Procedure to link httpd and Tomcat9 with CentOS8.3 (multiple ProxyPass)

../

I want to describe multiple ProxyPass when linking Apache httpd2.4 and Tomcat9 using mod_proxy_ajp on CentOS8.2. Make a note of the procedure.

Initial state of Apache httpd 2.4 and Tomcat 9 integration

If you add the kankeri app and the xxx app after the default installation of Tomcat9, the subordinates of webapps are as follows. $ {CATALINA_HOME} should be/opt/tomcat9 /.

/opt/tomcat9/webapps/
   +-- ROOT/
   +-- docs/
   +-- examples/
   +-- manager/
   +-- host-manager/
   +-- kankeri/
   +-- xxx/

Also, after the default installation, the following access is possible on port 8080. (* Accessable client PCs are restricted by IP address.)

http://kankeri.com:8080/
http://kankeri.com:8080/docs
http://kankeri.com:8080/examples
http://kankeri.com:8080/manager
http://kankeri.com:8080/host-manager

In addition, assume that you have defined a virtual host as follows and have access to the kankeri app at http://kankeri.com/. See Procedure for linking httpd and Tomcat9.

$ vi /etc/httpd/conf.d/vhost-02-kankeri-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost kankeri.com:443>
ServerName kankeri.com
ServerAlias www.kankeri.com
ServerAdmin [email protected]
DocumentRoot "/opt/tomcat9/webapps/kankeri"

<Directory "/opt/tomcat9/webapps/kankeri">
    Options FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>

ProxyPass        /   ajp://localhost:8009/kankeri/
ProxyPassReverse /   ajp://localhost:8009/kankeri

ErrorLog logs/kankeri-error_log
CustomLog logs/kankeri-access_log combined

SSLCertificateFile /etc/letsencrypt/live/kankeri.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/kankeri.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

Requests on ports 80 and 443 are passed to Tomcat 9 on port 8009 for processing. You can access the kankeri app at the following URL.

http://kankeri.com/
https://kankeri.com/

How to write a virtual host to enable multiple ProxyPass

In the above state, try setting to handle Tomcat's ROOT page, examples, docs, and user-defined xxx apps. Manager and host-manager are excluded as 8080 port. I want to make the transition as follows.

https://kankeri.com/           	-->kankeri app
https://kankeri.com/tomcat  	-->Tomcat ROOT page
https://kankeri.com/docs  		-->Tomcat docs
https://kankeri.com/examples  	-->Tomcat examples
https://kankeri.com/xxx  		-->xxx app

The virtual host should be described as follows.

$ vi /etc/httpd/conf.d/vhost-02-kankeri-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost kankeri.com:443>
ServerName kankeri.com
ServerAlias www.kankeri.com
ServerAdmin [email protected]
DocumentRoot "/opt/tomcat9/webapps/kankeri"  	#Specify kankeri for DocumentRoot.

#User-defined kankeri and xxx define Directory.
<Directory "/opt/tomcat9/webapps/kankeri">
    Options FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>
<Directory "/opt/tomcat9/webapps/xxx">
    Options FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>

ProxyPass /tomcat   ajp://localhost:8009/              # /If tomcat, skip to ROOT
ProxyPass /examples ajp://localhost:8009/examples/
ProxyPass /docs     ajp://localhost:8009/docs/
ProxyPass /xxx      ajp://localhost:8009/xxx/
ProxyPass /         ajp://localhost:8009/kankeri/	   #Slash(/)Only ProxyPass is described at the end

ProxyPassReverse /xxx  ajp://localhost:8009/xxx
ProxyPassReverse /     ajp://localhost:8009/kankeri

ErrorLog logs/kankeri-error_log
CustomLog logs/kankeri-access_log combined

SSLCertificateFile /etc/letsencrypt/live/kankeri.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/kankeri.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

The points of description will be explained.

--For DocumentRoot, specify the kankeri application you want to define with a slash (/). --Directory is described in the user-defined kankeri app and xxx app. The default of httpd.conf can be applied to Tomcat's ROOT page, examples, and docs, so there is no need to describe Directory. --In the ProxyPass description, the ROOT directory is treated specially, so "ROOT" is not described in the URL. --The ProxyPass with only a slash (/) is described at the end. In the example, it is a kankeri app. The order is important because they are matched from the top. --Only xxx and slash (/) are described in ProxyPassReverse.

This makes it possible to transition to each page with the above URL. It is not necessary to publish Tomcat's ROOT page, examples, and docs, but I used it as an example.

that's all

../

Recommended Posts

Procedure to link httpd and Tomcat9 with CentOS8.3 (multiple ProxyPass)
Try to link Ruby and Java with Dapr
[Raspberry Pi] Try to link Apache2 and Tomcat
Remote debug connection to tomcat running multiple times on CentOS7
Install Java and Tomcat with Ansible
To display multiple lines with UILabel
Link Apache and Tomcat in a blink of an eye on CentOS 8
Change JDK and Tomcat versions on CentOS
Memorandum to make CentOS 7.9 and put pacemaker
Link Java and C ++ code with SWIG
Build DNS server with CentOS8 and bind
Convert JSON to TSV and TSV to JSON with Ruby
How to share on the host side (windows) and guest side (CentOS 7) with VirtualBox