/$ /console [PT]
  Debug ALL
  MatchExpression /
  DebugConfigInfo ON
  WLLogFile /var/log/httpd/wlproxy-qa.log
  KeepAliveEnabled ON
  KeepAliveSecs  15
  WLProxySSLPassThrough ON

<Location /console>
  SetHandler weblogic-handler
  WebLogicHost wlscontainerhost
  WeblogicHost 7001
  WLSRequest On
  ProxyPass http://wlscontainerhost:7001/console
  ProxyPassReverse http://wlscontainerhost:7001/console
</Location>
<Location /app1>
  SetHandler weblogic-handler
  WebLogicHost wlscontainerhost
  WeblogicPort 7001
  ProxyPass http://wlscontainerhost:7001/app1
  ProxyPassReverse http://wlscontainerhost:7001/app1
</Location>

<Location /app2>
  SetHandler weblogic-handler
  WebLogicHost wlscontainerhost
  WeblogicPort 7001
  ProxyPass http://wlscontainerhost:7001/app2
  ProxyPassReverse http://wlscontainerhost:7001/app2
</Location>
<Location /app3>
  SetHandler weblogic-handler
  WebLogicHost wlscontainerhost
  WeblogicPort 7001
  ProxyPass http://wlscontainerhost:7001/app3
  ProxyPassReverse http://wlscontainerhost:7001/app3
</Location>
</VirtualHost>
</IfModule>

TB0ne 02-01-2018 01:24 PM
Quote:
Originally Posted by divyashree (Post 5814336)
Thank you Guru. There is nothing to do with certifications here as every situations is unique.
Yes, they are; however, when they're VERY SIMILAR, you have years of experience and 'certifications', you should be able to work through such very similar problems, rather than asking others.
Quote:
Last time it was the issue with https -> Jboss and this time issue was with the reverse response from httpslb -> http -> weblogic.
Here httpslb is a simple LB which doesnt support anything but only port mapping which was messing the URL outside and I proposed to put a http in between to resolve the URL mess . As I always feel strong with the support of forums like linuxquestions from where I started learning linux since when I was a student.

No one knows everything else forum wouldnt have exist. This kind of configs I dealt with only 2 times in so many years, So I had asked the question, if some one might have faced this kind of issue or to get any hint.
And by actually learning and thinking about what you've done in the past, that's how you can solve your own problems. No one is saying you should know everything, but after several years, 'certifications' and experience, making a minor change to something you're familiar with shouldn't involve having others work on it. What prevented you from doing/trying anything, rather than asking us to implement your machine config and TELL YOU if it was right?
Quote:
By the way this issue is resolved with below simple http configuration and I am pasting the solution which might help others.
Code:
LoadModule weblogic_module modules/mod_wl.so
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule ^$ http://%{HTTP_HOST} [L,R]

<IfModule mod_weblogic.c>
 <VirtualHost *:80>
  ServerName https://lbhost.com:9001
  RewriteEngine      On
  RewriteOptions inherit
  RewriteRule ^/$ /console [PT]
  Debug ALL
  MatchExpression /
  DebugConfigInfo ON
  WLLogFile /var/log/httpd/wlproxy-qa.log
  KeepAliveEnabled ON
  KeepAliveSecs  15
  WLProxySSLPassThrough ON

<Location /console>
  SetHandler weblogic-handler
  WebLogicHost wlscontainerhost
  WeblogicHost 7001
  WLSRequest On
  ProxyPass http://wlscontainerhost:7001/console
  ProxyPassReverse http://wlscontainerhost:7001/console
</Location>
<Location /app1>
  SetHandler weblogic-handler
  WebLogicHost wlscontainerhost
  WeblogicPort 7001
  ProxyPass http://wlscontainerhost:7001/app1
  ProxyPassReverse http://wlscontainerhost:7001/app1
</Location>

<Location /app2>
  SetHandler weblogic-handler
  WebLogicHost wlscontainerhost
  WeblogicPort 7001
  ProxyPass http://wlscontainerhost:7001/app2
  ProxyPassReverse http://wlscontainerhost:7001/app2
</Location>
<Location /app3>
  SetHandler weblogic-handler
  WebLogicHost wlscontainerhost
  WeblogicPort 7001
  ProxyPass http://wlscontainerhost:7001/app3
  ProxyPassReverse http://wlscontainerhost:7001/app3
</Location>
</VirtualHost>
</IfModule>
Looks similar to what you've done in the past, and what you posted originally. Glad its working


All times are GMT -5. The time now is 07:14 AM.