记录一次CentOS7 + Apache2.4实现虚拟主机&反向代理

需求

  1. 一台服务器 + 多个域名,实现根据不同域名分发流量(类似于负载均衡)
  2. 将同一个域名下的不同子路由分发映射到到不同的端口

方案

问题1的方案是虚拟主机,问题2到方案是反向代理。可以同时实现这样功能的典型软件有Apache httpd、Ngnix等,本例选择Apache(据说Ngnix配置比较友好简单,有机会尝试一下)。

实施过程

一、环境准备,安装Apache

这里会遇到两个问题:版本选择和软件源选择

  • Apache2.2和Apache2.4配置项有区别,安装时请注意;
  • 软件源有两个选择,一种是手工源码安装官方版本的Apache,略麻烦但是血统纯正,配置起来文档丰富;另一种是直接Yum安装Apache,省事儿但是软件配置文件结构与官方版略有差别,配置起来略有点小坑。

本例选择使用Yum安装Apache2.4版本,步骤:
yum install httpd
设置自启动:
systemctl enable httpd.service

指定两个不同的文档根目录:

  1. 在/var/www/下新建了ued/index.html文件
  2. 在/var/www/下新建了doc/index.html文件

服务器启动一个tomcat,部署一个manage工程,保证能访问到

二、虚拟主机配置

编辑配置vi /etc/httpd/conf

<Directory />
AllowOverride none
Require all granted
</Directory>

DocumentRoot "/var/www/ued/"
...
IncludeOptional conf.d/*.conf
Include vhost-conf.d/*.conf

最后一句配置引入了虚拟主机目录下的所有配置,意味着我们自己的配置文件需要放在/etc/httpd/vhost-conf.d/目录下且扩展名为.conf。以下是我的虚拟主机文件/etc/httpd/vhost-conf.d/vhost.conf中的配置:

<VirtualHost *:80>
    ServerAdmin jimmy@xxx.com
    DocumentRoot "/var/www/ued/"
    ServerName ued.xxxxx.net
    ServerAlias ued.xxxxx.net
    ErrorLog "logs/httpd-error.log"
    CustomLog "logs/httpd-custom.log" common

</VirtualHost>

<VirtualHost *:80>
    ServerAdmin jimmy@xxx.com
    DocumentRoot "/var/www/doc/"
    ServerName ued.xxxxx.net
    ServerAlias ued.xxxxx.net
    ErrorLog "logs/httpd-error.log"
    CustomLog "logs/httpd-custom.log" common
         
</VirtualHost>

至此,虚拟主机配置完毕,问题1解决,可以分别访问两个域名,发现分发到了不通的页面。

三、反向代理配置

编辑vi /etc/httpd/conf,在最后新增引入proxy模块:

...
# Load config files in the "/etc/httpd/conf.d" directory, if any.
IncludeOptional conf.d/*.conf
Include vhost-conf.d/*.conf
Include conf.modules.d/00-proxy.conf

/etc/httpd/vhost-conf.d/vhost.conf中的增加配置:

<VirtualHost *:80>
    ServerAdmin jimmy@xxx.com
    DocumentRoot "/var/www/ued/"
    ServerName ued.xxxxx.net
    ServerAlias ued.xxxxx.net
    ErrorLog "logs/httpd-error.log"
    CustomLog "logs/httpd-custom.log" common
    
    #关闭正向代理
    ProxyRequests off 

    #反向代理
    ProxyPass /manage/ http://localhost:8080/manage/
    ProxyPassReverse /manage/ http://localhost:8080/manage/
</VirtualHost>

<VirtualHost *:80>
    ServerAdmin jimmy@xxx.com
    DocumentRoot "/var/www/doc/"
    ServerName ued.xxxxx.net
    ServerAlias ued.xxxxx.net
    ErrorLog "logs/httpd-error.log"
    CustomLog "logs/httpd-custom.log" common
         
</VirtualHost>

至此,配置完毕。敲url:ued.xxxxx.net/manage应该被转到ip:8080/manage的页面。此时遇到了问题:

Apache ProxyPass 出现503 Service Temporarily Unavailable 

查看httpd-error.log日志:

[Sat Sep 23 14:23:07.844492 2017] [proxy:error] [pid 4174] (13)Permission denied: AH00957: HTTP: attempt to connect to 10.xxx.xxx.21:8080 (10.xxx.xxx.21) failed
[Sat Sep 23 14:23:07.844573 2017] [proxy:error] [pid 4174] AH00959: ap_proxy_connect_backend disabling worker for (10.xxx.xxx.21) for 60s
[Sat Sep 23 14:23:07.844586 2017] [proxy_http:error] [pid 4174] [client 10.xxx.xxx.219:38312] AH01114: HTTP: failed to make connection to backend: 10.xxx.xxx.21

经查资料,此现象怀疑是SELinux问题,解决方案,关闭SELinux:

setenforce 0

再次验证,OK!

参考资料

posted on 2017-09-23 17:06  Jimmy Cheung  阅读(794)  评论(0编辑  收藏  举报