Apache com mod_proxy para múltiplos endereços
Dica publicada em Linux / Miscelânea
Apache com mod_proxy para múltiplos endereços
Recentemente, recebi a demanda de configurar um servidor Apache com mod_proxy para efetuar balanceamento de diversos sites, sendo que cada um deveria direcionar para os seus respectivos servidores de aplicação, conforme a representação abaixo:
Para que isso seja possível, basta criar as entradas VirtualHost para cada endereço, e dentro da diretiva, especificar as configurações do balanceamento.
Seguindo a representação acima, vejamos como fica a configuração, que também contempla o direcionamento das conexões HTTP de todos os endereços para HTTPS:
Obrigado,
Respirando Linux, por Fabio Soares Schmidt.
Para que isso seja possível, basta criar as entradas VirtualHost para cada endereço, e dentro da diretiva, especificar as configurações do balanceamento.
Seguindo a representação acima, vejamos como fica a configuração, que também contempla o direcionamento das conexões HTTP de todos os endereços para HTTPS:
### CONFIGURACAO DO BALANCER COM MULTIPLOS VIRTUALHOST ###
### site1.laboratorio.com.br
### site2.laboratorio.com.br
### site3.laboratorio.com.br
NameVirtualHost *:80
<VirtualHost *:80>
#EFETUA O DIRECIONAMENTO DAS CONEXÕES HTTP PARA HTTPS
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
NameVirtualHost *:443
### SITE1 ####
<VirtualHost *:443>
ServerName site1.laboratorio.cim.br
<Proxy balancer://mycluster>
BalancerMember http://10.196.1.1:80 route=1
BalancerMember http://10.196.1.2:80 route=2
ProxySet stickysession=ROUTEID
</Proxy>
ServerAdmin webmaster@localhost
SetEnv proxy-initial-not-pooled 1
####
DocumentRoot /var/www/
RewriteEngine On
#RewriteRule ^rest(.*)$ https://%{SERVER_NAME}/prototype/rest/$1 [QSA,L]
LimitRequestLine 32768
ProxyRequests off
SSLEngine On
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/ssl/certs/cert.pem
SSLCertificateKeyFile /etc/ssl/certs/cert.key
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/other_vhosts_access.log combined
LogLevel warn
SSLVerifyClient none
SSLVerifyDepth 10
SSLOptions +StdEnvVars +ExportCertData
Header add set-cookie "ROUTEID=PHPSESSION.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED
ProxyPreserveHost On
ProxyPass / balancer://mycluster/
ProxyPassReverse / balancer://mycluster/
</VirtualHost>
#######################
### SITE2 ####
<VirtualHost *:443>
ServerName site2.laboratorio.com.br
<Proxy balancer://mycluster>
BalancerMember http://10.196.2.1:80 route=1
BalancerMember http://10.196.2.2:80 route=2
ProxySet stickysession=ROUTEID
</Proxy>
ServerAdmin webmaster@localhost
SetEnv proxy-initial-not-pooled 1
####
DocumentRoot /var/www/
RewriteEngine On
#RewriteRule ^rest(.*)$ https://%{SERVER_NAME}/prototype/rest/$1 [QSA,L]
LimitRequestLine 32768
ProxyRequests off
SSLEngine On
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/ssl/certs/cert.pem
SSLCertificateKeyFile /etc/ssl/certs/cert.key
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/other_vhosts_access.log combined
LogLevel warn
SSLVerifyClient none
SSLVerifyDepth 10
SSLOptions +StdEnvVars +ExportCertData
Header add set-cookie "ROUTEID=PHPSESSION.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED
ProxyPreserveHost On
ProxyPass / balancer://mycluster/
ProxyPassReverse / balancer://mycluster/
</VirtualHost>
#######################
### SITE 3 ####
<VirtualHost *:443>
ServerName site3.laboratorio.com.br
<Proxy balancer://mycluster>
BalancerMember http://10.196.3.1:80 route=1
BalancerMember http://10.196.3.2:80 route=2
ProxySet stickysession=ROUTEID
</Proxy>
ServerAdmin webmaster@localhost
SetEnv proxy-initial-not-pooled 1
####
DocumentRoot /var/www/
RewriteEngine On
#RewriteRule ^rest(.*)$ https://%{SERVER_NAME}/prototype/rest/$1 [QSA,L]
LimitRequestLine 32768
ProxyRequests off
SSLEngine On
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/ssl/certs/cert.pem
SSLCertificateKeyFile /etc/ssl/certs/cert.key
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/other_vhosts_access.log combined
LogLevel warn
SSLVerifyClient none
SSLVerifyDepth 10
SSLOptions +StdEnvVars +ExportCertData
Header add set-cookie "ROUTEID=PHPSESSION.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED
ProxyPreserveHost On
ProxyPass / balancer://mycluster/
ProxyPassReverse / balancer://mycluster/
</VirtualHost>
### site1.laboratorio.com.br
### site2.laboratorio.com.br
### site3.laboratorio.com.br
NameVirtualHost *:80
<VirtualHost *:80>
#EFETUA O DIRECIONAMENTO DAS CONEXÕES HTTP PARA HTTPS
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
NameVirtualHost *:443
### SITE1 ####
<VirtualHost *:443>
ServerName site1.laboratorio.cim.br
<Proxy balancer://mycluster>
BalancerMember http://10.196.1.1:80 route=1
BalancerMember http://10.196.1.2:80 route=2
ProxySet stickysession=ROUTEID
</Proxy>
ServerAdmin webmaster@localhost
SetEnv proxy-initial-not-pooled 1
####
DocumentRoot /var/www/
RewriteEngine On
#RewriteRule ^rest(.*)$ https://%{SERVER_NAME}/prototype/rest/$1 [QSA,L]
LimitRequestLine 32768
ProxyRequests off
SSLEngine On
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/ssl/certs/cert.pem
SSLCertificateKeyFile /etc/ssl/certs/cert.key
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/other_vhosts_access.log combined
LogLevel warn
SSLVerifyClient none
SSLVerifyDepth 10
SSLOptions +StdEnvVars +ExportCertData
Header add set-cookie "ROUTEID=PHPSESSION.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED
ProxyPreserveHost On
ProxyPass / balancer://mycluster/
ProxyPassReverse / balancer://mycluster/
</VirtualHost>
#######################
### SITE2 ####
<VirtualHost *:443>
ServerName site2.laboratorio.com.br
<Proxy balancer://mycluster>
BalancerMember http://10.196.2.1:80 route=1
BalancerMember http://10.196.2.2:80 route=2
ProxySet stickysession=ROUTEID
</Proxy>
ServerAdmin webmaster@localhost
SetEnv proxy-initial-not-pooled 1
####
DocumentRoot /var/www/
RewriteEngine On
#RewriteRule ^rest(.*)$ https://%{SERVER_NAME}/prototype/rest/$1 [QSA,L]
LimitRequestLine 32768
ProxyRequests off
SSLEngine On
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/ssl/certs/cert.pem
SSLCertificateKeyFile /etc/ssl/certs/cert.key
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/other_vhosts_access.log combined
LogLevel warn
SSLVerifyClient none
SSLVerifyDepth 10
SSLOptions +StdEnvVars +ExportCertData
Header add set-cookie "ROUTEID=PHPSESSION.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED
ProxyPreserveHost On
ProxyPass / balancer://mycluster/
ProxyPassReverse / balancer://mycluster/
</VirtualHost>
#######################
### SITE 3 ####
<VirtualHost *:443>
ServerName site3.laboratorio.com.br
<Proxy balancer://mycluster>
BalancerMember http://10.196.3.1:80 route=1
BalancerMember http://10.196.3.2:80 route=2
ProxySet stickysession=ROUTEID
</Proxy>
ServerAdmin webmaster@localhost
SetEnv proxy-initial-not-pooled 1
####
DocumentRoot /var/www/
RewriteEngine On
#RewriteRule ^rest(.*)$ https://%{SERVER_NAME}/prototype/rest/$1 [QSA,L]
LimitRequestLine 32768
ProxyRequests off
SSLEngine On
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/ssl/certs/cert.pem
SSLCertificateKeyFile /etc/ssl/certs/cert.key
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/other_vhosts_access.log combined
LogLevel warn
SSLVerifyClient none
SSLVerifyDepth 10
SSLOptions +StdEnvVars +ExportCertData
Header add set-cookie "ROUTEID=PHPSESSION.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED
ProxyPreserveHost On
ProxyPass / balancer://mycluster/
ProxyPassReverse / balancer://mycluster/
</VirtualHost>
Obrigado,
Respirando Linux, por Fabio Soares Schmidt.