AgileApps Support Wiki Pre Release

Installing and Configuring Apache for Use with the Platform

From AgileApps Support Wiki
Revision as of 01:34, 17 January 2012 by imported>Aeric

Installing and Configuring Apache for Use with the Platform

Apache can be installed in front of the tomcat server to serve static content like gif and jpeg images, Javascript files and stylesheets more efficiently, leaving the Application Server free to process incoming requests. This section tells you how to configure Apache to serve the platform's static content.

Overview

With this arrangement, Apache will be in front of Tomcat. Any request that comes to the platform first goes to Apache. Apache determines if the request is a valid request and, if so, will forward the request to Tomcat for processing.

Since Apache will be in front of Tomcat, it needs to be configured to listen on port 80 and port 443 for http and https traffic respectively. Apache also needs to be configured to forward traffic coming on those ports to the port on which Tomcat is listening.

Requirements

The following Apache modules must be enabled when installing Apache. They can be compiled as a static binary into apache or loaded as dynamic modules.

  • mod_proxy
  • mod_proxy_connect
  • mod_proxy_http
  • mod_ssl
  • mod_expires
  • mod_headers

Configuration Process

In outline, the process looks like this:

  1. Configure Tomcat Connectors.
  2. Configure Apache Virtual host.
  3. Start Apache, Tomcat and memcached.

Configure Tomcat Connectors

  1. In {install_dir}/tomcat/conf/, edit server.xml
  2. Remove connectors pointing to ports 80 and 443.
  3. Add a connector for traffic forwarded from Apache, as shown here:
<Connector 
  port="8006"  maxThreads="450"  
  minSpareThreads="25"  maxSpareThreads="75" 
  debug="0"  enableLookups="false"  
  acceptCount="450"  connectionTimeout="30000"  
  disableUploadTimeout="true"  scheme="https"  proxyPort="443" 
  useIPVhosts="true"  URIEncoding="UTF-8"  
  maxHttpHeaderSize="8192"
/>

Notes:

  • The platform standard is to use port 8006. That value is assumed in the remainder of this section. (It can be changed, if desired.)
  • The next step will be to configure Apache so that incoming HTTP and HTTPS traffic on ports 80 and 443 will be forwarded to port 8006, where Tomcat will be listening.

Configure Apache Virtual Hosts

1. Add two virtual host entries
- One in httpd.conf for Apache to listen on port 80 for HTTP traffic.
- One in httpd-ssl.conf for Apache to listen on port 443 for HTTPS traffic.
Any traffic meant for the platform coming on these ports is forwarded to Tomcat. This request forwarding is achieved using the mod_proxy module.
The httpd.conf and httpd-ssl.conf configuration files can be found in the $APACHE_HOME directory. For each virtual host entry, make sure the following are set appropriately:
ServerAdmin root@localhost
DocumentRoot "/usr/local/apache/htdocs/"
ServerName example.com
ServerAlias www.example.com
2. Configure certificates for SSL virtual host on port 443
Make sure the following points to your certificate and private key.
httpd-ssl.conf:
SSLCertificateFile "<i>{install_dir}</i>/tomcat/conf/RN/<yourdomain>.cer"
:::SSLCertificateKeyFile "<i>{install_dir}</i>/tomcat/conf/RN/<yourdomain>_private_key"
3. Enable secure communications
Set up a secure communications channel between Apache and Tomcat. The URLs for the Proxy are then https://, rather than http://, and all traffic is encrypted.
SSLProxyEngine on
4. Configure Proxy Paths in Apache
Proxy paths need to be configured to enable mod_proxy to recognize the request and forward it to Tomcat appropriately.
For example:
ProxyPass /networking/* https://tomcat-host-name:8006/networking/*
ProxyPassReverse /networking/* https://tomcat-host-name:8006/networking/*
Note: These instructions assume that Tomcat and Apache are running on the same server. If they are running on different servers, change the settings appropriately.
5.Configure virtual hosts
For each virtual host in httpd.conf and httpd-ssl.conf for ports 80 and 443, copy the settings from {install_dir}/httpd-proxy.conf, changing the standard port assignment of 8006, if needed.